{"report_id":"1f1cb9a0-dd1f-4481-a29b-d138a8407529","version":6,"status":"done","tags":[],"date":"2026-02-06T02:41:01Z","url":{"schema":"http","addr":"piier.cn/","fqdn":"piier.cn","domain":"piier.cn","tld":"cn"},"ip":{"addr":"156.254.33.21","port":0,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"http","addr":"piier.cn/","fqdn":"piier.cn","domain":"piier.cn","tld":"cn"},"title":"NBA直播_篮球免费在线高清直播_nba篮球视频在线观看无插件-24直播","dom":{"size":42997,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (41027), with no line terminators","md5":"03d3bbbae3c80bc78b3731d4805fc6fc","sha1":"e0f39c46acc9ac5f0f2e8e53e755438eab061f2a","sha256":"fad1ca9ee4abb16a21cac6df0980202ad9775bb0bae29494cb49a534488ed0b7","sha512":"9993136dccbf3b94c3a84d20267673c31c22c31636c5c6a0db765688c4c97e483e55c108fff73ed20f30a5c8ef721b6181ca83226e331e588379df06498cd0b1","ssdeep":"192:crNh14yXb9I68gRdLDPcD8ke85HA1AdEl4wYecVd6tA0YUqR2Y1buZMk0RMolMIS:gGyLk26buZMk6MolMI+0QZxrYq9","tlshash":"bf131332c1d72467023b9ad5f1f9b73ab0e3a26dde131e0092f96b594bcfe52e502446","dom_hash":"domhashefccce5ef202d1538bc40ab8db750eea","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"piier.cn/","fqdn":"piier.cn","domain":"piier.cn","tld":"cn"},"ip":{"addr":"156.254.33.21","port":0,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-13T02:41:01Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"piier.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"tj.xjastana.com","ip":{"addr":"156.244.65.2","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"United States","country_code":"US"},"domain_registered":"2017-09-18","domain_rank":0,"first_seen":"2025-12-07T04:58:55.036895Z","last_seen":"2026-01-26T21:23:27.162766Z","alert_count":0,"request_count":1,"received_data":772,"sent_data":417,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"piier.cn","ip":{"addr":"156.254.33.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"domain_registered":"2025-03-28","domain_rank":0,"first_seen":"2026-02-06T02:41:02.090645Z","last_seen":"2026-02-06T02:41:02.090645Z","alert_count":12,"request_count":12,"received_data":373426,"sent_data":4318,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"hm.baidu.com","ip":{"addr":"14.215.182.140","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"domain_registered":"1999-10-11","domain_rank":54491,"first_seen":"2012-05-26T08:38:45Z","last_seen":"2026-02-02T01:44:03.24111Z","alert_count":0,"request_count":4,"received_data":61747,"sent_data":2578,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"piier.cn/skin/1/js/jquery.lazyload.js","fqdn":"piier.cn","domain":"piier.cn","tld":"cn"},"ip":{"addr":"156.254.33.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"5c01d7aff077b4ed0804b71c2e3ab4a1","sha1":"56b4c94cff0d5fdfca579eac85da28a767607644","sha256":"80351098c2478918bb80008d7836499305bf6f4d4b2abf742b8823255bbb0d8e","sha512":"c8fff9d167c05d5f09c83bea8fcfa45f717f2554982b853a3d80ab8b21f8c49bdce58b576dc04b68ed9eff879bbbfa1b19620e6f10ca9104007f346cd0bd76d4","ssdeep":"","tlshash":"1661768d7f527839b0567a9e831f3106663fd46f81814c54b0c9ece4ecec7951236d9a","size":3381,"data":"","first_seen":"2023-03-07T01:04:01Z","last_seen":"2026-06-03T15:44:01.813182Z","times_seen":5316,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"piier.cn/skin/1/js/jquery.min.js","fqdn":"piier.cn","domain":"piier.cn","tld":"cn"},"ip":{"addr":"156.254.33.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"ba4c42facb884f5d8dee4f525fad0f24","sha1":"2fdb6614b3df1214219dce721c80daab047c7e04","sha256":"814b5227b623da96c2128845ad3eeadac6424a25cb6357380121d1b3d738b7ee","sha512":"286b13abb32c5089b51e3d2f14a1aecb36d326bdf5d4ad218a70acdee78421e9d1ca65a6b7e4fc43265b579748353cce0e8514c36517ff342cea7a1399c12ca5","ssdeep":"1536:AYRKUfAjtledhTmtaFyQHGvCXsexOgRc9izzr4yff8teLvHHEjam7W9X3yzSiLnM:hUb6GvC609A2o2skAieW","tlshash":"b693e7d9b2d67123c7b731b850af510bb17698aa784c8c50f068d8e4be74a48907bf7d","size":94849,"data":"","first_seen":"2023-03-07T12:03:58Z","last_seen":"2026-05-26T01:58:25.504231Z","times_seen":55,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"piier.cn/","fqdn":"piier.cn","domain":"piier.cn","tld":"cn"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"7f8418b3c89544112e61b98d616e6fea","sha1":"4bbfef3978fa09e01d7cbfe1c3890751e94903af","sha256":"c63937000d9befbec622e60d64a6e0093cdd05e77258b72e7542a7900ccbb31a","sha512":"f762cf39785f3d00f36e6c2d4b4edac3d4d8ae787f7b3b6fb05df5027b4babb308d3d4e930572ebc549484cb1bd0904f07d8251e20283e4b6de7ad8468c67b54","ssdeep":"","tlshash":"48a0122750301c80a44150f0883ac0290438d01c14029d843c0840f2966e0ac6566609","size":86,"data":"","first_seen":"2025-12-08T09:14:40.888755Z","last_seen":"2026-03-16T06:05:50.09974Z","times_seen":22,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"piier.cn/","fqdn":"piier.cn","domain":"piier.cn","tld":"cn"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1f9cd9b76b6bc1274526a71d175285a7","sha1":"19821dd02030c5e4dc4ea553c2ac50f908a61ad3","sha256":"81494f6408de75414ab3697b9da6ff6249807a3bce2ce3fd5792e19c5875ff93","sha512":"6a996e91277a1e52cdcfab756d6dddb008d613f52748369b76f2987bfb087e3bb422ac48d7def9818c232e5c3244866b408faeb2a2cb0a072b7ef027884435b1","ssdeep":"","tlshash":"a9f0bb2b10919b2d055bb0fa54a95f864e2b0052c353934cd44048f798fa9b95d3dfaa","size":534,"data":"","first_seen":"2025-12-08T09:14:40.890238Z","last_seen":"2026-03-16T06:05:50.100558Z","times_seen":22,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"piier.cn/skin/1/js/yw_index.js","fqdn":"piier.cn","domain":"piier.cn","tld":"cn"},"ip":{"addr":"156.254.33.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"3e5017ea526c819c4cb7e0df4b7d66e1","sha1":"987a40b95496f78d7d6066616b9bd1d87ab8e162","sha256":"44da0e6519d8ceb7137627709067b9e277c8576d6e55419b1dddb264aa27dd7c","sha512":"8cbe9b3dc1d2a9601327e1419a1ca52ea60d0b433307b345fc504d934ad7e26a6dfc8679a6c9b5b196a5f746a3509b5a71c7bcdef8f9f2321e9f242dd9716fe3","ssdeep":"96:MK3KmlKapIM/UKd7lKg5MDV8KGMYK19jtS221la3eh8FOGuXzKRjRNgKRncp2yR/:MKlKXM/UYJDOY242Uauh8FOGRCh","tlshash":"3be13f14716a05e010ff20f5996e6405be33e92fb156ed04fd6c84f44f9a8b4b1bba2e","size":7134,"data":"","first_seen":"2025-12-08T09:14:40.831791Z","last_seen":"2026-03-16T06:05:50.0909Z","times_seen":21,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"piier.cn/","fqdn":"piier.cn","domain":"piier.cn","tld":"cn"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-06-03T16:39:56.9289Z","times_seen":120214,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?6bd5eb514ec6565bd84e0052f3e580d3","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.182.140","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"4ec83101f766efa1969cf38832d5d125","sha1":"e2ccccc628cc8964729fd92c1cab656f254e2b07","sha256":"80c4f6d9820216a724866fc2d90c5f9a71feef2209b1a971a0a19331f12d034a","sha512":"1043ea0670fc931967a4f1bff1e4ef6c9a4eefcd1f2b1da15ae7a218cfa6e4592ed9eb71c25124a72e5bf5e4b7dc5ef336458c74742753702beb170c2c5625af","ssdeep":"384:K+JSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:K+4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"6ad2d9a9b282713293a324a5153f724af07b5a54bd4968a4f11894c07d38fbb027bfdd","size":29892,"data":"","first_seen":"2026-02-06T02:41:06.878754Z","last_seen":"2026-02-06T02:41:06.878754Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"piier.cn/skin/1/js/swiper-bundle.min.js","fqdn":"piier.cn","domain":"piier.cn","tld":"cn"},"ip":{"addr":"156.254.33.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"8e350189ca403921effb91eccea88504","sha1":"eb08f89875ba610dcf5ad5d691cf0259cca97ff3","sha256":"5c26dbf61b3922aa3290fbaba9a5640bef360d5d8243174738dde7086d25bcca","sha512":"4289331bf07ff62e57dc161b9aec8d9f66a1f44880a4ae4a638b1a39865109020db81f97e76103d0bdd109cff5c7b61403ce6a68567dba8078c794a690b18225","ssdeep":"1536:EIJcfGRELR8Nxn0LzGhd+IWzGolxUFnOk8+ILDX1ftgeQV9qDlUpf/arWcplXvQM:HJDNmLz2vHnOk82V9SAXiTnXpk07jl","tlshash":"f2e3f8896220b57646e316db93e4c621b3b54540b80ac8f470b94c9f597ec9813feffa","size":143034,"data":"","first_seen":"2023-09-22T06:50:27Z","last_seen":"2026-06-02T20:50:33.697573Z","times_seen":723,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"piier.cn/","fqdn":"piier.cn","domain":"piier.cn","tld":"cn"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"52d3320ade44713f39deeb5586a9c44f","sha1":"a5e18a5049e460f41c0aebde7f9f58fb7f072137","sha256":"209aa8b23863f8cc3da920db9722d82067841db5662e193feadaf5cba6004880","sha512":"83b9da2a1ef4bfd8880880a35393640e2c2b31f323e873ecd3ce0253b4b25fba23384283314475dae9302b99eb1ab5f811d6eb1fa832928a89d213f35b631d09","ssdeep":"","tlshash":"96b012771411694678a221f0863ec1590837951d04422c48f80c44f2dbad0bc351eb8b","size":98,"data":"","first_seen":"2025-12-08T09:14:40.891594Z","last_seen":"2026-03-16T06:05:50.101121Z","times_seen":22,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"piier.cn/","fqdn":"piier.cn","domain":"piier.cn","tld":"cn"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"4b7896e6509daa5418234095c5f76ef0","sha1":"a435771c26aea404a50c394bdd653d333692bba5","sha256":"d862083c975eeb68165fc7edb60e6616a67aa573d9de92380bb042722a44b3cc","sha512":"f53449cbb15daadc9ee1c452aabf3c79111769886fecd093686c1923dcb9cfc306b2304cc7febbd3b92270b09a896612b505f890b0ca7432d0fda18beba0eb71","ssdeep":"","tlshash":"e8f052ce2b86694c6dca7d1ef517320c30cd0d36bd5c98ac8c90402824ea87e00c22df","size":496,"data":"","first_seen":"2026-02-06T02:41:06.883367Z","last_seen":"2026-02-06T02:41:06.883367Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"piier.cn/","fqdn":"piier.cn","domain":"piier.cn","tld":"cn"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-06-03T16:39:56.9289Z","times_seen":120214,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"piier.cn/","fqdn":"piier.cn","domain":"piier.cn","tld":"cn"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-06-03T16:39:56.9289Z","times_seen":120214,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"piier.cn/","fqdn":"piier.cn","domain":"piier.cn","tld":"cn"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"35a703e673a1fb01bea1aef90d5cee79","sha1":"93bf54669004f5dfb7fda3c2528e009f1cd17035","sha256":"ed199852eddd3ebc86c065b3f62098dbfb341b84335444f4747e582caa821e35","sha512":"84a2726863d4c12f1a5a88b78c4772b0c37207194c71ae859d29ee0ad9cd13c15d1d2db6a6bd0cbf831d9d59a660ea195bb49d3140759b5317164d5dd648a859","ssdeep":"","tlshash":"f7f059ce6b43198d6cc5786df917320c20c80d36bc4c999ccc54942810e686e04c958f","size":496,"data":"","first_seen":"2026-02-06T02:41:06.884312Z","last_seen":"2026-02-06T02:41:06.884312Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?806df96fb176023fa44b9f825a6db530","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.182.140","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"0d88c0f4cf23b760a38bdd8817004475","sha1":"b9ff57afbbb455cfd9e9a743aaafb8e3ccfcce52","sha256":"3480ea2763ba64fde7cdc3b960a42149d36d0a5902e1789c33f2575040fd0f08","sha512":"e5eefe7fe4128c884ab9d75ba5277be18de4482e61cc2ac86246d019a8494995bee87bc536ad6d3c10874c586819fad709f65fe6d09ef7bb82ac096cf11fc8d4","ssdeep":"384:UWJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:UW4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"62d2d9a9b282713293a324a5153f324ef17b5a54bd4968a4f11894c07d38fbb027bfdd","size":29891,"data":"","first_seen":"2026-02-06T02:41:06.87375Z","last_seen":"2026-02-06T02:41:06.87375Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"piier.cn/","fqdn":"piier.cn","domain":"piier.cn","tld":"cn"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-06-03T16:39:56.9289Z","times_seen":120214,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tj.xjastana.com/skin/js/tj.kuaipai.js","fqdn":"tj.xjastana.com","domain":"xjastana.com","tld":"com"},"ip":{"addr":"156.244.65.2","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c565d44dd778ab01360ea2aebf571802","sha1":"ec7147fea64e6f7bab7ef81785793c250f571898","sha256":"d6b7e5234a725551c16c22b7906a22eab0812277e465dae1098bfb16d43832a2","sha512":"650ef9998703753c90e367f021f980408d03a980639599ac457bbbb0115825771929388eb7d2d7582f15787c9ef6071ad4f4d661f9000119d889d514d5ff4d95","ssdeep":"","tlshash":"17d0971f2c992838736a043ca1bbe94cb263914c507dd40288dde88058a0fc20c2ebc8","size":252,"data":"","first_seen":"2025-12-18T22:10:57.955382Z","last_seen":"2026-03-19T22:59:38.900994Z","times_seen":117,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"piier.cn/skin/1/css/yw_style.css?v=1","fqdn":"piier.cn","domain":"piier.cn","tld":"cn"},"ip":{"addr":"156.254.33.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://piier.cn/","date":"2026-02-06T02:40:41.457Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skin/1/css/yw_style.css?v=1 HTTP/1.1\r\nHost: piier.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://piier.cn/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 06 Feb 2026 02:40:41 GMT\r\nContent-Type: text/css\r\nLast-Modified: Wed, 10 Dec 2025 18:20:08 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"6939b9d8-128dd\"\r\nExpires: Fri, 06 Feb 2026 14:40:41 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":75997,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"fce6e5e1506753efd7dc473d26fdf739","sha1":"7ea596a3f96ef980dae0b5d4a73126faf1580c88","sha256":"e762023d1bd831eb2354cc37e8a6136ea0a1ea23941779dfbaad7cac2585de9c","sha512":"e2d8673cbdfbfe38ca1737c387c333d2a60a78e095642ff201e82b7eb2b1599351f6f3bb2385aa66bfe393d571a5fc8e9d6884e0418a7c18504c16eca58cec3b","ssdeep":"1536:i8mXscpvNJprKhPJkHtcVPL6VaxP7txZm2hxwlE:nmXscpv7tKhuNcVPuVaxP7txZglE","tlshash":"7d73516797b31904b80ad4b46fae674533598043c20ecebcbf8c725c4f8a594a5f2b9d","first_seen":"2025-12-20T02:34:04.275493Z","last_seen":"2026-03-16T06:05:50.085255Z","times_seen":15,"resource_available":false,"data":null}},"time_used":258,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":257,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"piier.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"piier.cn/skin/1/images/ico_rili.png","fqdn":"piier.cn","domain":"piier.cn","tld":"cn"},"ip":{"addr":"156.254.33.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://piier.cn/","date":"2026-02-06T02:40:41.467Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skin/1/images/ico_rili.png HTTP/1.1\r\nHost: piier.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://piier.cn/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 06 Feb 2026 02:40:42 GMT\r\nContent-Type: image/png\r\nContent-Length: 594\r\nLast-Modified: Fri, 28 Nov 2025 08:13:52 GMT\r\nConnection: keep-alive\r\nETag: \"692959c0-252\"\r\nExpires: Sun, 08 Mar 2026 02:40:42 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":594,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 14, 8-bit/color RGBA, non-interlaced","md5":"6c33cc1feaed3d2178ec2cf24a2c7479","sha1":"c987dd524711bcc7334e0643bbdc364a90436df5","sha256":"2d006ff092954e707cb3e64e8b368a00b538327ae9675839bb4f2f935d0c76e7","sha512":"0c5b2d98c78ed8bf52ea046b347f09df86953d45051a92921eddc61b90d0ed11f87d15eaa0fa1060163c3d1975a2523d654ba93f2f0ebd848a3585b0eacedc80","ssdeep":"","tlshash":"d6f047938da24dbe42510634653c80304b4862cc535c13fe8b2501542a24441a5c1ab3","first_seen":"2025-11-02T04:40:10.567089Z","last_seen":"2026-03-22T04:49:25.684465Z","times_seen":25,"resource_available":false,"data":null}},"time_used":1219,"timings":{"blocked":481,"dns":0,"connect":269,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"piier.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"piier.cn/skin/1/js/jquery.min.js","fqdn":"piier.cn","domain":"piier.cn","tld":"cn"},"ip":{"addr":"156.254.33.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://piier.cn/","date":"2026-02-06T02:40:41.469Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skin/1/js/jquery.min.js HTTP/1.1\r\nHost: piier.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://piier.cn/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 06 Feb 2026 02:40:41 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 28 Nov 2025 08:14:18 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"692959da-17281\"\r\nExpires: Fri, 06 Feb 2026 14:40:41 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":94849,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (32769), with CRLF line terminators","md5":"ba4c42facb884f5d8dee4f525fad0f24","sha1":"2fdb6614b3df1214219dce721c80daab047c7e04","sha256":"814b5227b623da96c2128845ad3eeadac6424a25cb6357380121d1b3d738b7ee","sha512":"286b13abb32c5089b51e3d2f14a1aecb36d326bdf5d4ad218a70acdee78421e9d1ca65a6b7e4fc43265b579748353cce0e8514c36517ff342cea7a1399c12ca5","ssdeep":"1536:AYRKUfAjtledhTmtaFyQHGvCXsexOgRc9izzr4yff8teLvHHEjam7W9X3yzSiLnM:hUb6GvC609A2o2skAieW","tlshash":"b693e7d9b2d67123c7b731b850af510bb17698aa784c8c50f068d8e4be74a48907bf7d","first_seen":"2023-03-07T12:03:58Z","last_seen":"2026-05-26T01:58:25.504231Z","times_seen":55,"resource_available":true,"data":null}},"time_used":758,"timings":{"blocked":239,"dns":0,"connect":0,"send":0,"wait":262,"receive":257,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"piier.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"piier.cn/skin/1/js/jquery.lazyload.js","fqdn":"piier.cn","domain":"piier.cn","tld":"cn"},"ip":{"addr":"156.254.33.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://piier.cn/","date":"2026-02-06T02:40:41.470Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skin/1/js/jquery.lazyload.js HTTP/1.1\r\nHost: piier.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://piier.cn/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 06 Feb 2026 02:40:41 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 28 Nov 2025 08:15:06 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69295a0a-d35\"\r\nExpires: Fri, 06 Feb 2026 14:40:41 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3381,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3309)","md5":"5c01d7aff077b4ed0804b71c2e3ab4a1","sha1":"56b4c94cff0d5fdfca579eac85da28a767607644","sha256":"80351098c2478918bb80008d7836499305bf6f4d4b2abf742b8823255bbb0d8e","sha512":"c8fff9d167c05d5f09c83bea8fcfa45f717f2554982b853a3d80ab8b21f8c49bdce58b576dc04b68ed9eff879bbbfa1b19620e6f10ca9104007f346cd0bd76d4","ssdeep":"","tlshash":"1661768d7f527839b0567a9e831f3106663fd46f81814c54b0c9ece4ecec7951236d9a","first_seen":"2023-03-07T01:04:01Z","last_seen":"2026-06-03T15:44:01.813182Z","times_seen":5316,"resource_available":true,"data":null}},"time_used":768,"timings":{"blocked":246,"dns":1,"connect":261,"send":0,"wait":260,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"piier.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=64B9333E5209AD1C\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1259006084\u0026si=806df96fb176023fa44b9f825a6db530\u0026v=1.3.2\u0026lv=1\u0026sn=48689\u0026r=0\u0026ww=1280\u0026u=http%3A%2F%2Fpiier.cn%2F\u0026tt=NBA%E7%9B%B4%E6%92%AD_%E7%AF%AE%E7%90%83%E5%85%8D%E8%B4%B9%E5%9C%A8%E7%BA%BF%E9%AB%98%E6%B8%85%E7%9B%B4%E6%92%AD_nba%E7%AF%AE%E7%90%83%E8%A7%86%E9%A2%91%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E6%97%A0%E6%8F%92%E4%BB%B6-24%E7%9B%B4%E6%92%AD","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.182.140","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://piier.cn/","date":"2026-02-06T02:40:43.778Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=64B9333E5209AD1C\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1259006084\u0026si=806df96fb176023fa44b9f825a6db530\u0026v=1.3.2\u0026lv=1\u0026sn=48689\u0026r=0\u0026ww=1280\u0026u=http%3A%2F%2Fpiier.cn%2F\u0026tt=NBA%E7%9B%B4%E6%92%AD_%E7%AF%AE%E7%90%83%E5%85%8D%E8%B4%B9%E5%9C%A8%E7%BA%BF%E9%AB%98%E6%B8%85%E7%9B%B4%E6%92%AD_nba%E7%AF%AE%E7%90%83%E8%A7%86%E9%A2%91%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E6%97%A0%E6%8F%92%E4%BB%B6-24%E7%9B%B4%E6%92%AD HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://piier.cn/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Fri, 06 Feb 2026 02:40:43 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=4775404896801212; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-06-03T16:50:32.454085Z","times_seen":364740,"resource_available":true,"data":null}},"time_used":321,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":321,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"piier.cn/skin/1/js/yw_index.js","fqdn":"piier.cn","domain":"piier.cn","tld":"cn"},"ip":{"addr":"156.254.33.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://piier.cn/","date":"2026-02-06T02:40:41.473Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skin/1/js/yw_index.js HTTP/1.1\r\nHost: piier.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://piier.cn/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 06 Feb 2026 02:40:41 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 28 Nov 2025 08:15:24 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69295a1c-1bde\"\r\nExpires: Fri, 06 Feb 2026 14:40:41 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7134,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"3e5017ea526c819c4cb7e0df4b7d66e1","sha1":"987a40b95496f78d7d6066616b9bd1d87ab8e162","sha256":"44da0e6519d8ceb7137627709067b9e277c8576d6e55419b1dddb264aa27dd7c","sha512":"8cbe9b3dc1d2a9601327e1419a1ca52ea60d0b433307b345fc504d934ad7e26a6dfc8679a6c9b5b196a5f746a3509b5a71c7bcdef8f9f2321e9f242dd9716fe3","ssdeep":"96:MK3KmlKapIM/UKd7lKg5MDV8KGMYK19jtS221la3eh8FOGuXzKRjRNgKRncp2yR/:MKlKXM/UYJDOY242Uauh8FOGRCh","tlshash":"3be13f14716a05e010ff20f5996e6405be33e92fb156ed04fd6c84f44f9a8b4b1bba2e","first_seen":"2025-12-08T09:14:40.831791Z","last_seen":"2026-03-16T06:05:50.0909Z","times_seen":21,"resource_available":true,"data":null}},"time_used":763,"timings":{"blocked":241,"dns":1,"connect":260,"send":0,"wait":261,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"piier.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?806df96fb176023fa44b9f825a6db530","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.182.140","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://piier.cn/","date":"2026-02-06T02:40:42.419Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.js?806df96fb176023fa44b9f825a6db530 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://piier.cn/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\nContent-Length: 11285\r\nContent-Type: application/javascript\r\nDate: Fri, 06 Feb 2026 02:40:43 GMT\r\nEtag: 8244b1acc121418a822d7f2d39564f6b\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=4CCE5359D597804D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":29891,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (615)","md5":"0d88c0f4cf23b760a38bdd8817004475","sha1":"b9ff57afbbb455cfd9e9a743aaafb8e3ccfcce52","sha256":"3480ea2763ba64fde7cdc3b960a42149d36d0a5902e1789c33f2575040fd0f08","sha512":"e5eefe7fe4128c884ab9d75ba5277be18de4482e61cc2ac86246d019a8494995bee87bc536ad6d3c10874c586819fad709f65fe6d09ef7bb82ac096cf11fc8d4","ssdeep":"384:UWJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:UW4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"62d2d9a9b282713293a324a5153f324ef17b5a54bd4968a4f11894c07d38fbb027bfdd","first_seen":"2026-02-06T02:41:06.87375Z","last_seen":"2026-02-06T02:41:06.87375Z","times_seen":1,"resource_available":true,"data":null}},"time_used":2373,"timings":{"blocked":1021,"dns":1,"connect":509,"send":0,"wait":322,"receive":1,"ssl":515},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=64B9333E5209AD1C\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1779653828\u0026si=6bd5eb514ec6565bd84e0052f3e580d3\u0026v=1.3.2\u0026lv=1\u0026sn=48688\u0026r=0\u0026ww=1280\u0026u=http%3A%2F%2Fpiier.cn%2F\u0026tt=NBA%E7%9B%B4%E6%92%AD_%E7%AF%AE%E7%90%83%E5%85%8D%E8%B4%B9%E5%9C%A8%E7%BA%BF%E9%AB%98%E6%B8%85%E7%9B%B4%E6%92%AD_nba%E7%AF%AE%E7%90%83%E8%A7%86%E9%A2%91%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E6%97%A0%E6%8F%92%E4%BB%B6-24%E7%9B%B4%E6%92%AD","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.182.140","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://piier.cn/","date":"2026-02-06T02:40:43.467Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=64B9333E5209AD1C\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1779653828\u0026si=6bd5eb514ec6565bd84e0052f3e580d3\u0026v=1.3.2\u0026lv=1\u0026sn=48688\u0026r=0\u0026ww=1280\u0026u=http%3A%2F%2Fpiier.cn%2F\u0026tt=NBA%E7%9B%B4%E6%92%AD_%E7%AF%AE%E7%90%83%E5%85%8D%E8%B4%B9%E5%9C%A8%E7%BA%BF%E9%AB%98%E6%B8%85%E7%9B%B4%E6%92%AD_nba%E7%AF%AE%E7%90%83%E8%A7%86%E9%A2%91%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E6%97%A0%E6%8F%92%E4%BB%B6-24%E7%9B%B4%E6%92%AD HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://piier.cn/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Fri, 06 Feb 2026 02:40:43 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=67D6357CAB3733BA; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-06-03T16:50:32.454085Z","times_seen":364740,"resource_available":true,"data":null}},"time_used":325,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":325,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"piier.cn/","fqdn":"piier.cn","domain":"piier.cn","tld":"cn"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-06T02:40:38.877Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: piier.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-03T16:55:47.229708Z","times_seen":16084598,"resource_available":true,"data":null}},"time_used":905,"timings":{"blocked":905,"dns":0,"connect":268,"send":0,"wait":0,"receive":0,"ssl":276},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"piier.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"piier.cn/","fqdn":"piier.cn","domain":"piier.cn","tld":"cn"},"ip":{"addr":"156.254.33.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-06T02:40:40.337Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: piier.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 06 Feb 2026 02:40:41 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43280,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (40890), with no line terminators","md5":"50e0ff4a495dc4d849efdce8a97efa9e","sha1":"6cf8da26efec7cc4edc1437c06823a030c8e2458","sha256":"f814c303075953c6a791057c9dd3d36fdd9f52f83fc11ef6932481f5349e2181","sha512":"e9f360a277586030b48126e52b55df60371ce723e9ed2cc3e52e457292cc144448d6dafc2d8019e5c4cfe0378dfc97fa4de355376522169e82b3ff0164e4f03c","ssdeep":"192:YQNhCZXb9I68gRdLDPcD8ke85HA1AdEl4wYecVd6tA0YUqR2Y1buZMk0RMolMI+1:vmLk26buZMk6MolMI+0QZxr2q9","tlshash":"88131332c1d72467023b9ad5f1f9b73ab0e3a26dde131e0092f96b594bcfe52e502446","first_seen":"2026-02-06T02:41:06.875128Z","last_seen":"2026-02-06T02:41:06.875128Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1483,"timings":{"blocked":491,"dns":233,"connect":259,"send":0,"wait":499,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"piier.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tj.xjastana.com/skin/js/tj.kuaipai.js","fqdn":"tj.xjastana.com","domain":"xjastana.com","tld":"com"},"ip":{"addr":"156.244.65.2","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://piier.cn/","date":"2026-02-06T02:40:41.462Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tj.xjastana.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 10:05:31 GMT","end":"Sat, 25 Apr 2026 10:05:30 GMT"},"fingerprint":{"sha1":"54:3E:FC:E1:43:A5:FA:83:57:1A:E1:AD:BD:B4:0A:5B:61:06:3D:BC","sha256":"6C:07:7E:89:2D:7A:A8:F6:BA:01:31:28:5F:C2:44:64:34:90:32:6A:59:8C:64:02:85:39:77:C4:2E:8C:2C:5D"}}},"request":{"raw":"GET /skin/js/tj.kuaipai.js HTTP/1.1\r\nHost: tj.xjastana.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://piier.cn/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Feb 2026 02:40:42 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 252\r\nlast-modified: Wed, 17 Dec 2025 09:18:12 GMT\r\netag: \"69427554-fc\"\r\nexpires: Fri, 06 Feb 2026 14:40:42 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":252,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"c565d44dd778ab01360ea2aebf571802","sha1":"ec7147fea64e6f7bab7ef81785793c250f571898","sha256":"d6b7e5234a725551c16c22b7906a22eab0812277e465dae1098bfb16d43832a2","sha512":"650ef9998703753c90e367f021f980408d03a980639599ac457bbbb0115825771929388eb7d2d7582f15787c9ef6071ad4f4d661f9000119d889d514d5ff4d95","ssdeep":"","tlshash":"17d0971f2c992838736a043ca1bbe94cb263914c507dd40288dde88058a0fc20c2ebc8","first_seen":"2025-12-18T22:10:57.955382Z","last_seen":"2026-03-19T22:59:38.900994Z","times_seen":117,"resource_available":true,"data":null}},"time_used":1392,"timings":{"blocked":566,"dns":71,"connect":249,"send":0,"wait":249,"receive":0,"ssl":253},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"piier.cn/skin/1/images/ico_more.png","fqdn":"piier.cn","domain":"piier.cn","tld":"cn"},"ip":{"addr":"156.254.33.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://piier.cn/","date":"2026-02-06T02:40:41.464Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skin/1/images/ico_more.png HTTP/1.1\r\nHost: piier.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://piier.cn/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 06 Feb 2026 02:40:41 GMT\r\nContent-Type: image/png\r\nLast-Modified: Fri, 28 Nov 2025 08:13:28 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"692959a8-544\"\r\nExpires: Sun, 08 Mar 2026 02:40:41 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1348,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 44 x 44, 8-bit/color RGBA, non-interlaced","md5":"d0010de98daf5e03fcd05e51f355ac6e","sha1":"ef3177969ef15e22ebfe3f36a2a541b87a405594","sha256":"5c51b8799989cdf31e17ccc22e49a0c8c7eedbf64b7c405b1081f2d613b10b86","sha512":"bf6736a8a6c23a90d0999ab71a2fa10b8dd8ceefbf16875adccc5a9403633a3369915b62993e0266e3cfd5f42f6dab41708acf6a2bbb6800f763b4c2cf4bd3ba","ssdeep":"","tlshash":"c82108bfa3947838e21e2966e27da8859f336328131e837b30c064bb57952859414ad0","first_seen":"2025-02-12T06:20:30.635856Z","last_seen":"2026-03-22T04:49:25.687818Z","times_seen":35,"resource_available":false,"data":null}},"time_used":795,"timings":{"blocked":259,"dns":1,"connect":267,"send":0,"wait":268,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"piier.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"piier.cn/skin/1/images/ico_down.png","fqdn":"piier.cn","domain":"piier.cn","tld":"cn"},"ip":{"addr":"156.254.33.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://piier.cn/","date":"2026-02-06T02:40:41.466Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skin/1/images/ico_down.png HTTP/1.1\r\nHost: piier.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://piier.cn/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 06 Feb 2026 02:40:42 GMT\r\nContent-Type: image/png\r\nContent-Length: 289\r\nLast-Modified: Fri, 28 Nov 2025 08:13:42 GMT\r\nConnection: keep-alive\r\nETag: \"692959b6-121\"\r\nExpires: Sun, 08 Mar 2026 02:40:42 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":289,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced","md5":"e43bf274c14661c6ea343b8f4ea4263b","sha1":"808ab8b6a610e99e0e13b3c35a177bd43b6ceaab","sha256":"271a5012cac04b72af49e6165fa807c25403204dedd1c5f06c582777cbb0074c","sha512":"7607ad82c5347d2de44fb34381481442b0b1d46feb9640141c8b87dbc1c48d9e5bfdfa6cb68613b5bc11a7621d0c7b89da4b8bf340973520a9d90f7d69625ae7","ssdeep":"","tlshash":"04d0ebfb2f1ddd20ca79e63fc0892843e8ca3263020c6d0e092068b87806c39024d60a","first_seen":"2025-12-08T09:14:40.822583Z","last_seen":"2026-03-22T04:49:25.694896Z","times_seen":23,"resource_available":false,"data":null}},"time_used":769,"timings":{"blocked":509,"dns":0,"connect":0,"send":0,"wait":260,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"piier.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"piier.cn/skin/1/js/swiper-bundle.min.js","fqdn":"piier.cn","domain":"piier.cn","tld":"cn"},"ip":{"addr":"156.254.33.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://piier.cn/","date":"2026-02-06T02:40:41.471Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skin/1/js/swiper-bundle.min.js HTTP/1.1\r\nHost: piier.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://piier.cn/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 06 Feb 2026 02:40:41 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 28 Nov 2025 08:15:16 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69295a14-22eba\"\r\nExpires: Fri, 06 Feb 2026 14:40:41 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":143034,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65277)","md5":"8e350189ca403921effb91eccea88504","sha1":"eb08f89875ba610dcf5ad5d691cf0259cca97ff3","sha256":"5c26dbf61b3922aa3290fbaba9a5640bef360d5d8243174738dde7086d25bcca","sha512":"4289331bf07ff62e57dc161b9aec8d9f66a1f44880a4ae4a638b1a39865109020db81f97e76103d0bdd109cff5c7b61403ce6a68567dba8078c794a690b18225","ssdeep":"1536:EIJcfGRELR8Nxn0LzGhd+IWzGolxUFnOk8+ILDX1ftgeQV9qDlUpf/arWcplXvQM:HJDNmLz2vHnOk82V9SAXiTnXpk07jl","tlshash":"f2e3f8896220b57646e316db93e4c621b3b54540b80ac8f470b94c9f597ec9813feffa","first_seen":"2023-09-22T06:50:27Z","last_seen":"2026-06-02T20:50:33.697573Z","times_seen":723,"resource_available":true,"data":null}},"time_used":1061,"timings":{"blocked":251,"dns":0,"connect":269,"send":0,"wait":271,"receive":270,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"piier.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?6bd5eb514ec6565bd84e0052f3e580d3","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.182.140","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://piier.cn/","date":"2026-02-06T02:40:41.733Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.js?6bd5eb514ec6565bd84e0052f3e580d3 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://piier.cn/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\nContent-Length: 11286\r\nContent-Type: application/javascript\r\nDate: Fri, 06 Feb 2026 02:40:43 GMT\r\nEtag: 74417af405ec909ac09e59c0c2009617\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=64B9333E5209AD1C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":29892,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (616)","md5":"4ec83101f766efa1969cf38832d5d125","sha1":"e2ccccc628cc8964729fd92c1cab656f254e2b07","sha256":"80c4f6d9820216a724866fc2d90c5f9a71feef2209b1a971a0a19331f12d034a","sha512":"1043ea0670fc931967a4f1bff1e4ef6c9a4eefcd1f2b1da15ae7a218cfa6e4592ed9eb71c25124a72e5bf5e4b7dc5ef336458c74742753702beb170c2c5625af","ssdeep":"384:K+JSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:K+4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"6ad2d9a9b282713293a324a5153f724af07b5a54bd4968a4f11894c07d38fbb027bfdd","first_seen":"2026-02-06T02:41:06.878754Z","last_seen":"2026-02-06T02:41:06.878754Z","times_seen":1,"resource_available":true,"data":null}},"time_used":2958,"timings":{"blocked":1316,"dns":274,"connect":511,"send":0,"wait":324,"receive":1,"ssl":529},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"piier.cn/skin/1/css/swiper-bundle.min.css","fqdn":"piier.cn","domain":"piier.cn","tld":"cn"},"ip":{"addr":"156.254.33.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://piier.cn/","date":"2026-02-06T02:40:41.459Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skin/1/css/swiper-bundle.min.css HTTP/1.1\r\nHost: piier.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://piier.cn/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Fri, 06 Feb 2026 02:40:41 GMT\r\nContent-Type: text/html\r\nContent-Length: 148\r\nConnection: keep-alive\r\nETag: \"66bec210-94\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":148,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"630e1f9fef1a483fe84154e2d0d046df","sha1":"f10e0cf39fb920a438116caaea80a71e0dcdc162","sha256":"9cad3cff676946810a81047247f12e4e51faccc01df4134edfd871aee8ba0956","sha512":"33f8257b60c25704f0856806337c13e8afe964c5b075d80f15abd87ffa59ff0329f12de0c4b5978d4640d5b70c0a997c0c239f422d4da5bbdcb3727c281cfcda","ssdeep":"","tlshash":"1ac02b0d346366448a03001023c33240d086833f78da8010380ec083f3cf39ac4c73ae","first_seen":"2024-07-21T17:05:04Z","last_seen":"2026-06-03T00:12:31.198473Z","times_seen":14980,"resource_available":true,"data":null}},"time_used":260,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":260,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"piier.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"piier.cn/favicon.ico","fqdn":"piier.cn","domain":"piier.cn","tld":"cn"},"ip":{"addr":"156.254.33.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://piier.cn/","date":"2026-02-06T02:40:42.675Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: piier.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://piier.cn/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Fri, 06 Feb 2026 02:40:42 GMT\r\nContent-Type: text/html\r\nContent-Length: 148\r\nConnection: keep-alive\r\nETag: \"66bec210-94\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":148,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"630e1f9fef1a483fe84154e2d0d046df","sha1":"f10e0cf39fb920a438116caaea80a71e0dcdc162","sha256":"9cad3cff676946810a81047247f12e4e51faccc01df4134edfd871aee8ba0956","sha512":"33f8257b60c25704f0856806337c13e8afe964c5b075d80f15abd87ffa59ff0329f12de0c4b5978d4640d5b70c0a997c0c239f422d4da5bbdcb3727c281cfcda","ssdeep":"","tlshash":"1ac02b0d346366448a03001023c33240d086833f78da8010380ec083f3cf39ac4c73ae","first_seen":"2024-07-21T17:05:04Z","last_seen":"2026-06-03T00:12:31.198473Z","times_seen":14980,"resource_available":true,"data":null}},"time_used":269,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":268,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"piier.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}