{"report_id":"2a6c3492-23d3-4929-ad1b-a48eda7d9986","version":6,"status":"done","tags":[],"date":"2026-04-06T18:40:52Z","url":{"schema":"http","addr":"htyrz1.bbjxkecs.xyz/","fqdn":"htyrz1.bbjxkecs.xyz","domain":"bbjxkecs.xyz","tld":"xyz"},"ip":{"addr":"154.207.253.63","port":0,"asn":0,"as":"","country":"Seychelles","country_code":"SC"},"final":{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"title":"51吃瓜网 - 吃瓜爆料第一站，全网最快最全的吃瓜平台","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"htyrz1.bbjxkecs.xyz/","fqdn":"htyrz1.bbjxkecs.xyz","domain":"bbjxkecs.xyz","tld":"xyz"},"ip":{"addr":"154.207.253.63","port":0,"asn":0,"as":"","country":"Seychelles","country_code":"SC"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-11T18:40:52Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"htyrz1.bbjxkecs.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"htyrz1.zgiwnnh.cc","ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-04-06T18:41:01.073588Z","last_seen":"2026-04-06T18:41:01.073588Z","alert_count":0,"request_count":72,"received_data":4193454,"sent_data":34565,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Clipboard.js","description":"","website":"https://clipboardjs.com/","common_platform_enumeration":"","icon":"Clipboard.js.svg","categories":["JavaScript libraries"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"jQuery:2.2.4","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Parsley.js","description":"Javascript forms validation script.","website":"https://parsleyjs.org","common_platform_enumeration":"","icon":"","categories":["JavaScript libraries"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.251.143.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-04-05T22:24:03.651898Z","alert_count":0,"request_count":1,"received_data":520435,"sent_data":438,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"region1.analytics.google.com","ip":{"addr":"216.239.34.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22257,"first_seen":"2022-03-17T11:26:33Z","last_seen":"2026-04-05T22:39:23.453784Z","alert_count":0,"request_count":1,"received_data":830,"sent_data":1026,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ap.dc-report.cc","ip":{"addr":"54.254.158.162","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"domain_registered":"2025-12-07","domain_rank":0,"first_seen":"2025-12-23T07:41:17.432845Z","last_seen":"2026-04-02T07:32:54.51103Z","alert_count":0,"request_count":3,"received_data":876,"sent_data":1359,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.google.no","ip":{"addr":"142.251.143.131","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2001-02-26","domain_rank":92680,"first_seen":"2012-06-26T23:22:08Z","last_seen":"2026-04-05T22:38:38.539019Z","alert_count":0,"request_count":1,"received_data":580,"sent_data":624,"comment":"","tags":null,"fingerprints":null},{"fqdn":"htyrz1.bbjxkecs.xyz","ip":{"addr":"154.207.127.63","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"domain_registered":"2025-04-27","domain_rank":0,"first_seen":"2026-04-06T18:41:01.075761Z","last_seen":"2026-04-06T18:41:01.075761Z","alert_count":1,"request_count":1,"received_data":288559,"sent_data":488,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"pic.glgyza.cn","ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"domain_registered":"2025-06-18","domain_rank":0,"first_seen":"2026-04-06T15:37:51.174672Z","last_seen":"2026-04-06T15:37:51.174672Z","alert_count":0,"request_count":80,"received_data":22303870,"sent_data":36797,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"78e0fb49bb7a7d1f1552389ddeb54876","sha1":"0551042565108a2694a2ac7a04a022f4d077447e","sha256":"079b66b04f8796dfa1ebe0bdeb4275a9decc2cd42b186b1716afc35114d010bd","sha512":"3b611d66729e8286659f9fe3ff911eea2b480d67b12bdabc5d580bc73ada1e2b0785c2881f459bc445a034bed1d8340b5b5e21cf2b8a05c9de6360af6f8174fb","ssdeep":"","tlshash":"5a9004d533d35010475313dc01775ccc503444f114544dd04050f4755c55031d3d5c5c","size":43,"data":"","first_seen":"2025-11-12T04:33:15.855922Z","last_seen":"2026-04-06T21:37:02.627018Z","times_seen":12087,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"ffd404e0d47f20cf1e22c8af22d69328","sha1":"c9b625d2c33cd5d6fbabdca99dfc054b59fa0a72","sha256":"84f200d164c9d322a84119fca80b7196d0c88918cc15cd8f0122b09dd9eb6a62","sha512":"95c5fc01ad24398929ccecd1996a2f86913dd788314f26f75b28fe618c10f1fe08ff8c17d2e8f29d6954015de662f4633ba706058554b7583ae2a9b498f56ece","ssdeep":"","tlshash":"aa90029522c3500046561298005668859038846014448d4440409492989506591a946c","size":43,"data":"","first_seen":"2025-06-27T04:20:30.635277Z","last_seen":"2026-04-06T21:37:02.635917Z","times_seen":9657,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"78e0fb49bb7a7d1f1552389ddeb54876","sha1":"0551042565108a2694a2ac7a04a022f4d077447e","sha256":"079b66b04f8796dfa1ebe0bdeb4275a9decc2cd42b186b1716afc35114d010bd","sha512":"3b611d66729e8286659f9fe3ff911eea2b480d67b12bdabc5d580bc73ada1e2b0785c2881f459bc445a034bed1d8340b5b5e21cf2b8a05c9de6360af6f8174fb","ssdeep":"","tlshash":"5a9004d533d35010475313dc01775ccc503444f114544dd04050f4755c55031d3d5c5c","size":43,"data":"","first_seen":"2025-11-12T04:33:15.855922Z","last_seen":"2026-04-06T21:37:02.627018Z","times_seen":12087,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"e66be05a247d47a2ef4c31d759104a48","sha1":"59c8bc5e8d08c356a02c03b84997d52a8aa8fa41","sha256":"03d0c3308cceaf1610133eebdf4537654ba3b8e273afce1655f57fcceea5e3ac","sha512":"f0de6427c5a04df25dcff17e026036d15f41dbe1eb33b3d56b2e2572a6f30eb0517d4e35507bb87c65acd6183c4a749359dacc9844d3b0954071a8fab142b033","ssdeep":"","tlshash":"cfb0127aa95a4d0f0905154c328457dbfda8c356004605a1385947f581e11e24845d04","size":92,"data":"","first_seen":"2026-03-21T22:58:50.204665Z","last_seen":"2026-04-06T18:48:06.416055Z","times_seen":287,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d1a7f8805bfaf711f28437f8ab936ca9","sha1":"6f6d4f865195ee84d2cb4349f785ac3e2529decb","sha256":"1c47e66880af5210a71b11dae6f3b7fd15259b6ca025b933604e17850d06d774","sha512":"20aebba0ad67acc54c70b1f7d703fbf3538dabef5b0de519cb75baaadc117eddd3dbb475a669bf0a2b049ed2d54c55110c79c950e1c5ef934947dabc2da0ae60","ssdeep":"","tlshash":"a201241dbae31458b61337389b3f4389787015032428db88f84ce681af60c2594feaf9","size":683,"data":"","first_seen":"2023-03-13T16:33:51Z","last_seen":"2026-04-06T21:20:08.974946Z","times_seen":28377,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"17ef3489fc49f91cb65909deb6a725e5","sha1":"57699807bd282f82ba755fd72d9a6e74110041a3","sha256":"08563bd3e7d4836939aedfc1b4d18b09a8ff5d0cf96439dece4fe2c23e5edc62","sha512":"bf8df3efcc4ff4421fe617360f8791c3f5fb953d4e2d326e39beadcacbdddc7145b62633d4aad546ae10366672fe4767bd932d84d11e43962fbe30e3845fe304","ssdeep":"","tlshash":"0fc02b8c210e0c7041fb2b40cbbfbe04b0423314d4e26d33891923445d30f13d744c10","size":153,"data":"","first_seen":"2024-05-29T22:00:38Z","last_seen":"2026-04-06T21:31:45.187298Z","times_seen":6774,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"c658a82d0df9c5c81f0ff6311249b034","sha1":"14015b9416002cc8f7fd9d2bf4b32e32feed60b8","sha256":"9faee7a052ae02756a7fb24e85ce75c261a07a394d7c4bdf73ee06724cccf0ef","sha512":"16bd4d446fa8423a6932a78cfc234d8c923b33478f8ef9cec81d1fdab066d8436163cb4c6a7dd8b84992abb7ca0626936053f92cbd685d51ecfdf152879305ee","ssdeep":"","tlshash":"214124694906d22565451038ad0fe74137ce932bbc4cf701f2ecda046faea2de4b6ce4","size":2078,"data":"","first_seen":"2026-03-30T17:23:08.858712Z","last_seen":"2026-04-06T19:18:11.179992Z","times_seen":911,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"1fe8b95aa326266ac3c84ec463f090ee","sha1":"2d52b70dd4e76e355b086707f39a78e1451b0263","sha256":"9e1fa744174ec14906aa64ef03c61575b0b5ee411240521c99dc654d82ba0379","sha512":"1c93fabe05182dde91fa9a8cd3dec21d5e48650bd18bfa1d45314ebabe8addbe21ca62ec148e3eb22e5e0f82c2ce6dd944ac7021209a2cd712cbce442e2b9725","ssdeep":"","tlshash":"4d9004dd33c35400475311d400d73cc45034447034554d404474d4711c55135d15dc7c","size":40,"data":"","first_seen":"2025-11-15T10:51:27.219486Z","last_seen":"2026-04-06T21:45:50.159168Z","times_seen":8105,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"e50ebfcefd6cb362885dc70437b0b101","sha1":"e6e5d4b64aac6e38387e236b4b02315fe29fab79","sha256":"f1f9bf4ad7f37b1525d117e49369dc6d7116efca1c61f2de3c9b2b837bad2d2b","sha512":"0ff4be125d40b9d058327b4a9878a0a340609b5bfddf9134d12f57e8efa05b2ce3625f97ea0c16e574b3fef4602d377552a5bb5c1e2ec49a66a1b96f3b70d7d6","ssdeep":"","tlshash":"cbc0929c80e3e080a55a2229729e838929f2800b2a96e72bbe1c81486f0059e45385b0","size":144,"data":"","first_seen":"2023-03-08T09:43:22Z","last_seen":"2026-04-06T21:20:08.978181Z","times_seen":28317,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/js/7.10.0/swiper-bundle.min.js?v=1","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f9cadf6d58ee7c472ec17cc71a5cbe09","sha1":"1ff2760a4dbbcb6c9b5b7b5d614041f5ec0f9646","sha256":"ca14261d766828dfc9120faacc847fbafc086fb2948c5e219ac989403ba8ba2b","sha512":"f0fc4bef7db4a44d983ce101de96da366b94a0fd17d5fc8f721713f66f98cce0b602f570aa3134766d5501c86fd4f307bd31d0852b892e99d346a49f69980b4f","ssdeep":"3072:QJVnjuHkOVtuD6poy9v8cnWDkwV4y+6GEcTYEfBxK/Mxz:QJVniHkOVtuD6pl9v8cnWDpV4y+6GTcs","tlshash":"e6d3f8997320b1a552e3268b92a9c611e3b51400b409c4e871bd4c9b6d7e99c13ffffe","size":140474,"data":"","first_seen":"2023-03-09T03:55:40Z","last_seen":"2026-04-06T21:31:45.159853Z","times_seen":18962,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/plugins/tbxw/js/zzz.js","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"78dab9fcf576de8cba46edd716dd2309","sha1":"7113abe41f95159f9bfccf70d01bdda1055af2ad","sha256":"7c66d6c8e2c470780513a282b66e2b5b7429ed863d6a0ecd6054b38dcda004b5","sha512":"dbb858875e532b475f827c930c154cac09e9a952b20053a0f7e1b34a050100a0a3a41f8aabeeab4af2dd90082363fe3ced3a5957f7250a4918d305b49655e040","ssdeep":"768:J1Z4iiyfiD78x6l42SWRV4HC0o10LEnM9OT81agZnEpn6ZFCsUleZ:vZYDc6lXJd1mZpZEdq","tlshash":"da331bc5a19c609153a774d50d7f704bb4637526170d89acf228e8eeecfcaea9039d38","size":50811,"data":"","first_seen":"2023-03-13T16:33:51Z","last_seen":"2026-04-06T21:20:08.849671Z","times_seen":29450,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"b6de2fbcc7c834ed50e2f1873c53e4bf","sha1":"fd1d138a7d9d30684557a3664a258d8afa0458ce","sha256":"a8d080afbdb9d28572091a90097ded0beddff3cd784d1c3a9f6536a07c9cbebc","sha512":"8fb29c65e7ed7a437c4afc152cd73019dad0323b62bff02b9c66cc29fa8ecf1d22cb316077e3c77387b73fce7e2321b43699d4a9f2af5946192588c76162d668","ssdeep":"","tlshash":"390176fb78a267b04bbbb03e33ffd345393560031801d9527d0c48a06fa4ea4202aac9","size":751,"data":"","first_seen":"2026-03-04T08:58:20.595878Z","last_seen":"2026-04-06T21:31:45.190195Z","times_seen":7050,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"ab2bcd63fc80d89c823d8815c5f01f59","sha1":"a1ceb22ff604efcbd264d6edef9dc3bb3ea8f52b","sha256":"abecb9bd9743e60dec11eef7f4e0c9bc7075216816e5aad1264247ed87336a6c","sha512":"ed51da49aa702d521d96da1ae1c90fac7f6f28c43859ed639ed2482bee284f90239f2b8de8c2d16ba743fcea6cf839818a3c448e2ba7ec44145035f6627d6317","ssdeep":"192:UDKhafGfAG/QN8QgVa5yvpLkq4mDycdJH06y7zN/0ov/JbVhZ8WRqh9fd5gMlpJv:Uehm1ERBzW0b9px","tlshash":"d4321e0c9ef3546da123703e5b7f5248727981035208cf153e5ce290af61976aaf6bf8","size":11906,"data":"","first_seen":"2026-03-13T10:31:56.759888Z","last_seen":"2026-04-06T21:31:45.191116Z","times_seen":6721,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"0f644ded6bfc5d620f0c03a6978e7921","sha1":"3b83566660b779a041666866b7c81a28959ff40a","sha256":"003ca60c4cf5c0c65a3a2349a9ec7031584bbfb841829c5802b07bce41bcda61","sha512":"bf86cd65413307310fa5915f31d655c5630128345318effaba6d91f1b534fba5dd8b7cdcff7bba38781544fef2b36182ccf52b6dedde1b5713464606b318e023","ssdeep":"","tlshash":"5bf05005d0d386ebd9bb3b1216c74b843ba2698b7ec67f22719cd7499f004ec5478ac0","size":607,"data":"","first_seen":"2023-03-08T09:43:22Z","last_seen":"2026-04-06T21:20:08.980243Z","times_seen":27790,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/plugins/AiSuite/assets/common/index-ai.js?v=20260307","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"1d48dcf030752fbe3aa418bfd7db3eb4","sha1":"335b8a38794605aeaab4a5a9f40fce253e2740a6","sha256":"ed65e14e569f8d33ae104ca1cb6e57b6ae666e12c002e048d0ef82770cc1497c","sha512":"a944a1db6164e00d95041933bf19126255b4e745371fea9e557ea02e2e2046d952102901f9e8c3db760e3e82522437dd15b788e1cca8a0bafa59623d33625e19","ssdeep":"384:IkSVlcz8cJPkBj/r5pRWSLFwzY18zkJsMNFCoGp5va6Tr6iIVep:MVqz8cJw/r5pRWSZuYRJ/NA7p5Prqep","tlshash":"ec13a50a3aff74118567706a6befa0057630a0177209df087f4d87985fc252996e3bee","size":42665,"data":"","first_seen":"2026-03-13T08:37:15.167396Z","last_seen":"2026-04-06T21:31:45.027024Z","times_seen":6959,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"b73079fede8d011910732eb8fa378101","sha1":"b3ea7c437fd2427bdc53617c3d093e3356593982","sha256":"2bfdbe50b3a6d17ffa9e5c7cc7901c0e27284d173709225a75e274e8b1061fba","sha512":"4d764819a43ce5001f2e62dfe8c4e6d99462bb24f2dbddfbe6e2e054a6df356d306a090fb89a14550b3aa4708bc4e68c8191cd519e52f508e5160118e60e0a7b","ssdeep":"","tlshash":"58c02b03331dd09d24a4b0066945024e7044098f04c063033acc45d6df0827f120a201","size":168,"data":"","first_seen":"2026-04-06T15:45:54.03636Z","last_seen":"2026-04-06T21:34:44.129785Z","times_seen":169,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-P6HKH41365","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.143.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"bc8f907e8b8aa4a25b192c45d221bd8f","sha1":"b429ad1ff8f187086ec3716927fb683bb214204c","sha256":"56c78c7a1a2aeaee739c16628f5a5a02f5f2243a14bec6b8289049c07c30459d","sha512":"1a65eeec1cf4b41231657a929b62410c05ca7ee45b8f7529a4ffa93f00c46705e2b793613f5a2d7743ca3d31e24f0563e616fca1b2c5daaf6a8420662fc94555","ssdeep":"6144:GxOsP1r/F1KkX3t5SZEYGeOkdWYi8+WzcQqXEJ4XKHU4tvRzE5kzp:i//KkHmbdW98Igll","tlshash":"3db409ceb3d674225296f478903f01cba97b35e2b45cc8aab189cce02d3465a5177f78","size":519831,"data":"","first_seen":"2026-04-06T18:31:09.522498Z","last_seen":"2026-04-06T19:16:22.420927Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"36c5b99772d821752789e963ed9a3023","sha1":"602e8f9dca590d4922a2905a000dd0ff649574d8","sha256":"5f4794b8ef7384a1ba2983d8e1765f152d17a43dc479c4369903ce50b7c82e70","sha512":"bc1ddb43c233e304b61677916cffb54fa84b1eb41584f00fc05fc8d200092fdbcbd6b147bbeeaf9bb378bf2def24525fbe150ed36a64d50479e5fd6c08a64e72","ssdeep":"","tlshash":"0f1168cdc853067c166b0acb1ee306c82352a58be446c22732edd74e9fc42d458397c0","size":966,"data":"","first_seen":"2023-03-08T09:43:22Z","last_seen":"2026-04-06T21:20:08.981583Z","times_seen":25936,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"195f5a2f3c5d7c190b6c0b0ffaa27505","sha1":"d975f0b22fc5665190e11cb5e77f76690d27bef3","sha256":"d650be4c86383fe2863d53f86fb123fd7441ecab55dfb96b95bb0331a41bf068","sha512":"424133ff9c7eaaf2daeb98bd154e389451367a7a0e565bac9dc134d9737a23909230ad2323ea88b44777eba5cc1dc1af8a8900e6956234c46dad1783845fd45f","ssdeep":"","tlshash":"efd08c308771f420c42b0947e733138a30c2420b5644c00bf36ce48c2f18e823aa84f2","size":243,"data":"","first_seen":"2025-07-04T14:08:19.000209Z","last_seen":"2026-04-06T21:31:45.194857Z","times_seen":19519,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"c430759ada1e4d4aa09251a54cdd256c","sha1":"1e0b4e3954cf567335df57848ce9be405edbc5b9","sha256":"52b54c3ca08caac4a9f3fb8120f45d880b5fbf695c6d2a6a8c356c9e3ef77879","sha512":"64983ed52ed91b778c499e1c299565ee2b0edf700e6821beede4165f003c45d02cfb728cb35fad3b3390963f2517d3ed6c395654ba354ab012f9169c9d1cb05e","ssdeep":"","tlshash":"ede026126f303031e616808f91a512c26cd0035b6a45e892301dd0459fc0856549ace4","size":399,"data":"","first_seen":"2026-03-26T09:29:39.001408Z","last_seen":"2026-04-06T21:31:45.195783Z","times_seen":5757,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"e97e4024804218d3e1ed390039b45cfe","sha1":"be4338b6aac24265e79e6f49747675300b2e6e0e","sha256":"9fb9ebb3116b254ba3d32cc7022dcd9b528b678f834430004b2be42212978f1f","sha512":"950c2fe676f8ba07d87217047cd84913517d52ad7a2f4f0d7eeae2743f2ce5a313e77396b0bb1f1d8e5d12f19c8519c528b6681affb59f6fc46fc9753e662ef0","ssdeep":"","tlshash":"58f0c2310a2484798a57838741a1e7caec95240b6c06644e323c4f985f4ceae52b2c69","size":559,"data":"","first_seen":"2026-04-06T15:45:54.039956Z","last_seen":"2026-04-06T21:34:44.131912Z","times_seen":166,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/plugins/AiSuite/assets/common/popup.js","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"026709ed231cf8d920385fed59c17ca6","sha1":"19696886744402cb73a48a41e625b23f5acbb813","sha256":"3438d0b2d18590fa1f7f0c324a5ba9f42b699de78006ed372ad043bdf46a7e1e","sha512":"aa01a6f89fad627df9437b5bcf8c3feeb7bb9719d12f12ad8e00d031f3092d1de299ffa4cd98229ddbfd3c455a21934e0e391e1c06d979cfe65fbc0f08cf99e4","ssdeep":"96:P1spJ1L0gLrdAZLLCWICzj3nMjnjOSdFsCaxud:QTo3ZLLCvQj3nMjnjOSdFsCaxud","tlshash":"c4d12f9931f3213082abb27e6faba0143230a0477108dd197f4d5f900fc573a66e1bea","size":6669,"data":"","first_seen":"2025-11-08T04:26:01.83069Z","last_seen":"2026-04-06T21:22:32.131485Z","times_seen":20978,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"8c3e7d23cd2ec46aa43b2c2f1362b086","sha1":"b679496a17129fb72ce8efe1d9926cf3c16f2ff5","sha256":"3897f37e7fcfa74567cee0178eb75b45c74d4bff86e92727131a450e97c26e12","sha512":"3b1c401f3dd1ebef77cc708cf62c8eb2fdc7db252a26fac426e5edd96190b03286f6eea0576a0c2201201e61323375ff059bdbcfce5a19eef6e737bef126c21b","ssdeep":"","tlshash":"04f0c2b64714c47e410bc68b41e197c9bc91254b3c09a84e322c07a95f48dee0372861","size":560,"data":"","first_seen":"2026-04-06T15:45:54.041655Z","last_seen":"2026-04-06T21:34:44.132445Z","times_seen":166,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"f25b845a240d219f4245a19bf4fc09b7","sha1":"8851f8f8b5ebb8de1a2c16cf01fedce895dcaad5","sha256":"3832409864bd881d338464f28158160bb0af0b56b7f5b4f1d020a55bd9b262e1","sha512":"bd315187fc246bf558983260154a95b44641eeec1628a7093c3cd1c420ac6b9a017e2f77b0353008ef672a5830b621741790753aef0ad43a69267aa4baa33a9f","ssdeep":"","tlshash":"34f026f1127084bd555383c70aa603c59c91380f6c00704e332c07885f88df9c270592","size":586,"data":"","first_seen":"2026-04-06T15:45:54.044007Z","last_seen":"2026-04-06T21:34:44.133009Z","times_seen":165,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"4844d69b6594d22b428e3b51746d0649","sha1":"8d677dcc2d9e661caa035cb1471441862e677dbe","sha256":"6622137b1660564a6b495beae73460ae3b4bb606ca9c2cf7c028714ffe7d6f0f","sha512":"1f18cda32358d553b1450ac1101fc7054ee669ddc833521073b2d892c2c07ffb0e615c36a0ac153401b014e8b719bed0a40c718aea94adf4ed0f4fad20ef7854","ssdeep":"","tlshash":"c5f0c2b24610d479815b428752a287cdadd2144b3c45680a323c0bc85f4cdae427686d","size":560,"data":"","first_seen":"2026-04-06T15:45:54.045002Z","last_seen":"2026-04-06T21:34:44.133499Z","times_seen":164,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"8c4fb04a0b56b0526b0e7e310177308e","sha1":"e5a9894618384965d2f8b37e3f163b24aa3a6918","sha256":"9b06c0ff371f18df6ac5f3ddf6fc12797d9a176804c291a94af879b2c91cb488","sha512":"98a1cc4ff06e055445a7ddda8e2224926068146633551f09e5223fa349575fb45e15f0742cffa73315aa021c2cfa607200e3631a27bc555561939c6e03b6b4d2","ssdeep":"","tlshash":"faf086624669c4ba455683cb656e03c7d892191f6801700e332c0bc85f88d7dd231966","size":586,"data":"","first_seen":"2026-04-06T15:45:54.046424Z","last_seen":"2026-04-06T21:34:44.134053Z","times_seen":163,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"b0e9399d0867813761c6f140018ae330","sha1":"2a8b8f416e67fec4e2cabe47fb22144c78efcebc","sha256":"d95161799548398815f54cbca5f7b061acd578c215bfea9486528677296ffe08","sha512":"2a914e0e65e9526964ebf73a41416f421681e45018ef1183ca4dbb7b05dd21502e728f4191553f1d8b3a14dd2fff58072aa13453cf1f9f07ed99438709c584e2","ssdeep":"","tlshash":"c6f0c2ba8611c87d820b438751a19bc9ec91190b3d06640e323c47ca5f8cdae1372869","size":560,"data":"","first_seen":"2026-04-06T15:45:54.048154Z","last_seen":"2026-04-06T21:34:44.134583Z","times_seen":163,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"5cf4cb18351a776ee532ca99f5d6c947","sha1":"60dbf2e08dbc1a65949688bfb4a77ebe177d6b08","sha256":"239954084a83b608c6b679df33f138a8f32b68c3c2363d3a7f25fd796b7fc532","sha512":"ce668cadbd0ca01e12f77627e2236ef9e26235a15e5974e63ef4929c2d6a42b82ba446ea86357a8c3a33f3a95fcb4df006a3f6d946ac8ae571897d960cdefcdc","ssdeep":"","tlshash":"53f07d3507a5887d8b9b83e7907407c5ec512b0f2806b00a333c478c0f88dbe1170512","size":586,"data":"","first_seen":"2026-04-06T15:45:54.049531Z","last_seen":"2026-04-06T21:34:44.13513Z","times_seen":161,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"9fe99322c3ea4e23c73498d37fe6ca44","sha1":"a2ff42269506395aea079914922251c9979a9458","sha256":"041acb3f8fde8b0313f12c37a9a5f08c36151fdbff14ada55c90dcd6d3dedde0","sha512":"c8ce16f5e031639302272275860001dd6642d1d95ddeb5614567fbac79782d41637ac56e0d532da384b144ba4df6b23b32c542373c33fc2393fce3d37a37d1e0","ssdeep":"","tlshash":"12f0c2334660807942e7439762e1d7caec91140b6c46680a323c17885f4cd6e5276869","size":560,"data":"","first_seen":"2026-04-06T15:45:54.051401Z","last_seen":"2026-04-06T21:34:44.135655Z","times_seen":161,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"486cbce01057bfc80d5ea3bb3e57f87a","sha1":"2e8f8fd9447fa110bf9b7afa0442ecc78a64eae0","sha256":"2d173f7a9a53cbb62756cad9d28432c3b4ab8d438943f4f78e0739f7a0f669bb","sha512":"66e4ee2b257171f8751e1ff14899610434d8d5b86fc2f6d18a2a1901a88cd1a3aa94f16f5f53e26bcc45f5a3e82e778715ebd2bf00c2c1b551524f293c68896c","ssdeep":"","tlshash":"a6f08621565584f9455682db697a47c9dca1290f3805700e332c07c95fccd69d231956","size":586,"data":"","first_seen":"2026-04-06T15:45:54.056675Z","last_seen":"2026-04-06T21:34:44.136215Z","times_seen":160,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"810a1973a93da85b425ce1a92bb5565d","sha1":"aeaaa0f3401e419e6ddf4d8520287bc20db3d41e","sha256":"9c2a5e88ebc34e1a167719eb38accaaa574eb086ece7c48a28c0c3c61f8601bb","sha512":"aa981d1b6d8298330762dfb3fa4eb3d0c254418ae1e53d369378d165e1b7892ec198fbf45bf7adf5cbb1db91cf2df02f303cbfac6ddfbc46528b9f52d39dbdc1","ssdeep":"","tlshash":"73f0c2664610807e4217438751b1c7caad92158b2c05600e322c07885f5cd6e0373961","size":560,"data":"","first_seen":"2026-04-06T15:45:54.058057Z","last_seen":"2026-04-06T21:34:44.136725Z","times_seen":157,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"47c9cb8c1c237cd2e1dd9c34f540ad11","sha1":"9da66eb37f2a6ab430648b1562623a9ae05bbe3c","sha256":"74bf0541b2ce53c6f4fe636171b52f34b860e3057d33031cc4e84f2299899660","sha512":"a33d229cbb01d45a09c0fe9978375778f2930dc822fa8431a00857e5c1e4c61080f0877cf285b15d512534ffb089a3b358703ea0a75d069d238408b8d6c61eb7","ssdeep":"","tlshash":"7cf08c32522184bd415782cba9aa07ca9cd5280f6846740f333c0b886f8c9fa9271a62","size":586,"data":"","first_seen":"2026-04-06T15:45:54.059094Z","last_seen":"2026-04-06T21:34:44.137453Z","times_seen":154,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/js/7.10.0/index.js?v=1","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"cb2dd3d6af2a6071e0dbf36318294dc9","sha1":"a70950d23dabdc4376bb9114d86a812a174a747f","sha256":"5cebbf2bb3cb87701b4dd9e3c34c0b7555911210fa40093005c06a7b0705348f","sha512":"d721819a7ce31aa954a00baedef7a516d5339200b2f9f1e53656e457bcc33ea756cbdf3a586634824afb40a19c27080c179c2a01e5c7b99680e6d4057997f330","ssdeep":"","tlshash":"0241cf9831f720704b67e4792baba64d71301097112adc14bd4c07959fa8f3c9af67da","size":2120,"data":"","first_seen":"2025-11-27T05:35:58.063413Z","last_seen":"2026-04-06T21:31:45.026068Z","times_seen":13727,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-06T21:18:25.425781Z","times_seen":208388,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"848be27b24da400c282f43646d636008","sha1":"672b7e4a9179a4652328decaa4bfeab77605aaec","sha256":"7ab6c92d765b6d115a113cb7952a0a0ae60a1a4833b8105e1cc04d61bf6a5f77","sha512":"dbe0a3c828b4466e383ff6549850a842d7482a68a3ed9daaed3acb2f2ed9642d78c0268a7d71bc486d764d13bea7adb6bc725ed5e7650c8374a47fc4bbabbd42","ssdeep":"","tlshash":"7bf0c2718710847e415b4acb51b2c7caac91184f3c06624a323c1b981f4cdae4f7286a","size":560,"data":"","first_seen":"2026-04-06T15:45:54.060054Z","last_seen":"2026-04-06T21:34:44.138606Z","times_seen":152,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"593761bf5f21da73c5c8d53dd1910aef","sha1":"b083d29e127b38e163829a3700f924cfda8d1a93","sha256":"2db8bfda5b08c3084c1fb2087cae62493a333f186d019c25b65186a09976cc2c","sha512":"0641b76915f49213ada0cff830bb0d188df05230df4b0c0d6483b5c57dec92114237c5757800de84290dd38145478104ca10153043b2caf3b4feb45b1337f3d0","ssdeep":"","tlshash":"5cf08c6e523a84be4a67c28b557243ca9ca23a4f3c41710b332c0bc95f48ebe1271962","size":586,"data":"","first_seen":"2026-04-06T15:45:54.06103Z","last_seen":"2026-04-06T21:34:44.139329Z","times_seen":149,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"06ebf9e6d4c3162eaa64743cc1fa25f4","sha1":"e64336d18241b8f3bcb3a0b1e6f6908fcbfeaa98","sha256":"077083673da440d0597388125adffe90d007b790d563354af0dc09e49f5ca3b4","sha512":"f6d26601ed8b987c696b41bc6860288076d361a914172a9a2422451775a3e6d0bbdf4d62ee78cc87b9eab644fa2c82e561c9204236deb45d4f7cd39e52084035","ssdeep":"","tlshash":"03f0c2764620cc79810b828b41a68bc9ec92190b3c46b00a727c078a9f48dae0372871","size":560,"data":"","first_seen":"2026-04-06T15:45:54.062725Z","last_seen":"2026-04-06T21:34:44.140093Z","times_seen":148,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7d1beeeb1b791b29ace5a00ab052358f","sha1":"4a359996c55c66e00054eb3890e5f2c506cc9e50","sha256":"2c525ddf782f4d39be3a1da4fa8d31675fdd6c24620a847b65226d42a12e987a","sha512":"44d70ac16ba8d2f51be52434a873593d57114b04c5cca5bb8fdb07c73436158e39b9cd519f32948d0031048cd7fc8491a975a886466923102f9da1ee3b65ce00","ssdeep":"","tlshash":"7ff08c354262947e429bc6cb91a107ca999638cf6c01720b732c078a5f8ceba622196a","size":586,"data":"","first_seen":"2026-04-06T15:45:54.063663Z","last_seen":"2026-04-06T21:34:44.140809Z","times_seen":145,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"822edc48b1c93a84e755d0cc7b304879","sha1":"2575e197d99b5dc524f2332f4dc7e4a912f397b3","sha256":"44be240917c6f61b95529930434f5e983da5c7b32a1984dd737ec2ceb1a2c19a","sha512":"5761a3bbfafa42b51bd4183a56c0f7cf33c3c30667fe8ae2e72416ba4bb3ca2c14655022dd2ae11b3c65fa36e835241927e5314c2994a523f906b05f5a976c0b","ssdeep":"","tlshash":"e9f0c23a4610c47a420b46c761f98bcbbcd1190b2c05a04a332c07885f48d7e0372cb2","size":560,"data":"","first_seen":"2026-04-06T15:45:54.064631Z","last_seen":"2026-04-06T21:34:44.141406Z","times_seen":144,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"936f3841bc6bfe0699aa6d5b1a99f61a","sha1":"54b588736bf160f5c9735a12d353869b4284543a","sha256":"e025588b50c6c624d36b5c41abe8a343d693b32aa664686bad0d1b171c23b5d5","sha512":"d7f1aef57a5fa7c4696b8fa5e63b3702143c1b611ac4c4598b6d6f9ef6fbf3c18af0e4ebf18793824a50f77014873d199b5352c622309b4593e79a291bbfd577","ssdeep":"","tlshash":"2ef08c325361847e4666868b92654bca9992286fbc45b10a733c0b885f8cdbe1271e62","size":586,"data":"","first_seen":"2026-04-06T15:45:54.065558Z","last_seen":"2026-04-06T21:34:44.142052Z","times_seen":142,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"cfd72e31446114580c098b2f2fd98e0c","sha1":"688fb57b71befdbb9382d4b9085063bb7430f255","sha256":"850f49fb417c466b924f36767f9b620ee1057d496512f83d44e4d4ef73c564ad","sha512":"6cfc2e116017ed106a8dbf8d16ffe2a6475fa9fc69e56be167df6f5ad965ed03b18b32ebafa2dcff44aa95569f25057960b2510762721961a18aea43b5e96e1c","ssdeep":"","tlshash":"8e9004fd33c35000577311d400571ccc70f4c47014454d704074d5753d550705755c7d","size":45,"data":"","first_seen":"2025-11-15T10:51:27.209038Z","last_seen":"2026-04-06T21:45:50.146039Z","times_seen":8231,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"5336bddf4afa2b1fdb2c3e7c45a8bdb9","sha1":"d6e1b728ee322c09519b5349a733ba2afde07a2b","sha256":"b10ac6612f37030e481367896a800bff77f30e5031ff6dd49dc9eaab27d3a760","sha512":"1f855bb9169d95677945bb4205e89719022a88ca3aff94690c5779e3397017feadeaaa035015add22db67fcc19b7c6809b3f0cc362ac8179fb37b784411b7d74","ssdeep":"","tlshash":"92f0c23e4610c479420b838741a28bcaec911a1f3c07a08e333c07ca9f4cd6e0372872","size":560,"data":"","first_seen":"2026-04-06T15:45:54.066778Z","last_seen":"2026-04-06T21:34:44.142605Z","times_seen":141,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"569105c1ff12d7ec2d9dc958151673cb","sha1":"163abf6c23d460608604926d7b75306313a392cd","sha256":"18b452140fdd394b80790d2c17642190cf71f2f5f463ad1081fdf916570529c8","sha512":"9df7379dbba32f808d70e43cec4735238ab4db25cbb68017d794ef9f3f6e8c256c24b4b55cb20818ca5d631820e849667033b2724fddbe6d14548824d771a426","ssdeep":"","tlshash":"76f086219655807a6557838791a117c59951381f7c42b44f372c078d9f4cd7d5122655","size":586,"data":"","first_seen":"2026-04-06T15:45:54.067744Z","last_seen":"2026-04-06T21:34:44.143647Z","times_seen":135,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"03aed339ed66c569d89435ab89c118bf","sha1":"0801e871f73687bd2ec5839de4f147205073846f","sha256":"bd5c5ed0623315671eb51153773c7a3a0e50e16bbcbdb7a78a659046dcc9d264","sha512":"1f63ae9756cdacbb920b5174a689a1dec1ebcc2f67f7132e72124e5949d813127f81795ae457af946174ef4afdad6b9f5fc70df0180a5ff8dd8bcc6a22ff5604","ssdeep":"","tlshash":"9af0c2764610c079520b428b51e187c9ec91394b3c06604ab23c07caaf4ce6f13728a9","size":560,"data":"","first_seen":"2026-04-06T15:45:54.068682Z","last_seen":"2026-04-06T21:34:44.144266Z","times_seen":133,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"1e8bf821bd7baf94726a61d307c756b4","sha1":"8b621122bd3abfb4056381ca1208ebc64677985c","sha256":"ce4b12699f3ba29cbb619a72c7baea42971bbbf86ad4e5780ff549ed21acdc3f","sha512":"9f1f35aa32ca3673d19ee46bba3f263c661c70cb393be41ac5132982f73b72ba6cbbecb5a667a2c5c091cf2513fd272ba4ef1158026088aaaab54fd11c673bcb","ssdeep":"","tlshash":"acf026220220c4796016c3874d6563c6ac51380f2848b00b333c0bcc2f489aa5734953","size":586,"data":"","first_seen":"2026-04-06T15:45:54.069673Z","last_seen":"2026-04-06T21:34:44.145328Z","times_seen":132,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/static/jquery/2.2.4/jquery.min.js","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2f6b11a7e914718e0290410e85366fe9","sha1":"69bb69e25ca7d5ef0935317584e6153f3fd9a88c","sha256":"05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e","sha512":"0d40bccaa59fedecf7243d63b33c42592541d0330fefc78ec81a4c6b9689922d5b211011ca4be23ae22621cce4c658f52a1552c92d7ac3615241eb640f8514db","ssdeep":"1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2","tlshash":"1e83c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","size":85578,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-06T21:15:26.373697Z","times_seen":268204,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"942f47dba3cdecbcfa1648c7a9f64b7b","sha1":"1251b6a3daf82c99ad1bfe7fa20c0d448c9f1c89","sha256":"0a589ebfa9e602389cdceea49c34f07f1469aa686ce920fb42c22af339e994c0","sha512":"cc69669b0806324a7c1f450be91d0feb5a4f9adf2ede53f323aeb887ddfe003499bb8c5ffe7c485cd742a9fc30013a9a49f37e952e94f60b789997ee1c7c28fc","ssdeep":"","tlshash":"e0f0c2664b1680bd422b968755a197caec9125cb2d06600b332c07d95f8cf6e137286b","size":560,"data":"","first_seen":"2026-04-06T15:45:54.070647Z","last_seen":"2026-04-06T21:34:44.148065Z","times_seen":131,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/plugins/AiSuite/assets/common/axios.min.js","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"99714d221df650b50da3b7bf97e2987d","sha1":"493b74178a63429fff2aab081b3a1ca73d362085","sha256":"8ad11c4cb079bba93156727270f510292eedcc0716c6f21725074a59ec8b9b96","sha512":"2520851e12838a54d14577bd6a4fc5276f1d729389c7341a09ddd783c33217a5c58ce0e1cbf60c08cf075b44c50dc90d1d651ec16fa47ef8629f8de12ad27103","ssdeep":"768:Wjp+L+sl7x97+om+oCICTUOD3cQ3F1C+SqImCjL/hQBf/MEVgnyzB/c2OiwBaGcj:Up+b0GUOLMPLJQf/CEB6iwOj","tlshash":"2c33b6cd76d6f06243a77174802f610bf23aad16a44d8460f224ece6bcb854e9337f69","size":52247,"data":"","first_seen":"2024-05-21T19:06:10Z","last_seen":"2026-04-06T21:20:08.902301Z","times_seen":30448,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d643f0747df7014be524d7e8b8b1e185","sha1":"e08d9e002f41888d00091419215d58a05e7cac60","sha256":"1e1c80f4ad62b2bd9e2ad6ec15a40cf1de94dda9897f2318da1350aa03274273","sha512":"d49b5d700931c6c0c12692323d1a46db6b83a35e79f66d3455654c80d3d38a13d699c8accc8f63d7134c30528d9bdedcf2812b0f43573d9edd3c184d8d454e60","ssdeep":"","tlshash":"f6f07d394229847e4893c2c7206447c9ec61394f2c00b10f332c0b881f88e7f5372919","size":586,"data":"","first_seen":"2026-04-06T15:45:54.071856Z","last_seen":"2026-04-06T21:34:44.148654Z","times_seen":127,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"66d0331a542fc6aa972f77f3e1b5b0d4","sha1":"e6712eabcc5f44715f38577a9a61c010e1dda69c","sha256":"f735ba78dc18c654aa03615d7bfd69c1125b55b9178a6e884ef4991d379f6266","sha512":"248558d651944ddbdb52a4592b4eb42e6411677e3374217569dd3a32332526a969cac0c3459cef5b69e426411ceef4f861faf0216138c47b05de8ec820c2e5f2","ssdeep":"","tlshash":"28f0c2324660c07a426742c752b187ceac91180b2c45b88a333c07885f4cdae43b68aa","size":560,"data":"","first_seen":"2026-04-06T15:45:54.072832Z","last_seen":"2026-04-06T21:34:44.149164Z","times_seen":118,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"02eb9d97cbceb5478b14298b39bd1789","sha1":"5d3a231d6d4b3c01c3d2dd281f8958a399d2d3a1","sha256":"5c0049c2d3ab0b3fd033d70892f17f740d497e637eda4b272a8639894b545b98","sha512":"c13f099153622e6d591a70fcc3655ab9329e6b402589a363e5731181a5bb93f1921f3e6cd506e136426ce2bc9a87d72f16bc757efeb56aae9231e2a227b27442","ssdeep":"","tlshash":"7bf026224719807a6163828b486963c7a861280f3c09b10b332c078a6f88aae9261651","size":586,"data":"","first_seen":"2026-04-06T15:45:54.0739Z","last_seen":"2026-04-06T21:37:59.364051Z","times_seen":113,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"6f7bb4b68faf5199f9a4d888c4595c0e","sha1":"835d1666819bf01ee3782de383ab31a5715e7dee","sha256":"b74756d4c2763489aa7f2c5d403b63496a38fc7db0d4670ecbd7555e0feaaf17","sha512":"454a7f4c9129089becf0b3f5f7a568d958ff44b1e7b430920d5174745c960807af7e87355891748f251399b2fd8480b3665cb5d5b9a0db648fa3ba1171f729e2","ssdeep":"","tlshash":"faf0c27a4650807d860b438751f193caec91154b3c06b00f332c4b995f48d6f0372ca1","size":560,"data":"","first_seen":"2026-04-06T15:45:54.075472Z","last_seen":"2026-04-06T21:37:59.364524Z","times_seen":107,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-06T21:11:51.858287Z","times_seen":601332,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"c432956683dadc14c55030607a9c1d86","sha1":"77679444d3446af010ceb48ee3808c6c116ae443","sha256":"fcdaf02170170fac4899a3b46829de3a29d2c2dc3145d8f05e480e8bd5b6e8f3","sha512":"dfb5e84156f31cb87954d46db828eb53eeb28b6c6321962a0b5c9734104752c0bbe170a46d6c38ea0082793838534ae59f7be25f75b64a6317091906c344007d","ssdeep":"","tlshash":"f4f0cd725222d0bd45578387957143c79c61281f6845740f332c078d5fc9dbe9172e52","size":586,"data":"","first_seen":"2026-04-06T15:45:54.076549Z","last_seen":"2026-04-06T21:37:59.365025Z","times_seen":101,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"b226a865d5cf4a93ca63bfbc242065c9","sha1":"3db72983eb90f7694dd213e99a5fa9f05c839ac6","sha256":"247bed867e0baec3070a4f989f94e9cd9b18b88d3f7d3b1804d2fb9d9c7b2521","sha512":"d1e66ec1ccdac595daf73c559e6b408abb87e6f9f43847cb7000fd17d65cad2f07360dc6aeb02cccf93a2927aab9587fc3c96725d7a158b4c9c57ded6dad5d5c","ssdeep":"","tlshash":"9ef0c276c610947f420f468751a2e7caac92195b7c06600a332d07d97f48daf1372c65","size":560,"data":"","first_seen":"2026-04-06T15:45:54.077566Z","last_seen":"2026-04-06T21:37:59.365558Z","times_seen":95,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"a600f709e3e93e6125d1b55f7d0bf7f0","sha1":"b68a721b626e5008d812f3c837a9c8f9f5086bc1","sha256":"f09b73d8232d11a658cbedf4116c3f3f29458c23737e4a894105b6f251d189ce","sha512":"8accf52d8b41b11f974b5d40c4b566f09d8b2e52e6a40e0cb6552f7f93a3941846e9e53bb86af55a7c354b5e3e122b05232bece55db8fe7cb39e1a8c1dbe3082","ssdeep":"","tlshash":"e9f02622426494b9409bc2c7547a43ca9861188f3905700e732c07c85f88e6e9270a66","size":586,"data":"","first_seen":"2026-04-06T15:45:54.078915Z","last_seen":"2026-04-06T21:37:59.366069Z","times_seen":89,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"aec2da8fe9f4d5d0f7d15235ee5eb8f2","sha1":"8f13d7aaa45e13f46ccb2799fa0f507eacec4cc4","sha256":"a375e07cee41bff1d958e8ca4da2d3c74e34fc03d7d1d22c226593a257ab9e72","sha512":"434ab39fb545d517eb1c352949c9877711f0a449a6a516a1c6338731a56a6640eeb5b322cbe9f3d74df07c7be6b1e2f95f6fcb7c1c4fe052e421bd5fd5075fb3","ssdeep":"","tlshash":"56f0c22a4610c47a810f46cb55bd87c9bcd1190f2e05600a333c07985f88d6e1372879","size":560,"data":"","first_seen":"2026-04-06T15:45:54.079936Z","last_seen":"2026-04-06T21:37:59.366595Z","times_seen":77,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"57c764f199612491a561ef4bbc645ea9","sha1":"19ebc941e9226e5a7a14248a02713c56dfdaf3ae","sha256":"138fddf518a353e5abe27f294f6d912ce2a38b1009cbac2c08e15f94e5506518","sha512":"2c4f3790d10b72bb957ed62ac10f0e6da6cd74973402bbdb2e8d391de925c09955c711fdd2c9c58e06c74cbc967024b64b2895ec69e85ce1d2c2a0d007a0be90","ssdeep":"","tlshash":"baf08c720a1a987e455a868b95750bcf9812181f7801740a737e0bca9f4cdbe6232e6a","size":586,"data":"","first_seen":"2026-04-06T15:45:54.081021Z","last_seen":"2026-04-06T21:37:59.367071Z","times_seen":66,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"57322e6b5535ac4599df495bf459a6b0","sha1":"71cf69793ac4a7848b983331a0cfcd20dd8107d5","sha256":"9f1a360d73bfd32b00caee2971d06e271796980eb73551f9f3cb495a76855dad","sha512":"9048b6e1dd5c4d14d4dc604e288acc60ebcfbf32e15179e91798fbc073414e662ef5e437abc3ea08aa2619aafd2984e62ce2c1a5fcfd8aa72b6c7cbd324c6b5c","ssdeep":"","tlshash":"0cf0c27b9611847d420746c751e99bcaace1154bac05a08b332c07c86f8cd6e6372cf6","size":560,"data":"","first_seen":"2026-04-06T15:45:54.082128Z","last_seen":"2026-04-06T21:37:59.367536Z","times_seen":59,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"c2de0bde5da2115026ae9994da80542d","sha1":"89cd242844ba532d2e8dfa0e2cec5089c22a47ba","sha256":"73673bd54e355050acff59c1cf70b60606d9d7f9d4ab15b414e9c079f73deb40","sha512":"554f431770798684e4fc589781aa3c8e3f69d73b4d49f8ca784349a09920c034adcf81dc6bfd0eba12f2cdddecbe0da7c6fa5392369569c0a61211eaa67e648d","ssdeep":"","tlshash":"4ef026234226807d0a97828b50b053c6a8a1280f2804710f332c079c5f88cb95321576","size":586,"data":"","first_seen":"2026-04-06T15:45:54.083406Z","last_seen":"2026-04-06T21:37:59.368026Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"e931fc2240fb225d006a07ad3ffdc3a8","sha1":"b007b5d926f2a1bd56a9c30024a6dcfe7abac2af","sha256":"5f752f5fda0f13b86439c608fa41aae3233c2e767fe77f736597ed0ded83bdac","sha512":"a340fb542bd417c198767f93a4732f2fb19fb2c3c4855cf7c9ba93b03eebceefd19ca3e44b5dbf7936f0ecd2eee2fa911bc670bb3568ac56029c3b6d72c86a70","ssdeep":"","tlshash":"1cf08c274a10807a42eb828761b187c9a891140b2c45640e732c17883f4ce6e02728aa","size":560,"data":"","first_seen":"2026-04-06T15:45:54.084552Z","last_seen":"2026-04-06T21:37:59.368474Z","times_seen":36,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/js/7.10.0/tjtag.1.0.0.js","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3111eda304ef3be26a54481dbfb87094","sha1":"2579254dedf7c2770893a2fd605a43427e681efc","sha256":"ceda9607e78b14071873c808a43d905ed61bfbcb8cdf254205410b4279bcafd8","sha512":"49891e75ffa2ca146ce093ce4945b27427103a327700062c8fad4a6d48aedc1738f26acbbeb8505832d9e5c9c584ce81ccfd90576b356d59be57042297e74080","ssdeep":"","tlshash":"8e11216d3e4230e94a4e63e87f33d786d019ec922180b801f1166c00fe5082df40ba36","size":1000,"data":"","first_seen":"2025-12-16T15:53:37.581333Z","last_seen":"2026-04-06T21:52:42.303161Z","times_seen":6641,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d06ff6ba7bb60f8556658eefbd6d1ed2","sha1":"149583efecb1a204688824f6304a36ae61a0ca0c","sha256":"fc76a4f822a934c38eda7b66630307f5a25ec1a8301999a169ed5e0bf6a798b1","sha512":"04afab62c365eadc8df4583723ca73408971625d71f54e08dd911ca66a50cf1ea73a753cdbffe1f77d678a20a8f1f8e70a0ea8e93c6348d254ca75c3f3d369ce","ssdeep":"","tlshash":"53f08633426680794a57c287557103c6ac523a5fb845b00e733d0b885f88daa2262951","size":586,"data":"","first_seen":"2026-04-06T15:45:54.086473Z","last_seen":"2026-04-06T20:53:00.521321Z","times_seen":26,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"a7422f7bbd49b048199ecf187e282e13","sha1":"a7a830a670f05e557a6184bbb1657d8bb3929da0","sha256":"61da419a984a0fb560488fff23195e77946e395b0c06fb8010a84312c90b57bb","sha512":"b70236508a6ee1db4f8f075bf2490b894c42832ebf8fc1495a73a8cee6a05fd3e5354bd007293df5b30856ef83e6732f52b5a42070549b5f1aa2d8ea8d230f40","ssdeep":"","tlshash":"eef0cd754610c47d415b418741a64bcaec92151b2c07b0ca723c07855f4cd6f0373872","size":560,"data":"","first_seen":"2026-04-06T15:45:54.088122Z","last_seen":"2026-04-06T22:02:33.327442Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2026-04-04/8b92c321e3cf3990edb0a7ae0f121f1b.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.572Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-04/8b92c321e3cf3990edb0a7ae0f121f1b.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 04 Apr 2026 10:25:04 GMT\r\nEtag: \"75f10b7b10d237f65701f2ba4cd0f160\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 04 Apr 2026 10:25:05 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 47427\r\nContent-Length: 243872\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 7031838777285604099\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":243872,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"75f10b7b10d237f65701f2ba4cd0f160","sha1":"9a345f23ec749b16f77e9e2268fcaa76dc207def","sha256":"d2ff23efb11bb7babc7218da09e45e5de163e8636c4d8b138babecdde1ea19ed","sha512":"3fc535e7dde7eb45bdfa4cc75d1d851f932e52dbedfd2f1c440681056c5616d948dd1ef4e10a9c2ae1ba38d6d1ddac0c9de3d23139af1322f4a5931589a011f3","ssdeep":"6144:HjXSQ3IS3rvVRw6rKNP6ybJak2sBRvSU752V8bYg:rRT7dRwxt6ybJYv+5Ag","tlshash":"183423a2e1f2d669058c1d72512799e1d7cfe1ec70e562cda7e4c8e60381d822f7f690","first_seen":"2026-04-04T10:46:05.491268Z","last_seen":"2026-04-06T21:45:50.036193Z","times_seen":6375,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2026-03-01/65e8a85b3114aa59613a126ff1708de5.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.808Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-01/65e8a85b3114aa59613a126ff1708de5.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sun, 01 Mar 2026 07:14:07 GMT\r\nEtag: \"adcb1db33f4a184c0af8339266cf5260\"\r\nContent-Type: binary/octet-stream\r\nDate: Mon, 16 Mar 2026 16:26:20 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Miss from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nContent-Length: 279856\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 15945085012366937\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":279856,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"adcb1db33f4a184c0af8339266cf5260","sha1":"1d165d534628185acd0e20d1fc42002fb99db090","sha256":"946a0467fc1aab75b9b4835b41bf3159e87cf4a681b0d466ff4351e6b47002ab","sha512":"305072ec0c6ecadf427596d2a938d7af4de5948884b14abefc479490ddf680671f2b143f266cc1b710a1eab8f7e8ba07950a65a8eefc7cdf484ce2b60b37d285","ssdeep":"6144:PQ1+mLNRW8vQTvN3e8qx/UdjiItHcvBZBcDVs+xp02Oqbz6:Ic0WKQTFu8qFU4IOv7BcDVs/Joz6","tlshash":"13542325a249c4c9502ccb48525beedb67e1e81f2f1a3744b0e870ed9d6e19ce5c06fa","first_seen":"2026-03-01T08:27:11.685811Z","last_seen":"2026-04-06T21:31:45.135425Z","times_seen":7853,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2026-02-25/e53e1cb975ce3e81a8ddd8f23beee2bf.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.827Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-02-25/e53e1cb975ce3e81a8ddd8f23beee2bf.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 10:54:04 GMT\r\nEtag: \"b328c0c7d21077dcc512724fb6fbd3a0\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 10:54:09 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 53\r\nContent-Length: 343744\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 2883548112349063083\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":343744,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"b328c0c7d21077dcc512724fb6fbd3a0","sha1":"9c4cf075979de4b4bb02a22ac07d15f603154c73","sha256":"8ffd21d43f6ce8070ae9c78f2ef752d5f1bf8ef1cd65358fe9b7a361940f61c8","sha512":"73a56db882e239eff6b0e1b8c9a3c2c0e71257b1ba8b15805c71f1e63449503b40bc0e78f6077ac0618570ceced37dbe5c697c4c5ed477ad13f1481a2d5e8da7","ssdeep":"6144:NAqzpp4tb+UBk8NlKEAkkf2ehkPDH+7+m3OJSdWUiHxB9eJhHQvuFzFxgwAT7D9M:dpOHBTNUzf2zcSUiHxBQHfF6wAT/KcA","tlshash":"c774237314d928aea8e7c82c697b473311fcfaeb64387f5346de5bcd25058d104ea84a","first_seen":"2026-02-25T11:08:48.248298Z","last_seen":"2026-04-06T21:25:12.310942Z","times_seen":9290,"resource_available":false,"data":null}},"time_used":53,"timings":{"blocked":18,"dns":0,"connect":0,"send":0,"wait":26,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2026-03-31/d4fed4abe9405fc7bda6b07b468bdcd2.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.846Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-31/d4fed4abe9405fc7bda6b07b468bdcd2.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 31 Mar 2026 14:24:49 GMT\r\nEtag: \"23e14ae135d945cb5069fe0cb5761a85\"\r\nContent-Type: binary/octet-stream\r\nDate: Tue, 31 Mar 2026 14:24:49 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 24\r\nContent-Length: 1646000\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 1983755897542098186\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1646000,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"5907e342d8f4e47ce7a44e2c866a1adb","sha1":"bbc1c2f20f5b2e0c9e940dc9362f331a59da8d85","sha256":"da7b5803874753c5f11c17dafd2d243f68852437900ad645a127dd0a72ed8139","sha512":"46acee073c581eead9fc4f78341b1026e12b98cacd382664f01cc7cfbec3ad44575c24f49da67970f836513a80a91c518a0d8dcd1e80a76c2d40186bb9b3101e","ssdeep":"24576:34si4YRc51suwtiNy25JSo+ylKRoVOxWnK3bGjksuCV6:3414LmtiA25J0VRoqWnK3bGjgC4","tlshash":"e8253389bc22c391c78f63181dd0e39ebdbbd985571a34d3d82d9d89addb6811a230dc","first_seen":"2026-03-31T12:32:32.340747Z","last_seen":"2026-04-06T21:37:59.316279Z","times_seen":6384,"resource_available":false,"data":null}},"time_used":343,"timings":{"blocked":55,"dns":0,"connect":0,"send":0,"wait":17,"receive":271,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/plugins/AiSuite/assets/js/user.js?v=14","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.141Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/plugins/AiSuite/assets/js/user.js?v=14 HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 4274\r\ndate: Mon, 06 Apr 2026 18:38:49 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Thu, 26 Mar 2026 08:53:48 GMT\r\netag: \"69c4f41c-3eb2\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: B9vRm1IvHv-7fxFtEHvX2Uw6iTTB1W76ElQhwY1vuIeVksPAuLAOFg==\r\nage: 98\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":16050,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"8d95cebf26c81a43cc2db9bb3dd2bd4c","sha1":"734e62d7f43f72a137ade8e66e38f693b6256bae","sha256":"1d534de6c385ea7ae90712551fcfea20e61bab348af7745882685635c4f17feb","sha512":"9b60e85ae53d50b4dcc763e6146314244c8651ab93263f2137a135982eaf0b223e054c9fb735dc8ecba2d98c2ae4df2146588c34e321bca7f9846a109210cc77","ssdeep":"192:G4pcNs9UU7MENyT7ACneMrr4bUDUrMVCr1JB7yifGQ/FoWjxk0vwnaI3QUGMugCA:G53Kmuj/J6KUBn","tlshash":"c562730ab1f905624b5361b06b9b2204713195072a0add1c3e3d9bd82f5ed79c2e7bef","first_seen":"2026-03-26T09:29:38.978452Z","last_seen":"2026-04-06T21:31:45.114947Z","times_seen":6147,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-P6HKH41365","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.143.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:26.955Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:36:32 GMT","end":"Mon, 08 Jun 2026 08:36:31 GMT"},"fingerprint":{"sha1":"F1:EC:3B:52:4B:66:50:1D:0B:50:65:93:DD:B9:FD:40:BF:2D:6E:7B","sha256":"46:A7:13:4E:73:FB:45:6B:0B:73:AF:6C:C5:72:C7:83:79:46:1B:0D:3F:B2:A1:0C:AD:70:4A:EA:1E:4A:D1:2B"}}},"request":{"raw":"GET /gtag/js?id=G-P6HKH41365 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Apr 2026 18:40:27 GMT\r\nexpires: Mon, 06 Apr 2026 18:40:27 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 168440\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":519831,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"bc8f907e8b8aa4a25b192c45d221bd8f","sha1":"b429ad1ff8f187086ec3716927fb683bb214204c","sha256":"56c78c7a1a2aeaee739c16628f5a5a02f5f2243a14bec6b8289049c07c30459d","sha512":"1a65eeec1cf4b41231657a929b62410c05ca7ee45b8f7529a4ffa93f00c46705e2b793613f5a2d7743ca3d31e24f0563e616fca1b2c5daaf6a8420662fc94555","ssdeep":"6144:GxOsP1r/F1KkX3t5SZEYGeOkdWYi8+WzcQqXEJ4XKHU4tvRzE5kzp:i//KkHmbdW98Igll","tlshash":"3db409ceb3d674225296f478903f01cba97b35e2b45cc8aab189cce02d3465a5177f78","first_seen":"2026-04-06T18:31:09.522498Z","last_seen":"2026-04-06T19:16:22.420927Z","times_seen":4,"resource_available":true,"data":null}},"time_used":672,"timings":{"blocked":272,"dns":0,"connect":24,"send":0,"wait":33,"receive":64,"ssl":276},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/images/x.png","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.035Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/images/x.png HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 758\r\ndate: Mon, 06 Apr 2026 18:38:52 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Thu, 26 Mar 2026 08:53:44 GMT\r\netag: \"69c4f418-2f2\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: mfolVZEzDnpZyB_vYYxt17iD-ABSPdXuLOFstckSY0KIWOsdMe1y5A==\r\nage: 94\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":754,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 84 x 84, 4-bit colormap, non-interlaced","md5":"e8c4a2f11a54a236d01be9d480bc6416","sha1":"60c3df5c18916d70592285db2870114ed8884a09","sha256":"bf7dfa326c23f9d45ce5b96e8b614ed975104ab649ad7c8ee20e9f09be632ed0","sha512":"04a77830842646fd45b2a03f6c7c4919049787a2bbde091024e677edc8884102b9165737d1ec97abbb504ab207f53a840d4c29ee6b4672ea1e0e276fe3d7320b","ssdeep":"","tlshash":"aa0199a6c0990d56f96964fae75fc045e9b11d905d100407dd16f41d68ba2b245c439f","first_seen":"2026-03-26T09:29:38.990317Z","last_seen":"2026-04-06T21:31:45.034036Z","times_seen":6144,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/css/7.10.0/fonts/fontawesome-webfont.woff2?v=4.7.0","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.323Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htyrz1.zgiwnnh.cc/usr/themes/Mirages/css/7.10.0/mirages.min.css?v=20251216\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: font/woff2\r\ncontent-length: 77160\r\ndate: Mon, 06 Apr 2026 18:30:18 GMT\r\netag: \"64b11d97-12d68\"\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\naccept-ranges: bytes\r\nlast-modified: Fri, 14 Jul 2023 10:04:07 GMT\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: HXfeO9m3hHhHxpMntmwO_J-ZTtt93JcFSuQnWdXIE4Gunp8I8U8MHQ==\r\nage: 609\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":77160,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 77160, version 4.459","md5":"af7ae505a9eed503f8b8e6982036873e","sha1":"d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c","sha256":"2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe","sha512":"838fefdbc14901f41edf995a78fdac55764cd4912ccb734b8bea4909194582904d8f2afdf2b6c428667912ce4d65681a1044d045d1bc6de2b14113f0315fc892","ssdeep":"1536:/MkbAPfd1vyBKwHz4kco36ZvIaBfRPlajyXUA2jVTc:L0nXnHdfRVEAS2","tlshash":"7d7302e63b6c4943e03d6460708abe9f104b3ab42fe057e5c876db7f2722992b71552c","first_seen":"2023-04-05T03:30:47Z","last_seen":"2026-04-06T21:12:22.198415Z","times_seen":416366,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn//upload_01/xiao/20260331/2026033114114071380.jpeg","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.549Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET //upload_01/xiao/20260331/2026033114114071380.jpeg HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 31 Mar 2026 06:11:45 GMT\r\nEtag: \"0d379958a310932297dc0e6eefd9af7c\"\r\nContent-Type: binary/octet-stream\r\nDate: Tue, 31 Mar 2026 06:17:56 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 666\r\nContent-Length: 127280\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 306246602875836654\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":127280,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"0d379958a310932297dc0e6eefd9af7c","sha1":"c8e9558732dde4035c5feaed8406466b109cc61a","sha256":"f7654a7d2739602bc78c5760b93f9b9a6d6b380cfd5d194f44467d3cfc138d58","sha512":"d6a4caace99f5a2c1bf751b1ecf73841e19eb6d5b142b25a4ca1e36a99df880b52c5a462afdc933241c9449209d0fb2f8d0b539f41a78d4f40b021b9ba2e1aee","ssdeep":"3072:rhWV6d0GBaLUssASv/+uTcJa1O5CvHOue9ORdQjZmGqNonql8y8:rhWV6dNBavCTs2O5CPOuesRdQaUny8","tlshash":"a0c312c451c70d012132dd5afd971b6e0d690ce1a81ba3b4b60856f582a382a56bffff","first_seen":"2026-03-31T11:27:31.472601Z","last_seen":"2026-04-06T21:37:59.314348Z","times_seen":5386,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/upload/xiao/20240424/2024042420520426003.png","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.921Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /upload/xiao/20240424/2024042420520426003.png HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 24 Apr 2024 12:58:09 GMT\r\nEtag: \"51419f3b333d8eb4ea1815f60c5aa1f8\"\r\nContent-Type: binary/octet-stream\r\nDate: Thu, 09 Oct 2025 03:12:05 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 83847\r\nContent-Length: 480\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 1286605919746515480\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":480,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"51419f3b333d8eb4ea1815f60c5aa1f8","sha1":"73cca655def494d52431bf6b70b03a53d2266047","sha256":"b940f4a6ea758b9ffaa1a7cfaa9ab6d08ae73e2fb77b30c60b15fb64200af77c","sha512":"ccf724c3e0eb4f5a6a59a5ae7dd96089f9b2d89b82330d6dd64f0baa9286666be0eda76656715f2290203f5241dea851a59823eb18b1ef8ea42fc5b2c2a018bd","ssdeep":"","tlshash":"c4f0540ddd7b01e4efcc28304d03950b71ba3e2947016f2c234f89e21d1d1c41195815","first_seen":"2024-05-03T10:06:21Z","last_seen":"2026-04-06T21:31:45.072172Z","times_seen":20796,"resource_available":false,"data":null}},"time_used":48,"timings":{"blocked":39,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"region1.analytics.google.com/g/collect?v=2\u0026tid=G-P6HKH41365\u0026gtm=45je6420h1v867709946za200zd867709946\u0026_p=1775500827136\u0026_gaz=1\u0026gcd=13l3lPl2l1l1\u0026npa=1\u0026dma_cps=a\u0026dma=1\u0026cid=604148270.1775500829\u0026ecid=1693798944\u0026ul=en-us\u0026sr=1280x1024\u0026frm=0\u0026pscdl=noapi\u0026_eu=AAAAAGA\u0026gaf=2\u0026_s=1\u0026tag_exp=0~115938466~115938469~116991817~117266400\u0026sid=1775500828\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2Fhtyrz1.zgiwnnh.cc%2F\u0026dt=51%E5%90%83%E7%93%9C%E7%BD%91%20-%20%E5%90%83%E7%93%9C%E7%88%86%E6%96%99%E7%AC%AC%E4%B8%80%E7%AB%99%EF%BC%8C%E5%85%A8%E7%BD%91%E6%9C%80%E5%BF%AB%E6%9C%80%E5%85%A8%E7%9A%84%E5%90%83%E7%93%9C%E5%B9%B3%E5%8F%B0\u0026en=page_view\u0026_fv=1\u0026_nsi=1\u0026_ss=1\u0026_ee=1\u0026tfd=2465","fqdn":"region1.analytics.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.239.34.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:28.877Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:36:32 GMT","end":"Mon, 08 Jun 2026 08:36:31 GMT"},"fingerprint":{"sha1":"F1:EC:3B:52:4B:66:50:1D:0B:50:65:93:DD:B9:FD:40:BF:2D:6E:7B","sha256":"46:A7:13:4E:73:FB:45:6B:0B:73:AF:6C:C5:72:C7:83:79:46:1B:0D:3F:B2:A1:0C:AD:70:4A:EA:1E:4A:D1:2B"}}},"request":{"raw":"POST /g/collect?v=2\u0026tid=G-P6HKH41365\u0026gtm=45je6420h1v867709946za200zd867709946\u0026_p=1775500827136\u0026_gaz=1\u0026gcd=13l3lPl2l1l1\u0026npa=1\u0026dma_cps=a\u0026dma=1\u0026cid=604148270.1775500829\u0026ecid=1693798944\u0026ul=en-us\u0026sr=1280x1024\u0026frm=0\u0026pscdl=noapi\u0026_eu=AAAAAGA\u0026gaf=2\u0026_s=1\u0026tag_exp=0~115938466~115938469~116991817~117266400\u0026sid=1775500828\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2Fhtyrz1.zgiwnnh.cc%2F\u0026dt=51%E5%90%83%E7%93%9C%E7%BD%91%20-%20%E5%90%83%E7%93%9C%E7%88%86%E6%96%99%E7%AC%AC%E4%B8%80%E7%AB%99%EF%BC%8C%E5%85%A8%E7%BD%91%E6%9C%80%E5%BF%AB%E6%9C%80%E5%85%A8%E7%9A%84%E5%90%83%E7%93%9C%E5%B9%B3%E5%8F%B0\u0026en=page_view\u0026_fv=1\u0026_nsi=1\u0026_ss=1\u0026_ee=1\u0026tfd=2465 HTTP/1.1\r\nHost: region1.analytics.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: null\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\naccess-control-allow-origin: null\r\ndate: Mon, 06 Apr 2026 18:40:28 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:178:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:178:0\r\nreport-to: {\"group\":\"ascnsrsggc:178:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:178:0\"}],}\r\nserver: Golfe2\r\ncontent-length: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T21:11:43.744211Z","times_seen":13437525,"resource_available":true,"data":null}},"time_used":155,"timings":{"blocked":68,"dns":0,"connect":14,"send":0,"wait":17,"receive":0,"ssl":50},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/css/7.10.0/fontawesome.min.css?v=20251204","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:26.957Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/fontawesome.min.css?v=20251204 HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-length: 25461\r\ndate: Mon, 06 Apr 2026 18:38:49 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Wed, 07 Aug 2024 14:34:37 GMT\r\netag: \"66b385fd-18f6f\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: gVNRVMwgtgyn76iGanRFsso5hq_563qqxT6k-gvP007plPSqV_BpKw==\r\nage: 97\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":102255,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (62333)","md5":"35c423c7a0a87e2e4f3646e582e2dd67","sha1":"aa640d874aaf84764c2a4c94290624166fa81d2b","sha256":"98e7ef32e76852a8a836cd1ca9efd953628a0cc8739f7d847ea87ca525db73ae","sha512":"d81bb1c55dfe6108d57f19f8aa37dc01f770ce9ccc16d0519710a1dfbcd0da6c9c71d85ca1a940aec83c81b5124aa2c6fb9ac0409517e38db02734300b006d8b","ssdeep":"1536:E6MnM+M8MMMtMFM/QS8EfluzvQrp6mQzsWdCENdA9tVg9:/pfluzYQmQzsn8dA9ti9","tlshash":"b4a339f8e48905e8a372c84fcb55b36c663afb70d5425c81f10f9a4d8ec2b5815dab2d","first_seen":"2024-08-12T04:36:20Z","last_seen":"2026-04-06T21:25:12.329426Z","times_seen":22222,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/plugins/AiSuite/assets/css/index.css?v=20251212","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:26.973Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/plugins/AiSuite/assets/css/index.css?v=20251212 HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-length: 10214\r\ndate: Mon, 06 Apr 2026 18:38:49 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Fri, 12 Dec 2025 04:31:36 GMT\r\netag: \"693b9aa8-eb78\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: -sK2TgGpJdY2EonYrn5WN_PaYxRdBCPZAZQXmUFahOoD4FRZE38kng==\r\nage: 97\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":60280,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"eeee4a364f1d03a38de7fa7d93145fa5","sha1":"42d0408a60d2f71c2cabcadfaf9644c7e66fb8e5","sha256":"5b95e1df2a0900e6f4ff021f20333df104b13e7f14aa5d76f2dc4d95441b8521","sha512":"1bfdc8f504b9a529bc4244592b48ab8dd0cbdb048db7890c3f876d85f8825af5ad84c1b8ffeb23cf55126c815ffa308133173e6ea6568cbed955390f40bcc9dd","ssdeep":"768:pB3/VjKqjwp5G9ftXhudyF23LeBKQRQqQoURvKFxXRC/YeJh:/JhudyF232KeBORvKFxXRC/Ye3","tlshash":"6543440426230904789795babf7b17c56258c087cd0ac96d7fcfe649cf8e128b5b6bc9","first_seen":"2025-12-11T05:08:28.58001Z","last_seen":"2026-04-06T21:31:45.094521Z","times_seen":13771,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/images/logo-2.png","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.023Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/images/logo-2.png HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 3929\r\ndate: Mon, 06 Apr 2026 18:38:51 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Tue, 22 Jul 2025 12:20:29 GMT\r\netag: \"687f820d-f55\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: o-PsF8qzXR7x3hPCk5td9YxsBdSKpNPpQ8-8m51mCMPElCvYSTetPA==\r\nage: 95\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":3925,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 264 x 78, 8-bit colormap, non-interlaced","md5":"1bb369107c5b5cef8e13d2b8a3ac6b41","sha1":"6dc85fd0c3b5706dfedd89307330c1aa928d1c08","sha256":"38f665614823a4fa0265c43f274a286219775d73b0964f1d42dcb4d669c84963","sha512":"21f2d3637669c713839a80ec2d6a48f4c265b4d4ca77da6709e9f842fd32e64a1d8860646d13677e30ce3b28acc40bd1dc9c4289dae10cf6f89680a77792443a","ssdeep":"","tlshash":"86816d609ef35ccb1cdbf81e2b21f250b07a7da927f646a3c230c1126c1971438579e9","first_seen":"2025-07-12T04:18:50.913032Z","last_seen":"2026-04-06T21:31:45.048395Z","times_seen":20863,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn//upload_01/xiao/20260402/2026040217301365319.jpeg","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.440Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET //upload_01/xiao/20260402/2026040217301365319.jpeg HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 02 Apr 2026 09:30:19 GMT\r\nEtag: \"7a38bccec31228a19530a040ce4c1c5b\"\r\nContent-Type: binary/octet-stream\r\nDate: Thu, 02 Apr 2026 12:30:58 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 347\r\nContent-Length: 210192\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 12257407264340912848\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":210192,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"7a38bccec31228a19530a040ce4c1c5b","sha1":"abb851ab77711a271dcaffb0847abf442df01100","sha256":"c3da7448340dcd8db9bd33630dd7262550a7a34ca69532720426c523f4c966fa","sha512":"b3a21456246b57fca3ea931e488b6fa29b95838957ebdc83618c387bef3fc5aec50a68db4e0412c203efa429b47ba04445bcd2779ffcc21c62fa1fe1d3f5172e","ssdeep":"3072:nXA/zmME7fUUtdWN5w5sxyqh06v1fvnpafqugdoriRfVhgxPqQ2cj:nw7mM4Fd8w6Dpv1fvYSuWDIxiQ2cj","tlshash":"9b24128ac925d579bdbfcc60b17e249c7a9542fa4c927b0a31532f7c782e500a62f47c","first_seen":"2026-04-02T14:37:00.701926Z","last_seen":"2026-04-06T21:37:59.260191Z","times_seen":5168,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2026-04-03/90e567b7a28f119a0da93b420f0d4708.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.585Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-03/90e567b7a28f119a0da93b420f0d4708.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 03 Apr 2026 08:00:46 GMT\r\nEtag: \"4f877f2f895fbc28f70ea6276ff69397\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 03 Apr 2026 08:01:53 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 480\r\nContent-Length: 1369824\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 4249787532792629097\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1369824,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"18a0c62a2a0c392314a53038b0ae7939","sha1":"234a8e9cf07832918960d716f1ec26f048e98278","sha256":"3bd5e01abef3a44aecde650e21c920ae947a28ca137d92568c34e62e40e921d0","sha512":"8e929ac32684bfb8d304839989c9ccf16872d46fe972ad08e66ad42895bf0aeb18eabda9a1b2aac21fdad5b603b2ed4a4881fdcb70b09b3cbc3df61e54fb2059","ssdeep":"24576:cZfYVxkRqYsZMVHCvJW7+LVJ65Uj2l9AeKc29+E7YPyWVq7V2cxwC:cCrWqYxivc7yu5UjyBPE7HQEwC","tlshash":"d325333e3e21c1c6b544b23054c31495b870a1b26ddbee25fcef9eb8920a416d56f37a","first_seen":"2026-04-03T08:12:48.792344Z","last_seen":"2026-04-06T21:37:59.337571Z","times_seen":5166,"resource_available":false,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":93,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/upload/xiao/20231025/2023102511321596540.png","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.914Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /upload/xiao/20231025/2023102511321596540.png HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 29 Dec 2023 10:47:00 GMT\r\nEtag: \"17bd572f88a1fee3c902a691acdb8574\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 25 Jul 2025 17:52:19 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 63000\r\nContent-Length: 608\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 6146770454172978073\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":608,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"17bd572f88a1fee3c902a691acdb8574","sha1":"1dab6e54398b54b5b1082bb52a6ebf923434826b","sha256":"8c6a0267279f65b90e630d1f0c58c2d29b793c05aac1b343b0c10b77eb4455c1","sha512":"92c347130852ae789476448e289de577641145551258eb0fe4f263fe2011f36775d4c775da4898f413948943c1b5f92abe09703effd88b3fca236d0654ba2f76","ssdeep":"","tlshash":"e5f0b71c829184fd618009947cbfcd43005da6ef5dbd0321f14a17505cede0ec6e262c","first_seen":"2023-10-25T11:55:10Z","last_seen":"2026-04-06T21:31:45.082159Z","times_seen":20846,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":23,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn//upload_01/xiao/20260323/2026032312511538215.jpeg","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.629Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET //upload_01/xiao/20260323/2026032312511538215.jpeg HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 23 Mar 2026 04:51:20 GMT\r\nEtag: \"c46c3245bf26f1e161ca0b0f5fda10e9\"\r\nContent-Type: binary/octet-stream\r\nDate: Mon, 23 Mar 2026 05:23:49 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1650\r\nContent-Length: 113744\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 13326679660784382888\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":113744,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"c46c3245bf26f1e161ca0b0f5fda10e9","sha1":"271614ee6f316c9d1e0831498daff791101a90e8","sha256":"a353e649ca32e8875cc02fe0237dacb0cd823ce92d9a9eb82b5bb9def2a69ced","sha512":"1a40cbb387c420108d6441faf28d522a2ea6faad3d4d6b091ef19054ec8b46868b59c21a4957fd67627b81ab9ec4423d4140cd979e9f78ebd766ead1f3a704cf","ssdeep":"3072:zzxBDGsiu/DnndQyC3e9Dj/XqZDM/IK8rjtGrx:zzxpniInPNj/X2DSN8rjsrx","tlshash":"b8b31299b48a4aabe184b2355688d1f0ead210f56f127c475f0db63fdc492d034b7db2","first_seen":"2026-03-23T06:49:31.573045Z","last_seen":"2026-04-06T21:31:45.107195Z","times_seen":6313,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2025-12-30/b0b6d72cb3831e4af86d892f5322f51f.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.845Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2025-12-30/b0b6d72cb3831e4af86d892f5322f51f.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 31 Dec 2025 11:30:36 GMT\r\nEtag: \"4d4782772c66197e7bb72273464acbcc\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 31 Dec 2025 11:30:36 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 182\r\nContent-Length: 266704\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 8338521974821401086\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":266704,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"4d4782772c66197e7bb72273464acbcc","sha1":"bb5180f3a210440991063df7c71a5f2a73235d66","sha256":"d1b7c5ceaec125a25f11bc63a88adefca0ebf8d4fd47586ac9e5e8c86d94c10a","sha512":"a9f581a25de284a7a4496c8d4f601f60b686cf7048ec0b9015e3131fbdef9e6a43af3c91fe84ba4e7335f516bfc38e28f07580bed9393be30a0943bd41ed2185","ssdeep":"6144:HZHcEA6bo7O9Do4nLk2E//R/+YFihoUDtUeZ7:HZ8EzSOhos4DWYFihoUBD","tlshash":"324423cb5875e0a1541ffa2ee80de01da06ad1fd46e4dda886adf2c53f13805c1f2a8d","first_seen":"2025-11-23T05:10:59.088648Z","last_seen":"2026-04-06T21:22:32.099707Z","times_seen":19515,"resource_available":false,"data":null}},"time_used":92,"timings":{"blocked":56,"dns":0,"connect":0,"send":0,"wait":26,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/upload/xiao/20240424/2024042420561566169.png","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.931Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /upload/xiao/20240424/2024042420561566169.png HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 24 Apr 2024 12:58:10 GMT\r\nEtag: \"e8ea473291e2351d50cd83d799e46e4d\"\r\nContent-Type: binary/octet-stream\r\nDate: Mon, 10 Nov 2025 00:51:48 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Miss from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nContent-Length: 880\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 18410751375006000414\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":880,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"e8ea473291e2351d50cd83d799e46e4d","sha1":"9339cfb3c5d3ec47c8d7b0abbc42bd80e758aad6","sha256":"7876d5dcedf4ab2894859fdebeeed291c05a294537f95f48f01ce69ca66f4a82","sha512":"fd5e7d6c70dcc183e5ac17efbb6a7dddaa5b441c2cc40a53fa4e8b544a86b8450464af25a6d4434cff846bae456aa9c9abd4d138abdb448213b1ed248ee8eeaf","ssdeep":"","tlshash":"d1111a3300670655367ea34d8ee35f9c52583c194903acbce30e8ec787078129707b2b","first_seen":"2024-05-03T10:06:21Z","last_seen":"2026-04-06T21:31:45.075221Z","times_seen":20831,"resource_available":false,"data":null}},"time_used":48,"timings":{"blocked":39,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/images/close.png","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:26.984Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/images/close.png HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 332\r\ndate: Mon, 06 Apr 2026 18:38:51 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Tue, 22 Jul 2025 12:20:29 GMT\r\netag: \"687f820d-148\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: ihAe27ghLvTKvBNGcaeC0MJOllnhep7q4lx6Lz-g56vZx_aUFPzegA==\r\nage: 95\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":328,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 30 x 30, 4-bit colormap, non-interlaced","md5":"215a1e584cb0039d319ffd69d9df0e51","sha1":"8a3d3e65a0260d286373b8882487a0ac6a9724c7","sha256":"f4693ad8590376075c38055091de94c7ae92b5abc56182861a53e76c4bc8feb5","sha512":"0b5aa0817a7205e14f38c93038490f57956cc5632a6c50db1e84fe5e9e5b0df100a3ea41c6178ffdba66fc59f04a0cdb479ba5b81d505e7327e60334e7870f67","ssdeep":"","tlshash":"b4e07d93fc7aad38c6caa133b7a4819196bcab7e6564992f2e530169806804d9445318","first_seen":"2025-11-17T11:08:20.211585Z","last_seen":"2026-04-06T21:22:32.059225Z","times_seen":16993,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2026-04-01/7599bba208a7b244eb73fb465899dd3f.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.709Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-01/7599bba208a7b244eb73fb465899dd3f.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 01 Apr 2026 12:30:38 GMT\r\nEtag: \"edf5cac1a01801285511078ad3874636\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 01 Apr 2026 12:32:37 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 59\r\nContent-Length: 319040\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 18405068716519802132\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":319040,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"edf5cac1a01801285511078ad3874636","sha1":"394cacdd81129d1fb0f0cde5cdc43d03a1082394","sha256":"f6f0dc5b529a90845651a585edd06b749afbb810d7c3dbc674c16e2f4d90d12e","sha512":"cb89264f8eddd68f91497658ec137d25d73119d1ecbf8c1c26cf5066548f1323898e671d06af04f8ca2e278fb3ecf4b08c4daf0a740b5b05dc7c7d0e36fe9e79","ssdeep":"6144:d8cqwwzLykrcT7P2UpRpK4h7DRcO57gR+OEDDvDDEdHfB1DbRuyFfy5gyp:dSwwzLHfyRPuk7gREjDEV3nKWyp","tlshash":"7364234b28d460d2d1c8faa2000d4a1a93cd47547867be16137e78ebcbf7e173a9971b","first_seen":"2026-04-01T13:33:09.049351Z","last_seen":"2026-04-06T21:37:59.29375Z","times_seen":5747,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/upload/xiao/20231026/2023102620184288771.png","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.922Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /upload/xiao/20231026/2023102620184288771.png HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 29 Dec 2023 10:52:07 GMT\r\nEtag: \"f1b7329bb20d3bf35a27caaae871c85c\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 26 Jul 2025 05:35:41 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 20798\r\nContent-Length: 816\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 5307272404481728868\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":816,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"f1b7329bb20d3bf35a27caaae871c85c","sha1":"3b3791ca288fdad4cef0b48cd6081aed157b521f","sha256":"c6cd5ff057ebb6c6b3686110e90c6f1d61283197527b89a571a008bfc98aac30","sha512":"41bf59a3cb85338b083881001d96d59f51aebfdd62b60611487455d6b763ddfd3fd5bcffd159f7e616126d25e515521ab929027cda0011aab15fd0a9d73e9a98","ssdeep":"","tlshash":"5e01868cbc48f9d99929e10dd1880d73a890662b166e0cb13485ce6cbc8551c41d02b7","first_seen":"2023-11-12T15:49:18Z","last_seen":"2026-04-06T21:31:45.12517Z","times_seen":20848,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":44,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ap.dc-report.cc/api/eventTracking/report.json","fqdn":"ap.dc-report.cc","domain":"dc-report.cc","tld":"cc"},"ip":{"addr":"54.254.158.162","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:28.696Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.dc-report.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 07 Dec 2025 00:00:00 GMT","end":"Tue, 05 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"C2:B5:BA:75:40:71:82:8A:0C:30:43:7C:87:CC:C2:C3:63:69:3A:16","sha256":"41:CE:19:28:BB:9F:95:C3:A8:5A:6E:DA:C9:CD:C2:6F:06:2F:9D:37:81:96:91:C2:D9:EF:88:93:F2:EA:18:E8"}}},"request":{"raw":"POST /api/eventTracking/report.json HTTP/1.1\r\nHost: ap.dc-report.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded;charset=utf-8\r\nContent-Length: 675\r\nOrigin: null\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":675,"data":"event=ad_impression\u0026page_key=home\u0026page_name=%E9%A6%96%E9%A1%B5\u0026ad_slot_key=post_list\u0026ad_slot_name=%E5%90%8C%E5%9F%8E%E9%AB%98%E9%A2%9C%E5%80%BC%E4%BA%A4%E5%8F%8B%E5%A4%A7%E5%8E%85%E4%B8%8A%E7%BA%BF%EF%BD%9C%E7%B2%BE%E5%BD%A9%E5%86%85%E5%AE%B9%E4%B8%8D%E5%AE%B9%E9%94%99%E8%BF%87\u0026ad_id=TJ-001_tj_web_215768\u0026creative_id=\u0026ad_type=banner\u0026seen=true\u0026channel=\u0026uid=0\u0026event_id=89f59e9078388420ab0314de5ace0e6e\u0026app_id=TJ-001\u0026sid=c4c7b5996e6924fb70704e9b01d159f8\u0026client_ts=1775500828\u0026device=PC\u0026device_id=353d69b8aa2211aa0632389b6cbd0b1a\u0026user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026device_brand=\u0026device_model="}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Apr 2026 18:40:29 GMT\r\ncontent-type: application/json\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: null\r\naccess-control-expose-headers: *\r\naccess-control-allow-credentials: true\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T21:11:43.744211Z","times_seen":13437525,"resource_available":true,"data":null}},"time_used":2234,"timings":{"blocked":872,"dns":0,"connect":343,"send":0,"wait":332,"receive":0,"ssl":684},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn//upload_01/xiao/20260327/2026032714165114851.jpeg","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.466Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET //upload_01/xiao/20260327/2026032714165114851.jpeg HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 27 Mar 2026 06:16:56 GMT\r\nEtag: \"51cf9c39ca0ee0a9a8febfff2ccd6953\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 27 Mar 2026 06:19:36 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1282\r\nContent-Length: 203904\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 594139464169024818\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":203904,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"51cf9c39ca0ee0a9a8febfff2ccd6953","sha1":"a87a953f7207c9c47729cb3b97eebbcef313266c","sha256":"b85031196abfb91d3e4d88080c8c82c4332e08c239b44b4a0633f830ec3d917b","sha512":"6517c0fd3ddebd97dfcaa15a0bdde4dcf2300f45b4fd74e915fd6b66f83c4f8ddbc5a56babcd71b1e67bf67c19701266a0f28a466839b8d9bdd3b022a2fc6867","ssdeep":"3072:bh5anICTW2IjnEtns9H50CA3dlZKOWCi3O2qP+ugF3XectAXKcJrde25IlnD/2N1:SZPIY8Z033dnKOr2qWNdmEH72NW4Uvn6","tlshash":"5514238c4a28753c9383ba58a6f73ef8fa9dc13644cd77444bb81572cef4a6311a2196","first_seen":"2026-03-27T08:28:08.69693Z","last_seen":"2026-04-06T21:31:45.102324Z","times_seen":5972,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2026-04-01/206b381a7070d0098e45adff94142a4e.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.551Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-01/206b381a7070d0098e45adff94142a4e.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 01 Apr 2026 10:36:31 GMT\r\nEtag: \"aa17b2abf016a6a67f1abc758d9f953b\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 01 Apr 2026 10:36:32 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 528\r\nContent-Length: 223536\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 11048110664493017215\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":223536,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"aa17b2abf016a6a67f1abc758d9f953b","sha1":"c6e40dc70565bd90849b6752ef3e0f878080b256","sha256":"5e0f020fc8b0c96f00a6a4b22b024f31de337fbd25ab451cafec5cd48afb8d65","sha512":"119bf79be647226e334d685c9898fdac7b4ea4a9e0736fa3a261483adf43aa84202201b55086e6c067d75ca49b0563a4f63b282ffeb1f4dcd3f195e6f63a97ac","ssdeep":"6144:I3CYPO50ViUpOZeYLeeYY7h91QTQpXCHcqzBp:I34k4ZLeeYYxXCH/7","tlshash":"6b242387013b903a7e17913b9daddda170009eb82802aca1c347a4c9d755facf99eb46","first_seen":"2026-04-01T11:04:29.225549Z","last_seen":"2026-04-06T21:37:59.29009Z","times_seen":6495,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn//upload_01/xiao/20260329/2026032914424441028.jpeg","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.767Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET //upload_01/xiao/20260329/2026032914424441028.jpeg HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sun, 29 Mar 2026 06:42:49 GMT\r\nEtag: \"89c4f064454bfad21e6ab33adfde432a\"\r\nContent-Type: binary/octet-stream\r\nDate: Sun, 29 Mar 2026 07:04:04 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 131\r\nContent-Length: 138640\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 2471080773105970598\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":138640,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"89c4f064454bfad21e6ab33adfde432a","sha1":"14187829b5a818ffd672352a2f009ac921a4cf9b","sha256":"801bd63d2abd726b7d40b7beec423908e86abcb700b0c80467399f478bdd933b","sha512":"1deb4ecaf5818cec7b5000997a83a51a8a51060e50ddb4e735fbaa9257d75ac5ca0c9cb29a7ad426956eb3b3743d001c0e7b60ab96b900d71622d3c0b5ee4196","ssdeep":"3072:1WpnFuQO8FNNExCg97AFHlRy+EOF9OXBK7RT1+h2d46QHxRo:1WpUQrE0ghsw+r9Owd22d46QQ","tlshash":"10d3127ee79a2e02fc900e0371c56e85579c76082e6d1d01f2d5aa9e3e9dbd391cb820","first_seen":"2026-03-29T07:50:18.458353Z","last_seen":"2026-04-06T21:34:44.104499Z","times_seen":5531,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2026-01-09/59b499a5ce5448958a1340b8381f0616.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.820Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-01-09/59b499a5ce5448958a1340b8381f0616.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 09 Jan 2026 07:53:17 GMT\r\nEtag: \"a9f865eb59ee8e3bf3f7fc72a4302f2e\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 09 Jan 2026 07:53:18 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 120\r\nContent-Length: 359888\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 13229541451080055074\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":359888,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"a9f865eb59ee8e3bf3f7fc72a4302f2e","sha1":"3f6fcda9efd58635a808fb35a010f0e9d7c466eb","sha256":"1a43af44a4f789e9dcc4bd18aa655cc374fe96f36511032176ec96f432cac9b5","sha512":"cc95d13531f4232093083bd57fb65343b87bbb5ad38daa3b22a60b9b2adf9a5d2137195c1930445b195c46aa7b16780448dba5155fed89be4c56dbf3237bca9b","ssdeep":"6144:8+Mh/ZqcV+yrS42LFPxi8POcnHAp6QVf372i0rBDfdc5yxopf/FDskWcS:8+6ky+m2LFPx/OcHwTDUBDfdiaoxNAkw","tlshash":"847422c57058ed420b5e963cfb6b57ea863befbd9bc29087a96348526544c320ec48f1","first_seen":"2026-01-09T08:22:22.642907Z","last_seen":"2026-04-06T21:31:45.145584Z","times_seen":8898,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn//upload_01/xiao/20260331/2026033118092475044.jpeg","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.403Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET //upload_01/xiao/20260331/2026033118092475044.jpeg HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 04 Apr 2026 03:29:34 GMT\r\nEtag: \"c9940e6337be8488c662bf4dc3e1d7b6\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 04 Apr 2026 07:06:25 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 59304\r\nContent-Length: 139856\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 11911158404583811817\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":139856,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"c9940e6337be8488c662bf4dc3e1d7b6","sha1":"bc0f3cbea4f79edf9d8bdaf719da7b43832fd049","sha256":"75c687d86007bc92b0f78ecbbd4eb9cf65aa4165314d9d00f900b1502e0d9e05","sha512":"8362c6591c185b964d7acee7cd7543db69084a699b9a0a2cc9e9500d22a4fca28cdfb2f6b6ffe083a59ee726d97f2800a02e7b1d9a0184de35d2bb7b5989d4e4","ssdeep":"3072:r9abkOu1M7/hkYiDTWnSO9f1IYpA4F33X9gtCZfEsUGbbIby:r9ab3ua7/hkYiDTCH9fSWF3Ww9EmfIby","tlshash":"1cd312fa642d795349a11bbca52219a0829da3c7d31b138f3438f66235d2cb73c20f36","first_seen":"2026-03-31T11:27:31.442168Z","last_seen":"2026-04-06T21:37:59.313773Z","times_seen":5384,"resource_available":false,"data":null}},"time_used":55,"timings":{"blocked":7,"dns":0,"connect":0,"send":0,"wait":25,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn//upload_01/xiao/20260330/2026033016381327719.jpeg","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.678Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET //upload_01/xiao/20260330/2026033016381327719.jpeg HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 30 Mar 2026 08:38:16 GMT\r\nEtag: \"38b21a365409faa02b07d6c5b9e376cf\"\r\nContent-Type: binary/octet-stream\r\nDate: Mon, 30 Mar 2026 08:46:14 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1067\r\nContent-Length: 107344\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 4408097314273000326\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":107344,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"38b21a365409faa02b07d6c5b9e376cf","sha1":"127050010ab8b4bed28b66b124f2448ac73ce166","sha256":"3aa9daf8aa2754dd35cccb83f247400249311e7d9a40959e03646266c96309bd","sha512":"13e0db7f37e61911573bbc8a8d4a79c1d49c7268c82b8ea3bc5da563f35c8f81c1642ab1abf14d9bfaaa38eb869156432c85a5ed218a74bd4828696239452286","ssdeep":"3072:uqpKxLZx4HArUZajhyxBz5HpD0+kWn6YA9:P8pm6hyDz5JD0+kg619","tlshash":"87a3124974d1eb93311c70be2f9db6ea200904d76aaa255f8d237223b7cd6ba011f13d","first_seen":"2026-03-30T16:40:17.098651Z","last_seen":"2026-04-06T21:37:59.256388Z","times_seen":5429,"resource_available":false,"data":null}},"time_used":49,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":46,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn//upload_01/xiao/20260329/2026032923183371164.jpeg","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.703Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET //upload_01/xiao/20260329/2026032923183371164.jpeg HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sun, 29 Mar 2026 15:18:37 GMT\r\nEtag: \"98a062bb0c4bbc174ac755c476b09827\"\r\nContent-Type: binary/octet-stream\r\nDate: Sun, 29 Mar 2026 15:22:38 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 919\r\nContent-Length: 101728\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 11575802165997652127\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":101728,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"98a062bb0c4bbc174ac755c476b09827","sha1":"7a6bde06012b6d5f2659a0e1bc3b0baa58f31cfb","sha256":"4e6b693629782d3b8c205dfd5fd3f10dce5d03569a7585c676454dedc02edd5e","sha512":"c4c752b70837cea2b40d08b77eb557419cb9f62c8a175e56dd6d32276f482c7793afc3ffaf28d1c15638fc4e8459402e5732a1c944384609b28fc9aa275d7405","ssdeep":"1536:e4xqmuwqyyeZmBm7uR3EyBunhL4PnpEzMClWL0REGcYY99nsxBCE+iKnhk820t:euyewBRR3dsn+PIMwxEZz99qC0Knhk4","tlshash":"ffa31280f262181f73530286d4a0621c38d73345aa5f9dd2b70db8365b2f2bb4536bae","first_seen":"2026-03-30T05:05:50.206942Z","last_seen":"2026-04-06T21:37:59.310407Z","times_seen":5436,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/plugins/AiSuite/assets/common/vant.css","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:26.967Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/plugins/AiSuite/assets/common/vant.css HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-length: 60280\r\ndate: Mon, 06 Apr 2026 18:38:49 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Mon, 17 Nov 2025 09:30:37 GMT\r\netag: \"691aeb3d-30a89\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: U87iUrcHLlbC5UkmiOUnr3M0RZeDkzvKtnjpxQku-Cgc_OwrM5ihhw==\r\nage: 97\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":199305,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"ec97f98b8f11e72ca35d2a8939500e67","sha1":"fcdcaecbd29eb74c4d507c0f23d3758052aba3eb","sha256":"52fcb2a7486d329611d7fc1562e0dbcde9f4494728b88dc26932388fee77391f","sha512":"16ec7dfa0d84e113ac71cf66bc4aa1659d3a9089fe76c8e2834d0bd1ee25db5fb2ad0dfe35dbb9ba2340957396a603a09c8ebbacf49c90a65df12f522d9b851d","ssdeep":"1536:VjQbFNJ+jqkiHckCwsBlDOFIxuVoxJPBik/1Al5aIzb2VTVaxA:VuClDsIxuVSmRdJA","tlshash":"ec149495e69091bcbf27f275ab8b96dcf23cf560ed01daa4f10051580ec7bf50623a1a","first_seen":"2025-06-27T04:20:30.581604Z","last_seen":"2026-04-06T21:20:08.878677Z","times_seen":29461,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2026-02-21/cc7087fb438de9101ba9bdb6c0921afb.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.362Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-02-21/cc7087fb438de9101ba9bdb6c0921afb.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 21 Feb 2026 04:04:32 GMT\r\nEtag: \"629fde6db44412241a00dcf14e0dd72c\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 21 Feb 2026 04:04:33 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 322\r\nContent-Length: 135184\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 11103344171990529548\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":135184,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"629fde6db44412241a00dcf14e0dd72c","sha1":"2b8426836b16e9f4fbfaae0042642d35ce00e00b","sha256":"7632fc799d6af6fbceaeea93408e5023912a8361f38e18b94f0c4c66feb49ce0","sha512":"da4a017a4579d15e0007d0332a6110610a565f519dfdd62738406f012379991481bf8d00bce0a50aed6e77aeae8237e3b8010535c5829f976f05f073b7246336","ssdeep":"3072:zj7iQtHAseYSV4hYvzWBTyJ83JqEHG4nWerZgpW5rdGWVL:79HnjSVRqBC0JZHI2Air8u","tlshash":"64d313538077830d5e786cf97e054e46c7147f0393699aa3150bf105a4ae0ae77f9e47","first_seen":"2026-02-21T02:51:35.034032Z","last_seen":"2026-04-06T21:31:45.110197Z","times_seen":7312,"resource_available":false,"data":null}},"time_used":120,"timings":{"blocked":44,"dns":1,"connect":8,"send":0,"wait":10,"receive":18,"ssl":35},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn//upload_01/xiao/20260330/2026033012455224267.jpeg","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.524Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET //upload_01/xiao/20260330/2026033012455224267.jpeg HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 30 Mar 2026 04:45:56 GMT\r\nEtag: \"064806c15cd8ffc4514afed80d5dea34\"\r\nContent-Type: binary/octet-stream\r\nDate: Mon, 30 Mar 2026 04:51:32 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 3121\r\nContent-Length: 99472\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 11342952172132174055\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":99472,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"064806c15cd8ffc4514afed80d5dea34","sha1":"fe87f9055d910770287980339c9e149f766b70cb","sha256":"e9abcbadf814f1c246e7604f1d5bfb930c078c9fae78f8601cf48eb81a7f8b0c","sha512":"d2e420c03d60ed5ca8ace503c0eef5446f6d1c80a6399a655d7b0fdc3009ec4c2da5b94ef7f914561b779942ef99da3611ade82f04c6222d1018b5ac9f20c61d","ssdeep":"3072:3mBCs2fWUVvVfWqnfd+D4QnECpC/Inm+VAMDI4K2Fsro/pKS:3mBCFuUt4qnfgECpC/ILAMM4Fsro/8S","tlshash":"eca3125e98342661c52762ce136dd951b93983eb0cb02fe1d820262e9f7d7e73a3e1d1","first_seen":"2026-03-30T16:40:17.041194Z","last_seen":"2026-04-06T21:37:59.309312Z","times_seen":5429,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2025-12-30/abd51bbed55f025430536d4e75e4a27d.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.669Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2025-12-30/abd51bbed55f025430536d4e75e4a27d.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 31 Dec 2025 11:00:15 GMT\r\nEtag: \"70a375bcdfaa14189a1336bb44d43a3d\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 31 Dec 2025 11:03:12 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 96\r\nContent-Length: 222768\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 7894720566699637462\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":222768,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"70a375bcdfaa14189a1336bb44d43a3d","sha1":"9202eccdd3beacb9960d1ddcb77d9535e0823a2b","sha256":"2dfa9d0dd22a7d0bb2d1913c0fb967f63ba85bd04a0cbd56ef95c6621af10849","sha512":"9ec858e427ef1f8ec35c4d2c5681ad89c91d0772502cc41dea7821240c635f339b83e688badee19e9547bbc9a22fa845fd9f656283660009cb79655e2387da6b","ssdeep":"6144:ECyE6fRsUAqjCoN3lXMrMlHNbBzbWtuTky02m:EyU2XNOHNbBzKNy02m","tlshash":"8d242310ca7d9001ab8684d57cd6a4bcd133b730660c5b1f91b8abe269cf1b50e7b69b","first_seen":"2025-06-14T15:15:15.370117Z","last_seen":"2026-04-06T21:31:45.065252Z","times_seen":16942,"resource_available":false,"data":null}},"time_used":49,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2026-04-01/1468bf21928470e1af878d6edb9869a8.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.493Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-01/1468bf21928470e1af878d6edb9869a8.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 01 Apr 2026 15:12:44 GMT\r\nEtag: \"eebbe2b856d1aea0f658e9cfcdfcdb28\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 01 Apr 2026 15:13:14 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 639\r\nContent-Length: 259536\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 1089017632520071873\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":259536,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"eebbe2b856d1aea0f658e9cfcdfcdb28","sha1":"bd5ebd8ad0091e6c7400940d9c530b7a066f8eff","sha256":"0cb07ff739ed0668963d5af783c0f2439ffd80ca77acc93dac48af4f3985a1b6","sha512":"b15b4674100e74f1cbd99f9b0acf27b94c16e1b03fd014be1ef40df8937a771a26d008c3addeb4012cd071cfbe6d6a15b6ff1e65c8b526a3d8f1693d6d34af23","ssdeep":"3072:eCSQAps1bhXxp6w+50nO6HRIZPFWLqqaoKVQncr3eWL10QExjnBvfrOM9chZaXqC:gH8R/+IDBUWWLZABvbgZaXqX/9+7VmG","tlshash":"094423e448f41a63d332bbba4950ab03f8b9d91ee6fd1a0ffdc419114c728941d01acb","first_seen":"2026-04-01T15:30:05.715655Z","last_seen":"2026-04-06T21:37:59.295474Z","times_seen":5198,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn//upload_01/xiao/20260331/2026033116430599566.jpeg","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.493Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET //upload_01/xiao/20260331/2026033116430599566.jpeg HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 31 Mar 2026 08:43:09 GMT\r\nEtag: \"ea3bdfef2f3516ef3255eab42ab35c37\"\r\nContent-Type: binary/octet-stream\r\nDate: Tue, 31 Mar 2026 08:51:36 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 827\r\nContent-Length: 112432\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 17403529498059468481\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":112432,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"ea3bdfef2f3516ef3255eab42ab35c37","sha1":"08968ebc206e1944fdebbdbd931b3834a05fae13","sha256":"c3f92cdd4c4d8d33e6b001318f04ada747c22a16b99c6add50247975edb52adb","sha512":"b82b2a6137e3d50432754c303eec71b1ab3f6826805dc6379d828d3ba519065024ca09c7d436bfbe9f18558811c8767c5889126c4556785f97cff9f2e4f7256e","ssdeep":"3072:rvy3TGNzw4EyzkoMjxuvdSeLVE/b1YNBfHgZJ1Yq:rqjGNtEyzjMjItLVQb1SBfAD1Yq","tlshash":"94b312b1c6e6fbe9fbe024ba34ccdd00d098786c594017799d1a5f1ab12a83f8d9c2d4","first_seen":"2026-03-31T11:27:31.353196Z","last_seen":"2026-04-06T21:37:59.3359Z","times_seen":5385,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/fonts/OpenSans/400.woff2","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.324Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/fonts/OpenSans/400.woff2 HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: font/woff2\r\ncontent-length: 16644\r\ndate: Mon, 06 Apr 2026 18:30:18 GMT\r\netag: \"64b11d8d-4104\"\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\naccept-ranges: bytes\r\nlast-modified: Fri, 14 Jul 2023 10:03:57 GMT\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: ZVGFQXaFOqjK5jaB-wU7zIiZDS0H6btKViinCAqGm1ZaV5K5Wy6H2Q==\r\nage: 609\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16644,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16644, version 1.6554","md5":"6276351c3fd3053a0cab736572d6ced1","sha1":"326b281cbcf5070d140fadedc4b1354f1a5d916c","sha256":"43640ab0efbdbd50a1162047c1f62f338fb84de407411b98bfa6a1f8666ef0af","sha512":"c9885c9fa086350a150efae1c40c9ab22314db0baf47b457c3de4be5c7e609313b9fec4f9000b133a9f8b365c2d5d3703bbff579833a8b81195062e5f6bfe5e7","ssdeep":"384:JK4eVLUx4mqjtgI4cwDn/HnhbXOU7WYb+KFqEevY5:Y4edUqmBIkD/HhjHWYb+KFGvY5","tlshash":"bf72cf83f467d9f0f42836305db116e3b979ef357761ace0621445aa1232bd02e847dc","first_seen":"2023-05-08T23:10:23Z","last_seen":"2026-04-06T21:24:05.438193Z","times_seen":21995,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/plugins/AiSuite/assets/common/clipboard.min.js","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.087Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/plugins/AiSuite/assets/common/clipboard.min.js HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 3634\r\ndate: Mon, 06 Apr 2026 18:38:49 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Mon, 17 Nov 2025 09:30:40 GMT\r\netag: \"691aeb40-23c8\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: Ump1t9t6e5E7cECjzXvWOsSn6iJrcJj8q0Fz11d4_57h1hGDXGdADw==\r\nage: 97\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9160,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (9067)","md5":"15f52a1ee547f2bdd46e56747332ca2d","sha1":"9a7cb405f9beed005891587d41f76a0720893ffc","sha256":"e17a1d816e13c0826e0ed7febfabc3277f45571234bde0bf9120829a7169edc9","sha512":"ecee695e9734a0246bc64f1151f0d81609f49ced6dfa32ee20e41d38c469e003c1eee678bd28eca73a79cba603b43b385735124db5b304567f2ca2619f214e2b","ssdeep":"192:s6IMH3HEG9JVwkHg4LyAal318/NYusfkApXMdgmkpj:sy0G9J1zG3eFYP/XMmmkpj","tlshash":"77126399b291b0b15ae731a9412f920bf2766969708b90d0d239d4f0acbcdde4463f3d","first_seen":"2023-03-07T12:23:44Z","last_seen":"2026-04-06T21:22:32.049901Z","times_seen":26014,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/plugins/AiSuite/assets/common/image.0821.js","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.118Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/plugins/AiSuite/assets/common/image.0821.js HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 48012\r\ndate: Mon, 06 Apr 2026 18:38:49 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Mon, 17 Nov 2025 09:30:40 GMT\r\netag: \"691aeb40-4b5b1\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: uGES3YLugrHfzGwrV2Q3t7gU4giSwAV3cCZoHT7-CaMLZyPBdrd5-Q==\r\nage: 98\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":308657,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3229)","md5":"5e58c86a740cd6c1821106b20c0c7f48","sha1":"88ee6c584e88c228fa8d67d969d853c0aeb95ada","sha256":"9fead600c0800d0a226d684f2604f4c6f1eaf3528b2357fdac942d450538a442","sha512":"1b907e01624056461d591abaca6780eb3e33a23c0da393ad369e27895b3e09984922c68e8b536ce4794499c70aab341047d9529737c8a3afc4a3df5e00b5979d","ssdeep":"3072:LPP0McCvleCNzRxnnpa9PYetJYRw0qvl+itTRRnnpa9v4+tJ4xQU/9Au:LPP0LypY06pYU/l","tlshash":"1564104a9fe31194f513b43c6b3f6805a1e6b0275ad9dc0e791ca9e0cf29428c579bec","first_seen":"2025-11-08T04:26:01.795335Z","last_seen":"2026-04-06T21:22:32.185841Z","times_seen":20823,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/css/7.10.0/search.css?v=2026032602","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:26.965Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/search.css?v=2026032602 HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-length: 12929\r\ndate: Mon, 06 Apr 2026 18:38:49 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Thu, 26 Mar 2026 11:11:31 GMT\r\netag: \"69c51463-12697\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: Z395KmgpcVVfQaI43itN-kFKpDk3pUwRV-dg5cGJ-QTtUl2KqelNHg==\r\nage: 97\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":75415,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, Unicode text, UTF-8 text","md5":"7314edd6a2d0f543b8c6087c4f439241","sha1":"505c5b7d58b2c0cf04da6cea47e23977062258d0","sha256":"dab1aeb8960447b5b8d759965383796acdef3900c891cbd9d7215eb304fa6072","sha512":"7f99c294e0984e06a9a43ac2007d20f9b6d5b9eadd7b66ab7427eca809e26b8b1fd00bb8e008a54f862d55a78da384eaceb999ace6c324f1ca90f9c807f31346","ssdeep":"1536:rH1OEnq8Zo8jc2dod5dwdKdjdgdQkKLOLHEh:xZo8IkKLwO","tlshash":"d273cf0b9b530125fdb744ac2b6a7b842729d407ed05ceac7bcea584cfcb954b4a17c8","first_seen":"2026-03-26T12:11:43.176385Z","last_seen":"2026-04-06T21:31:45.142407Z","times_seen":6122,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/images/Search/pc-nav-icon-gh@3x.png","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.052Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/images/Search/pc-nav-icon-gh@3x.png HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 736\r\ndate: Mon, 06 Apr 2026 18:38:52 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Tue, 22 Jul 2025 12:20:43 GMT\r\netag: \"687f821b-2dc\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: h3h73gxan2xTmui9Lrfg-hl5V2g0SxU3hE5FF9r1PypXxskEcCfgkg==\r\nage: 94\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":732,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 60 x 60, 8-bit colormap, non-interlaced","md5":"0065fa7f70b2b08b15d3fd0f5791d5b8","sha1":"d3de2f101b2f9e8b9bf41c2b896dafd6d760199e","sha256":"4d6b1fc6cfb3528a1ad9dc78c51f7005a26fd2251c49b1060e37f30e2a9caa2c","sha512":"8ed33dce5119cb2fd93dad87b72b3325e627c40e3cd20d50bb6726986a915e22daa2f23fc38fb09d2580295babffd0b55b20592fc9f41d1a7a7cd2888e8a6221","ssdeep":"","tlshash":"0501886323d95a3dfff841b7272171e46d455cf8996281c67a6d3001463d1ac9740762","first_seen":"2025-07-12T04:18:50.94389Z","last_seen":"2026-04-06T21:31:45.049541Z","times_seen":20871,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/css/7.10.0/icon-up@3x.png","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.319Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/icon-up@3x.png HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htyrz1.zgiwnnh.cc/usr/themes/Mirages/css/7.10.0/search.css?v=2026032602\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 358\r\ndate: Mon, 06 Apr 2026 18:39:55 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Tue, 22 Jul 2025 12:20:43 GMT\r\netag: \"687f821b-162\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: 5WvLc13KR1kCVDjY6W8n-06mDhF_qMvUDQ6dyfLM84yFcy5mOCC1CA==\r\nage: 32\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":354,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 4-bit colormap, non-interlaced","md5":"81df81c8a4d658d5e3e22e9f14a90cf6","sha1":"dba2119bec81f3ce458ed0ffdeefde0afc5eb5e1","sha256":"a5007a2bd7b90cc4566abf22b92f0365ae6377209b749dbf74626ee96bfb0fa7","sha512":"c7f98e5eaf3ba2336c5138c45242f8c96ce2eee72fbc8c00dabf7ae58515d3ebf35534dbfbb85796e8e8058651462c0ec404fec9080140cad917e57a14adfaf8","ssdeep":"","tlshash":"0ee02df4da09ea9040744c2bd8b163d0feb29d8c3120c0dfad68303823b8106d2437a2","first_seen":"2025-07-12T04:18:50.98186Z","last_seen":"2026-04-06T21:31:45.161705Z","times_seen":20853,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-06T18:40:26.647Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 39246\r\ndate: Mon, 06 Apr 2026 18:38:53 GMT\r\nx-server: web-node-9\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\ncache-control: no-store, no-cache, must-revalidate, max-age=0\r\npragma: no-cache\r\nexpires: 0\r\nx-cache-status: hit\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: E7t95C4DACiTSTfoN6MCelETokTgZntMPgad-uz1-E5uOh1r8imaKA==\r\nage: 93\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Clipboard.js","description":"","website":"https://clipboardjs.com/","common_platform_enumeration":"","icon":"Clipboard.js.svg","categories":["JavaScript libraries"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"jQuery:2.2.4","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Parsley.js","description":"Javascript forms validation script.","website":"https://parsleyjs.org","common_platform_enumeration":"","icon":"","categories":["JavaScript libraries"]}],"data":{"size":287878,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1116), with CRLF, LF line terminators","md5":"cf0368df60ce4a34dfa0d612103e4e3b","sha1":"5f8f5672ef096ae293e7a49c47072fb778748731","sha256":"21c051735840166fd4f845517bc64d627682db0c132e0497cce07a7093eb83b1","sha512":"96d469df8403786b5d0885c684687f621efea49e9936d64f13576e5601ff089e95723952d7bafd4f202f71e9e3842fbdb07623581f9bfd46393695f8cd40001b","ssdeep":"3072:kwb3ZShu21nVnZSfnCIv1VrH8uPeA9fio+3L9uLIL/:pb3upJZaH8X9","tlshash":"0154e851acf244b54293b0d269b2ab05fe41e047d94add05b7bc86c8bfc1ea385b379c","first_seen":"2026-04-06T18:41:09.668166Z","last_seen":"2026-04-06T18:48:06.336809Z","times_seen":3,"resource_available":true,"data":null}},"time_used":196,"timings":{"blocked":90,"dns":66,"connect":8,"send":0,"wait":12,"receive":3,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/plugins/tbxw/js/zzz.js","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:26.982Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/plugins/tbxw/js/zzz.js HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 20137\r\ndate: Mon, 06 Apr 2026 18:38:49 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Fri, 14 Jul 2023 10:04:07 GMT\r\netag: \"64b11d97-c67b\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: Bt1B8AY4ZaeluVgwZW-yOpbx8pTrgq33h-v2rMeWrIZmJuQBVfNr1w==\r\nage: 97\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":50811,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (48316)","md5":"78dab9fcf576de8cba46edd716dd2309","sha1":"7113abe41f95159f9bfccf70d01bdda1055af2ad","sha256":"7c66d6c8e2c470780513a282b66e2b5b7429ed863d6a0ecd6054b38dcda004b5","sha512":"dbb858875e532b475f827c930c154cac09e9a952b20053a0f7e1b34a050100a0a3a41f8aabeeab4af2dd90082363fe3ced3a5957f7250a4918d305b49655e040","ssdeep":"768:J1Z4iiyfiD78x6l42SWRV4HC0o10LEnM9OT81agZnEpn6ZFCsUleZ:vZYDc6lXJd1mZpZEdq","tlshash":"da331bc5a19c609153a774d50d7f704bb4637526170d89acf228e8eeecfcaea9039d38","first_seen":"2023-03-13T16:33:51Z","last_seen":"2026-04-06T21:20:08.849671Z","times_seen":29450,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/plugins/AiSuite/assets/common/axios.min.js","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.120Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/plugins/AiSuite/assets/common/axios.min.js HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 21089\r\ndate: Mon, 06 Apr 2026 18:38:49 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Mon, 17 Nov 2025 09:30:40 GMT\r\netag: \"691aeb40-cc17\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: bloXjg_zi03rYzUF0htJq2r4Oz-AeFfszh8py4yzQ59vaebE1uv3CA==\r\nage: 98\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":52247,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (52208)","md5":"99714d221df650b50da3b7bf97e2987d","sha1":"493b74178a63429fff2aab081b3a1ca73d362085","sha256":"8ad11c4cb079bba93156727270f510292eedcc0716c6f21725074a59ec8b9b96","sha512":"2520851e12838a54d14577bd6a4fc5276f1d729389c7341a09ddd783c33217a5c58ce0e1cbf60c08cf075b44c50dc90d1d651ec16fa47ef8629f8de12ad27103","ssdeep":"768:Wjp+L+sl7x97+om+oCICTUOD3cQ3F1C+SqImCjL/hQBf/MEVgnyzB/c2OiwBaGcj:Up+b0GUOLMPLJQf/CEB6iwOj","tlshash":"2c33b6cd76d6f06243a77174802f610bf23aad16a44d8460f224ece6bcb854e9337f69","first_seen":"2024-05-21T19:06:10Z","last_seen":"2026-04-06T21:20:08.902301Z","times_seen":30448,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/js/7.10.0/search.js?v=28","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.144Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/js/7.10.0/search.js?v=28 HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 7555\r\ndate: Mon, 06 Apr 2026 18:38:49 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Thu, 26 Mar 2026 08:53:44 GMT\r\netag: \"69c4f418-8a94\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: Cy_tGfKZ-GzVV7B4BHbMPtqjbtSc75ExnUaS7Rm5xOLMoqxsFZHMvA==\r\nage: 98\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":35476,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"35393d86efbb52e583f4a0ef8c605b0a","sha1":"86ea1d258468104439f4cd024633f9aa9a729abc","sha256":"83a0322ded0f37dd9abb9de4ee512a79f65cb916c65a52e82a1dad3b3a92cef8","sha512":"472aa0798ae1711a00d79f76c9f933a459daaf72779d2cc4b0ccaf86768ae693a03d77419a498def1173de63745ce1e37889ec5b0aa0f8c318da5f4356e66bef","ssdeep":"384:FEGVkJKd3+7K33Ew3oVNywa5qwRxBuWtXtTeEI+/LuA4:hVkJKd3+7K33Ew3oV4wgxPr4","tlshash":"caf2202624f204329db3b0a94be7ba45bf11d407e54ace487a4c8bc09fd1e25d7a37d9","first_seen":"2026-03-26T09:29:38.982821Z","last_seen":"2026-04-06T21:31:45.133043Z","times_seen":6149,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/fonts/OpenSans/300.woff2","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.326Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/fonts/OpenSans/300.woff2 HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: font/woff2\r\ncontent-length: 16344\r\ndate: Mon, 06 Apr 2026 18:30:23 GMT\r\netag: \"64b11d8d-3fd8\"\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\naccept-ranges: bytes\r\nlast-modified: Fri, 14 Jul 2023 10:03:57 GMT\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: rsMTmZAPtEVcNG2Ien_wA45HaaZZ7xAXfjo2JDet72NyRL-9e6JxHg==\r\nage: 604\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16344,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16344, version 1.6554","md5":"c027111d6febba054f7cd5e5fddf2243","sha1":"7c6ebfb74210e4d368ba5df96b2c5aa448a3953e","sha256":"c347496b917562bd48ed65545fbced7c9fb2a3e48c1102708a7e615fd4fb2ed8","sha512":"1a819ee0993cbed2399265606b2adc0866dd34fcab1272b6d1798e08010cab4e38af1a2299d74a706690a3188d0081d92804568982fd23f6d2ce946ac29fb61c","ssdeep":"384:sO3z8BPeD5+oRjlrvO+uuGnSDKDPVb0fOovWO1aDDBAb:pgdeD5jRjpO+ugDKDPZ0mwV1aDD6b","tlshash":"ad72cf62810dd851e31137fd7c6622e0878cb0a392121bfc5bebd8ec09204e67ac43be","first_seen":"2023-08-07T12:25:19Z","last_seen":"2026-04-06T21:31:45.137716Z","times_seen":20150,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2026-03-04/50945d1881aefabc96de458175b2a50f.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.539Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-04/50945d1881aefabc96de458175b2a50f.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 04 Mar 2026 07:06:26 GMT\r\nEtag: \"4f893061f066d30499702a3adeff5c5c\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 04 Mar 2026 07:06:41 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 164\r\nContent-Length: 318976\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 10479345229576436486\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":318976,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"4f893061f066d30499702a3adeff5c5c","sha1":"cbe04a3f6c0a7cea8c544305df90a65dcfe21d39","sha256":"ded2a60603f93906b6e3727ace27ccd454c34c1ea5299b1814cc5cd0c6192d73","sha512":"80d57eb8378b9f99f45d190d28048ad6efabc3dfbc877195043eb304c2c971843ecd654efd8a3b6a2a147f13a2e72e24fcb00fc62784722d9dfc75da500d60bb","ssdeep":"6144:j0oGFmvZ4vYXHgkAXLfxLTRPIoJ1R9DjIa9FR0VUlIGxqkn:gozR4gvcIoJ1THRym7qkn","tlshash":"83642287ea7bf5f78f9e320c4474482c144aaa437e868a852509f6d1c3ed7b03d16c79","first_seen":"2026-03-04T08:58:20.533314Z","last_seen":"2026-04-06T21:31:45.110983Z","times_seen":6973,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn//upload_01/xiao/20260402/2026040212285565919.jpeg","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.602Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET //upload_01/xiao/20260402/2026040212285565919.jpeg HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 02 Apr 2026 04:29:01 GMT\r\nEtag: \"7e8366c50c255de3a97c89a204a9e42b\"\r\nContent-Type: binary/octet-stream\r\nDate: Thu, 02 Apr 2026 05:30:16 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1989\r\nContent-Length: 238448\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 5072313189580823780\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":238448,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"7e8366c50c255de3a97c89a204a9e42b","sha1":"9acd1446a893854c581972d09a7758f985384fa8","sha256":"5b10ee82f9e81c12ce89e85f1fb9b9d82694c3e485d1f5a93c2a5fc47532f4a9","sha512":"7294ed238fa2223602b3fe12cfca5f33d8247a552445a4dae82f411430cb8ab1dc838dc19f40c07d17623c6ff05e99c5ab176bcf0e3ad6474e9dd022e308d128","ssdeep":"6144:e7Y2hb6e/YWgXz0DjfZkXzNYRBtARUY3zJObYz:e7Hui92zNUPopzJObk","tlshash":"2c3423eca9405789c9178986679a81ff2175cb8b1c1ffbc23c3a31343695e7c295e293","first_seen":"2026-04-02T08:18:53.817238Z","last_seen":"2026-04-06T21:37:59.276678Z","times_seen":5173,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/images/Search/search@3x.png","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.029Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/images/Search/search@3x.png HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 634\r\ndate: Mon, 06 Apr 2026 18:38:51 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Tue, 22 Jul 2025 12:20:43 GMT\r\netag: \"687f821b-276\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: L7o40uYgrv8fTh_ScudsaQSG4_wt2S9cMXI9GfFHp3WDBE9ZK7EKVA==\r\nage: 95\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":630,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 4-bit colormap, non-interlaced","md5":"a4b5282346fb42d90c59fa556c76e8e0","sha1":"0a12261356eef879559d3bc1dae88cf08dc23a1e","sha256":"aa5da5e9cc04a263402c2c75dc6485c929de92186e8efb80ba3c7cd9604bf950","sha512":"c385c6f1f449891870f786d9fc9bf140cb4218633c39b09ce7895b0c8950ae918327a49036b63f793e58dfec8ba308050d2cef338caffc1b6c856eb31893e6ab","ssdeep":"","tlshash":"bdf00251822d7c9bb34b2916c0177762f858d915771113cfcf0aa83c59151d6c2fd209","first_seen":"2025-06-06T19:17:52.685678Z","last_seen":"2026-04-06T21:22:32.060752Z","times_seen":22546,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/images/Search/pc-nav-icon-tg@3x.png","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.060Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/images/Search/pc-nav-icon-tg@3x.png HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 728\r\ndate: Mon, 06 Apr 2026 18:38:52 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Tue, 22 Jul 2025 12:20:43 GMT\r\netag: \"687f821b-2d4\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: HOOITbwBO1pbhfwM1iGPfCwHHHzXVuL363KQsFc40DxrCQm8kz4rhA==\r\nage: 94\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":724,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 60 x 60, 8-bit colormap, non-interlaced","md5":"f85347d7d3b89528c8ed9b2302cffd75","sha1":"f867345d5d76084326d8e0fd56165e943887c1b2","sha256":"0d4dea28dc89bf49c23d0b981000855ab6b6353641619c737afe4a1581ebfee1","sha512":"90da37dce95e7282af9bff7b041c2cd4c5becea138cab3be876170067c8480398981bcdc0b43185f08e7fc0e34f921c92dc118e8fb3aa9608626cd9b9efb70e5","ssdeep":"","tlshash":"04018870f1841d38cd34a85c9c73abd56e019d0b1354f062c8d5bd747dfc04eac45420","first_seen":"2025-07-12T04:18:50.990855Z","last_seen":"2026-04-06T21:31:45.146354Z","times_seen":20875,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2025-12-30/e8e1e023702cb2535fcc5b8dfc237932.png","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.235Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2025-12-30/e8e1e023702cb2535fcc5b8dfc237932.png HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 27 Jan 2026 14:12:51 GMT\r\nEtag: \"60af2c4d8abb6b3edfa7e5b3f0af2c90\"\r\nContent-Type: binary/octet-stream\r\nDate: Tue, 27 Jan 2026 14:12:52 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 216\r\nContent-Length: 139488\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 5442787243126587985\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":139488,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"60af2c4d8abb6b3edfa7e5b3f0af2c90","sha1":"ff01cec91d7ac12be695637f7f9bc1db1846b442","sha256":"33761d1d55e6319804742b0337b23716cfc9bdc57df7664750b11eb6b3b37976","sha512":"88283c6844b67a8bb6f85a933ba88699699caf084097ddd6fd536453892c7cd52f2e244807958a5fa597ddc43c4935cd286347d82fb65f446e8a3ca13df8060d","ssdeep":"3072:VW6g7V1QSflcmvjLY6EyrQatdxQbGxMLCBYIFDvdQpg/YR+rMToePvs:3gXl+CjLbrA5LCBYIFDvF/0+rMTrvs","tlshash":"76d312e10a29afb280c7534bb8925459dc02daf4c66fc66d0d923b1be67e73360945f3","first_seen":"2025-11-17T11:08:20.239469Z","last_seen":"2026-04-06T21:22:32.095351Z","times_seen":16080,"resource_available":false,"data":null}},"time_used":276,"timings":{"blocked":103,"dns":1,"connect":21,"send":0,"wait":21,"receive":49,"ssl":79},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/css/7.10.0/rank-1@3x.png","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:28.383Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/rank-1@3x.png HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htyrz1.zgiwnnh.cc/usr/themes/Mirages/css/7.10.0/search.css?v=2026032602\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 2931\r\ndate: Mon, 06 Apr 2026 18:39:23 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Thu, 05 Jun 2025 07:04:02 GMT\r\netag: \"68414162-b71\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: haa02pP7qTxwGNvCpbxCy77BsEyxv_g8AHpK5e7WgxpjCxXneZErdQ==\r\nage: 65\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":2929,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"abac25d37a9ac9344c49557ebfcccdb4","sha1":"83b9f56ec29cd0b56e34c938be11ad9bf1282c5c","sha256":"afe1b7a6d3f013b149bad9c96316fa9ab1bb259596d1fe5648e86f236115ac38","sha512":"ef44f375c46e4332861aff8d51407ea7297fe6b11c0f2b5a87f96f1ec3b72815ed608a052ad599147c271e1eace7ec85bd3f6fa523d0aaaac68dff00fb48ca19","ssdeep":"","tlshash":"4d515c8285ceb0f64b1ec36f4b51d4d9f0736c453982de95ada831c64bf1cb7d9816a0","first_seen":"2025-10-28T07:13:52.661811Z","last_seen":"2026-04-06T21:31:45.076136Z","times_seen":7707,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":19,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/css/7.10.0/rank-3@3x.png","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:28.390Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/rank-3@3x.png HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htyrz1.zgiwnnh.cc/usr/themes/Mirages/css/7.10.0/search.css?v=2026032602\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 2500\r\ndate: Mon, 06 Apr 2026 18:39:24 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Thu, 05 Jun 2025 07:04:06 GMT\r\netag: \"68414166-9c0\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: 5GFCPGB2wh-lpMRN3nwGfU2XxCHrbpYsPb8bhYikLochi_LfxZxhmQ==\r\nage: 64\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":2496,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"44b6dc38e9133c0cea22f7458442ec3e","sha1":"4963100db4a6f4e33837a07f0d62370524423673","sha256":"28a64014ea2e54dee4a96dfd9923ea4693ea6a0532cf6cf5cd1c8f1aaa1e543b","sha512":"7351991697ad02b03a4e5ba0dbe7595cd5c89eb88749fa4c4df353b97bc896d0741a485faf72198694af42e58610ec3981e32b4752042b14127415f972f3db15","ssdeep":"","tlshash":"40515bda280dcc1bc2261875342cb81de565582c41f3e4adfee3c5a066a8c98c2f9d43","first_seen":"2025-10-28T07:13:52.658458Z","last_seen":"2026-04-06T21:31:45.084016Z","times_seen":7706,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":13,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/fonts/OpenSans/300.woff2","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:29.701Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/fonts/OpenSans/300.woff2 HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nCookie: _ga_P6HKH41365=GS2.1.s1775500828$o1$g0$t1775500828$j60$l0$h1693798944; _ga=GA1.1.604148270.1775500829\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: font/woff2\r\ncontent-length: 16344\r\ndate: Mon, 06 Apr 2026 18:30:23 GMT\r\netag: \"64b11d8d-3fd8\"\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\naccept-ranges: bytes\r\nlast-modified: Fri, 14 Jul 2023 10:03:57 GMT\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: skLFQHQD0FttDo0e2LZ6MLHvPbw6wV5uUj9dEH-Hr-Ag2_HDSFrm4g==\r\nage: 606\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":16344,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16344, version 1.6554","md5":"c027111d6febba054f7cd5e5fddf2243","sha1":"7c6ebfb74210e4d368ba5df96b2c5aa448a3953e","sha256":"c347496b917562bd48ed65545fbced7c9fb2a3e48c1102708a7e615fd4fb2ed8","sha512":"1a819ee0993cbed2399265606b2adc0866dd34fcab1272b6d1798e08010cab4e38af1a2299d74a706690a3188d0081d92804568982fd23f6d2ce946ac29fb61c","ssdeep":"384:sO3z8BPeD5+oRjlrvO+uuGnSDKDPVb0fOovWO1aDDBAb:pgdeD5jRjpO+ugDKDPZ0mwV1aDD6b","tlshash":"ad72cf62810dd851e31137fd7c6622e0878cb0a392121bfc5bebd8ec09204e67ac43be","first_seen":"2023-08-07T12:25:19Z","last_seen":"2026-04-06T21:31:45.137716Z","times_seen":20150,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":11,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2026-02-25/017a6f8a35080f8dcd14327a325d9ef2.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.638Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-02-25/017a6f8a35080f8dcd14327a325d9ef2.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 10:48:11 GMT\r\nEtag: \"f359e4e211f9ef0333facb7935ee2c6a\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 10:48:31 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 135\r\nContent-Length: 501008\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 2166652878808400742\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":501008,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"f359e4e211f9ef0333facb7935ee2c6a","sha1":"9e022264cf40e011823b4460f13795cfc38afa8b","sha256":"d041ff5176b7f88072c72e38b0dd6f0b4fe15f6eb6a7ad7a8578a6e524025fbb","sha512":"e1312ed955c861fded1da75dd9cc86de0f04a4b498571a398052296445b41c0082c3e0cd34349ebeb5d63d4f399d0cd1d0ad7782ca67e68ee665a58b40d63989","ssdeep":"12288:UosHVKU3eFUqKTvVZE1JZvsIr/ue7weNbxnZgsBRotUeB:xsV3eTKTvVZE1X//weN1ZgstK","tlshash":"98b4239dd2c0c09a069572b0c458276fbda746e3f58c7b3c22e1269e77849899fc807f","first_seen":"2026-02-25T11:18:39.742443Z","last_seen":"2026-04-06T21:25:12.251171Z","times_seen":8891,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2026-04-01/199eb1e6d0d621bed6a46ba8c4a5ea44.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.841Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-01/199eb1e6d0d621bed6a46ba8c4a5ea44.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 01 Apr 2026 12:34:35 GMT\r\nEtag: \"a5744ad664e010338253087936c9f9b6\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 01 Apr 2026 12:34:40 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 3\r\nContent-Length: 217904\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 7492967057659362622\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":217904,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"a5744ad664e010338253087936c9f9b6","sha1":"c6a21f3621ed71ec12cffaef26ef183d8eca5222","sha256":"d4a688e68531a82ae6028df82cb397d8b30eb18cd591ada1885679c59287b96b","sha512":"b55e9a0a913607c2cbd47643356e42ccdb31a463caf7a8e394f362797535dee5091daacc056269ee854a7951332405a673c294dfbc34fd784ea4fda5b7e7fd85","ssdeep":"6144:QHMokeiABeGWZ3JLjhCSWOIBlEt5yOHJ+H/yvydZ:QHMofiAkZthC1OI38nXvy3","tlshash":"c324139d915194736e3746be9cc5f5a837c306cefa28c27902ad182e58d4a3f076a4f8","first_seen":"2026-03-28T16:22:38.383087Z","last_seen":"2026-04-06T21:37:59.239439Z","times_seen":6507,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":5,"dns":0,"connect":0,"send":0,"wait":49,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/fonts/OpenSans/400.woff2","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:29.698Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/fonts/OpenSans/400.woff2 HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nCookie: _ga_P6HKH41365=GS2.1.s1775500828$o1$g0$t1775500828$j60$l0$h1693798944; _ga=GA1.1.604148270.1775500829\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: font/woff2\r\ncontent-length: 16644\r\ndate: Mon, 06 Apr 2026 18:30:18 GMT\r\netag: \"64b11d8d-4104\"\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\naccept-ranges: bytes\r\nlast-modified: Fri, 14 Jul 2023 10:03:57 GMT\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: KjYY7LVvrTwePgFQW9SdX51fMwkthJTnvmuZkklKsZGxW1Wxj9KF2g==\r\nage: 611\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16644,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16644, version 1.6554","md5":"6276351c3fd3053a0cab736572d6ced1","sha1":"326b281cbcf5070d140fadedc4b1354f1a5d916c","sha256":"43640ab0efbdbd50a1162047c1f62f338fb84de407411b98bfa6a1f8666ef0af","sha512":"c9885c9fa086350a150efae1c40c9ab22314db0baf47b457c3de4be5c7e609313b9fec4f9000b133a9f8b365c2d5d3703bbff579833a8b81195062e5f6bfe5e7","ssdeep":"384:JK4eVLUx4mqjtgI4cwDn/HnhbXOU7WYb+KFqEevY5:Y4edUqmBIkD/HhjHWYb+KFGvY5","tlshash":"bf72cf83f467d9f0f42836305db116e3b979ef357761ace0621445aa1232bd02e847dc","first_seen":"2023-05-08T23:10:23Z","last_seen":"2026-04-06T21:24:05.438193Z","times_seen":21995,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":13,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/plugins/AiSuite/assets/common/vue.prod.js","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.088Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/plugins/AiSuite/assets/common/vue.prod.js HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 81733\r\ndate: Mon, 06 Apr 2026 18:38:49 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Mon, 17 Nov 2025 09:30:38 GMT\r\netag: \"691aeb3e-2f925\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: -UEYuiKfj8nMxb2ApDTXTgnU_840StgNFLIYoJ1OZ64_XIw9f4gg4g==\r\nage: 97\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":194853,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (28532)","md5":"9b14a30d9be6b89ccb5d9426baa70059","sha1":"e55a9116be9d0907b48698418b9e348d36bd3624","sha256":"97374c2e6815b02920dc02d8cca04507973d9a4d82aa5dafa20d04c2227ac9d2","sha512":"90840f4551f1ceeb2e764fed6a632d0eb39006fcbec40166664f0e7f0241347d8679fddf6e41658f939d0b00e893f1bf4ae97429f320c6dc60af0d87c4ef9dfc","ssdeep":"3072:c0RkBL/7KE2X44lDzvWUgT5Asswj2z+e7/72oIKc01DcUrIH:c0KuE2X44lDjWXT3j7e2KctH","tlshash":"2c1428b93181703217ea14e250bb0016f33a1525780984e8b5bde8df2d7695a61fffbe","first_seen":"2025-06-27T04:20:30.543622Z","last_seen":"2026-04-06T21:20:08.856529Z","times_seen":29521,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/plugins/AiSuite/assets/common/popup.js","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.122Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/plugins/AiSuite/assets/common/popup.js HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 2210\r\ndate: Mon, 06 Apr 2026 18:38:49 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Mon, 17 Nov 2025 09:30:37 GMT\r\netag: \"691aeb3d-1a0d\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: OGTokpY3B1RzSECObzkStA8lOKI1AR6E8_yPfj8dttAHGYEacdPHLg==\r\nage: 98\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":6669,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"026709ed231cf8d920385fed59c17ca6","sha1":"19696886744402cb73a48a41e625b23f5acbb813","sha256":"3438d0b2d18590fa1f7f0c324a5ba9f42b699de78006ed372ad043bdf46a7e1e","sha512":"aa01a6f89fad627df9437b5bcf8c3feeb7bb9719d12f12ad8e00d031f3092d1de299ffa4cd98229ddbfd3c455a21934e0e391e1c06d979cfe65fbc0f08cf99e4","ssdeep":"96:P1spJ1L0gLrdAZLLCWICzj3nMjnjOSdFsCaxud:QTo3ZLLCvQj3nMjnjOSdFsCaxud","tlshash":"c4d12f9931f3213082abb27e6faba0143230a0477108dd197f4d5f900fc573a66e1bea","first_seen":"2025-11-08T04:26:01.83069Z","last_seen":"2026-04-06T21:22:32.131485Z","times_seen":20978,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2025-12-30/00e8ebab02acd10f55a4b88a6fdf1a96.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.688Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2025-12-30/00e8ebab02acd10f55a4b88a6fdf1a96.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 31 Dec 2025 11:20:42 GMT\r\nEtag: \"b71930806cc6aa00074a8bcd23f239c4\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 31 Dec 2025 11:20:42 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 562\r\nContent-Length: 348576\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 15522130892168235371\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":348576,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"b71930806cc6aa00074a8bcd23f239c4","sha1":"cf9b1773f8bae505d6559a9782337ad9ca873bb7","sha256":"a61216c41718ef4e51b1585dd86c8c2dd6c496212f9193078ba6e1d5b41f261c","sha512":"f12687b1d2f5ada2df3da567d4916107e84f8775dd53b0dd32e99478aea989d0791839b2b0192205837506f624d9a3812095d71da8500b5fb6be2a5108f7a2d1","ssdeep":"6144:F5D34jdgXsiDSyt2tY4+8ZXPm4bce71QJHdycjRoc+B2jh+YN3xelrKXAD/:v34j+XsiD9tRT8lbvg+B2F9bkb7","tlshash":"7b7423361a1d43a7d9c74d7a4ac7cb505874a68a88fb6dcd9ce28b356120480276e3ff","first_seen":"2025-07-03T15:27:59.990695Z","last_seen":"2026-04-06T21:31:45.059057Z","times_seen":16530,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2026-04-04/0d68a510e106cbec4f0a5351012398b1.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.824Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-04/0d68a510e106cbec4f0a5351012398b1.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 04 Apr 2026 10:33:56 GMT\r\nEtag: \"e51ef3e3ccaa62a426cd789a66d473ca\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 04 Apr 2026 10:34:01 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Miss from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nContent-Length: 270864\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 18239486668457678870\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":270864,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"DOS executable (COM), start instruction 0xe9ef8714 1779637f","md5":"e51ef3e3ccaa62a426cd789a66d473ca","sha1":"a05cb57a2f8db0aeae557521e780877145edf257","sha256":"96b2b9bd671adb756ad94afdc92b3aa857675576a8e6d7cd0213257b0f709618","sha512":"175474ef55db136c5e02ad56245b84aaaafd812137da51d51341f379f436590a12225824a4bb6fb5f2e7e2b9b2410e883fcbe5fecf24b0f71f5817453ffe9dbb","ssdeep":"6144:pwgF6Tu1KzzpvLsUEtVrJqnhas/I9j3x90sIvDo:pTF6Tu1QNQ3zJqha93f0sIv0","tlshash":"bf4422a5f3aa67f7e9ba722cf2efdd067ea834f0627b67511d06d103418c7884982474","first_seen":"2026-04-04T11:37:17.990311Z","last_seen":"2026-04-06T21:45:49.947395Z","times_seen":6377,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2026-04-02/3f1c316ab2241c11744b0554cb61a4fc.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.827Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-02/3f1c316ab2241c11744b0554cb61a4fc.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 02 Apr 2026 09:44:36 GMT\r\nEtag: \"e0a93b4d3099f39173abca5404c6caec\"\r\nContent-Type: binary/octet-stream\r\nDate: Thu, 02 Apr 2026 09:44:36 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 5\r\nContent-Length: 719840\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 3158960631762479776\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":719840,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"e0a93b4d3099f39173abca5404c6caec","sha1":"7c936ecd6126a2bc9388e50c4178c70fdda83472","sha256":"86901d9a50a6002af6cb245ce36f3ca3dfaf5f8e130d42ff19129d47bfe2099f","sha512":"456f83654d0d6664d28762383f89dc37092f840e087bbedbc8ce93914d50500a47a5272f49541dfd3ec84f4d2aaa7d7f70a2f68ca6b060b796ccf23b79b33178","ssdeep":"12288:D7QiMNGQfbVsAGo6XWe582oxqENwrgyMpJ1vVbv5Ak/wYHGgRJ:QLPxFGo655RoxNOr76J1vVbv5A7M9RJ","tlshash":"b7e433fa675501725bdb2800e1c21eff48ef687848387fd06512bf92b60c4997694fea","first_seen":"2026-04-02T12:47:33.793225Z","last_seen":"2026-04-06T21:37:59.2738Z","times_seen":5186,"resource_available":false,"data":null}},"time_used":69,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":53,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/plugins/AiSuite/assets/common/index-ai.css?v=20251210","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:26.972Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/plugins/AiSuite/assets/common/index-ai.css?v=20251210 HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-length: 3690\r\ndate: Mon, 06 Apr 2026 18:38:49 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Thu, 26 Mar 2026 08:53:44 GMT\r\netag: \"69c4f418-2c41\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: T38Wbu_iCh1JuhjWvaASGlKRQpMzlwAGO_F0-WHv3VgX1npIJWT4xw==\r\nage: 97\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":11329,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"e589c31b3d44df7a1333b54148e77ec9","sha1":"1eb26afcad71481d3a775c26848099f21a0fa89e","sha256":"74cd118c7b61b20948fabd0bb6ea2239b7e1ea5ea055b7008ea45d825624d164","sha512":"92281528b0c09ff5bd60aa456bb918d18079a40ad9c3308294ee7943088e61489a870f163619c1c3188c3620938960699292d4845c365292b78a0e4114b6c05c","ssdeep":"192:8nfAMTN/pMlr7BwFbuA+ZmVckg5plXrcOY:8f9Vbuvm+kgJW","tlshash":"f432a610e25f385b761b80b8badcebc4272c2404bf049fa8b56579b2478e3d514b37e2","first_seen":"2026-03-26T09:29:38.87734Z","last_seen":"2026-04-06T21:31:45.09967Z","times_seen":6147,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2026-02-17/e4a7b096d7a399c48a47b669254203b1.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.485Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-02-17/e4a7b096d7a399c48a47b669254203b1.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 17 Feb 2026 03:54:33 GMT\r\nEtag: \"840f182a845cc5c44c2f8bf7f5513f04\"\r\nContent-Type: binary/octet-stream\r\nDate: Tue, 17 Feb 2026 03:54:34 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 361\r\nContent-Length: 173840\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 11571390143053419966\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":173840,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"840f182a845cc5c44c2f8bf7f5513f04","sha1":"6a0f0ac351844121ceb3d31780c9d8629d092469","sha256":"79193d9887fe6c93ec976f02ab7447c58b92205cda2478432fff3e4ca4ae3dfb","sha512":"c1be9ba4b91116d77196974fe92c4d59fe83b438c633fc153db423e0710c3e4cecc9b457c9d5475fdbff964b2cac6bee0072dc6051cc302ad7cea3548286a61d","ssdeep":"3072:+KHHcQPpcjpnwRDrTQjaHpHZscE7u4HPsqVQMm5SZY0hWfFfAmWeZ39P6xj3Fh:VNG9lEHZscyu4vsUNAmToP6xj1h","tlshash":"690422767a480b657891bd930dfe16031509b5f9b74a8c53f2eeea0b2a25dcd7e20d0c","first_seen":"2026-01-25T11:27:58.583668Z","last_seen":"2026-04-06T21:31:45.096736Z","times_seen":7860,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/upload/xiao/20231026/2023102620184263484.png","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.948Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /upload/xiao/20231026/2023102620184263484.png HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 29 Dec 2023 10:47:00 GMT\r\nEtag: \"946b371c92f41dbca23c565c90e21f03\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 25 Jul 2025 14:05:37 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 76602\r\nContent-Length: 688\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 3768904123704965209\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":688,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"946b371c92f41dbca23c565c90e21f03","sha1":"a6a99ac271f1bc2b2589ffd9811dc10b6079e927","sha256":"9f48835d6b4ad4d6310dfb1b45049caafd7517008223e12b7003cf06080e4ad3","sha512":"af96d4ec2af6ad354f58d1319b35c30d9eab05e2988f5569223cfaed1cb0b06f1893255d459963aeaf89a0f4728b505715f31c1baef587935420edc3eebfd1da","ssdeep":"","tlshash":"f40144f482df411d82a8de89623063e4320e98063761c351f522d9f41d602b7444aff4","first_seen":"2023-11-12T15:49:18Z","last_seen":"2026-04-06T21:31:45.083002Z","times_seen":20819,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":36,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/plugins/AiSuite/assets/common/index-ai.js?v=20260307","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.121Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/plugins/AiSuite/assets/common/index-ai.js?v=20260307 HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 11675\r\ndate: Mon, 06 Apr 2026 18:38:49 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Fri, 13 Mar 2026 08:07:44 GMT\r\netag: \"69b3c5d0-a6f9\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: nDxdmr1WJIMYZ2xTYP9apvgORbi2DTnwrEFwnndOu0ib6BMA0YoAlQ==\r\nage: 98\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":42745,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (306)","md5":"1d48dcf030752fbe3aa418bfd7db3eb4","sha1":"335b8a38794605aeaab4a5a9f40fce253e2740a6","sha256":"ed65e14e569f8d33ae104ca1cb6e57b6ae666e12c002e048d0ef82770cc1497c","sha512":"a944a1db6164e00d95041933bf19126255b4e745371fea9e557ea02e2e2046d952102901f9e8c3db760e3e82522437dd15b788e1cca8a0bafa59623d33625e19","ssdeep":"384:IkSVlcz8cJPkBj/r5pRWSLFwzY18zkJsMNFCoGp5va6Tr6iIVep:MVqz8cJw/r5pRWSZuYRJ/NA7p5Prqep","tlshash":"ec13a50a3aff74118567706a6befa0057630a0177209df087f4d87985fc252996e3bee","first_seen":"2026-03-13T08:37:15.167396Z","last_seen":"2026-04-06T21:31:45.027024Z","times_seen":6959,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/js/7.10.0/index.js?v=1","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:26.985Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/js/7.10.0/index.js?v=1 HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 982\r\ndate: Mon, 06 Apr 2026 18:38:49 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Thu, 27 Nov 2025 04:43:59 GMT\r\netag: \"6927d70f-848\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: OR0DpJkDy36V1pMkzMKCWffEHBFR34i3JYPE6suqxKQTrRyJRFB4qw==\r\nage: 97\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":2120,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"cb2dd3d6af2a6071e0dbf36318294dc9","sha1":"a70950d23dabdc4376bb9114d86a812a174a747f","sha256":"5cebbf2bb3cb87701b4dd9e3c34c0b7555911210fa40093005c06a7b0705348f","sha512":"d721819a7ce31aa954a00baedef7a516d5339200b2f9f1e53656e457bcc33ea756cbdf3a586634824afb40a19c27080c179c2a01e5c7b99680e6d4057997f330","ssdeep":"","tlshash":"0241cf9831f720704b67e4792baba64d71301097112adc14bd4c07959fa8f3c9af67da","first_seen":"2025-11-27T05:35:58.063413Z","last_seen":"2026-04-06T21:31:45.026068Z","times_seen":13727,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/images/icon-close@3x.png","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.044Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/images/icon-close@3x.png HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 541\r\ndate: Mon, 06 Apr 2026 18:38:52 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Tue, 22 Jul 2025 12:20:29 GMT\r\netag: \"687f820d-219\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: H9gWqHCDbgLi8oqTqz0PFHDgUJzA-X4q7ws9nxWE5ypmM_EZ0PmPuA==\r\nage: 94\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":537,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 156 x 153, 4-bit colormap, non-interlaced","md5":"ba62950af5049c3c88ef5fd0ec364fa1","sha1":"a6c5416ed6e9a40f7f637698d217f34b37bee260","sha256":"e0615fada85561a85c67f203cd404d52bc466b55032da71564c42c0f2a21a245","sha512":"0d57ac84b018219151809b99517a90879653a286e49d9f8e990a0d33c6da0cceab55b12290912fa7ec78cd1edf3e9d004fa02b02a3e0eda9b3b9dbc1ce7a20bb","ssdeep":"","tlshash":"96f0209e6e73bc38f18d0c11a1f39280788138506514651f6a01f9e8f5b72d18708a43","first_seen":"2025-07-12T04:18:50.926806Z","last_seen":"2026-04-06T21:31:45.120213Z","times_seen":20875,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/plugins/DPlayer/assets/DPlayer.min.js?v=5","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.070Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/plugins/DPlayer/assets/DPlayer.min.js?v=5 HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 66689\r\ndate: Mon, 06 Apr 2026 18:38:49 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Sat, 01 Nov 2025 03:49:20 GMT\r\netag: \"69058340-4a650\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: zgH1ysKEG6T2MsVsdAZvGkfbLstDhmR-FpJsuv7KpNMdJ6KuriR_qg==\r\nage: 97\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":304720,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"4046f013cf323ea4de2e2518386c3d5a","sha1":"cc1bb7b97ba97a03c92593de7524a22ea87c78b0","sha256":"5c9811be07c774e5465097e43c4945941c501333fe482a90f5286cfb3c88e280","sha512":"b50531b05b763c25361b5fa23e258acf12f1c470bdcf0fd60d1a22451f1f954f55761446344067075cf4bc794177c83dbb9eec21565c2ffcde52bff93acbbae6","ssdeep":"1536:PFri4r9aKySaa3rzg7hSwaKySaa3ref7j3MEwOMEa8vTDadMcBjOsCSwixK1LzV+:HNDyMgjKbixKVhjLIR2INivkJ","tlshash":"4a54b20b364131340262afe8c6db534a36347310e9729729f65ef9de8f9d84c6427b7a","first_seen":"2025-11-01T05:08:56.775869Z","last_seen":"2026-04-06T21:20:08.900689Z","times_seen":30074,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/upload_01/xiao/20260403/2026040318250565846.jpeg","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.341Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /upload_01/xiao/20260403/2026040318250565846.jpeg HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 03 Apr 2026 10:25:32 GMT\r\nEtag: \"fa31f176b725219ed3ab40fe9771e8cb\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 03 Apr 2026 10:25:33 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 113\r\nContent-Length: 189280\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 17881004059975149718\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":189280,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"fa31f176b725219ed3ab40fe9771e8cb","sha1":"912b95745a71e84d27e744c8b3e5418732b10bd1","sha256":"dde188cb998add1a5a74c26edc33a4740e1cca88b650733646164737249bdd12","sha512":"bb2a23e74a0af4dbe3b570b2099be39385a62b98ff6add6f86532d495fa422a5a30e61ecde2d9240e0559faaa5455d51a5a6a44fbd7d112455512b75dd18c55d","ssdeep":"3072:LdSG3k74Mu9he1SbA1urSW96uEZi2Zh7h5F9upAWdBeLwWF24heFdNkNw33Hd:LdSG0Lue18AVW0uoBPXWdcLwx4henNVd","tlshash":"380412e34213cedebbd94ac51cdd599aabc3040f13495eb879e76383d65a628c443c8b","first_seen":"2026-04-03T12:10:17.896457Z","last_seen":"2026-04-06T21:37:59.331265Z","times_seen":5159,"resource_available":false,"data":null}},"time_used":233,"timings":{"blocked":69,"dns":1,"connect":21,"send":0,"wait":26,"receive":62,"ssl":52},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn//upload_01/xiao/20260401/2026040121340354363.jpeg","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.718Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET //upload_01/xiao/20260401/2026040121340354363.jpeg HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 01 Apr 2026 13:34:07 GMT\r\nEtag: \"c60071b4e5b3c1967331ed65a34ec838\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 01 Apr 2026 13:41:59 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 133\r\nContent-Length: 93200\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 16243228157591313613\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":93200,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"c60071b4e5b3c1967331ed65a34ec838","sha1":"8ed8d8123d50526f9d614b7d36296db3eb309aac","sha256":"101ad9389920d03175d6b7ea379436270f1bc7a463bf058ea44b927e984be19d","sha512":"93a23637c4dd0998fafbb1cf19f19247f5ccc4a361dafe5ec8cc0f454b522402dd08ed683fbe58aab8d899dce0d92dda6d7cd8798f23157d7ff1628097ab8b36","ssdeep":"1536:fqLqaRxvWLgwLYgGz33CRC+eGqypKjuVbxH9ujEZCXDWBT1EmHvSc:fq2sxnwcgGznCRETjuVV4jmc+10c","tlshash":"db93127dcdde468dfe1c7f48d560ef02019ba632e67c95a34c7a0c83666dd9648ba80c","first_seen":"2026-04-01T14:30:16.915392Z","last_seen":"2026-04-06T21:37:59.238833Z","times_seen":5203,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn//upload_01/xiao/20260331/2026033114340364980.jpeg","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.750Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET //upload_01/xiao/20260331/2026033114340364980.jpeg HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 31 Mar 2026 06:34:08 GMT\r\nEtag: \"671b59df48e582fc3c0043f4caa3b55e\"\r\nContent-Type: binary/octet-stream\r\nDate: Tue, 31 Mar 2026 06:40:35 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 891\r\nContent-Length: 207312\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 11507959540225369854\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":207312,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"671b59df48e582fc3c0043f4caa3b55e","sha1":"2422d5b204ced6be9980b5586220397f9b7300f7","sha256":"761e71f2f65d2b7a418c0536583caa08226324a6f4fc550ec312066a3f4a5ab3","sha512":"fd1d4f6adb276d0c31ec552b630a35e65a3e9e0ca5446035fa7cdb4414f9c1eba2076eacefbba61591f3cbd03c7453447ccbdcc6c7de089d60910435bc8dca12","ssdeep":"6144:M+bUWKzV04btC4kd4wcBvaLimYvsGr3gFK:M+IWKzV0sc4muWlYECgK","tlshash":"a51423d9b10c4681ea38412f0c4cfc75362f86f6f8771b866a6b38d9564f793a228f51","first_seen":"2026-03-31T11:27:31.365792Z","last_seen":"2026-04-06T21:37:59.257007Z","times_seen":5386,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/upload/xiao/20240424/2024042420561150988.png","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.949Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /upload/xiao/20240424/2024042420561150988.png HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 24 Apr 2024 12:58:09 GMT\r\nEtag: \"e3cd4c01559c4c07d1139d8cf0fd8f87\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 26 Jul 2025 06:26:13 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 17766\r\nContent-Length: 864\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 3922344401995929438\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":864,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"e3cd4c01559c4c07d1139d8cf0fd8f87","sha1":"ed230b75680db09a681f949947a50d0fc73a7f7d","sha256":"4fd50bd19c882486279b1e1ce4ce6bfbf09488740e86f89c87e1435062585b47","sha512":"14f75f1a24dac2aaaeb50ca2fdd3b7097b0c987fe373eddbdd76c99d804ae904b1f29e9f8f6c165752f20f99ecfd140eabf80c6cdd3952543f39e8b6d09f53cb","ssdeep":"","tlshash":"d81196ba04f2d7a15f0c43115fc5c6285aa06b51c22a6ee9ea4254f72b04021804370a","first_seen":"2024-05-03T10:06:21Z","last_seen":"2026-04-06T21:31:45.158938Z","times_seen":20804,"resource_available":false,"data":null}},"time_used":47,"timings":{"blocked":39,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/js/7.10.0/tjtag.1.0.0.js","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.148Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/js/7.10.0/tjtag.1.0.0.js HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 32333\r\ndate: Mon, 06 Apr 2026 18:38:49 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Wed, 24 Dec 2025 06:56:38 GMT\r\netag: \"694b8ea6-eabd\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: VCmE1xwebiR0T9yeWorhr2X52nYm5qu72XvBumrIvFMlIeFlFg9X2w==\r\nage: 98\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":60093,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (60047), with no line terminators","md5":"7f201cf0a95ccf9a7f24e5060d5586dc","sha1":"4c658c6517399855f5aa34d3bf8abacd04f26a9b","sha256":"fca8e92f6c10174eb14ac3df1723dc2b543d812e345f48b8c8617b45a7ece81f","sha512":"767dfb492cb39d6820ebe80154d22992f6f13fac2aa879510d4b3cc8ad320d0377122e8bacc899dc6d0ac421be619ae0b55cdd5765f322038b3a247b7862cc8c","ssdeep":"768:YN2i27QPT3K48N415SVHjv1ziclmTvActHDIJDDFzDBBq8aWI/0qX0qIS+zQDFoa:Y8d4k4HWbUxntjgHLy0ERRm/pB2jJ","tlshash":"3543e7cf23d6b0aa49ab23b3761b31f5c6346c8c704c8658f108fd6af9e869ce155764","first_seen":"2025-12-11T23:03:23.605496Z","last_seen":"2026-04-06T21:20:08.92078Z","times_seen":23044,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2026-04-06/0646ab27f125941e08f2ac57c0a71367.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.456Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-06/0646ab27f125941e08f2ac57c0a71367.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 06 Apr 2026 14:18:28 GMT\r\nEtag: \"e86d4b73962bc638e2b1d325aeb03009\"\r\nContent-Type: binary/octet-stream\r\nServer: nginx\r\nDate: Mon, 06 Apr 2026 14:18:30 GMT\r\nx-amz-server-side-encryption: AES256\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 367\r\nContent-Length: 97376\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 10209746999143069049\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":97376,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"e86d4b73962bc638e2b1d325aeb03009","sha1":"27f20c0cbd6e4723a36616a623ac4e47b83c0d21","sha256":"69c4d4bbc4c5ce9d87a097c7bd7c1db7ca560bbbf98b1183c4e70cd3c647bda2","sha512":"b4be6601c54045230825440677bd2ced85642dffaa63440de03d1873684291482dc37b9db0eca8c100a0944182cd044fd1019f255658bb25d4f8220a39f3ba78","ssdeep":"1536:PmR4Kn+FbSmUCYj4v6CsYJXalL8j2Ny+guzZ1WS9mt7kb6aG/nDqzAlxNwCF8DI1:OR4B4j4v65dlQj2NXguV167o6a/kfWiP","tlshash":"a193129b271200f9ac508528061420fa7d4925ec91cfe1a7366db33e738cba79ae7177","first_seen":"2026-04-06T14:49:13.145363Z","last_seen":"2026-04-06T21:18:25.410173Z","times_seen":228,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2026-03-10/02c4a558efde747af7c9efe32c67bbb3.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.498Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-10/02c4a558efde747af7c9efe32c67bbb3.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 10 Mar 2026 09:24:42 GMT\r\nEtag: \"a9dff727b65970e1a6bd972bb1f35107\"\r\nContent-Type: binary/octet-stream\r\nDate: Tue, 10 Mar 2026 09:24:43 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 606\r\nContent-Length: 494224\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 4393941178466880431\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":494224,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"a9dff727b65970e1a6bd972bb1f35107","sha1":"1e354597d97c2231378995e247f60c555bb4db19","sha256":"909dbd4592ca7e4412a1372b77d380a5f9eb116f01f77050923f9b5880ce4285","sha512":"abf5973a2a882be7c6d965314f21ee410e5273f4391d741f2b66d6b0ba54a4771f19a86c013fe755f71b18032ddc77376b91e9b7c10f5a4289e11dcf4ed8c420","ssdeep":"12288:NC8QHL4w488K2NGlv+oQuLCmKdLzySKv6B8KYC:XwfTKGlvQrdLIChYC","tlshash":"4cb42329052e46d09f9db1749fe1d904431ec4bef95ca0eba450478bff23cbce25662a","first_seen":"2026-03-10T11:07:41.060489Z","last_seen":"2026-04-06T21:25:12.331625Z","times_seen":8504,"resource_available":false,"data":null}},"time_used":81,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":60,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/upload/xiao/20231025/2023102511321748042.png","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.920Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /upload/xiao/20231025/2023102511321748042.png HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 29 Dec 2023 10:48:33 GMT\r\nEtag: \"0a924cade949087f8b6bf7313aa986ef\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 25 Jul 2025 17:35:53 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 63986\r\nContent-Length: 480\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 14140257432644390239\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":480,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"0a924cade949087f8b6bf7313aa986ef","sha1":"056a7262d79428dd375e0804bb442f31d8c8c075","sha256":"bed19286a8429e9bba96a38393b3e23dab3449f3080833745238aab768ea7bdc","sha512":"20f6cd8832039db48068c7176c216dea73aad21c694784c0c5ed352c25f7bbad9907fca1b3c58e43ba73d26ccb7b54218b571b79ca76f03914efda6156855d75","ssdeep":"","tlshash":"0ff054bf501576ec00345ec404a5d026351e90cf6f4dac5f91d0b2c30e1ee643207180","first_seen":"2023-10-25T11:55:10Z","last_seen":"2026-04-06T21:31:45.053225Z","times_seen":20822,"resource_available":false,"data":null}},"time_used":60,"timings":{"blocked":39,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/images/ads-close.png","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:28.371Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/images/ads-close.png HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 3684\r\ndate: Mon, 06 Apr 2026 18:38:53 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Thu, 26 Mar 2026 08:53:44 GMT\r\netag: \"69c4f418-e60\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: BpEBNbjB7hRJ1Cyk8S0-Hq4xXRPq1NaGQj00e4VWn9C9vpiRstJtKg==\r\nage: 95\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":3680,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit colormap, non-interlaced","md5":"bce8f4b10d2dbc022ab99bd81cbbe96d","sha1":"7241af47b82f6a19a2a2ba433ccc1cc5eaba299b","sha256":"86a0628056be4dc9d7da2e94f7378f668ff982214766518e8a802f7a5bf32ca6","sha512":"83aa88f2d13b612767153b2261897d85055a96e25eec5efa91c7f9f7acfcf1491915433f9e1438d5d7495def7467d7a3511db0f50341a2c7dd2a05847cb06329","ssdeep":"","tlshash":"e4717ed9faf95c9697058e662851f0ed7d33b5c0090310ef447120ad6cbb9e446edb92","first_seen":"2026-03-26T09:29:38.920905Z","last_seen":"2026-04-06T21:31:45.061742Z","times_seen":6077,"resource_available":false,"data":null}},"time_used":46,"timings":{"blocked":31,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/css/7.10.0/icon-delete@3x.png","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:28.382Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/icon-delete@3x.png HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htyrz1.zgiwnnh.cc/usr/themes/Mirages/css/7.10.0/search.css?v=2026032602\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 593\r\ndate: Mon, 06 Apr 2026 18:39:23 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Thu, 05 Jun 2025 07:04:02 GMT\r\netag: \"68414162-24d\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: 4Pqq8ge9KtouTfw1EXp-INl0NlzaFLyPMyxMCHruFieNQ8wz_w3xXw==\r\nage: 65\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":589,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 99 x 102, 4-bit colormap, non-interlaced","md5":"186ec31c3c1154addc6ec1fb8ebeaffd","sha1":"0f2e9a7e94ab44760f72705d02718e34697a7c0f","sha256":"9715ded51f20950c770eaec0f8eb8953163ce508df6e080d7a3b31660a21f1e3","sha512":"f441cb908e51513292262abaeaff1ea380a131dabbc5fb124e3a244845c8d6ee7b4ddfa7401c7b0e27ecf2abda4e6f38fbe4735121c421748b1e0bda39139ded","ssdeep":"","tlshash":"c0f0e141a9568ee4821d0c3a3c9bf4c4926f017ea09ce15d803b995954cbf9144d1ec2","first_seen":"2025-10-28T07:13:52.652764Z","last_seen":"2026-04-06T21:31:45.066192Z","times_seen":7707,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":20,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/css/7.10.0/rank-2@3x.png","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:28.389Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/rank-2@3x.png HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htyrz1.zgiwnnh.cc/usr/themes/Mirages/css/7.10.0/search.css?v=2026032602\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 2604\r\ndate: Mon, 06 Apr 2026 18:39:23 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Thu, 05 Jun 2025 07:04:03 GMT\r\netag: \"68414163-a28\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: toaqKEQhpwB7bFMug2sWhz7uMKLh1LU7aSeiq56v95okxrj2eXlTjQ==\r\nage: 65\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":2600,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"3438e5aef62d0d9bebae0eb0b884de9e","sha1":"e1570b5c068b735a7367b83212a0524493913dfb","sha256":"490d481dc60eca11bff657185331c5a6ccc25f201b20bdf36c78ba833853293f","sha512":"104f434d690b6f3bf31d38487050c7d8e6b6a49ce380910313aeaed3dc0935c81898d917f9ba1a078af455a04ec4e0b2083b0acea69b04db762564f973873519","ssdeep":"","tlshash":"12514c68930cfcc6f060bde6017785a02af74e3b31b29acdde48ae206e79f84a4d1100","first_seen":"2025-10-28T07:13:52.634902Z","last_seen":"2026-04-06T21:31:45.047385Z","times_seen":7706,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":13,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ap.dc-report.cc/api/eventTracking/report.json","fqdn":"ap.dc-report.cc","domain":"dc-report.cc","tld":"cc"},"ip":{"addr":"54.254.158.162","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:28.536Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.dc-report.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 07 Dec 2025 00:00:00 GMT","end":"Tue, 05 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"C2:B5:BA:75:40:71:82:8A:0C:30:43:7C:87:CC:C2:C3:63:69:3A:16","sha256":"41:CE:19:28:BB:9F:95:C3:A8:5A:6E:DA:C9:CD:C2:6F:06:2F:9D:37:81:96:91:C2:D9:EF:88:93:F2:EA:18:E8"}}},"request":{"raw":"POST /api/eventTracking/report.json HTTP/1.1\r\nHost: ap.dc-report.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded;charset=utf-8\r\nContent-Length: 531\r\nOrigin: null\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":531,"data":"event=ad_impression\u0026page_key=float_ads\u0026page_name=%E6%B5%AE%E6%A0%87%E5%B9%BF%E5%91%8A\u0026ad_slot_key=float\u0026ad_slot_name=AI%E7%A7%91%E6%8A%80\u0026ad_id=TJ-001_tj_web_346\u0026creative_id=\u0026ad_type=banner\u0026seen=true\u0026channel=\u0026uid=0\u0026event_id=007ec277b0539244d829c26a68049259\u0026app_id=TJ-001\u0026sid=c4c7b5996e6924fb70704e9b01d159f8\u0026client_ts=1775500828\u0026device=PC\u0026device_id=353d69b8aa2211aa0632389b6cbd0b1a\u0026user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026device_brand=\u0026device_model="}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Apr 2026 18:40:29 GMT\r\ncontent-type: application/json\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: null\r\naccess-control-expose-headers: *\r\naccess-control-allow-credentials: true\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T21:11:43.744211Z","times_seen":13437525,"resource_available":true,"data":null}},"time_used":2243,"timings":{"blocked":890,"dns":17,"connect":332,"send":0,"wait":332,"receive":0,"ssl":670},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/plugins/DPlayer/assets/player.js?v=2","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.077Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/plugins/DPlayer/assets/player.js?v=2 HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 3223\r\ndate: Mon, 06 Apr 2026 18:38:49 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Wed, 09 Jul 2025 09:40:46 GMT\r\netag: \"686e391e-26f9\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: W-PBo3v0MtTN-7zVfl3FFEec2fmD13goYowEVYW-7ia6zdtLDwupQg==\r\nage: 97\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":9977,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"83892d8a68ef40d8b590aaffe1a1ea90","sha1":"bcb851f390bcad66b9abf380d853804640f79f19","sha256":"f19af12f8a2524ead69cba2e384d9ef22dcef4135142487205339766c4bf83c1","sha512":"40e845b726eed3d9fcd6ef5814804a74d0c9cb8de0104886e959966789392fb1b2c54959549e7b5dc101127d08a8923887051b752cad60bd3e9c327dc70f9919","ssdeep":"192:46DT0iUiKNEhZJ+Ec1A7bUMjoSxXLHyiZ/9S/ClPM1SptIEu7VfWkhCv:zDT0iUZNEhU4Rn/R3IvYkK","tlshash":"bb2241ddb7f310241163a06d5baf91147234c20b4604ce54bd0faaea9f19daad6f27f8","first_seen":"2025-07-10T19:56:45.015538Z","last_seen":"2026-04-06T21:31:45.178354Z","times_seen":21287,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/css/7.10.0/search@3x.png","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.322Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/search@3x.png HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htyrz1.zgiwnnh.cc/usr/themes/Mirages/css/7.10.0/search.css?v=2026032602\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 634\r\ndate: Mon, 06 Apr 2026 18:39:23 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Thu, 05 Jun 2025 07:04:06 GMT\r\netag: \"68414166-276\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: bDW8mCNZdmyQAzmh_whmIZdgtoR7hXSuMdD2FeAEGJZ-GnYS2KJb0Q==\r\nage: 64\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":630,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 4-bit colormap, non-interlaced","md5":"a4b5282346fb42d90c59fa556c76e8e0","sha1":"0a12261356eef879559d3bc1dae88cf08dc23a1e","sha256":"aa5da5e9cc04a263402c2c75dc6485c929de92186e8efb80ba3c7cd9604bf950","sha512":"c385c6f1f449891870f786d9fc9bf140cb4218633c39b09ce7895b0c8950ae918327a49036b63f793e58dfec8ba308050d2cef338caffc1b6c856eb31893e6ab","ssdeep":"","tlshash":"bdf00251822d7c9bb34b2916c0177762f858d915771113cfcf0aa83c59151d6c2fd209","first_seen":"2025-06-06T19:17:52.685678Z","last_seen":"2026-04-06T21:22:32.060752Z","times_seen":22546,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2026-02-21/a76e335bec89e0c01c0d3653a1fbb4c5.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.803Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-02-21/a76e335bec89e0c01c0d3653a1fbb4c5.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 21 Feb 2026 02:54:00 GMT\r\nEtag: \"9ace894237266836234263dadee3e978\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 21 Feb 2026 02:54:00 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 11\r\nContent-Length: 78752\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 14299688274138221103\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":78752,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"9ace894237266836234263dadee3e978","sha1":"971e09dee8cd5baa50b31b90d71705b1fb727bf0","sha256":"9cb01c1bba7a637ab5d703411bdb18970aa6e108128bfdb76386f5712fe188e7","sha512":"b27df66e82474af589e15c2a03cf098c2995faec4e8d61185ddaf95f1ea7a375e6580cc410146c59726eaa9b04af79abb1f8af2a7047d1a8e15b569c9f4929e1","ssdeep":"1536:BnCP+sSSRsprjAiaSWLo+J1fnqnqFFNszAQ3JhRBx6FkBEJkhYaf2+wE2z:BCetAiPWU+J1fnqyNsUQ3JDBcFq2dauj","tlshash":"d373029d46164246112a76b14134c7dcad377f3b73811a26fea82ef6ff42cc18e96740","first_seen":"2026-02-10T20:52:58.128294Z","last_seen":"2026-04-06T21:31:45.124382Z","times_seen":7647,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2026-02-21/9df837fff5d4e5d944a4e8f15a4eb484.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:28.373Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-02-21/9df837fff5d4e5d944a4e8f15a4eb484.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 21 Feb 2026 02:37:03 GMT\r\nEtag: \"37e55e0a65bd11bf0b09e26e2cc5fc4b\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 21 Feb 2026 02:37:04 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 111\r\nVary: Origin\r\nContent-Length: 194528\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 6705360716657114251\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":194528,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"37e55e0a65bd11bf0b09e26e2cc5fc4b","sha1":"2636825af37b7ff77428ca6166bd2e077b5f2a23","sha256":"fa43e421fa5628ed10ed010ce262f2dfd987aac964f43e92265465a028c350ba","sha512":"81efefc37e25fadaa70b2dcb53d2dc89edacf446743a3f64c6dd303f3f992f7229518cffcf950c2626d6665b4332b84b81e3e8f03cc726e8297fb28065d117ec","ssdeep":"3072:GBcKJN3g9nhsWMnoMHKH5Ix+ATJmNm3d9Jw8EykkUMzFYuk5YBDr7:GieghUnXM5I1NamN3bD5Yuk2BDr7","tlshash":"1b1423b2fde3145369a589716c03edf5992c897fce1043a34a2967048d123fd987ebe8","first_seen":"2026-02-10T20:52:58.052303Z","last_seen":"2026-04-06T21:31:45.173493Z","times_seen":7273,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":29,"dns":0,"connect":0,"send":0,"wait":8,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2026-03-25/18cd9e8ccaacece0cc88b8d977398e35.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.844Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-25/18cd9e8ccaacece0cc88b8d977398e35.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Mar 2026 15:14:27 GMT\r\nEtag: \"56e97081356b4cdbe834471cc492b95b\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Mar 2026 15:14:27 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 37\r\nContent-Length: 584704\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 13255602097204886885\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":584704,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"56e97081356b4cdbe834471cc492b95b","sha1":"d67ce5aa74e2a4251f44c63e447f99c1a3743db7","sha256":"1e4e7d73225028284447bf5f931e11ea3de9b9bb7a0be6ad221c19f330fe23d0","sha512":"59c8e2883b5962c00febe111abb951891b0768ad39ba0bea023b1b10a457900a997446804b57e811ba2679e3a8076bb906f347e1d529a08b9d661134c95f1c2b","ssdeep":"12288:8gBj1UC/hxPVvpJpEM6OZOShDr38rbs2Odol8ycvxiScSs+cZ0Fu:8gZJDvpJiXujdG+AjAcV","tlshash":"b6c4330457e5510b63aa0be1a78bf5c7df2768dcc826d0587caae3bb5149da3cf31460","first_seen":"2025-06-14T15:15:15.321259Z","last_seen":"2026-04-06T21:22:32.174753Z","times_seen":21301,"resource_available":false,"data":null}},"time_used":70,"timings":{"blocked":26,"dns":0,"connect":0,"send":0,"wait":32,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/upload/xiao/20240424/2024042420520686675.png","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.920Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /upload/xiao/20240424/2024042420520686675.png HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 24 Apr 2024 12:58:10 GMT\r\nEtag: \"c1c5802148acbf0d397636c2438864a3\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 25 Jul 2025 03:13:29 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Miss from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nContent-Length: 416\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 9285298227305679944\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":416,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"c1c5802148acbf0d397636c2438864a3","sha1":"207c403c808c2d35a96f91fc9c4ec3b4275e3ff2","sha256":"1d5f247c4e6ab24d88ad84444e958260cbcb8e401dae9ad61a6d5eda33fa7920","sha512":"cbcf189a7cd26d50b9b76ca36f8fdd5446ef21dc8c726850fa07fa99645df94ad28ecffb3194932e64747621b27c26cb39ab5655fd4b56e2fdd0ac4268255954","ssdeep":"","tlshash":"5be023187631010b65120d2c95700770c673c057577958991102d20de1c972542f9dc7","first_seen":"2024-05-03T10:06:21Z","last_seen":"2026-04-06T21:31:45.16732Z","times_seen":20805,"resource_available":false,"data":null}},"time_used":46,"timings":{"blocked":37,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/plugins/AiSuite/assets/common/vant.min.js","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.089Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/plugins/AiSuite/assets/common/vant.min.js HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 89193\r\ndate: Mon, 06 Apr 2026 18:38:49 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Mon, 17 Nov 2025 09:30:37 GMT\r\netag: \"691aeb3d-3b3ee\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: 8mRSPJb6hp2TwpQFVFR4UtSyES6yC0_zuBsVhJ2eFMJN6YfX-sqleA==\r\nage: 97\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":242670,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (36859)","md5":"48c71ec4ea36fdd75033bbb278a861f3","sha1":"b47d16bde5c94e468ef249bd2126b846a39afe73","sha256":"0b18e273bc785dd0e5cc43218ee879bce10461fdf3b1274a1f2c8962aaecb49a","sha512":"bd3e587cf0fa0c2d777e1918b2067a2a2cce648996ea7e490098d609b20bacec6c2fb6dbe682ac1e212eafe2c1e33364a8cde40439ab6d24638b9b23b69489a1","ssdeep":"6144:XEB3BhYNbHp+fvbtgMAgMgQ8dOq11tUxLEm+Om0RbU:XEBIHpevogQ8dOw1sEam0R4","tlshash":"d23439a0f685f42547b790e6507a0610e1290b48f009d1e0f57ded8e2aede94b6bef7c","first_seen":"2024-08-02T14:48:31Z","last_seen":"2026-04-06T21:20:08.859871Z","times_seen":29530,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn//upload_01/xiao/20260406/2026040614123769742.jpeg","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.491Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET //upload_01/xiao/20260406/2026040614123769742.jpeg HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 06 Apr 2026 06:12:42 GMT\r\nEtag: \"2280152993ad1bc18e5497c8f0f7e626\"\r\nContent-Type: binary/octet-stream\r\nDate: Mon, 06 Apr 2026 06:15:49 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 417\r\nContent-Length: 232416\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 5330204804388747794\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":232416,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"2280152993ad1bc18e5497c8f0f7e626","sha1":"229f931f1e99a043ff9fca1aca04ebc52fc0ef99","sha256":"294db108d6425b75973bf17eaa9d378cc612e36fee6633ca15d450b2a117943c","sha512":"8d0d1dfbd447fc4ba80e3b032557aff43b21f6f9740e11f869ecedac4c6b4bc4fe1526ff84cbf2de704bc0855b28167d21d269cac9ab4b2aa56983aeac1faa40","ssdeep":"6144:Ra3z8CJEEFICnI7geGI5mjz0i/QS8Lv/5LjH:aYCJGL7go56Yi4S8V","tlshash":"c634233d8ab8b53c84ed771ada7205cc2bcb09b81e15e2b48c0ad9884f4fe3d58255d6","first_seen":"2026-04-06T09:25:00.71804Z","last_seen":"2026-04-06T21:53:25.662953Z","times_seen":598,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn//upload_01/xiao/20260329/2026032914154087683.jpeg","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.574Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET //upload_01/xiao/20260329/2026032914154087683.jpeg HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 04 Apr 2026 22:48:11 GMT\r\nEtag: \"c6c864af2119dd0e651495a3478e845b\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 04 Apr 2026 23:34:51 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Miss from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nContent-Length: 218544\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 8262221618766303104\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":218544,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"c6c864af2119dd0e651495a3478e845b","sha1":"ae47135b2358c19d2741978001f2ff48667bb2ff","sha256":"a5e00d7f59cb0a3e9ba3c8e045787c19493b0016ff2a9212f3b55aa657d2688f","sha512":"e89137e8c6f036c3c953386c022d8bbf0546e7504eb67a53a924892549b43addd23bc626cd1c74c0dcb24d8e3e18c9431fe10a6172deea3c5fe896494bc10653","ssdeep":"3072:yIOguAdXjeBhbMdmSFHjoXvCC5czkPuKWCikEsFh2jMWV2HEaQFIXxO7so6lKI/t:yIOgjvMSFHjoXv75TuNbjwEa6+yEKwl","tlshash":"372412c0099cd0e4ab71c20534378ff7ee8f7cd516994951eb83a6a8ed97068fe460e9","first_seen":"2026-03-29T07:50:18.482011Z","last_seen":"2026-04-06T21:34:44.088304Z","times_seen":5531,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2026-02-12/4cd566d50e3354a812872a0434c6a741.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.821Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-02-12/4cd566d50e3354a812872a0434c6a741.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 12 Feb 2026 10:13:51 GMT\r\nEtag: \"3ab7598ef66ec3c2cf815ce86b690084\"\r\nContent-Type: binary/octet-stream\r\nDate: Thu, 12 Feb 2026 10:13:52 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 17\r\nContent-Length: 297232\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 10368763316088283778\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":297232,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"3ab7598ef66ec3c2cf815ce86b690084","sha1":"446f6063d022a94c89b19676546459e9491d8de4","sha256":"2954fa330d77e7267b1abef99ba5952092248404b8c806ab7cc94a15033b19de","sha512":"0c6281c65861ae2d85bedae7872578e66a14d51e186a35b0a5bcd41ca30b65c417436e97ae20499530420cd4d914e0a8876fac15437548c10a386f47d6799796","ssdeep":"6144:ujE0zawww0ySPrBpI7o6jXZrsXnw50abMFPzxkhv9MlzNNWo/Woh2y:PQxwwqDTI7oWZAnggFePMuy2y","tlshash":"8b5423e08fd1dc63b81c3a5067b582a49716e1e049d5985f0103256fee2adabc77f837","first_seen":"2026-02-12T15:47:36.210575Z","last_seen":"2026-04-06T21:31:45.156762Z","times_seen":7669,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/upload/xiao/20240424/2024042420520546340.png","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.912Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /upload/xiao/20240424/2024042420520546340.png HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 24 Apr 2024 12:58:09 GMT\r\nEtag: \"27ae198fca34876f072bb644aa9242c4\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 26 Jul 2025 09:17:38 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 7481\r\nContent-Length: 272\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 12397661768170204509\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":272,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"27ae198fca34876f072bb644aa9242c4","sha1":"be8da11fbe724e2910ff65d54bba67bdbf86fb05","sha256":"26e9ae75be4e86f7ecccc70c05f9d1742f2a7520fed7dd1258a94284c08101c0","sha512":"977e72a9845b87082d55e6a7e55dbdd5dc004cdde4ad3ad0c3f63b627c550958ff86add8f5aee020dc08f188ce747d9c7d909ed01669bb19577eeff9e8c6b6b9","ssdeep":"","tlshash":"b7d02b1545220b922f9aa72e4bb154644f63c292405f4a765184e61a1de2454b100d57","first_seen":"2024-05-03T10:06:21Z","last_seen":"2026-04-06T21:22:32.037891Z","times_seen":21762,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":24,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/upload/xiao/20240424/2024042420520535158.png","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.915Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /upload/xiao/20240424/2024042420520535158.png HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 24 Apr 2024 12:58:09 GMT\r\nEtag: \"6e220a8ec043e7945835b16c327d6346\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 25 Jul 2025 17:40:59 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 63680\r\nContent-Length: 544\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 6113140230874879701\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":544,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"6e220a8ec043e7945835b16c327d6346","sha1":"c8481ea75ba92c081353928d121f7b8cc98cb382","sha256":"be2dde197704a4ecdf8ce80a296fee2e32b9a50125d3da59c7ddd324145dfde7","sha512":"9facd03c5abdfed6145fa35a475684e69768951cef50c530c7897f23ec332ec80ae338f9eadab69ff4efe542c30225646c8e29e6b8c8112838f7a3cfd877317f","ssdeep":"","tlshash":"6af02613537e004e2e1b198a6fad3107458164ef416a432d7bc21716695e7277465528","first_seen":"2024-05-03T10:06:21Z","last_seen":"2026-04-06T21:31:45.171743Z","times_seen":20815,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":37,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn//upload_01/xiao/20260402/2026040219421164050.jpeg","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.369Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET //upload_01/xiao/20260402/2026040219421164050.jpeg HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 02 Apr 2026 11:42:16 GMT\r\nEtag: \"5776d27beebbd22c86a2296c9dc5f7a1\"\r\nContent-Type: binary/octet-stream\r\nDate: Thu, 02 Apr 2026 13:10:43 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 2299\r\nContent-Length: 103184\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 17990316660810765987\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":103184,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"5776d27beebbd22c86a2296c9dc5f7a1","sha1":"07b79f0b362cebbf741a0321c6f451a3f444bdd8","sha256":"cfa3165d14e40de69acc40d35d3a5ec72675f7c0035277060f49838369b708fb","sha512":"8b85a386490e5a11e67b5c51ede955935878d407d71be342c6ae560f1a9676d43e4fdfb63556c30e2061912babbb6217a7ff4a8ed7ea23fb91aa294215e71210","ssdeep":"1536:X79m/0fbB1PDM2VEbCwGcMzrm9C0sbMmy+Oot+RMHoM67m/GEsVLvjOfSo91Z8bE:L9a0zDMXb9GcArmQ06hRt+2IPi+O/Z8w","tlshash":"80a302bd7dadac04d8401dd5384eaca995043ca6e141f0ebaafdb337ae826f1b464135","first_seen":"2026-04-02T14:37:00.714076Z","last_seen":"2026-04-06T21:37:59.250636Z","times_seen":5168,"resource_available":false,"data":null}},"time_used":183,"timings":{"blocked":54,"dns":4,"connect":21,"send":0,"wait":24,"receive":33,"ssl":44},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2025-12-30/3f5cfd080e6f5b5b97616a059e62a7f6.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.397Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2025-12-30/3f5cfd080e6f5b5b97616a059e62a7f6.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 30 Dec 2025 09:10:25 GMT\r\nEtag: \"a521e98b19ddf92b4dca176d6bb7ae78\"\r\nContent-Type: binary/octet-stream\r\nDate: Tue, 30 Dec 2025 09:10:36 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 342\r\nContent-Length: 298960\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 18441348198943331031\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":298960,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"a521e98b19ddf92b4dca176d6bb7ae78","sha1":"bad2b03569cf864950a3544b11f5a9dc1d4b395a","sha256":"b9f4f73ca65685decadc35725a3e297ededc0f114c858a73d0fcd2990be4700b","sha512":"fc64ec06426c18396cb30f73f9bb8ef9435eae8b77b41aee8dab7c588963b216e206532813acfa3c24a54c30f9193bd989d7a32e553e5006bddf09c6264bb305","ssdeep":"6144:r/Iq9qPpIBk5zvo4mUStrt2SsmmV62DCQT2Y5dtwO1lKbT/:jIMqPaBmUzUSt862DYAHK/","tlshash":"a454227a92deec39d0828eb4692975e2c1c853567cb88bf1d71034f295f50e8e9c9b43","first_seen":"2025-01-04T04:40:02.787084Z","last_seen":"2026-04-06T21:31:45.074289Z","times_seen":11998,"resource_available":false,"data":null}},"time_used":140,"timings":{"blocked":27,"dns":2,"connect":15,"send":0,"wait":20,"receive":41,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/upload/xiao/20240424/2024042420561219898.png","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.939Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /upload/xiao/20240424/2024042420561219898.png HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 24 Apr 2024 12:58:09 GMT\r\nEtag: \"b6f6d478d3e25a828f113463607a175c\"\r\nContent-Type: binary/octet-stream\r\nDate: Mon, 08 Dec 2025 05:21:03 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 4675\r\nContent-Length: 992\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 14599106178076561870\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":992,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"b6f6d478d3e25a828f113463607a175c","sha1":"86b2ce61c15e61abb950f6903c6f23882c23dd7e","sha256":"dbe1684d86e552a2b97e3d2e1fc7a537fa0ef75da7b68fd10bb93a7f9a2d8ac1","sha512":"d5d3f7797e0f6a51d268768a0827a4ee8e404090469c70aabfb2e58ab02e34346daa77903d86c8a1d95af38b352a4899f3e4521add5fba9b2c099b9fe36d0a20","ssdeep":"","tlshash":"2511c84bdc791af9773d9bd10c816e880051858bf55f09092cb5633d988616ac867827","first_seen":"2024-05-03T10:06:21Z","last_seen":"2026-04-06T21:31:45.103974Z","times_seen":20802,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":37,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2025-12-30/e8e1e023702cb2535fcc5b8dfc237932.png","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:28.373Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2025-12-30/e8e1e023702cb2535fcc5b8dfc237932.png HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 27 Jan 2026 14:12:51 GMT\r\nEtag: \"60af2c4d8abb6b3edfa7e5b3f0af2c90\"\r\nContent-Type: binary/octet-stream\r\nDate: Tue, 27 Jan 2026 14:12:52 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 216\r\nContent-Length: 139488\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 12172408967216297732\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":139488,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"60af2c4d8abb6b3edfa7e5b3f0af2c90","sha1":"ff01cec91d7ac12be695637f7f9bc1db1846b442","sha256":"33761d1d55e6319804742b0337b23716cfc9bdc57df7664750b11eb6b3b37976","sha512":"88283c6844b67a8bb6f85a933ba88699699caf084097ddd6fd536453892c7cd52f2e244807958a5fa597ddc43c4935cd286347d82fb65f446e8a3ca13df8060d","ssdeep":"3072:VW6g7V1QSflcmvjLY6EyrQatdxQbGxMLCBYIFDvdQpg/YR+rMToePvs:3gXl+CjLbrA5LCBYIFDvF/0+rMTrvs","tlshash":"76d312e10a29afb280c7534bb8925459dc02daf4c66fc66d0d923b1be67e73360945f3","first_seen":"2025-11-17T11:08:20.239469Z","last_seen":"2026-04-06T21:22:32.095351Z","times_seen":16080,"resource_available":false,"data":null}},"time_used":47,"timings":{"blocked":28,"dns":0,"connect":0,"send":0,"wait":9,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/images/icon-black.png","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.022Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/images/icon-black.png HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 243\r\ndate: Mon, 06 Apr 2026 18:38:51 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Tue, 22 Jul 2025 12:20:29 GMT\r\netag: \"687f820d-ef\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: xQVJrkTGJjrNwENIn99vuhTl2A3ubtv57G_-BxXcc51gCks6oX3s0w==\r\nage: 95\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":239,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 96, 4-bit colormap, non-interlaced","md5":"2b892c414e0a5db08d3f844bcf77536b","sha1":"ac2af64f80e53c7c19535e472458b4cb575ec5bb","sha256":"9b7c59b938d8eb51e01482d5701c27dbb41239e79ddc8445897d23484248f6fe","sha512":"e4125037093ebc4b9bfd69b1e7eae92bd24ed647522f3fc67f2a11499eb6af27ca73e3a4d409807bd7499d7999440d89d7a89f97af2b07f344ef155d02c90dda","ssdeep":"","tlshash":"40d0a7f2c6646c749aaad05603a960f0bc3771771034a15ebb1e40662a3e36a9395a47","first_seen":"2025-07-12T04:18:50.961651Z","last_seen":"2026-04-06T21:22:12.518416Z","times_seen":22752,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/plugins/AiSuite/assets/js/qrcode.min.js","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.123Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/plugins/AiSuite/assets/js/qrcode.min.js HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 8132\r\ndate: Mon, 06 Apr 2026 18:38:49 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Thu, 26 Mar 2026 08:53:44 GMT\r\netag: \"69c4f418-4dd7\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: xMFTcy2IfM4XNWHtn38LVO5FDztj8QBxluf8tXSfabXq25AuxxA9zA==\r\nage: 98\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":19927,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (19927), with no line terminators","md5":"517b55d3688ce9ef1085a3d9632bcb97","sha1":"2d06c1f823f34c19981c6ae0b0eb0f5861c5e14b","sha256":"c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36","sha512":"08d80845e706a3b9e985b799d3849cd7791ad3ba5aa9d793bb4591d4833890d7299810144874905f416c94d8530da74be0ee520066a91ade05a1da8bf0ccb498","ssdeep":"384:WRQ2kvcAAdTRhQLThP2yO9/9G84U5xOiKQYHHHsglDep9m1yfB8dKLMyA+LyUyy9:xThP2V/9N4U/gQYPXa8CAPLyrZ","tlshash":"8c92c7e4f36542f6915e6cd4283f104b64a0a4636c1490acbfb5c1e6a9f8fe0647af74","first_seen":"2023-03-07T01:14:56Z","last_seen":"2026-04-06T21:15:26.336974Z","times_seen":53673,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2025-12-30/86b16c3ee0e7d34c8b5b10ccef8d5eee.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.829Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2025-12-30/86b16c3ee0e7d34c8b5b10ccef8d5eee.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 31 Dec 2025 11:30:40 GMT\r\nEtag: \"a7765d45a33330edfbbf67ba0e66f2c7\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 31 Dec 2025 11:30:45 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 72\r\nContent-Length: 308368\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 15074990679960045583\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":308368,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"a7765d45a33330edfbbf67ba0e66f2c7","sha1":"d12b6a6e34647358ee13355d93174e48a248e1fe","sha256":"9342ddbd6a4e054b0f4450b07577687faa96398e215c46dc51cd1f408e5a113e","sha512":"fc2bd4ac433b9391673b62cdd1a00b8270e9a3824bf4e36348437a6b42eff27c2dfe5339b31ff88444459d33b7e7c86a32bb96a6eddb90a4f01a26290cd80a54","ssdeep":"6144:Jbk1A4+QKHSLfYM33iW5VDfYjeYwAw0K5dMwoY/Xpc4uLf9qo56gFk:Jw74HSEMnPDQs0K5djN/XpNuLVqoQgG","tlshash":"b26423db231e41d3394f0f86850bdcdab9779bba190310b2ec575e59b56da3a2880e42","first_seen":"2025-08-14T12:52:38.397864Z","last_seen":"2026-04-06T21:31:45.098773Z","times_seen":12394,"resource_available":false,"data":null}},"time_used":66,"timings":{"blocked":17,"dns":0,"connect":0,"send":0,"wait":42,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/upload/xiao/20231025/2023102511321611484.png","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.910Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /upload/xiao/20231025/2023102511321611484.png HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 29 Dec 2023 10:52:07 GMT\r\nEtag: \"2001f683716e4fbeb353c7d40bbd0362\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 25 Jul 2025 13:35:27 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 78412\r\nContent-Length: 288\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 16116895025433876549\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":288,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"2001f683716e4fbeb353c7d40bbd0362","sha1":"b588560d562a1656ae06afbada1823bfbf830e0e","sha256":"89924fc3c9399587455720b36af65bc7f559379841de342e235bc47f5fdc4564","sha512":"afc4730cb39fa235e118d92e632a53814f38b2021896f9e990dae0f6a94a6130a57a4647c6cd2e9eca6694f284bff4d1fefa6fcf83222956f449720d1bd9e948","ssdeep":"","tlshash":"d0d0eb0022300cba1b1666b0ccc08068c66100d8b10749368b7ecb0fca3a35adee55ec","first_seen":"2023-10-25T11:55:10Z","last_seen":"2026-04-06T21:22:32.056889Z","times_seen":21804,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":15,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/images/zw.png","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.078Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/images/zw.png HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 5432\r\ndate: Mon, 06 Apr 2026 18:38:39 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Thu, 25 Apr 2024 03:27:03 GMT\r\netag: \"6629cd87-1534\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: gZheYByAAnA7-CY5sdKmdGeoMwkrjqul4GvSc-EDD_q3n3Cb0-97Dw==\r\nage: 107\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5428,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 92 x 92, 8-bit/color RGBA, non-interlaced","md5":"f12fd774a936ea90093610c2419d6234","sha1":"4ad7307135cb8a71aa8c258920395319768d6062","sha256":"eeeb303c911ee99adc975c3e99594e3b12934cdbfe47383dc6412b938d81547f","sha512":"0ab7f4bed1f3a668146e76114ed56022bb381348e31b363d9d8b75213c3604675cdfb39df0fe9910f086d7b319bd9a1168bd37339cb36c5da51e84285a7ed22d","ssdeep":"96:+JllcHitlIxv9vk7C1+I4wWHLihk/xZScy9azEG+TViv/nxy2dLihgYH1reDNDQy:nIIHUCD4wa3ScOyNCivZHLiiYHADNcAF","tlshash":"d7b18eca04c55056500e067d37bf9d931b7bd18042d86e1cdeab425e8324ed16fa6fab","first_seen":"2024-05-03T10:06:20Z","last_seen":"2026-04-06T21:31:45.06709Z","times_seen":21065,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2026-04-06/d0408b88daa2ed75caafe672397c5269.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.809Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-06/d0408b88daa2ed75caafe672397c5269.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 06 Apr 2026 14:33:56 GMT\r\nEtag: \"277a42429fa8bdffb69d438238b82e75\"\r\nContent-Type: binary/octet-stream\r\nDate: Mon, 06 Apr 2026 14:33:58 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 81\r\nContent-Length: 187536\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 7502422803677182975\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":187536,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"277a42429fa8bdffb69d438238b82e75","sha1":"d6f84ad6486b3521cb955e1fc903096dcbc29781","sha256":"1a8383eb6f06049e99ba7fc158048c6fcc6fda17940082960856bc36bdf56c45","sha512":"3d5789f92f2c75885795cec30cd49511a1f4e1f1ec2beeada808e3aec9212dc95d5fce2ae0304327a8724168f583e153de8176fa8daccdac54564076a1931d0b","ssdeep":"3072:pkEBvKE0c3wsNOP/aBhtxZwXpldJuKAt+1FuXPtmONyiVucMHr2ResL:pkE4E0b30ZwXLLuK71FQV512mN","tlshash":"d904231baaa036a1e8b72725e75701bd854257c966e4fc13eb7318ed38cb810135bf27","first_seen":"2026-04-06T14:49:13.169543Z","last_seen":"2026-04-06T21:18:25.354575Z","times_seen":228,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2026-04-01/3fe7cbf54b558455ba3f6cceb89edb3e.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.823Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-01/3fe7cbf54b558455ba3f6cceb89edb3e.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 01 Apr 2026 10:44:33 GMT\r\nEtag: \"61b5d004bb8e2a9c005aa7180a66a8ed\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 01 Apr 2026 10:44:33 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P1\r\nAlt-Svc: h3=\":443\"; ma=86400\r\nAge: 1\r\nContent-Length: 150544\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 2465475252369942467\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":150544,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"61b5d004bb8e2a9c005aa7180a66a8ed","sha1":"611e02b138efebc908cf88097ec1628a9dd5fc85","sha256":"dd9d4a44a5baee8d26ab61ffbda1b70148fcf307b30fb6b6ecfcd512c102ad47","sha512":"c9fbee0b4a6c0861b4b595756469f2fb1f2d34cb26c431c59eb6438dc1f9bd3374ae0b64650e02a2dd5d64afd63a5041d6e12e425d6329ca8fedcf0fda1c6f4a","ssdeep":"3072:Cu4OHV4Qx6B8iM7fQLGUf+mIBWNAyqWD24IA1lJtFLE1T3mVRv:GOM/M7fQtftI0N/vVIilBpF","tlshash":"27e31328cf1b4d9126b7ef8ec08d1d009436e9c28b3f2dec25566756d1094b9f4cae6d","first_seen":"2026-04-01T11:04:29.203387Z","last_seen":"2026-04-06T21:37:59.290653Z","times_seen":6513,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/css/7.10.0/hot.png","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:28.388Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/hot.png HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htyrz1.zgiwnnh.cc/usr/themes/Mirages/css/7.10.0/search.css?v=2026032602\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 951\r\ndate: Mon, 06 Apr 2026 18:39:23 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Fri, 21 Nov 2025 03:34:40 GMT\r\netag: \"691fddd0-3b3\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: fdIVkl0SsJLbEiUjSFrbLQR5UNc3KNLgsZ14IgRizsx2JjM9mX_lxQ==\r\nage: 65\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":947,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 42 x 42, 8-bit colormap, non-interlaced","md5":"60606d4e0f59fbdfbb8f5aa250984060","sha1":"6e1c590ce130c507335ec0c0dcea49778f73ad74","sha256":"9f7d99be622dd7e4cb5faa8518e99b4d0f3b7ed67c5407b0496532135707951f","sha512":"5679fa0685c1ee0e400c4647ef1ede417c69a3123a2c252255d4f7d1baed7189080874131ad2585ff6f5ad4a792e2083fb5b3036ba52b44cc95b5a2799ab4781","ssdeep":"","tlshash":"2b11c464bdea5db14e841e22436af245ac35b6ecd3332548da8f1040299f02abd817ae","first_seen":"2026-03-13T08:37:15.113735Z","last_seen":"2026-04-06T21:31:45.05814Z","times_seen":6939,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":14,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.no/ads/ga-audiences?v=1\u0026t=sr\u0026slf_rd=1\u0026_r=4\u0026tid=G-P6HKH41365\u0026cid=604148270.1775500829\u0026gtm=45je6420h1v867709946za200zd867709946\u0026aip=1\u0026dma=1\u0026dma_cps=a\u0026gcd=13l3lPl2l1l1\u0026npa=1\u0026frm=0\u0026tag_exp=0~115938466~115938469~116991817~117266400\u0026z=2008586169","fqdn":"www.google.no","domain":"google.no","tld":"no"},"ip":{"addr":"142.251.143.131","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:28.874Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.no","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:41:25 GMT","end":"Mon, 08 Jun 2026 08:41:24 GMT"},"fingerprint":{"sha1":"E3:6F:C0:F7:D9:94:4C:27:0A:F5:2F:29:DD:2D:9D:A9:0F:C7:6F:22","sha256":"ED:53:E8:19:2D:1C:8F:83:2A:25:A2:3B:05:40:E3:50:83:6B:D6:72:6A:E6:39:36:DD:9D:98:C0:CC:39:0B:04"}}},"request":{"raw":"GET /ads/ga-audiences?v=1\u0026t=sr\u0026slf_rd=1\u0026_r=4\u0026tid=G-P6HKH41365\u0026cid=604148270.1775500829\u0026gtm=45je6420h1v867709946za200zd867709946\u0026aip=1\u0026dma=1\u0026dma_cps=a\u0026gcd=13l3lPl2l1l1\u0026npa=1\u0026frm=0\u0026tag_exp=0~115938466~115938469~116991817~117266400\u0026z=2008586169 HTTP/1.1\r\nHost: www.google.no\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\np3p: policyref=\"https://www.googleadservices.com/pagead/p3p.xml\", CP=\"NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC\"\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ndate: Mon, 06 Apr 2026 18:40:29 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-type: image/gif\r\nx-content-type-options: nosniff\r\nserver: cafe\r\ncontent-length: 42\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":42,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"d89746888da2d9510b64a9f031eaecd5","sha1":"d5fceb6532643d0d84ffe09c40c481ecdf59e15a","sha256":"ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629","sha512":"d5da26b5d496edb0221df1a4057a8b0285d15592a8f8dc7016a294df37ed335f3fde6a2252962e0df38b62847f8b771463a0124ef3f84299f262ed9d9d3cee4c","ssdeep":"","tlshash":"c4900023fa808000c3a8c2300a0b238a2b8c80200a28030b80ae208cec3a3a22c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-06T21:11:41.174136Z","times_seen":774688,"resource_available":true,"data":null}},"time_used":323,"timings":{"blocked":135,"dns":0,"connect":24,"send":0,"wait":35,"receive":1,"ssl":120},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/plugins/DPlayer/assets/DPlayer.min.css?v=1","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:26.945Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/plugins/DPlayer/assets/DPlayer.min.css?v=1 HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-length: 7242\r\ndate: Mon, 06 Apr 2026 18:38:49 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Tue, 19 Dec 2023 06:51:05 GMT\r\netag: \"65813d59-b0c3\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: cbV-iUZ7RiGr_Qy-ieIgTI4CV_RbgIg5jN-NPZR5Efgf3ESwyOiFYA==\r\nage: 97\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":45251,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (36675)","md5":"ff7847191034537246a2df423495711c","sha1":"2d2979c608fcc9bf6da72c0b33b3a3f065e22db1","sha256":"59633b01804bc787c7d0bd6ada99332b3724cc6d712c7d7832f12f693ec0c61c","sha512":"b6dc149a7b2cb6f0211a1557865c7871404f4f607ed9d282b2da7dabe6cc38b76619356729db097eeec21d7d6eac9c0e9fcc3d7b77135aeedafa8400aa7e00da","ssdeep":"768:7FK8KSkZqtIfw3YH4ZqtIfw3YHvHYr/hizxdUDr5+0ysGif0y9f:9HYr/hizxdUDr5+9soyf","tlshash":"e413bb1618a5329891225b91cbc8676c6738d312e9224f8ff31b780ecf8e69d215ff57","first_seen":"2024-01-03T10:49:02Z","last_seen":"2026-04-06T21:31:45.136958Z","times_seen":21707,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/static/jquery/2.2.4/jquery.min.js","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:26.980Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/static/jquery/2.2.4/jquery.min.js HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 34713\r\ndate: Mon, 06 Apr 2026 18:38:49 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Fri, 14 Jul 2023 10:04:07 GMT\r\netag: \"64b11d97-14e4a\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: 6lTx-INgApUsuQ10z5fgtjfabULc0dPGX9dFYmNyY7CiGh_DergXqw==\r\nage: 97\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":85578,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32065)","md5":"2f6b11a7e914718e0290410e85366fe9","sha1":"69bb69e25ca7d5ef0935317584e6153f3fd9a88c","sha256":"05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e","sha512":"0d40bccaa59fedecf7243d63b33c42592541d0330fefc78ec81a4c6b9689922d5b211011ca4be23ae22621cce4c658f52a1552c92d7ac3615241eb640f8514db","ssdeep":"1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2","tlshash":"1e83c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-06T21:15:26.373697Z","times_seen":268204,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/images/tg.png","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.025Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/images/tg.png HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 664\r\ndate: Mon, 06 Apr 2026 18:38:51 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Thu, 26 Mar 2026 08:53:48 GMT\r\netag: \"69c4f41c-294\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: EynpLp9CHgfhQ0Gyl6Vm1cAwvRC9xY6KukPZ3MvSO6KMnr3lQ_0LhA==\r\nage: 95\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":660,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 84 x 84, 4-bit colormap, non-interlaced","md5":"acb2287624a689367fa72a2200928580","sha1":"a5e082d439cb717c0b6f2c48055489ea2492da6c","sha256":"8864aa112a229bbc9f5803af7384b8710b1fe9c057aedf0cc7842b80809ce232","sha512":"e5456ff71b64d0dcc032b5f58b6dc2b8fd77698f746bb541505d0b594c8c1e8e56a1a90fa0deae8ea839e23abd98da6548132f7c1331de969126f667a7702fba","ssdeep":"","tlshash":"400123df74a7ca26a19599ce54b616d87828b34db1c054289d01ed2ccd14170056e763","first_seen":"2026-03-26T09:29:38.981381Z","last_seen":"2026-04-06T21:31:45.168253Z","times_seen":6144,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/plugins/AiSuite/assets/images/avatar.png","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.027Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/plugins/AiSuite/assets/images/avatar.png HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 315\r\ndate: Mon, 06 Apr 2026 18:38:51 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Mon, 17 Nov 2025 09:30:37 GMT\r\netag: \"691aeb3d-137\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: j7XVXjq-F3cFkQ2oh5PZ3q-JrvuZqhT4rh7skN-nwCS2bvDcEUOkUg==\r\nage: 95\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":311,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 18 x 20, 8-bit colormap, non-interlaced","md5":"30c01d82427d0b622f89b4696cfa8fe1","sha1":"f0316536a6c8f645a3a4bbb4dd0473e3c8853a4f","sha256":"7ceba85b04db09cfa45db7b953297889da29ea113dcc0d037eafb86203b200ee","sha512":"e9cefe20bff8e7812e2b6eb2dfeee8a71950e5fe3859a50967ad54c861da3f25049aef2cf32a1518706670d6c7cc3054afa0ec934fb8e344465d5753f93ce97c","ssdeep":"","tlshash":"98e0cdf35389ecb985a7441a10e36510f10d6979433382dbd755543e51140c4497575a","first_seen":"2025-11-08T04:26:01.782802Z","last_seen":"2026-04-06T21:22:32.173283Z","times_seen":18632,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/images/Search/pc-nav-icon-down@3x.png","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.050Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/images/Search/pc-nav-icon-down@3x.png HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 330\r\ndate: Mon, 06 Apr 2026 18:38:53 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Tue, 22 Jul 2025 12:20:43 GMT\r\netag: \"687f821b-146\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: D2NiOi9TVdJBb5OAcl8ILbcxJClFkAvXmYMHxbj5FXy-mTALAMLQFQ==\r\nage: 93\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":326,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 60 x 60, 4-bit colormap, non-interlaced","md5":"7023a802c4d373abf7342efe94fa3a98","sha1":"c24cecc5067dee2e5680fff5316cc6f3b940bba2","sha256":"c2197abaec128edeacd5e035178d85dfb36c2d07986033ae13cda8fc83c5e509","sha512":"87c87a9e5afc033f865d9bf4976f3d9c497842213bb653a75498057bdbadda64c1bf6809f76f5cee28a2e652ddb970d877fd71d5832dda033c7110f133bfd9ac","ssdeep":"","tlshash":"dfe0e7d2bfcfdd8c5f270d77c631504054153c62336190773504b4007537145c853291","first_seen":"2025-07-12T04:18:50.955771Z","last_seen":"2026-04-06T21:31:45.160783Z","times_seen":20869,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ap.dc-report.cc/api/eventTracking/report.json","fqdn":"ap.dc-report.cc","domain":"dc-report.cc","tld":"cc"},"ip":{"addr":"54.254.158.162","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:33.556Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.dc-report.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 07 Dec 2025 00:00:00 GMT","end":"Tue, 05 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"C2:B5:BA:75:40:71:82:8A:0C:30:43:7C:87:CC:C2:C3:63:69:3A:16","sha256":"41:CE:19:28:BB:9F:95:C3:A8:5A:6E:DA:C9:CD:C2:6F:06:2F:9D:37:81:96:91:C2:D9:EF:88:93:F2:EA:18:E8"}}},"request":{"raw":"POST /api/eventTracking/report.json HTTP/1.1\r\nHost: ap.dc-report.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded;charset=utf-8\r\nContent-Length: 753\r\nOrigin: null\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":753,"data":"src=https%3A%2F%2Fpic.glgyza.cn%2Fhc237%2Fuploads%2Fdefault%2Fother%2F2026-02-21%2F9df837fff5d4e5d944a4e8f15a4eb484.gif\u0026uri=https%3A%2F%2Fkcm5428.top\u0026event=ad_impression\u0026page_key=category\u0026page_name=%E9%A6%96%E9%A1%B5%E5%BC%B9%E7%AA%97\u0026ad_slot_key=home_pop_ads\u0026ad_slot_name=%E5%90%8C%E5%9F%8E%E7%83%AD%E8%81%8A%20-%20%E6%99%9A%E4%B8%8A%E4%B8%8D%E5%AD%A4%E5%8D%95\u0026ad_id=TJ-001_tj_web_6\u0026creative_id=\u0026ad_type=banner\u0026seen=true\u0026channel=\u0026uid=0\u0026event_id=a22ae94f119970bed20fbb7e61bc228f\u0026app_id=TJ-001\u0026sid=c4c7b5996e6924fb70704e9b01d159f8\u0026client_ts=1775500833\u0026device=PC\u0026device_id=353d69b8aa2211aa0632389b6cbd0b1a\u0026user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026device_brand=\u0026device_model="}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Apr 2026 18:40:33 GMT\r\ncontent-type: application/json\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: null\r\naccess-control-expose-headers: *\r\naccess-control-allow-credentials: true\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T21:11:43.744211Z","times_seen":13437525,"resource_available":true,"data":null}},"time_used":332,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":332,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/css/7.10.0/mirages.min.css?v=20251216","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:26.958Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/mirages.min.css?v=20251216 HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-length: 42592\r\ndate: Mon, 06 Apr 2026 18:38:50 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Sat, 04 Apr 2026 06:49:53 GMT\r\netag: \"69d0b491-3172b\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: Rqyp-QmJk1AIoTToCTiy8ogFEYO0trU1zr8iCzafdsZUMQBhxQVZSQ==\r\nage: 96\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":202539,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1228)","md5":"7a63691074945b970e7127a37cc8e2fb","sha1":"a02ccfefc24ff1fd72fcdfc08e411758eaa50386","sha256":"beaaf1bfdd4ae35e67716a7d0aa6372c619b132271f21e9c0c7abde93d912308","sha512":"efd9576ae59f63fb257ec366c747cd0566661f0abee5d894546a8d9e1e6ea7462e7d679dc1d85e4ea1a52a7d9c796abc983a0659480cc5dae294a9211566e7eb","ssdeep":"6144:PwcGuP/Y1iBl4fOBl4faYEG8PnXNsSd1XmFRtaSgofgO:PwcC16I","tlshash":"bc14847c954111d46373ca1aafc4b6582738f226dd052ebdf12721d8dbc2b9b12e2b8d","first_seen":"2026-04-04T07:27:39.536324Z","last_seen":"2026-04-06T21:37:59.333157Z","times_seen":5129,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2026-03-31/9bc28f493ccdf4da2854482aaa9c39f1.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.772Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-31/9bc28f493ccdf4da2854482aaa9c39f1.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 31 Mar 2026 14:19:57 GMT\r\nEtag: \"ed4513572d99563359227808402d94ee\"\r\nContent-Type: binary/octet-stream\r\nDate: Tue, 31 Mar 2026 14:20:50 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 311\r\nContent-Length: 3231392\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 303935334012000741\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3231392,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"671dbc20ddcce5e270ed6c9c350ff065","sha1":"861ca61d40027d2d5582a23b4b9cd1397650dd34","sha256":"462a27c55d786f55641d1f49b87000fda0e4a0032488a6df203f2a2a9fd5b361","sha512":"01362ccf737502963bc5c589cd6584f843ab1f194ca634533661d34c1cc71f5680dd67dc432432a302c893a4c43145efab41d7a5bc53a5a282543a02bd6038bb","ssdeep":"24576:7HrU2mQ6aPiTCO9nBRY549HmR9QgeGqDP6PZpSH+R51qT5QYYky2B:7LUVQNPiTRnByXsDyPZ8eRKTznB","tlshash":"3e2533c32061bf91c5d5a22d8666a18bc1e066115edd78d031b4eb8f3a3bf5bae4c4c6","first_seen":"2026-03-31T14:38:15.678099Z","last_seen":"2026-04-06T21:37:59.337904Z","times_seen":5314,"resource_available":false,"data":null}},"time_used":707,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":685,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/upload/xiao/20231026/2023102620184376167.png","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.936Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /upload/xiao/20231026/2023102620184376167.png HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 29 Dec 2023 10:47:00 GMT\r\nEtag: \"690d560840f8d9cee1ff120270fcbd88\"\r\nContent-Type: binary/octet-stream\r\nDate: Sun, 09 Nov 2025 17:45:05 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 25601\r\nContent-Length: 880\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 17418918615157624105\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":880,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"690d560840f8d9cee1ff120270fcbd88","sha1":"246376e425fdd500d98060cafdbd0117d8f6edf0","sha256":"2a040f5c1e9cc1a4a915caa5148db70d4677ac31b5170af578590b049cb42a55","sha512":"d1593fbeaf0721e39b02dcb9b6e6b1d0b40c0c5306f5b9189bc9638b02b76ddd4b6f71278c7b81a084f2237ead91af43241caaf8467810c6413e46953edb9b6d","ssdeep":"","tlshash":"3d1163c3c089449600bd12724efa62460e3707c2eedb32ee6158c39f9044e5b8ef4d6a","first_seen":"2023-11-12T15:49:18Z","last_seen":"2026-04-06T21:31:45.180171Z","times_seen":20807,"resource_available":false,"data":null}},"time_used":48,"timings":{"blocked":39,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/js/layui/css/modules/laydate/default/laydate.css?v=5.3.1","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.967Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/js/layui/css/modules/laydate/default/laydate.css?v=5.3.1 HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-length: 2101\r\ndate: Mon, 06 Apr 2026 18:38:51 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Fri, 14 Jul 2023 10:04:07 GMT\r\netag: \"64b11d97-1cc5\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: D2DsTnrJznbWArN0fRK7zU8lA5MvAzMBIyrrIRs4dnC5H-ygWuTAbQ==\r\nage: 96\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":7365,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7365), with no line terminators","md5":"e9078eef34fe9a44e44bdd55b48fdc55","sha1":"73ef00229810ee179915661786d9b66b7fc2d568","sha256":"ab9dbdf922a26509951347fcfa83704d86afd2df855c827740c23df72fd8ab3f","sha512":"dbf200ca6effc6bee2f7e8f516dafe6b25fa66093f19fff117a8bd87732a3ca0206480319d5f733eb07d18f564cba1dfc6143587cbc5ea1d5d370948d8ab3921","ssdeep":"96:7OyDQi4ijYyC43i7hlVVZ4LyLk5bYsBE2rBOB:7OQQfyPCoiFVqHbrBE2rBA","tlshash":"45e1cc71b1542cd4702bc222b4a87cbfaef8dc02dae3265ce5b8621b85c15b7957d34b","first_seen":"2023-04-11T12:12:51Z","last_seen":"2026-04-06T21:20:08.862398Z","times_seen":29462,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/js/layui/css/modules/layer/default/layer.css?v=3.5.1","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.968Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/js/layui/css/modules/layer/default/layer.css?v=3.5.1 HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-length: 3428\r\ndate: Mon, 06 Apr 2026 18:38:51 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Fri, 14 Jul 2023 10:03:57 GMT\r\netag: \"64b11d8d-37bf\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: dbgPpO3cQiBSTmM52k_-jIQvIA2nZhphmXV6s8P4q_fVxjEz_z7Utw==\r\nage: 96\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":14271,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (14271), with no line terminators","md5":"c234eb06d5f32055092294e78957f17d","sha1":"f15ee0bcb9694f32f5e1d524f2653aa0dd043402","sha256":"5cdf3edb27b0c9f8e48918c486e9ae65a9e5beab806b64c4a7bc5bac53c0f540","sha512":"3f06b51116d7f8026d81c7eb6a3c4d871462d09fe0a5b8cc8b7feaf20cbc88b0b6a545f0ec7cbc17566a9ff609405f58fad6eddfb3a8b3f6d530ede8fa3fad5c","ssdeep":"96:mp+Ntha8qNEp+wRY1vUPXi0nMLPD2OtLzAyPHL/LztJDzyv2OQ7KGx1j9d2/nWUU:1ELr2Otzrzzt42OQ7KGx1j8WUq4S3cU","tlshash":"f75242e144911299b0278721d6dc7eba32f88d43e5630caef2573c1f874c6dba2b6647","first_seen":"2023-03-10T11:40:20Z","last_seen":"2026-04-06T21:18:25.303977Z","times_seen":46249,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/images/Search/pc-nav-icon-qq@3x.png","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.059Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/images/Search/pc-nav-icon-qq@3x.png HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 712\r\ndate: Mon, 06 Apr 2026 18:38:52 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Tue, 22 Jul 2025 12:20:43 GMT\r\netag: \"687f821b-2c4\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: ykmdNqYsr0eRQQIrPEKDRIi5QCfXnOasnZWQJhDre71TfV2zShJVag==\r\nage: 94\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":708,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 60 x 60, 8-bit colormap, non-interlaced","md5":"0032e13d45b2dc636e67e98a52d66792","sha1":"9cd222e4079d7ab780b2d4ac38d05fd968f3e85d","sha256":"45dcff2f7f3f48fdc5fd0a3a8720827db74347b89c41de15f215af07beb780f6","sha512":"caf32cbaf55c3efdfadc2f0c1aaea7e61b8a84aeba5338372cad9248bda6eb0a8782dd4a3568c6e8307a3f7b2310a576d6497c70ac038ffc94adf4398cce91a0","ssdeep":"","tlshash":"650188d2271f8ca48e0ccc1b4daad0c56c3456b72582f907b517d8676314b5dd3ea004","first_seen":"2025-07-12T04:18:50.988139Z","last_seen":"2026-04-06T21:31:45.024139Z","times_seen":20843,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/images/Search/pc-nav-icon-tw@3x.png","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.060Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/images/Search/pc-nav-icon-tw@3x.png HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 504\r\ndate: Mon, 06 Apr 2026 18:38:52 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Tue, 22 Jul 2025 12:20:29 GMT\r\netag: \"687f820d-1f4\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: TFmamMSw4ibDFPyfoB1ZXAuG_TgZD8L5pMjPOzakRdLZFjlS1VxiOA==\r\nage: 94\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":500,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 60 x 60, 8-bit colormap, non-interlaced","md5":"7c92935d5bf83d7aca1ec31dc31e7abc","sha1":"975dc5c3c14a1774bf97f2a22ebf524fc4a8709f","sha256":"59bd73a9b3e779db687f9cdcd77ebff91850e618a1469b6f08686df4a392e37c","sha512":"d8c08d787976b3470cd71ff27126d92239fe7a0cedc1daa672939e2817a556c53f07c782e54c8030e3cb43ea5663875f1996e8a91cb521e5da1226135dcb315c","ssdeep":"","tlshash":"4bf023d7a7543c5481a74edbf8e11993f83a3c6a050152aeacb4f0b5083c08bc196184","first_seen":"2025-07-12T04:18:51.012831Z","last_seen":"2026-04-06T21:31:45.143157Z","times_seen":20856,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/css/7.10.0/img-placeholder.png","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.330Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/img-placeholder.png HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htyrz1.zgiwnnh.cc/usr/themes/Mirages/css/7.10.0/search.css?v=2026032602\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 6700\r\ndate: Mon, 06 Apr 2026 18:38:51 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Thu, 27 Nov 2025 02:09:05 GMT\r\netag: \"6927b2c1-1b01\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: eJI3KpBNOSyViXCjKr2iczQdbx9DWald7Cc2J6c-sn8aiXzcd48aqw==\r\nage: 96\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6913,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1380 x 954, 2-bit colormap, non-interlaced","md5":"2bf55fff5517780aaa0fc200869329da","sha1":"ffa84727c18f61809a1be5dc98983ae80f6e47cb","sha256":"57b0e2330b07df346bd10d657be6483138c6f5c7e69434d51a45b4a5f9115ec9","sha512":"b3505d64dc4d1c94ce39c0e1c1e93dd1cb8b0307c1b9fc7c345cecfcf19a631d43f4f64941fa0bf20f8c4c8d66f24d6d1c1cc86a52907bb86cd445fe61eaf893","ssdeep":"96:QuKUEfIuGFUxmpghh7sEfvhShKynDWSatIvj50mkh02R4jRKZnPtZ/8nF2OiOLwQ:tXhuOqhpnEETSaSvjRkhh4Fyh8VMKbb","tlshash":"efe1afb28831df82d16e81fed4ff1a7b453d03607e431e6a52cbc1256b2650f05c0179","first_seen":"2025-11-25T05:01:35.035896Z","last_seen":"2026-04-06T21:31:45.067968Z","times_seen":14565,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn//upload_01/xiao/20260326/2026032600091186129.jpeg","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.347Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET //upload_01/xiao/20260326/2026032600091186129.jpeg HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Mar 2026 16:09:15 GMT\r\nEtag: \"b532963eddc9689f32f9c21e5063c9fa\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Mar 2026 16:14:54 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 620\r\nContent-Length: 121168\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 17808177821220384773\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":121168,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"b532963eddc9689f32f9c21e5063c9fa","sha1":"c197d0cc943a079ad243409adf56fbf944c962d9","sha256":"23ff636ab5b3a9f7e5c6e3031e3dcf701a775eb28c1ca985dbab1b0172828eca","sha512":"780015b889c2a1983af81940ed80520730652aea8ef333001119110cdec89a0db35a42e4b60a5bbd4aff8717c0c85bfca6619a6e6f76893f8d7f294b051efdf6","ssdeep":"3072:q8zx9D9rq1IxxhRjowyae0biqFZIT4wufSZFrmewb9mEOAeXQ6:qm99x0aeWiYZO4wufsQewxmpVXQ6","tlshash":"abc3122a0ec4482b19f28c3bac58c7add6088fb7b93b5c5591b16646553ce52333da2f","first_seen":"2026-03-25T18:46:40.418932Z","last_seen":"2026-04-06T21:31:45.06897Z","times_seen":6185,"resource_available":false,"data":null}},"time_used":113,"timings":{"blocked":42,"dns":1,"connect":10,"send":0,"wait":8,"receive":14,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn//upload_01/xiao/20260331/2026033112335446937.jpeg","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.559Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET //upload_01/xiao/20260331/2026033112335446937.jpeg HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 31 Mar 2026 04:33:57 GMT\r\nEtag: \"cdc85c9761593eba6633d61893a1f389\"\r\nContent-Type: binary/octet-stream\r\nDate: Tue, 31 Mar 2026 04:42:53 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 992\r\nContent-Length: 91792\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 17776653163913219678\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":91792,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"cdc85c9761593eba6633d61893a1f389","sha1":"9dbcb606cfaf144f2c831597b10fffd9d127bd56","sha256":"6377948f39bb95b1c400973c62176e79a4082611b9140f280def1463c0531655","sha512":"0520da8d6be225523fe31702ff7a8fe0eb65e9d7566ebf66d57770297e4adb74cf543061f4bee54eb28c67d1faaadea1d4350128c4577f1c1d83550a05cb32b3","ssdeep":"1536:rFCl+RjDIEnX6nW8UwFNcD93Jk+6Dt9BdC9KeNa0q3q1q2iTC3p8hWmk:rFClovIEnK1UocJkL7UNVHl","tlshash":"da93123f029ee0b4559365db3a9246e333aa3a82693d15c1018e49e8990efc5cbbfd51","first_seen":"2026-03-31T11:27:31.474723Z","last_seen":"2026-04-06T21:37:59.274953Z","times_seen":5386,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2026-01-02/5cb046860966755a832038ab7bf87beb.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.804Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-01-02/5cb046860966755a832038ab7bf87beb.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 02 Jan 2026 07:33:13 GMT\r\nEtag: \"7732554aa56165e5e79bc7baa73f28b6\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 02 Jan 2026 07:33:13 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 61\r\nContent-Length: 139696\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 1627633366109486480\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":139696,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"7732554aa56165e5e79bc7baa73f28b6","sha1":"3850fed723a2043456859d9984f77192250e8e46","sha256":"a60df5a59fbed98d6d14e2b8c322ad10995b5997ddfd6923767e8e043d21339e","sha512":"083b3c8c26286343d42e5b3d8b465ac12386bfc5bd461f5e68124e02c5503365afec4d7ba1a24648caa4dc920b4e2fc19a392ff629918311604805f1ae2b5499","ssdeep":"3072:6WUpH1vHlc2a7tivnOYy1jp40vPq9p0wnvtghUFvnS9w9CXO3QhkD:IpH1vzPOfjpzvS9CwvtgYvTp3QhK","tlshash":"dbd3124c9c60c82e175b4673a4f2498f166b060fe82e84b277691df377539f696083dc","first_seen":"2024-08-07T12:14:14Z","last_seen":"2026-04-06T21:31:45.170902Z","times_seen":10130,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2026-02-17/b319681c9a5b9a4e72cb0dac5d961d26.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.815Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-02-17/b319681c9a5b9a4e72cb0dac5d961d26.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 17 Feb 2026 03:54:19 GMT\r\nEtag: \"c7a0b003306a2e88dd3df6a66283c550\"\r\nContent-Type: binary/octet-stream\r\nDate: Tue, 17 Feb 2026 03:54:19 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 80\r\nContent-Length: 151856\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 6484152450993314076\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":151856,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"c7a0b003306a2e88dd3df6a66283c550","sha1":"fb3a781802c18ae33b0b444ba6d3c375a82a03a8","sha256":"8f616d12eef84b94a4b5ff9f2e845697058a8f39f86642ed9681005b669d083c","sha512":"d6589f17e07ba0f2e5740c949444e5b35088d99e49c1099f787067e3dcd5573ba85413586e58f2b65090df607bb4d7b7faaf0c020a251c96d16cb6224116507f","ssdeep":"3072:tA7z4wXQP4ysCMwPOGefBh2gNJmhD+ljL/1+4ORQXolxhc8:SzPQP4oM+Obj2gtD+uoFj","tlshash":"c2e3235aedd003ba57cc2db60ec7bbdde6e8066f5c950184cf1d4016d78ee809dd4a1a","first_seen":"2026-01-25T11:27:58.658626Z","last_seen":"2026-04-06T21:31:45.147903Z","times_seen":8448,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2026-04-01/f5435c59304ddd630112549ac85616b2.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.819Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-01/f5435c59304ddd630112549ac85616b2.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 01 Apr 2026 15:14:36 GMT\r\nEtag: \"11314708f043cfd3853f62eac2445b73\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 01 Apr 2026 15:14:39 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 53\r\nContent-Length: 189840\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 9100159633428031157\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":189840,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"11314708f043cfd3853f62eac2445b73","sha1":"9b18181feb41e10bac3ec0c6285757b12a4f5bdc","sha256":"9e37f1dd08c4f908ac11571212da3c4eb12a518c0f0b8647b57224673e7f5850","sha512":"acb74e143326ffa5b4b582791869e8d08a82127d9f39269ff7c0eb82297e1419482513d034c45c16bcf8e2bd48c308317e3fc82f2024a78d7dfedc79b2082077","ssdeep":"3072:Yz4oIw7wolccUA189H14rjsA6V78pPUCHNvtnYCkT3GfkWjeAAKyianrmvmWJYVB:Yzj7TlccUAuV4/DlPUMN1nYX68IenKy5","tlshash":"ba04132338dcd3a020d7af6e7896cb65c9d7de61e7d037d00674e06d3559e86220e1e6","first_seen":"2026-04-01T16:23:23.553891Z","last_seen":"2026-04-06T21:37:59.245389Z","times_seen":5213,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/images/github.png","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.032Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/images/github.png HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 628\r\ndate: Mon, 06 Apr 2026 18:38:51 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Thu, 26 Mar 2026 08:53:44 GMT\r\netag: \"69c4f418-270\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: --4FJig9Wty4YjFFvjIW79xPCOWCyOM1mECfkFTZ0_Vj2847JNychQ==\r\nage: 95\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":624,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 84 x 84, 4-bit colormap, non-interlaced","md5":"7eeb4e826318468dd09ffcd3713d4008","sha1":"e2907d62b39dd78deb8daaae30760f7e40f02123","sha256":"d1f426df6fa06fa7557522a8569969f1ab37f80995501527709460bd06a672e5","sha512":"3dfe022dd48b2c1014d7290050f699217410d2f1d531c6edc986257a3a542d2f2f93ea0be1df95f13635cad82bb832c3ca5407f012ffa85b768b8a8398d72555","ssdeep":"","tlshash":"3cf0b7c567178c2bd777d595dd875680b8aa0c27a350024f1845b11f8d3802110bc10b","first_seen":"2026-03-26T09:29:38.993708Z","last_seen":"2026-04-06T21:31:45.033197Z","times_seen":6145,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2026-03-21/64b56ef07887b86301e40a2807e86715.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.765Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-21/64b56ef07887b86301e40a2807e86715.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 21 Mar 2026 05:19:26 GMT\r\nEtag: \"e3c103e611c47d9e3c097b356858c3e9\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 21 Mar 2026 05:19:26 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 107\r\nContent-Length: 1280496\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 12663718463475312644\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1280496,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"3370128f9708ffb7b7de36b6f2e79ea5","sha1":"b7210118782952611dd1362b71e4895d2dfc2bfe","sha256":"de9a0b23c61954520802e3d29c4b8174fd302552b70ee76b3be205f1aecaba15","sha512":"719ff2f3debd030703d171ba2b94c6fbe73e5d9298100382c2eae4576485aa80eb50ca8f707e4e8b76290b83a6be8463330cd08dfdda65c8f483be2d442441c6","ssdeep":"24576:QvGe/sCsST0Le+m1ibaoWPxCiADmt3bbWuTC:QvG8lsSeUyI5CiAObbWp","tlshash":"12253303be6385f18d5f080f9b37802615ce179a69e2841e40d953da8a9828fd3e3ff4","first_seen":"2026-03-21T09:54:28.02328Z","last_seen":"2026-04-06T21:31:45.044628Z","times_seen":6447,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":134,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2026-03-21/6a81c1f605ad6b479451e32956506aaa.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.845Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-21/6a81c1f605ad6b479451e32956506aaa.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 21 Mar 2026 05:34:24 GMT\r\nEtag: \"e48e2b1d63fb2d2cd82346ca01d95f69\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 21 Mar 2026 05:34:24 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 55\r\nContent-Length: 146352\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 9337144545211484327\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146352,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"e48e2b1d63fb2d2cd82346ca01d95f69","sha1":"1ada1c6b080b469c287dd5531ce72c445b755269","sha256":"680ccc06b206fe8d5290efc4f2f68b436ed417f3a2edab0012976a2cd2f0614d","sha512":"bc483e72aa9650bf10e29a5fbf3cf8460920a71bfab65fcdf6120c6185219fc959519537346b92f593f8b447cf89c3c81dffc8f0a8c1062bcb60b38e2954c7a2","ssdeep":"3072:mKZQcw1suHEyuTa7HoRYXurvGwCz2PIhZP7qeaw3rJgbA4cYsSO0ErzGr:mKZXTHaqY6aiqOw3qz5sStErzGr","tlshash":"37e313d8aa917683c88e3c199a6b4ee8310c703f15dddb31b4b6c5e82ffe2654184d5b","first_seen":"2026-03-21T05:58:51.159978Z","last_seen":"2026-04-06T21:25:12.293193Z","times_seen":7635,"resource_available":false,"data":null}},"time_used":73,"timings":{"blocked":55,"dns":0,"connect":0,"send":0,"wait":15,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/js/layui/css/modules/code.css?v=2","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.973Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/js/layui/css/modules/code.css?v=2 HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-length: 545\r\ndate: Mon, 06 Apr 2026 18:38:51 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Fri, 14 Jul 2023 10:04:07 GMT\r\netag: \"64b11d97-527\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: ccXrD-1MjsUvY5AeuEc0J14d8cwANInOVV6aEthzGbegFE1Q9E_v2w==\r\nage: 96\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":1319,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1319), with no line terminators","md5":"986d0d70b033a195fc1bd1527b06993b","sha1":"69ea79bb09bddd3b988db70ef8b10be9ed0f0065","sha256":"3f27194c2e479212781a76f993b778d724ac9838e780b19472c0357cd3081431","sha512":"a3d1ffa0ba90c8ed8f1330c456760ad7098b683756f1f5d2aae6ec89502c0fe1ff6287e7b1180b9df8f50d517118b610566e9315de055d4780a230488eda10e0","ssdeep":"","tlshash":"d721493aa3852118354bf21574fcbcbca03cb1d6a5ea0eaaff416797c944c51083674f","first_seen":"2023-04-11T12:12:51Z","last_seen":"2026-04-06T21:20:08.969062Z","times_seen":29527,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/css/7.10.0/VirtualList/virtuallist.css?v=20251205","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:26.961Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/VirtualList/virtuallist.css?v=20251205 HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-length: 3352\r\ndate: Mon, 06 Apr 2026 18:38:49 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Wed, 21 Jan 2026 09:20:01 GMT\r\netag: \"69709a41-3a46\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: ETNuqoQ4pbtV6k9z-rtYq1qov1AFxCkn8tf5kN_RQDBT-uKg4bNMoA==\r\nage: 97\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":14918,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"445f4adfb2a73e5051e2736ea9412403","sha1":"58acf37f0398907cfd89dc53639b25401da65a42","sha256":"eb80348fc71167f273aa3e77e24f0aa7a4b851fd8a2ba7aaf8c0e4e88611e803","sha512":"47fe60b0530fa962ea928b65235d39b90602187bdd494c25a0b4915ad733f6d59e2e1275b558349a05913215c919dbf25174a537ff71754a8efb74fbcd8e18c6","ssdeep":"192:HIjaV2e72zSkaah+oIVNmu3JpL7NBOr2N5Ywwqk3ub7TmfRyPdC+6PwmBV3IKs4m:Hb5LJidrI9","tlshash":"e4629b9c15d22544a49fb40c3eaaf98a621d971bc916c9ec3fad6388cf8df41656238c","first_seen":"2026-01-21T09:49:21.708299Z","last_seen":"2026-04-06T21:31:45.042817Z","times_seen":8264,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/plugins/AiSuite/assets/images/ai.png","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.062Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/plugins/AiSuite/assets/images/ai.png HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 364\r\ndate: Mon, 06 Apr 2026 18:38:52 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Mon, 17 Nov 2025 09:30:40 GMT\r\netag: \"691aeb40-168\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: eae5EvDSOvMEttZYIQ6xiZe5Xgoki1RzDCgm4ZfeKq2NziGomJM-Vw==\r\nage: 94\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":360,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 22 x 19, 8-bit colormap, non-interlaced","md5":"bdfd73be05b313c5c343e02c19e69b35","sha1":"40a591d8ec0f5134270fad42812002458e1fa3b7","sha256":"ea22009d2eb53a8f88f109607d8ff75814059f83ad1e4c1aa54179f5b1385bc6","sha512":"e67420d8689d83569fef893f166ab041b5863fd33f1b8a34056044e25eca04836cdfde2000cc306d1efccaed4340889c643706420f9d927d309100d41cf40474","ssdeep":"","tlshash":"eae0c072728cff3a9cb10273089791f58a2a4f76516491065f15841c68e6644415278f","first_seen":"2025-11-08T04:26:01.793992Z","last_seen":"2026-04-06T21:22:32.112552Z","times_seen":20258,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/plugins/DPlayer/plugin/hls.min.js?v=1","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.064Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/plugins/DPlayer/plugin/hls.min.js?v=1 HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 178263\r\ndate: Mon, 06 Apr 2026 18:38:49 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Wed, 09 Jul 2025 09:21:38 GMT\r\netag: \"686e34a2-805db\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: 8xoi_N_VOi4gIHCkeL7n3nQj42Ya8JCfKEC1PMYR_ODhaZzKJxXzHQ==\r\nage: 97\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":525787,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"c6b4b0566933bbace745d354bbf66a45","sha1":"37421e0fdc0f834e9b76c83c86b8f8dc5a25f9f5","sha256":"98f063553824f201d7a46e124e1dabdeefbc517e35e800ba0c8cbeedd432ab67","sha512":"b972867cd30918e974a0603937c16d106aca52ae7b52ffecfb1096b093dd21778cc38eac17d777e53a709b9a3c451b5785d9ac2d3ead1b9ad5532dc718389dfc","ssdeep":"6144:tN52SSJ22f+rppL0uMRzXrpbQLTfUUD+6D5U7qKxnU3F4BsibLioRGJ8z0xEnFak:te22eppSRzbpbTiwqKxUHF84xfg","tlshash":"cbb43aed3695a01683c2b169903f5507633a7d0a284cc12cfa2be9db2d7994db13bf74","first_seen":"2025-07-08T11:22:48.878147Z","last_seen":"2026-04-06T21:20:08.869746Z","times_seen":28283,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2026-03-02/10f92ed44f4098d19c7fbff9768e93a1.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.432Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-02/10f92ed44f4098d19c7fbff9768e93a1.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 02 Mar 2026 06:48:25 GMT\r\nEtag: \"187f99ba1efb62f4fd77a904fc7c446f\"\r\nContent-Type: binary/octet-stream\r\nDate: Mon, 02 Mar 2026 06:48:27 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 652\r\nContent-Length: 396320\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 12010313119227451102\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":396320,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"187f99ba1efb62f4fd77a904fc7c446f","sha1":"44f5b0b73f5ee7005f26286cf274659683a72f7a","sha256":"6e4b07c831dfcb366ae49ad9414f061a97bf6950107408e1a8a1330ab6d83d89","sha512":"94b98f5dae6f93b865110bf3487f022fb888157f52fd19023b20b14403173711c4d5c8290516741ae86bf88b9f12bb35430cd3568fe79c6955deba4a9b5c8897","ssdeep":"12288:fBAD4bQPB/CV9NI1R4CB7Q6096U/Q1ghvm9:5A5p/iNETE60AMh6","tlshash":"8484233ac855e5b3c51179cc22c61de1ea8f2a24d3e5cfa9c0efe44fc26a5593b8161c","first_seen":"2026-03-02T13:10:46.72352Z","last_seen":"2026-04-06T21:31:45.069985Z","times_seen":7204,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2025-12-30/96973f3cbc7fa3ac563b144d97ffab19.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.847Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2025-12-30/96973f3cbc7fa3ac563b144d97ffab19.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 05 Jan 2026 03:13:17 GMT\r\nEtag: \"9be8face9a0c71281c3304b61e86ddd1\"\r\nContent-Type: binary/octet-stream\r\nDate: Mon, 05 Jan 2026 03:13:17 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 28\r\nContent-Length: 667488\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 16889049934633276517\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":667488,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"9be8face9a0c71281c3304b61e86ddd1","sha1":"c870ba41710513af0bc27805e71bfc912be6463f","sha256":"fd84827a448c92a0e456aa7fcce612d239716895273632e9c6728b5323bbce1e","sha512":"1658a60f82c609bc3271c5f901f5dc9725d6ee6f537f460752197dd7fd543da92e59a0f5326628cb2bad0c090cab5e793341c607081e9caf9662de35ea4e5b68","ssdeep":"12288:Bl0eA4CdONfZUiaJgigupqlvTymUX1Om5Vu1u8Mn1jWwX08tJjrm/if:z0tlqZUn+iIrylXMi58Mn1RX/tNr9","tlshash":"cae423403385c22f64bb2f43a8159ba13843dbc8edbdfe05d4f95a1b928176de328578","first_seen":"2025-12-08T12:36:29.171473Z","last_seen":"2026-04-06T21:25:12.324087Z","times_seen":17711,"resource_available":false,"data":null}},"time_used":104,"timings":{"blocked":55,"dns":0,"connect":0,"send":0,"wait":27,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/upload/xiao/20231025/2023102511321783155.png","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.918Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /upload/xiao/20231025/2023102511321783155.png HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 29 Dec 2023 00:08:40 GMT\r\nEtag: \"ad473bd0f40ea84076e2363e66e2243a\"\r\nContent-Type: binary/octet-stream\r\nDate: Mon, 27 Oct 2025 09:16:13 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 65806\r\nContent-Length: 448\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 4980127074494487165\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":448,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"ad473bd0f40ea84076e2363e66e2243a","sha1":"c07cbfd2ff1f55c522953b9263c9b13e49385b48","sha256":"6090398a69e190aecc12c1a2a33838ff286c8530df40898d7fe2c6f5346b7452","sha512":"a2fc9a46dca25b7d169ebacc6f7ad1215ed47e2556a63f790b74aaf62b784f7b67d41480a96c46b9c1f5d51e5ebc25e18a4dc67fa00e21cff2ba3a90eafa3a6b","ssdeep":"","tlshash":"e9f02b343d29c0f1a0d1b53b9e54cd01d211724d3d7c41bfd235731607ac5574451163","first_seen":"2023-10-25T11:55:10Z","last_seen":"2026-04-06T21:31:45.176281Z","times_seen":20847,"resource_available":false,"data":null}},"time_used":57,"timings":{"blocked":33,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/images/qq.png","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.034Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/images/qq.png HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 692\r\ndate: Mon, 06 Apr 2026 18:38:51 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Thu, 26 Mar 2026 08:53:44 GMT\r\netag: \"69c4f418-2b0\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: cnu4MrYQ380Ss3JC7xY6xiT6DgKyiqlaOGGyVDjWbG023tXHvqaZfQ==\r\nage: 95\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":688,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 84 x 84, 4-bit colormap, non-interlaced","md5":"b438b2edc7a587a3d2d692af6ee71aca","sha1":"f0a18a1d84367d4ff0882cfd080fd8d30106b3a1","sha256":"b0179e7817d4ed817b4410cafe2d175db262c5b1c0e6ef55b31e18d801fa5e17","sha512":"969e750e8aa3209213fa782ecd4d5bd2a929d6e8e7e566288c0b716cdf5f55c122a7f57fcd70d34b13ee038f5ed34be3233f6fbb560a83756958731a5a0c3a38","ssdeep":"","tlshash":"310123c58ec66a0523af66d656f34013e4276faa242c762c6da27858ceb515050136af","first_seen":"2026-03-26T09:29:38.938458Z","last_seen":"2026-04-06T21:31:45.130596Z","times_seen":6145,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/plugins/AiSuite/assets/js/index.js?v=20251205","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.137Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/plugins/AiSuite/assets/js/index.js?v=20251205 HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 8422\r\ndate: Mon, 06 Apr 2026 18:38:50 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Fri, 12 Dec 2025 04:31:36 GMT\r\netag: \"693b9aa8-f250\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: 2j5z3KM0FDwDQwVu5Yg94bo2NjtNwS8ciO_YKE6bUhzVOqUgKL_FjQ==\r\nage: 97\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":62032,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"e2ad1d1df5ac8f6a22b4a7318c4ea830","sha1":"da681999fe3f9c153b93133204311d6f90432802","sha256":"9333f887c1b4bde80c4451eb806795179aa6dfab3b7a6566fb923ac76ba8b0f2","sha512":"127b92b87baa965853e12a14717f4a8d4166b5d565631068bba786c87b305aad0141ede31c09f6508c51641fc092238f4a7a7000dd2fa6bcfc0837dc0e3a8d7f","ssdeep":"768:rP4lBd6lebchYzp1DT6ekRmmTEXEHkYRtQ+zqDxbFxAespKSzEXEHG4lEd+zVuQy:Mu8vp1n6d9Rt6bQrKEjl7zVuQgl","tlshash":"5753636e22fa150a5b4330292f9f300a3210a4571d49ee9cbe0d97d45fdd678e1f2be6","first_seen":"2025-12-11T05:08:28.597561Z","last_seen":"2026-04-06T21:31:45.080389Z","times_seen":13773,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2026-03-18/de518aea55e39cda1f3e083511c581c4.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.617Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-18/de518aea55e39cda1f3e083511c581c4.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 18 Mar 2026 11:18:42 GMT\r\nEtag: \"0b0fdf9efe1395ca2e8bd6088f05ef94\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 18 Mar 2026 11:18:43 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 448\r\nContent-Length: 483104\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 9544736592835316940\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":483104,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"0b0fdf9efe1395ca2e8bd6088f05ef94","sha1":"d953f58f67c88b79b9543dc606d1ebb3f0b698c2","sha256":"50efb6697bdb71826148571cc334ecfca084e97aaa5457f3cea08da707df2701","sha512":"c6b1416b8ba3a54558dd04bb55e2d905fc449e11bd83e18d8d7fa924a6ba2b768bc3183d36d3f3f36268925973e973f216a4c212b47de1834bc8712b2cd9fd45","ssdeep":"12288:A3tpOCsReeKp3qsWwg8KXTtBtNEj1rlDbyPy0:6yCZRaPwg8KntNEprN2f","tlshash":"78a423dc7d5504c8c86ef85866f46f128c341a1983bb9a3f4b9b30b5c6f8306d5ba687","first_seen":"2026-03-18T21:18:37.787698Z","last_seen":"2026-04-06T21:25:12.313299Z","times_seen":7907,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn//upload_01/xiao/20260327/2026032715122721493.jpeg","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.651Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET //upload_01/xiao/20260327/2026032715122721493.jpeg HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 27 Mar 2026 07:12:31 GMT\r\nEtag: \"54d2390eb19de539e81b937ea63afb0c\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 27 Mar 2026 08:14:43 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 58\r\nContent-Length: 61888\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 4524845941425097600\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":61888,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"54d2390eb19de539e81b937ea63afb0c","sha1":"6a167cfa376b63d4f72782d2a6b082c13a1cce9a","sha256":"0fb53e499e6c0f002519b12676a18a5e1fbf2546b3faac01bc1ed792e3c05bb9","sha512":"3dc0ef372c26cba761188caa009a8cdee10751b7bb81b09dff2ef3d92e089f1d9c48fe2e57b1d693e42bdb24ebc71604c82f6463c69c2fade9bb78c296898d32","ssdeep":"768:0X3NcCvXUCVmc3Z7Ges/ubVYOm6IXZA57gq+TBrA0gpeep1AfkVZQpjGhOFUOVJY:0HN5/HSPYm6IY7gvheAkK3r800MK","tlshash":"5953022895bc2575022595d18c604fa8bdaa3e313a843ecf0f6c5bfb340959e9f7843d","first_seen":"2026-03-27T08:28:08.70581Z","last_seen":"2026-04-06T21:31:45.144747Z","times_seen":5954,"resource_available":false,"data":null}},"time_used":62,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/upload/xiao/20240424/2024042420561168459.png","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.947Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /upload/xiao/20240424/2024042420561168459.png HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 24 Apr 2024 12:58:09 GMT\r\nEtag: \"745e05087f2c2985a982f236036c750b\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 26 Jul 2025 11:18:57 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 202\r\nContent-Length: 1008\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 4391828335096829085\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1008,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"745e05087f2c2985a982f236036c750b","sha1":"0ee044b91f7f2e3c88b43f1f3f33d474a032f09e","sha256":"0e492574eefb14856928c6210ed8a109e0ae77e529168ac15d2993d64d4e0953","sha512":"e0dd8a6d0a05a00b4049f721654da619e50575a7466e2e5e7d4ae620ac753c34d78f529b58ce566048cf49fad7d205dbc95da3d519352500229ce0d04723d4ff","ssdeep":"","tlshash":"571165b9805d5187ab6d9b6734ed26aa75e5174de3fb3d5b8261658374040060044c29","first_seen":"2024-05-03T10:06:21Z","last_seen":"2026-04-06T21:31:45.057217Z","times_seen":20646,"resource_available":false,"data":null}},"time_used":57,"timings":{"blocked":35,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.bbjxkecs.xyz/","fqdn":"htyrz1.bbjxkecs.xyz","domain":"bbjxkecs.xyz","tld":"xyz"},"ip":{"addr":"154.207.127.63","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-06T18:40:26.158Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bbjxkecs.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 06:36:17 GMT","end":"Sun, 17 May 2026 07:34:45 GMT"},"fingerprint":{"sha1":"23:FD:F2:F9:03:94:80:9B:84:87:D0:F0:37:5A:22:53:F3:5B:25:FA","sha256":"01:D0:F8:82:25:B5:60:2C:95:DB:18:41:1E:A8:49:AD:3D:46:36:4C:BE:E5:68:C3:E4:E4:90:28:B9:FF:50:25"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: htyrz1.bbjxkecs.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ndate: Mon, 06 Apr 2026 18:40:26 GMT\r\ncontent-type: text/html\r\nlocation: https://htyrz1.zgiwnnh.cc/\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZOc%2BBkS8CKJPaK%2BCRWj%2F5f5v%2BnYP3xqOTcX9JOV%2B1fqzJ7OqK9xapSdX%2FKx776snSF6UOO3VHRyK4owYDISFPOTptRiVGq%2FddUgVW7Do2DzP9e3fOnDT3FC4tPiwE4mOi%2B4uFvPq\"}]}\r\ncf-ray: 9e82ebc3ef335a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":287878,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T21:11:43.744211Z","times_seen":13437525,"resource_available":true,"data":null}},"time_used":546,"timings":{"blocked":64,"dns":47,"connect":1,"send":0,"wait":418,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"htyrz1.bbjxkecs.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/plugins/AiSuite/assets/common/index.css?v=20251211","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:26.970Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/plugins/AiSuite/assets/common/index.css?v=20251211 HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-length: 1944\r\ndate: Mon, 06 Apr 2026 18:38:49 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Thu, 27 Nov 2025 02:09:04 GMT\r\netag: \"6927b2c0-196a\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: OaC0Jsricd4dtV1IpufaaoQ6XUqeRAe1hh6WiCfw_G873QKxnnbTmA==\r\nage: 97\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":6506,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"e592e786121f1c2964a908b5467f1ab5","sha1":"878e9432b2caf058293e1cd37ba7a7ca05f432e6","sha256":"ec2269fed1b5f87e896f270f0de37e654e7951ff0bbfcf0f6795a8b90a7f9317","sha512":"4c08eced3920cd5d4ef4bc881c96842214bb7060d5587c35a9ae87469c7b008985aba7ba0b4af235acd94e57edaf9148e95e46aa2dc6b3e6a03bd0786cd720fd","ssdeep":"96:2XRNI2UFGs/S31TYgHAl49+P8Pc/63m63mZ89X1Iy45mg4UP:2TI9FY31TYgHA+9+Ycj7e9Xycg4UP","tlshash":"87d113621e573008502ee5985ff96b9c567ed043bf4b4d2e72c63999cf8d2c801bbad2","first_seen":"2025-11-27T02:13:30.893926Z","last_seen":"2026-04-06T21:31:45.055278Z","times_seen":14728,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/js/7.10.0/mirages.main.min.js?v=20251214","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.081Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/js/7.10.0/mirages.main.min.js?v=20251214 HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 71948\r\ndate: Mon, 06 Apr 2026 18:38:49 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Fri, 12 Dec 2025 04:31:36 GMT\r\netag: \"693b9aa8-4ce5d\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: -jslP_Ruvy8QX6eYB-KUZodfPzEHLyqwvhF8Prd0AwDtiJ2e8WwOkQ==\r\nage: 97\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":314973,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (942)","md5":"b24eb0b029c427b97e4844593a106035","sha1":"f2352e060d65996a1c0b244dcf9b94c6d30824cb","sha256":"2de945b922e9649004e6daa6969e2a2500ff44e9081e081a3b73c55ef0b5fc2a","sha512":"2da5f2331a1c48c13616e70b7177eb1dd9c6a6664d13fe3afcb2cd05f4142d415e841b0f27b8a81c5a14b2194caec02958d6550fc7895dfc49106c8c31d77255","ssdeep":"3072:/IbqwelyE+K3TAO4czuJ19WxZ/Y8f4Sqvw+Uki/uMSB+jonuLzAX:/Iz4TAauJXW3Y8f4Pw+UVuTxnuLsX","tlshash":"db64a40baaf314725563b0bc4b6fa5043231806b5e59fd643e5c82dc4f1d83d26b6bae","first_seen":"2025-12-12T08:06:26.768664Z","last_seen":"2026-04-06T21:31:45.126725Z","times_seen":13772,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/js/layui/layui.js","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.084Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/js/layui/layui.js HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 107853\r\ndate: Mon, 06 Apr 2026 18:38:49 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Fri, 14 Jul 2023 10:04:07 GMT\r\netag: \"64b11d97-471d6\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: CNwhcMV7IkP0dzGq6m5yvxwcruW7Qf8FAxObguMAe4P5rgfpcRg3WQ==\r\nage: 97\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":291286,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"70ed0e8151d23de969de514bfd802a56","sha1":"569e6c1b0ac0b8efaa7dc0015b691334947a9665","sha256":"92c7997b3dce6ab2368b1bdb34ff4b67ac77957898a126c7eba452a8080bec95","sha512":"947eeb19fb055b07a191ec89625941abbdc8b2247b447dbec2e3958ebd3aabc34ac07a79c559e4752bd49bc44db77d500913aab4fae300077556e347d084b1a9","ssdeep":"3072:tVo+F//NOM0SF0Mz0pZN6TPKWjZIpYCrYtJ+8CZrcNBf4XcIiOb9:Xo+FdO3SF0Mz0Z6TfIpPS+8grcNBQcIZ","tlshash":"02543a9d758574b3237360a6406f990eb17b093daa0a8060f166d4fa2dbdc885237f7f","first_seen":"2023-03-07T12:09:26Z","last_seen":"2026-04-06T21:20:08.859295Z","times_seen":29652,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/plugins/AiSuite/assets/common/parsley.js","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.086Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/plugins/AiSuite/assets/common/parsley.js HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 27972\r\ndate: Mon, 06 Apr 2026 18:38:49 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Mon, 17 Nov 2025 09:30:37 GMT\r\netag: \"691aeb3d-1730b\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: dMIx_QAtD8u688JfZvJ7d6pXueUYyJXo7GAzwug2cTsh5K_xwQuSJQ==\r\nage: 97\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":94987,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (885)","md5":"a442261f7fdcdb3396b2982e7d5ff2d3","sha1":"f2a873ba1e0a2400f6c5f165eb9d4f4d36b4e2dd","sha256":"be43eddbeae875bbc9b68f4a6a95de3fad6798b733dd55f2cdc2bf81a5a33848","sha512":"16aff01ee308ec0adaa0e2be8ee139a1820b2af48f7ba182e595999efa4e3bf64f76dc80dbd9fe6b99152cfe1768bc83cbd0f52013d8cdd17270edf72237743e","ssdeep":"1536:qAj0W4ZuOjkI33R+a0WQ09uH60SkAZzvH6KomR7Gi21l:qAQTuOjkInuH9Sk2vAl","tlshash":"f49371497ae221018d2730bc1fafa0067274811b5409ad94f98d93d0af94d7993faff9","first_seen":"2023-03-12T07:21:41Z","last_seen":"2026-04-06T21:22:32.106245Z","times_seen":21044,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2026-02-23/591a7e6d2a7870a70100a2152adb9d09.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.732Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-02-23/591a7e6d2a7870a70100a2152adb9d09.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 23 Feb 2026 10:54:26 GMT\r\nEtag: \"b0794521e0979d1448429959272c2cfd\"\r\nContent-Type: binary/octet-stream\r\nDate: Mon, 23 Feb 2026 10:54:50 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 732\r\nContent-Length: 911984\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 4150244603225248920\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":911984,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"b0794521e0979d1448429959272c2cfd","sha1":"8ba087e04e60ccd8d7452ae669a287a23c45082c","sha256":"5c90a161c2094dcd2088f4d896652a78ba7728291bdb7899c2b1d872dc5fc67f","sha512":"eef910831eee04f339cc996fa936ea1d3f8c212a4b4d9b1edc9ed32fa49638b059469e57662958ed0aa67e437f3041778480dc725fc2b783b0da8b53fa751d94","ssdeep":"24576:QsLGssiQ+jlgtl77xXpUuSKcFaGuwXxMdh+LS260uMxLnSmd2o5K:QsxQwok3KcFgldhMS2oMJDdA","tlshash":"911523e9d44cc98acdfd4c25957774c6602750262318bbda6ebeb2b9c539320b134ef2","first_seen":"2026-02-23T19:19:00.438963Z","last_seen":"2026-04-06T21:31:45.134647Z","times_seen":7463,"resource_available":false,"data":null}},"time_used":114,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":99,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/plugins/FootMenu/assets/foot_menu.css?t=20231032","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:26.950Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/plugins/FootMenu/assets/foot_menu.css?t=20231032 HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-length: 836\r\ndate: Mon, 06 Apr 2026 18:38:49 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Wed, 28 May 2025 04:33:25 GMT\r\netag: \"68369215-bca\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: FGIi_rBRyzS9LE2QIZFEy98CiSvinCArqetlmaCzHjF34Upx0jF5BQ==\r\nage: 97\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":3018,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"38409875f4c2ac41817851ed5e5eee82","sha1":"0c26a3b9ed9b83c061dfd5fa77f814b9069736e0","sha256":"a5145cedc0d537b7340f185eb2d065cbf323a971819781fe6a9baf05b91d0697","sha512":"b2d8df27917759576bf1b2a360c66ba8c59f8bd6d0950078d386572987c230d14727a36fed8e2b055c81d7829f69a4295474e69b951a6c8958e0cd6d502d5fb6","ssdeep":"","tlshash":"b5518f2966b30e60b9634968bb994684b37ce2038d4dbd7ffd1913c48f8e494add134d","first_seen":"2025-05-28T05:10:55.041625Z","last_seen":"2026-04-06T21:31:45.091756Z","times_seen":21647,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/css/7.10.0/swiper-bundle.min.css?v=1","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:26.976Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/swiper-bundle.min.css?v=1 HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-length: 5081\r\ndate: Mon, 06 Apr 2026 18:38:49 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Thu, 29 Aug 2024 12:37:03 GMT\r\netag: \"66d06b6f-3e37\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: l0QeE7LVMnkVDIzFbLyb5lvq3MdDKBVlY-vMAnIRvKq8fYkk4WGkIw==\r\nage: 97\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15927,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (15672)","md5":"4f58978f1d4b2860f7cd2a14aaccacb7","sha1":"ecab9abbe6e9fd3f1f71760d665a6ca09a889065","sha256":"5e47bcf3c1df613cfc0c373b7ae064c7e9ef7b2d3cedba73baa10532068bd256","sha512":"79eb9b500a1711dd9ffe55be53f443a0be9dccffb04323238ebe4d6725c518b9d812c01f4b82112ab22762d757a27ccce7e059fd731da6093d25432d0aff4216","ssdeep":"192:obvmUJbiKneTT4bHZ+SKbP3p/a/AMQfHff21eesedOJ9A5Pz+c3At2/E:oKUbeTMbHZ+VA/AVfHfd4XYD","tlshash":"de62136813402c2753274f364b71cbb9ddb444924b93896e92c0ee84d7b68bd236f6e9","first_seen":"2023-06-27T01:17:46Z","last_seen":"2026-04-06T21:31:45.129825Z","times_seen":18899,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/images/logo.png","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.062Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/images/logo.png HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 31308\r\ndate: Mon, 06 Apr 2026 18:38:52 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Thu, 29 Aug 2024 12:37:03 GMT\r\netag: \"66d06b6f-7dc8\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: BYkVfqgzblJ-sXVOh6Cq58yd3ZSVTGTQrzFf9MY_qz5qj1mf76jLHw==\r\nage: 94\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":32200,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"7a470606279b5e4dfd967948732903a8","sha1":"b1600388cdad26d8aec3ebaa4aa38fe414a37e08","sha256":"2dc60de251493f96979fb12130ea615a4b8aa40e8679fe7909e7c12caa749a91","sha512":"d6de3014e30d339f342f6b53d32f864fa775aff55a0020c59ee2975b7bfb141bf2a65b5d6ea5d67edaf891e9c9b3c666cde745c27084f953db8f4a1fa27257c2","ssdeep":"768:UT0Y3QZgIJZNLrCwT+4+sxQ+44bsBtte4O5l+sjiffGP++:UT/gJLnCwTN44bsPtej+smHE","tlshash":"7be2d1ee393b3463d40189b5ceef289d8f39759de883646e6749bae55614a0885c003f","first_seen":"2024-09-13T00:49:50Z","last_seen":"2026-04-06T21:31:45.147127Z","times_seen":17421,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/js/7.10.0/app-download.js","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.124Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/js/7.10.0/app-download.js HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 536\r\ndate: Mon, 06 Apr 2026 18:38:49 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Thu, 26 Mar 2026 08:53:44 GMT\r\netag: \"69c4f418-308\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: 34_NintbE5ZoG0pHI-GB_Lf5p7M7t7vtQ4HfSSS0piw7JHUHkNyWiw==\r\nage: 98\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":776,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"b178f7a7536c73fbac0afb970f249403","sha1":"9920bf020d4b8f58cf66869be87b459f648f8446","sha256":"caaf593068e7236c228e9a3872980e4e6297f90a6d14eddbea4934f0a374ea80","sha512":"eef21fc9c72c0adc9d090a661d9e9ab8057a592fca6891a94833916e19bb5a94459c81eaacaa6313381ccbe0ff42f8991b7f899b5af4e0beac0127e1b93c01d9","ssdeep":"","tlshash":"c501ce25e2bc702c8233e3f9470f62c45235106789000c1208acaefc8db312aa362cab","first_seen":"2026-03-26T09:29:38.905848Z","last_seen":"2026-04-06T21:31:45.031436Z","times_seen":6147,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn//upload_01/xiao/20260331/2026033120144880492.jpeg","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.785Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET //upload_01/xiao/20260331/2026033120144880492.jpeg HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 31 Mar 2026 12:14:53 GMT\r\nEtag: \"55bcdf48ecdfd3384e525d6f487bd583\"\r\nContent-Type: binary/octet-stream\r\nDate: Tue, 31 Mar 2026 13:40:52 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 44\r\nContent-Length: 86672\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 15742740958778719895\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":86672,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"55bcdf48ecdfd3384e525d6f487bd583","sha1":"e8914a574331d2ae472009dca3e1e30ae5027980","sha256":"93bf7cb08201fe2882f7a9adbeba1f05791a359772bfa47f0707605a0e64c85a","sha512":"ec6694aed4a5ab110dddf9b341381999a99c4db5aedf46f5d73280164a98ffdf4bb2ccbe4c8a210a502228121d5010de5553020f250e90d0966a4c68c9707aa1","ssdeep":"1536:IAuJ2b45f88Ws2YE2MS1Fl0uzS7eyyN6SDIC2bSfwfa+n2D:7uJBf8FzS7pzuehMSDJ09k","tlshash":"08831213907f0190a68b2fc4619e4c16d3c15f88495eba7d21fc14a2de722fafeb4d56","first_seen":"2026-03-31T15:35:28.963455Z","last_seen":"2026-04-06T21:37:59.279115Z","times_seen":5292,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2026-03-18/fcff7a5519c5585b84022fb22eb9b990.gif","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.828Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-18/fcff7a5519c5585b84022fb22eb9b990.gif HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 18 Mar 2026 11:14:20 GMT\r\nEtag: \"b623e1b55f0930c825f1f77ccf2aa695\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 18 Mar 2026 11:14:20 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 40\r\nContent-Length: 312944\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 12578939795856400858\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":312944,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"b623e1b55f0930c825f1f77ccf2aa695","sha1":"2a3fa46412096622bfbf0c8c804e3569563ab50d","sha256":"257c25438d69e04240ed40ad37b4a28caf7fd4aabf061e969ee9235a79f6ba91","sha512":"9640217cfc3e64b0b3f5d8e1c9dc97949071f55ad898a1d2299fb29fdf3e429aaba6a05d5d8c9f00cd6878ab95e5b84db7bdd41e9bf1ee5f72c3d70e5a76e638","ssdeep":"6144:TN11eIfw2XlBj5XN+lXYm2J0ytC/xxX8lTnOJ2xk3/qtXfD:h11eIPT54YCykpxwTnOJX3/wX7","tlshash":"a5642310949180eb15cad88a5ecf5a30a2afc993d7afb41af0d3974b50ec7e93311b57","first_seen":"2026-03-18T12:48:21.453772Z","last_seen":"2026-04-06T21:25:12.323523Z","times_seen":8069,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":17,"dns":0,"connect":0,"send":0,"wait":35,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/hc237/uploads/default/other/2025-12-30/d17322eacc370df9d8c74917a4d81688.png","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.885Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /hc237/uploads/default/other/2025-12-30/d17322eacc370df9d8c74917a4d81688.png HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 27 Jan 2026 14:10:23 GMT\r\nEtag: \"8e78105502fd4718f8c170301ef24f37\"\r\nContent-Type: binary/octet-stream\r\nDate: Tue, 27 Jan 2026 14:10:24 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 15\r\nContent-Length: 152560\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 3633320325598830508\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":152560,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"8e78105502fd4718f8c170301ef24f37","sha1":"99359fe1c90ca4f43885b194682566cdca7a2732","sha256":"0f233333867ea57405d816c09f33ae4474a9c274045e730233930f9e334943f4","sha512":"08fff58185fd6d81eafd8f5980ba8bfc2a7dd8da92fba6b707b7c862e055c02851fb9679d34fc988c7b4cb18ea007ad114dbb27deca0b3b182ca2dfede87b9d5","ssdeep":"3072:B0nNq9uJdr2tAenbIW2Q5Xh2qBFXNJ5d6cDlf9xttJ0MtSll:iNqogFIW2A/FXNJ5P9xltSll","tlshash":"0ae323fcfde77e30c6743ac6986500e65b82fb9d62063729ee148fd4087697a39e0548","first_seen":"2025-10-18T12:51:03.886963Z","last_seen":"2026-04-06T21:31:45.11725Z","times_seen":16497,"resource_available":false,"data":null}},"time_used":46,"timings":{"blocked":30,"dns":0,"connect":0,"send":0,"wait":11,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.glgyza.cn/upload/xiao/20231026/2023102620184160107.png","fqdn":"pic.glgyza.cn","domain":"glgyza.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.941Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glgyza.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Fri, 03 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"40:41:E1:4E:69:C1:3B:3A:12:BC:C0:3B:51:8D:18:0D:67:8B:2E:4D","sha256":"C9:CF:9B:E8:1D:D9:04:91:14:08:08:E1:1D:F3:38:D0:59:4C:D3:69:BB:A1:74:88:CF:BC:79:9F:1B:7A:7E:9B"}}},"request":{"raw":"GET /upload/xiao/20231026/2023102620184160107.png HTTP/1.1\r\nHost: pic.glgyza.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htyrz1.zgiwnnh.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 28 Dec 2023 12:12:49 GMT\r\nEtag: \"a6bdcdf9f788925c40b4933ade16e75a\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 25 Jul 2025 17:12:44 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 65375\r\nContent-Length: 736\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 13427766580417108349\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":736,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"a6bdcdf9f788925c40b4933ade16e75a","sha1":"b9d417252d52c8bfa41462a728c67205febfb9be","sha256":"67f7c7ed605dda502279353b1b43c59fdabd43a10d84c1f9b4b925a0946db40a","sha512":"a9f62b51d36b29c6082e1730f497d0f7f9b9be8f15773600f0776c9dc955b1c18da3887c521ccafba00301bddf7ea3094976e162a8c8adb597d017b6b5744b7e","ssdeep":"","tlshash":"dd0165c210e56805b694a517758086f9ae44195987209c7dda568610ee33d338c54279","first_seen":"2023-11-12T15:49:18Z","last_seen":"2026-04-06T21:31:45.054349Z","times_seen":20650,"resource_available":false,"data":null}},"time_used":47,"timings":{"blocked":38,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/css/7.10.0/common.css?v=20260327","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:26.960Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/common.css?v=20260327 HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-length: 4269\r\ndate: Mon, 06 Apr 2026 18:38:49 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Sat, 04 Apr 2026 06:49:56 GMT\r\netag: \"69d0b494-3bc4\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: U4yRdpV8BQpAB2ol8jb49_VD1rJaRy6Ty0N21-X6rl4m5YgA50B7aA==\r\nage: 97\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":15300,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, Unicode text, UTF-8 text","md5":"8ccb68e292edb16fed43db108ce7e273","sha1":"7d39a911cda3df00c388a80d631742feec011017","sha256":"5e97433c8fcd70ce3061cd8db6df27592546a60e1d796463f23220871b5fde82","sha512":"2e1faabf2e397811dbe8ee83a03c2d715a1bbd6ddaf2f2b526b1e139f44f3c1564cfd14db87e6f976194ce24b2434fe5c44efe27bdac20fee30c0466cd98b7c8","ssdeep":"384:Q6fYJ9F6C6YjvrDdcqYegaDbSAxB8M7dtqo27Jn:Q6fYJ9F6C6YjvrDdcqYegaDbSAxB8M7m","tlshash":"b162035e0563060069daa5655f6d2ac8166dc00bce0ad56d3edf728ccfce2d4f4e278d","first_seen":"2026-04-04T07:27:39.529964Z","last_seen":"2026-04-06T21:37:59.298079Z","times_seen":5129,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages/js/7.10.0/swiper-bundle.min.js?v=1","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:26.978Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages/js/7.10.0/swiper-bundle.min.js?v=1 HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 45534\r\ndate: Mon, 06 Apr 2026 18:38:49 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Thu, 29 Aug 2024 12:36:58 GMT\r\netag: \"66d06b6a-224ba\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: hL6LZTkQaSYn1cbsFwBohXSUkcMDspv20cJ2uE9oDbyE1vXmb_OAaQ==\r\nage: 97\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":140474,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65282)","md5":"f9cadf6d58ee7c472ec17cc71a5cbe09","sha1":"1ff2760a4dbbcb6c9b5b7b5d614041f5ec0f9646","sha256":"ca14261d766828dfc9120faacc847fbafc086fb2948c5e219ac989403ba8ba2b","sha512":"f0fc4bef7db4a44d983ce101de96da366b94a0fd17d5fc8f721713f66f98cce0b602f570aa3134766d5501c86fd4f307bd31d0852b892e99d346a49f69980b4f","ssdeep":"3072:QJVnjuHkOVtuD6poy9v8cnWDkwV4y+6GEcTYEfBxK/Mxz:QJVniHkOVtuD6pl9v8cnWDpV4y+6GTcs","tlshash":"e6d3f8997320b1a552e3268b92a9c611e3b51400b409c4e871bd4c9b6d7e99c13ffffe","first_seen":"2023-03-09T03:55:40Z","last_seen":"2026-04-06T21:31:45.159853Z","times_seen":18962,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htyrz1.zgiwnnh.cc/usr/themes/Mirages//images/logo-2.png","fqdn":"htyrz1.zgiwnnh.cc","domain":"zgiwnnh.cc","tld":"cc"},"ip":{"addr":"108.157.214.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://htyrz1.zgiwnnh.cc/","date":"2026-04-06T18:40:27.048Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zgiwnnh.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 06 Apr 2026 00:00:00 GMT","end":"Tue, 20 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BA:1A:F2:50:62:50:54:FA:8F:44:B4:C6:60:98:10:45:E5:96:94:9E","sha256":"87:9E:88:AC:40:8C:DD:BC:C0:5E:A7:63:64:3B:5C:DF:CF:FB:F3:42:BB:96:3B:DB:B2:9C:B5:F3:BC:38:61:13"}}},"request":{"raw":"GET /usr/themes/Mirages//images/logo-2.png HTTP/1.1\r\nHost: htyrz1.zgiwnnh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://htyrz1.zgiwnnh.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 3929\r\ndate: Mon, 06 Apr 2026 18:38:53 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Tue, 22 Jul 2025 12:20:29 GMT\r\netag: \"687f820d-f55\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: 3ladlV26T30xYpIwxm5D7lerqI9TLOFHWUbAD_FNUT1pnF2vclKy6g==\r\nage: 93\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":3925,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 264 x 78, 8-bit colormap, non-interlaced","md5":"1bb369107c5b5cef8e13d2b8a3ac6b41","sha1":"6dc85fd0c3b5706dfedd89307330c1aa928d1c08","sha256":"38f665614823a4fa0265c43f274a286219775d73b0964f1d42dcb4d669c84963","sha512":"21f2d3637669c713839a80ec2d6a48f4c265b4d4ca77da6709e9f842fd32e64a1d8860646d13677e30ce3b28acc40bd1dc9c4289dae10cf6f89680a77792443a","ssdeep":"","tlshash":"86816d609ef35ccb1cdbf81e2b21f250b07a7da927f646a3c230c1126c1971438579e9","first_seen":"2025-07-12T04:18:50.913032Z","last_seen":"2026-04-06T21:31:45.048395Z","times_seen":20863,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}