{"report_id":"2e00bbab-6222-4871-a345-85e661503951","version":6,"status":"done","tags":[],"date":"2025-06-11T18:33:11Z","url":{"schema":"http","addr":"k.f713.cc/","fqdn":"k.f713.cc","domain":"f713.cc","tld":"cc"},"ip":{"addr":"23.224.177.250","port":0,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"x12j45jqkuf2gwut.com:58010/dh/index.html","fqdn":"x12j45jqkuf2gwut.com","domain":"x12j45jqkuf2gwut.com","tld":"com"},"title":"請截圖保存到相冊-新網址"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-20T18:33:11Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"cbu01.alicdn.com","ip":{"addr":"163.181.253.193","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"domain_registered":"2008-06-25","domain_rank":44205,"first_seen":"2015-04-17T10:25:48Z","last_seen":"2025-06-07T12:09:36.380364Z","alert_count":0,"request_count":1,"received_data":174577,"sent_data":484,"comment":"","tags":null,"fingerprints":null},{"fqdn":"users.shenqizhilv.com","ip":{"addr":"36.158.237.74","port":59168,"asn":56047,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"domain_registered":"2016-11-05","domain_rank":0,"first_seen":"2023-05-31T19:17:44Z","last_seen":"2025-06-06T09:27:43.391868Z","alert_count":0,"request_count":1,"received_data":3080,"sent_data":455,"comment":"","tags":null,"fingerprints":null},{"fqdn":"hm.baidu.com","ip":{"addr":"14.215.183.79","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"domain_registered":"1999-10-11","domain_rank":8254,"first_seen":"2012-05-26T08:38:45Z","last_seen":"2025-06-04T20:40:21.4787Z","alert_count":0,"request_count":2,"received_data":30877,"sent_data":1139,"comment":"","tags":null,"fingerprints":null},{"fqdn":"img.blkj58.com","ip":{"addr":"141.164.35.160","port":443,"asn":20473,"as":"AS-VULTR","country":"South Korea","country_code":"KR"},"domain_registered":"2021-02-19","domain_rank":0,"first_seen":"2024-12-10T16:22:58.787373Z","last_seen":"2025-06-07T10:44:20.322672Z","alert_count":0,"request_count":1,"received_data":174552,"sent_data":478,"comment":"","tags":null,"fingerprints":null},{"fqdn":"k.f713.cc","ip":{"addr":"23.224.177.250","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"domain_registered":"2024-12-22","domain_rank":0,"first_seen":"2025-06-11T18:33:11.730465Z","last_seen":"2025-06-11T18:33:11.730466Z","alert_count":3,"request_count":3,"received_data":973,"sent_data":1207,"comment":"","tags":null,"fingerprints":null},{"fqdn":"x12j45jqkuf2gwut.com","ip":{"addr":"172.247.94.210","port":58010,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"domain_registered":"2025-01-13","domain_rank":0,"first_seen":"2025-06-11T18:31:56.508887Z","last_seen":"2025-06-11T18:31:56.508887Z","alert_count":0,"request_count":4,"received_data":14123,"sent_data":1950,"comment":"","tags":null,"fingerprints":null},{"fqdn":"img.mresou.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2022-04-12","domain_rank":0,"first_seen":"2022-06-04T02:54:19Z","last_seen":"2025-06-08T20:21:24.637153Z","alert_count":0,"request_count":1,"received_data":136816,"sent_data":451,"comment":"","tags":null,"fingerprints":null},{"fqdn":"files.shenqizhilv.com","ip":{"addr":"23.224.135.66","port":36666,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"domain_registered":"2016-11-05","domain_rank":0,"first_seen":"2023-05-31T19:17:43Z","last_seen":"2025-06-06T09:27:42.880303Z","alert_count":0,"request_count":1,"received_data":575,"sent_data":435,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.asujp.com","ip":{"addr":"172.247.94.98","port":58081,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"domain_registered":"2018-10-15","domain_rank":0,"first_seen":"2023-10-06T14:27:30Z","last_seen":"2025-06-06T09:27:42.823067Z","alert_count":0,"request_count":1,"received_data":562,"sent_data":540,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-11","alert":"Sinkholed","trigger":"f713.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-11","alert":"Sinkholed","trigger":"f713.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-11","alert":"Sinkholed","trigger":"f713.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"users.shenqizhilv.com:59168/dh/dh.js?v=0.747721806231363","fqdn":"users.shenqizhilv.com","domain":"shenqizhilv.com","tld":"com"},"ip":{"addr":"36.158.237.74","port":59168,"asn":56047,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"b7efee24b9cb07cb61323b13516b6bd0","sha1":"07c14e1d52c75f931b248a75ac435f4223640fce","sha256":"979e392520173a64e70e49692117c001f1929c3f27280a9e4439b6c74eb00469","sha512":"a31020bcbba1e5df1b38fda293a2a0e2d4d942f5ee7ea342d3d6d3ab565d3b115147998e3d3a05f28d192da3c8b0bf4576e9588240c76b3462aac9f2c418b5a9","ssdeep":"","tlshash":"7d514293e442253f47da7aba7203538d7871804bbe41e192b97c74c0efa0add50b95ce","size":2791,"data":"","first_seen":"2025-06-11T18:33:15.490262Z","last_seen":"2025-06-11T18:33:15.490262Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.asujp.com:58081/api.html","fqdn":"www.asujp.com","domain":"asujp.com","tld":"com"},"ip":{"addr":"172.247.94.98","port":58081,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-06-04T17:36:00.850303Z","times_seen":120556,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?38ce17e5ef2191b2c5929506808e2c73","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.183.79","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"5cdaa4ffa0ee29fe9bcaf3206890c712","sha1":"5ce017a165b81f37a6d1fabe7792437f37c2e319","sha256":"b107db5f3b27c2ed1c5dab329f3dfa926310fd27f1b71c63a5bcb121767a52db","sha512":"e5796a646e7f8ee4d405db648900484e750ca7fef5cd27d8a0ce51da87733a5bd69aca0fc35d4a578545b471f8392941ec04b6be49b71b4952a3ea7b17fb5adf","ssdeep":"384:cNJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:cN4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"25d2d9a9b282713293a324a5153f724af07b5a54bd4968a4f11894c07d38fbb027bfdd","size":29895,"data":"","first_seen":"2025-06-11T18:33:15.495032Z","last_seen":"2025-06-11T18:33:15.495032Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.asujp.com:58081/api.html","fqdn":"www.asujp.com","domain":"asujp.com","tld":"com"},"ip":{"addr":"172.247.94.98","port":58081,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"5e113b0c1b85cc463b685d021ee06839","sha1":"79367fca1329d81a7d3debe99e812cfbe50ad596","sha256":"bd49f2bb698eeeebcdc09d9e8389079d4f6641951008d460610c23c540afe6e3","sha512":"d2b36472971cd8a83e881b232ca476fc452eb54c51ed746243b4b16603b99b340a77c13056b48d0099c370526ab9491561a8bf7bfb1686e2d52b56602b0837ac","ssdeep":"","tlshash":"a3e07dfe32c1c48c1ea22cd165579408a1d25f39394088d49d145056285ad3b698489e","size":322,"data":"","first_seen":"2025-06-11T18:33:15.501967Z","last_seen":"2025-06-11T18:33:15.501967Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"k.f713.cc/go.js?v=0.408694867884004","fqdn":"k.f713.cc","domain":"f713.cc","tld":"cc"},"ip":{"addr":"23.224.177.250","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5198f716728ccf3fa5d89161174c4fff","sha1":"d26ee30a8187e795380905fcecfdcf882fcb663e","sha256":"d2f1bdcbba63664673594a315c8c9012aedda03a15c43688097138c7508d5049","sha512":"521efa2a23772e366f17e457eb041a5557a612eb42a0924c588f436b4d247edc0f248d7ab472bddecf890ab2c18e0ce7b8973314da944081638328f7fdbb2f52","ssdeep":"","tlshash":"fba002af0614d981ae9629499a939d5752b337ee2d8e4085d715c28cd0c03ac66fe1ec","size":66,"data":"","first_seen":"2025-06-11T18:33:15.471372Z","last_seen":"2025-06-11T18:33:15.471372Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x12j45jqkuf2gwut.com:58010/dh/index.html","fqdn":"x12j45jqkuf2gwut.com","domain":"x12j45jqkuf2gwut.com","tld":"com"},"ip":{"addr":"172.247.94.210","port":58010,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"25cebed59f8376ba833647a10a5d1125","sha1":"d96ef8132ade84ed781ead36f87d02ef1b4d20ce","sha256":"479ceec5b7084592c244cb41ddc161e54755fcf6b5bf8597cd9b33dc2ca8f8bc","sha512":"b362bbbacba8e582a72669295a1f0fc9e910d82455607f2e88fe5dc4217f10849a00675d2c7fec4c71e9ce13eb970fcdec340976fa169303b0bfd6d6287f775f","ssdeep":"","tlshash":"04f0e508b591d604eb48177b6d4af1034a9fa413105b98895c66ee142d78b3ba086e66","size":448,"data":"","first_seen":"2025-05-12T04:16:38.195942Z","last_seen":"2025-08-11T06:32:45.978981Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x12j45jqkuf2gwut.com:58010/dh/index.html","fqdn":"x12j45jqkuf2gwut.com","domain":"x12j45jqkuf2gwut.com","tld":"com"},"ip":{"addr":"172.247.94.210","port":58010,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"0cbcb6b1846d23a0f958502d2fce4e0c","sha1":"f02d3b010b00c2161927bf265ddd5a69b3b83352","sha256":"82653aff90410d256a2f3aa523b46ca22bcefd712aba78267068e86a61b24d3a","sha512":"7bc575a8468be5c738c0c0991e0288d8490a97f27b93e8e5d2a60d001460d043ff6a093677bafea91c07a7897091dfdf25b7fd4e69a4a801ef0955e1c8a082c4","ssdeep":"","tlshash":"0080000e0202a228a3000e220830e2e02abf8023e8022200088baf0800b8a8a8a0080e","size":29,"data":"","first_seen":"2025-05-12T04:16:38.197309Z","last_seen":"2025-08-11T06:32:45.979998Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.asujp.com:58081/api.html","fqdn":"www.asujp.com","domain":"asujp.com","tld":"com"},"ip":{"addr":"172.247.94.98","port":58081,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"fed6cb69d417791b9f836929057c1f37","sha1":"9ab0a7580f8520088b83facab1a1d80167191bae","sha256":"92a3ccb600db9bcc29533c3976e3112b2285bd5bb5f52c8a626d98743f00dde5","sha512":"c2702733eeffcb82f274b1c2c7b1a2dd817b2d99e82e3244d8cc928e6895ff3036b56dcd4cdaa3bb2616a4d12aed47130437f6c123132413bef36c2e31cd1efd","ssdeep":"","tlshash":"c9d0971f2c68283873b5087c61bbf98cb46264ac107de000c0dde8404960ee19c2e7c8","size":254,"data":"","first_seen":"2025-05-12T04:16:38.176064Z","last_seen":"2026-05-31T19:12:42.15416Z","times_seen":61,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.asujp.com:58081/api.html","fqdn":"www.asujp.com","domain":"asujp.com","tld":"com"},"ip":{"addr":"172.247.94.98","port":58081,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-06-04T17:36:00.850303Z","times_seen":120556,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"k.f713.cc/","fqdn":"k.f713.cc","domain":"f713.cc","tld":"cc"},"ip":{"addr":"23.224.177.250","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"e4725da8352954697c5041ef516d3b88","sha1":"82d57bae58a0cb48f84b7ce6f31f17ba57a4422c","sha256":"36704e7308900dbb36d9e4ddf29f6c4eb9b38f694d1b4c1be222dc3a32d3b0f5","sha512":"c533cf76e4c5cb0d5aea94fc948fa0a0fb64defc00a0614b35f59f19909536ee98aaf4043fab23833eb432af664571dd2547def3beef987e8328ea8147fd8e27","ssdeep":"","tlshash":"6db0120a3f5bc11c100000d1fdb1c52070baea33cb33fc44a1898a54808ef546c8fc70","size":108,"data":"","first_seen":"2025-05-12T04:16:38.192339Z","last_seen":"2026-05-30T09:14:27.145559Z","times_seen":51,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x12j45jqkuf2gwut.com:58010/dh/index.html","fqdn":"x12j45jqkuf2gwut.com","domain":"x12j45jqkuf2gwut.com","tld":"com"},"ip":{"addr":"172.247.94.210","port":58010,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"ae32c44c2e020db1cc7edbb65bae0ade","sha1":"2893ebf41f3c23a05da7de44f6545c16824278ff","sha256":"5047e331c5699817207830cf5c1f6bf422cead2bb658a6f113441fbbe894deb7","sha512":"d87cdbe535b491e407643ed7f71fb9bac14eb6cc187cbcac7bf0454b96c195ab016309ec19284760d8d85b8f7878c83c31718ab23fce1cfb02882a1d19597bdf","ssdeep":"","tlshash":"8ec08c177a0ad20d218040d0fca2e8687476eb238e21ec84546e5684680d9a8984e8b0","size":160,"data":"","first_seen":"2025-05-12T04:16:38.198529Z","last_seen":"2026-05-30T09:14:27.146235Z","times_seen":57,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"files.shenqizhilv.com:36666/js/tj.js","fqdn":"files.shenqizhilv.com","domain":"shenqizhilv.com","tld":"com"},"ip":{"addr":"23.224.135.66","port":36666,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"bb58678f34e96b713547007d11b913df","sha1":"405d1d727595776164ce74ac60911566e18d7fee","sha256":"1b97f997ba0aaf74b21a52aba026e8e702471a29069910c61e0a9831388c9ce5","sha512":"116f89d968c5d03be72e898e2e2ad9befd6bdbd0c2f0ff8510ccd4df4ddcc8fc02d455aaa2de76b43667a82915bd9956f94a28c09b4d33b61b05ccaa44cafbe2","ssdeep":"","tlshash":"b7e02bff0025870a0702154272708b493665e036732694b0f9fc5812f3f0e95a462fde","size":292,"data":"","first_seen":"2023-10-19T13:47:14Z","last_seen":"2026-05-31T19:12:42.143991Z","times_seen":68,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"5e15d5c465ec23f31aaad3f1f5f071a0","sha1":"7a96c4b28e493b35498aef4780d881610378d4a1","sha256":"f9719e267a1dbfbeea9f25a8f87f10b4297ab2aed2e1a104e5f2197df5c91e1e","sha512":"1efbf3fdfc9bc0af849277296b659ac10305da3a46be2dcc9c24b97cbd8741606b50a760a41cb39bb1017889421e094137a7ff81d7464db05075eebd01173aa9","ssdeep":"","tlshash":"c710000000000000000000c00000000000300000000000000300000000300000000000","size":2,"data":"","first_seen":"2025-06-11T18:33:15.510153Z","last_seen":"2025-06-11T18:33:15.510153Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"be68fac240a587927959d36ab8ef7e83","sha1":"4b74a5d99b6254fa5b0615a240d8af9eb5db2489","sha256":"0e915f732fe374207f032d01f42b6a1cc827ee1bd944b9da3942625ca93b2d89","sha512":"97c1082c88d88eb46f025305f218e17836cfb856a91ba6db21817a57a142892d88fb431456dff81e36410e8afe7325b0eaecee4a4941e99a3b27543e32f21ad9","ssdeep":"","tlshash":"abb09b175d09e149258454c4dcd5bc5d741a76045944c48599eb5454381a7e4c905095","size":125,"data":"","first_seen":"2025-06-11T18:33:15.512976Z","last_seen":"2025-06-11T18:33:15.512976Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"c807843e7bbe8a00aef8979ee88012b9","sha1":"14a165d1cdd1dd457bc86dfae41cbf538b8f362a","sha256":"c7db7738b63b08663d88de45ef97677acad8e45c5e0d84cf19066403447d49d1","sha512":"28dea8ca2f7e2a51ecb160b3bed1d25e62d048b010ba03ae592303e75d38a90206a842aedcf03f689cfe0d1c017bd883af229aeef48d5052eeee5a9510f50643","ssdeep":"","tlshash":"84a002072e6bc148589149d4dfb1e479b094a8119360ecd8e6cdd8e8928dbeccc1759c","size":73,"data":"","first_seen":"2025-06-11T18:33:15.516105Z","last_seen":"2025-06-11T18:33:15.516105Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"http","addr":"k.f713.cc/go.js?v=0.408694867884004","fqdn":"k.f713.cc","domain":"f713.cc","tld":"cc"},"ip":{"addr":"23.224.177.250","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://k.f713.cc/","date":"2025-06-11T18:32:53.543Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /go.js?v=0.408694867884004 HTTP/1.1\r\nHost: k.f713.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://k.f713.cc/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 11 Jun 2025 18:32:53 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 66\r\nLast-Modified: Wed, 11 Jun 2025 02:51:26 GMT\r\nConnection: keep-alive\r\nETag: \"6848ef2e-42\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":66,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"5198f716728ccf3fa5d89161174c4fff","sha1":"d26ee30a8187e795380905fcecfdcf882fcb663e","sha256":"d2f1bdcbba63664673594a315c8c9012aedda03a15c43688097138c7508d5049","sha512":"521efa2a23772e366f17e457eb041a5557a612eb42a0924c588f436b4d247edc0f248d7ab472bddecf890ab2c18e0ce7b8973314da944081638328f7fdbb2f52","ssdeep":"","tlshash":"fba002af0614d981ae9629499a939d5752b337ee2d8e4085d715c28cd0c03ac66fe1ec","first_seen":"2025-06-11T18:33:15.471372Z","last_seen":"2025-06-11T18:33:15.471372Z","times_seen":1,"resource_available":true,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-11","alert":"Sinkholed","trigger":"f713.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"x12j45jqkuf2gwut.com:58010/dh/link.png","fqdn":"x12j45jqkuf2gwut.com","domain":"x12j45jqkuf2gwut.com","tld":"com"},"ip":{"addr":"172.247.94.210","port":58010,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://x12j45jqkuf2gwut.com:58010/dh/index.html","date":"2025-06-11T18:32:54.739Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"asia8.youporn.la","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Mon, 13 Jan 2025 17:04:08 GMT","end":"Thu, 12 Feb 2026 17:04:07 GMT"},"fingerprint":{"sha1":"6A:21:9D:78:AB:B7:D7:EA:A4:62:D5:FE:A2:3A:F8:FE:23:E2:50:5D","sha256":"07:73:9D:C2:C7:3E:81:BF:AD:6D:B5:CF:54:B0:77:7C:99:55:47:0C:57:C5:6F:D8:2D:A7:DB:21:49:59:3D:4D"}}},"request":{"raw":"GET /dh/link.png HTTP/1.1\r\nHost: x12j45jqkuf2gwut.com:58010\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x12j45jqkuf2gwut.com:58010/dh/index.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET","post_data":{"size":12148,"data":"\n\u0018GUGrl5YkSwpBsxsF3eY665Ye\u0012¹\u000b03AFcWeA6sLusfDBkM_B8a5xEjs_ITcsIepuFCoowOHS7HDH4thAeL8umVffDLLeX5Fxe5vAol1bYBdE3vxCY8nJsB0bydHxKRqlyCK-F_zz-vxRgo27rQDITclNZtKdSy6s5N_lntIm_ehK_iN4aCKIXlJVfQm-F1hp7oyubuktVFCfEH1FlgEmCYaSznKbFHc6KLAAHuh3LMz0PWKwHhUpMR6ibyhDEtyVx7kvL3XXe1lbsfJhEhTNBlq5mgCOvwuv0QJ4wLd3aUUm6ARheMxKYFHkdlL0McM2WQUX3niUP2JEpIjF-Li_ZC04JE4nXp8N5h1IYX86AOOn4EwIDwTCLgKSZJmQgscbsgnKsSxH5JD_C8x0FZ_i_l9vC9itOKGDExouD5CX_SBEJybFXrGH6nIpsdpQKsU8moKQsTXQ6e_7E07yNxuP74FyLcgLfWx1RbSIbdFq-3p_Sf1cwqX_tUUsffsOJHge169VGPuz0BMKxa9cx_0g3dN-UHN2DpSFjW9ORwXQThWQNUOAKqsqDFps8Tia03nOBalzOSBxpY34bvkIwU7_c-xP7tBlnwjO5cM0qSI0DMKfQEogvYWEYRgjslok-bR1fXqIgAYRfTPdHS7662so7ABV8VDCx2bE5Tex2CRkMMCD4ae-7xpWfzAHYqdPZ5z8uF9747OWMcSdcKGW6M4GdxBvjO02NNxYN4Eh7V_WJVJujYOsRvAjvYxxA9x9uKXZEJi8_mgzffNCwuSY9X7eGZSJx58SKECzwAuqLWLtPnQ9JPFEUkxeCobnCsIxAjP5553LFQBzo1NApmW-47C36aEXf3TFILuIizeQv2zQosxgnDPehHrWnDNDbqZWEuoE-11qjxFHAsHAanrgs46MoOXQbmUmpjDpLgdktGMn8XdfemGnGuYr1pXHEpqNGld117LZcTf67XOVXOWQYKWLMEiYkFQpDSaqN85MYvrDjz5EfcNXNtu9tkWtaiKDcCr50VlMKC2dTLdOzDiSwc0H3haqwUSoc-6BoXVpKDLJn3f9xvPUfhS1mAsNepBzg5m5r7KPROs9isdcUuqdf1JuqMHK44dDwuFds02G0Wt_zl2lOXesv5ZSwx_YhsJ38eZl3T5M7AFb-FlZX57TNEjTYRHGPs1EhrahcJr05Qd2IWcot_Gh-fk-gHG4EeMwRj6zu4mec7EVmGeEPpn2UDt4g0TZj4si0KY08XArMnhNfCdnmIgKTsBjSUK9sd7eWW0th_JzodjWcHRJ6xnSKuQk2fiyfD7jxDAHY3k3-ZwpKyrqlxgYkZfTWvUpsXqWHa8UN1adCUByXDkvs_8LtGXZJOuLRx9gVQG3dPA6-zXJC8vbvQOoouahHGlUTUTMh4Iy-u-AyES6rsbUgwPa21PZ9XlKyIV3jS-U9quwtrbYKEXZd6zAK_qK8wjYzdU3M1Ltcw6gZQER-vZFXZZmJ-ak\"ø\u0016!-_2g_fgKAAQeBosZbQEHewCAu4ey6khwMkOqlMmeb9rFB17cqeq4T_6PpFQ-r96IHrNuKsiyswLQshDoP95fb7QFJBSOanzPB39Ev4c7w-JGTM1RRLJfORWuMOsv_YwvZkfYxOgu7XREuk-4LbDiO4lh-5GFBjrWT2mbNyJRBevxVLnv5zRnkRJF4h783wIYHmmcCARfpJZ7-fSOKa0KjWHI3G_c4HO8NaBpxsd90er0mFEtKeMlcDNdIjw7mWZl2JkHnMZbADoSEewykTfzPJ7zE6h4l1mO2ZCpYfqC15LGv5v8TMQ448r57LJVEbs509NmZ5dLSx6kPAXHP2AB2BIpUbhgtyz8qcoBZSrILrrrlU4C1t8x3mPUTde1he8OPJyOEnzK4LGoxISjKMBORGZH-r4g2VrWkkFNRSq2fEDsREUz5ly3FNIMKgMPsgUNbwGyq6vF5EaHdCrFhEFq-bwr7czL1Zta4HocHeFA7cZFMlKqoFWz1vod2KrcXPRy7KvuzlxuI9o_VsuKt9TvZKe8nVVReY4Wvr8S8n3Ru0rdA0YG9S9nYYU2rHT6g_x9afFOBGwuss1iTHzqKgJxntjLthNn1WrSS0EqMpiDApHRiq-jdvqdaiRJPNZ5g5tNYcCmQxaeXmWF5mJl5eRJmWA4brfqVRRgiTGwpV_dCzV3HPPHgHZimuQNtSEtZz9gGxSJp9qlyUvJrH8FEyMFx5vLtyC0GoPwK__cYZryx3vQ8VWONIA4HFonuJOIsjxiuCfJ3B1qkUOIgageBreMMSTr2vbNFaghiPOXm7D7rBzxNU0QUO0rRsT1_SX20F0BgqkQw1XFUkcUTKP5sFAfkztZshvIYyE99N0iWlCHd7ng6Mlc_thgo8ij9lcwvD7MmOsgQzgjZFKG6fAImDPupHUjJDjKcpuNHaZzUR6bTMebI4DkWxaAVxxJjAHVqm3nK7Ix34pMJ8mnrrdyg4fDlaoQ_qi3mxfv6bCJUNR_t5haLZ0VkThBEDga5p9HX7tehZfuz056rW987bxc6GYCuzzSrJXjJhyCTU3OjVJEAOCLRynIg_anVZYdOcBV_0ExxZ_ThWLUxozBjsVJk6cVkuwS26E6c8s2B4utqF0iKxtSOhfX99Rm2dFUthHFVJ_YzkwaeF9jfifSbTM9R7es52V6IFheFQy6EFxFue7YiJ7LYCKAQdRcRq4yv5gHQGYAjDx3QVlSHVd9B9rCAaNA-NL5cO4fxS8t9OFgVizBjfIKwOyzG412_3kVdCInAMuQemPmJ9q4TvkPiqYL0DBbkpGj-OTrszBSpCnO_BxD31mQsWX-s22elntmDTvbKZ1iNTvK6W2yPIPj9wsbcbRXBbYy9hdx-i2Nuq_dBJ1nK9DSTN-S-9wb133ktmHB4fDL6lDmt6aSU18wp3FEG2UH0bAy5rpr1BvkqPv1S8pk9fxhWGSGFjjXM-fq_i4J5mFpycyV-FHZEvQLr7iiLi8PlwvdCKn-VNRdzCEepIBx3VZIX3cxJRBs6w1EJsinqVmLNHKfBmtrfpFdj1dIGaEmen1yHpGMCHi03WhH4WRCnRR0fbFZCvX-aKNRiW3Ab7l-MtwX3bJIMpE0EI6iXLak1b1zYIDKP4qrK9lQpQ77ohophj3r1AQdpT76Bc4c0RwPPRxhRqhHv2bqhXid7qivY5lM9Mu9ep_ZRZVXr7rJYGwKk6N92lhgo7Ss7j-8b6K_d2OHAU0WDfPBkbIa1qnxNio-b_QkHJsOaHM7rZCr3Jo6BS6_GaM9lNbQ6tNG42BFHaaSvss_I38jH2HIr9u3SN6504dDMUDwrKjiK2TgHoJIeLHtUVeOOY_JZoHbNal6QGQ9Ld0NtJpA7rTLi9s5fEF27FL7fQjSb2vWbTbdPWd7e6TShmDaeD9KwDFuUefaDCcnPpi3ShWfCfpZasRiTmHKFXmn9GGnNNHiXKiatpAjZWagbxPhKr2MsD95x4ejYg3wq9rFC2L6iCS7pr4LA0M4qWeDF6-hfMQlfqFXK1XlI3AET_lEC0rValXC9Ro9tMl2_XIpnzBelFKinWkXRdNXNYNQSRk5pFxuqi8mtvNtS4wo7g2qU0dNGirwbR3SpSKMmc4b3rNsDlRyiMtSUyvuU1xso_TcaXEvmdNw82h9hjwko3RCCVyW5x7A0dBLtpvI6mdWhmLSfLo2LgAivCDLAWJjUNDhkjVfXdlweFuZb3IwoF96Bk1ABQnsnIUPyQApvktUDKY1dpfWuwPncyP5zl7mDdrM1AP7WAB66QIFVgTVGJZaB2UgP1y4I_uaPDgv8jWgr5SfAuZRyn_9Qqkfl-WlurmEQJwfA120xtRSNu6noVIAMVCGnhq6R3olA3hcWItf2JCHToURTjgzxIZofiL2X4tK_Rr2zmsDb6NOcLCnWOBN6slRNFVNoGhI6vcP4IWQbNu-VAlLNsWYvC4KwTl6a4r9KrI8-2X1FFoIl1ARR07E47DGOn7eHQUiectbNRyQDFKv05Ixo1PKWS-PZAvFI-6U0cxv-uN1SZNZ2uJX0XiKFcUvJJ-v_cdlUTWlEyH5GpEcWxum_ZTIO465mfviVGFtZ0n7s1jHEnlqdTJ3gGe_6GT7ppuZ6GJXnbYKQivXmPAoZJAJnRitFD6LWrQNi33zqs9897SXkpdsAF7-kVSoNUP0WAjU8twA22-9wipiUUsTMqTDBNMThpcVK_zy1jsI87scQW5d0x6SxZ3jsxduW0UEyUP470enkVimOrf98GqQ-FwMr2h_k1wRUM3xk2FGJoljrWLJNRS2ebC-Vq1XuCjFjxYo3ElZjFV91HfDlK8Zs1zwXt2mYtnzaaTUOew5zOlv4XwgAQQyITTkFV5hFB2QN83xRClIFEYza1WLgS0h3-s93lFOUM4WZzOxvFu7W2yyb2ECZSgJcn-viLwso3c*\n-3572789642\u0001qB\bhomepager(6Lf1b6IlAAAAAMaU4P8TVbLwwwIpJiAbm7QfqhFb‚\u0001¨\u001c0P5MKddA0WP5pxChM8l24HEDmUawQNI4BbMtigvBZuF7JJIisUr0YfKBGsQxwlDqlAGSILpn0WHwijehMcBaB3EBkCnXQNFj-acQoTPJduBxA0_6x9FW2Q3sGT8T7otBXrh9oyU5342C3SqDVWuFApONrlQSPz13HDWzAAqHUP5z2hfRJlyyW2SmyAGbsQrYJRsYOs-EqmD6pBGiMMp34XIAmkexQdBqF4ERoDnnUOFwCbcgsUPZhvCBE6lWwFDjL9poAQ6gZeQpNwgBjukqg4EWlRq8bf7gXigxEk_yL4V6i626wHbXzVewunxhvivhjxC6Q7Fq9I63gc55CmhWE1yOP8SKQ-2PEJYTyVbhFeAs22jSECWu0PXbIQMczoeZBduRPuBR62EaqCZnMX4ouifsaiPFaux986k2uPXADLtInoABCyAp1AFWtAmHdSrDpNqQPeNQ6mAZpyFmMH0ruR7sBPqwVftxDoA5w12GUJ1L2LtPiULkjiOhEshR6BTjL9prSOKYKmwkqoQ1lylWd9VnK_mzXO6UDYM4wkiFU5xK2C4DtQ5kYXM4JcgxutjmG7j7R9JfWX8PWRK8Ud-A4pgdp-Sy_6o7xWJk1dfsKeOFKrA1s2juhLWDzHsIRccASgOlTtxh04kKrNWj7JsobfNUaiPFauyJ86km1PXADLtJGeb4slf9fxCCO7VPhFKfSdtJDYtA7pABmxDKR9oW4S3Yaabg5athHpRF10Tah_WHALpX2gbRHchaK0C29AWC4QH7yTd0RltFtoDNCsBt940mkEnHaZZg-qQRojB9K7h2LCpStFn8iX8gaogRxujRSwCmT-Fi0Ioftdag7ZgpmsfZkzziU-ljGJJEZTN8KrulmvlRi0DqcBmzRMJn0WbwcjfFT3RCjznLnKV7MN5sFY8AujPiBtFrFIISoO2YKZcU8qhZEuglOvC2R8li6GH3jRaQVd9tlmCtW-nSwFHnhQK0waMhOmB97qEFz6FnbI4j-OqUods9Sff-J5yN9_U2-FYsObr4zYAAsxCWY8Riy5U3cU7PWQJ0boOdhjSt-40OLCn32LZ3ggc4qlQQ4zxyp2UylA5znRqT1OqgRe9g8ogZtzziX9GXHKLXoe6ZKpAV420eJ_SqYBGnNLpH0XMQciulM3RCjznLaP17MNZ0FaMAukvSBtEdyFmjzAnDbRKINZNI1mSVY_mnEKEzfCq4IaLwTefl01v1lEDSXGJTcNJ0PYuFde914zS2mzTHPNnzXKKoFdQFhqgZy4y6qHG-0HKcFWK0RcvhErvSIxxmvB0bGFHn3gOUoiPpxyAht9UisMH_TKrgYaeBQrs014DCXA0HFA53_OJQDgcIuvfGExwVp_lSYGo7jN6IgbMdglvNHzUaL9mqdHYoSa5kYir1YqBGPtDm_FXa8TrD4VZg4fv1GwAJ13jWZG4zfSJgBg7I6rNR2qTaU3EzM8nXFX7_zjcVIiQk6simFEi2sCZTwJKsriLk7juRz4AivB3DfNXb_X6IOi7kkqQhe3UiI7m_ETYEFV94JXtNry_BZ12CC-YniS6j6f-Ank-11ohhtBB2IA2LmKIrkdagqc_hQmDV950nFD3nxMaP3ZfQjdxtYwxigAEy3QGTzXsAgeNYpvxZ9yEttHk2yGaAQYJYNeu8dsyxsw0O8JXjFT6YGRb4waehK1SWdAludKo6zR68Hfp1OiQpYp0BivWutE3fwG33_WuwTmO1gnRyLAF_ICqDvU6gCf-g2qe9z4EieA3rb_n_kTdMXg94knQ1prUVx1VLSH7DQV876b9kkvwiR3Ft88mfBEI3lgKImnPFmpjKf_zyVL1DNJXgYaNVMpAVw30B910HQCY7pMn3kgcJEoxxjwxeB6E3JMp7JWs3sbcoajxN-3_5s1T-kBGDRM73wg65SoQ1tzkeZBGTYGV7MN6D8YsAujPaBtEdyFmnURLvwTb0VngJ03fxc3UKbJlDXFZMFXs8hlfNp0jeGxXPXOXzPKZcSTdkvrCZe3it-Gji0JHwJTK81jtQtuPhtvVOO7FHYQIsJTa8pjdZumQF27kx_-WHaDHXXa9YWZ_JHpQWMA1eb2kixGnrkPKoIbv0ww-6S-Cq2DG21S4cJkeI_kuxr2jN8zDG6LobnQqwsiqYUguFMrw553T-l_G3PMr3wg65SneyTohB54kamBHLQNcX4i7ZawfN9u1CgDo_hRqcHTtZHrRJpszx4-1zCFne2XY_3gKv-bNU_pARgziyQIVTnErYBhdVbmQB8rT6R5XfeRpsESbEGZtUxovVg5yaT21GxPobhQsUujdlkpB5Z6DSh5DakD3HcPJgFbdFZjB9K7iWdCn2xPJYmXaQJkNkxxz1yxDmJI2v0Y7H7g-M5nPJyxUtayDGb-mW8KZHzfbBDbhJFuQ2k7W-O_GXPMpDwXcUlseRNshV62GuWOoUTbJn_hghguweM0WGpDYKeDHXdQ6EAbdUzwfSHsje9Kmb7TZMch8UOuB1WsxVmuiiS-2HDJ4fxVbMQgeNG0QSXwma1JZnWLa4Jm-4wmStx5EO79WDAC33uTbkUcOUovSli5TaNKknRJpgWPuQxgLookfpYvByJ8FHdEKPOcss6cBRRqkKm4WLHKXYAQZT1X7BTue5b6iOECzCnLH3DFoTtVbsceOVMqzls_yqvHYvuabn3mANUqBxM4zi0H3XbFXnCMJkBZssklfmBtEdyFoDrSqoOUs8degV0xxGZCFbRK3r3PJUKYNxFjO9gvyVWxC2W_V24JYvreaw_ag5T2VJx40WK-GPKLZDsWb8creCG8Uyw1GfLQq0IbJD_WMAgev9h2VB-FIfJFK36T8ESp-NOkhGJt1ecDk_BFrYRfOcMgQhGrBml32GSM3zSZML6fMQ5nfZP2y2R4CubDJPER44rdetLlvJl8DaGD0vaMnrMYas9gtxovypQ90yvAoWrI3HsXts7Zd0soBNn21aWK2mePXAWgdxAZAp10DRY62LNKIywIXjgQJpGhxBb4kpsCx698JYBXMDkivVQtNh-6USozF_WQZwAJI3yULgYciRm0C2p7WLJIaPrboYlWP5pxChM8l24HEDTSrUQdJgDYMgoghOL02WEGZX6TbYghMRPo-lTuQlttlWIG5L9WLzgSqgRfdQu2jtx40HYIaT7LY0ejM8exROJ6R9iATTHPqkEaIz1VL0cdit190yWJoLoC6XUSqFGZe4auex_9mG8IESuDHTULsQGeQ5L0v-C2kaI-ULhFKceieRIbNY0nPxW-izG_F_dI7zjj8wrrAJGuzmE9T22MoD8OsEEk7xigCFdwleBymmcL6YRbND0XbwlhN5mtR-09n7JRG_UVanykcRXzjmU-ByF5E2sBnj5SLsQbBM3wAOX0Rq57H_2YbwgRK0Mddg4kkCy8XeZAYDDJM0MhN1TxvFgyRl9xmWYK6INaMzwW7ghheQ-9Cd-8GLND6Hxa7s4cQQ9pheGuRuZ_EjJNn35WroJrtBonRJ8-T-hFI3eWKDScdUIrhl02PyPuj-tHJPAPpgjUNpOjiR13hpw7XKtCVLAKY33W78kh-pQsAx930LNAKYRbND0mgVgxOh7pkq-FESaCHHZP538ac4zvSE¢\u0001ú\u0001tbMywzMDgsOTQ3XSxbMSw5MTEsMTcwNV0sWzIsNjIsMjc2OF1dLG51bGwsW251bGwsbnVsbCxudWxsLFsyNyw0LjkyNTkyNTkyNTkyNTkyNiwwLjMzMTY3MDgyMjk0MjY0MzQsNTVdLFswLG51bGwsMF0sMCwwXSxbInd3dy5zb2xhcnNwcmluZy5kZSIsInd3dy5nb29nbGUuY29tIiwid3d3LmdzdGF0aWMuY29tIl0sWzE0LDQxNF1d²\u0001¤\u001dBDRAYAIACEQCAUIIKUkBCLAMAYlYAAyIAB1AggAAAEGALSKAARxCYwgJFBAICkABQAhAIAKABKIAIAEgqAACbARACBZAAAAJCKCCoQGAcIYEHmIAABIhABYASYAFhAkAUgIlcAqpUgAFIAAeQCC0QAAMUKFBAhQAYJiVAAkAQBIIEBAYIUAIAASAABgGEgAKCESoEAFAFAgQgJCApcBjQggVEEAMAAhJIEEAEUBCQAQCEAiEAAZAACoUERAAFAgAECBkEaAoAIAAUgQAiWkARQAAASAABAUAqAAAAhIQZIARBAAANUkQBGBQAGMCwiQhCJUQEgwBAgQEDFoEAAQJQAAJPIQUCAIoBkKOAARBygbEwEMAIGRIIAQABIjsLERgFgQBCAAgEmEjQUqACGABbQEAYBAAJQAmABIEAACigIACAgADNIoRmiDAAFQSEEBDEEgDI6gAygYgwBDBAYgAGCAFIDAEAkAgAJFQGYBQihIEk4gAAREUQJgBUkQLVSUCMAhQQABAAFAIIAtBAFCBNUBI4EIQrCEhEECAIICqBIEBABQBYBBCAgQlIEIBQBoAUCSRgQAABQgAgUAEMkBBQESihKBEQIAmoBhEAzJAISAC4EB1iCCQQShwCIAEAKBAkgARAASB8EiBFERAQQlACAQGQIABEQRChEAgYBYCHkAFFIoAMCEBAhAC1EEADgGgCggAimRQIAQAAAGQoAAPIChiKABEACAABgCgJoAEAPQBAAJoAWYQADQgioAAxACpEAAIEhNCLKBMKQghKAgIE0HSAAIQgAYCLQgCYFShZwEEQLBESCAACEGDIiICEQQgIBGIIopQAgQQsWQEACESPgQEIAUAApEgIOJAAAAoEDABJACFACQhAUBRCghoAIFGMApKMcAIBBA5gcBmEBhAMACDT4IIGGjAhAD1AIxEAhCYAgIBCXAi4iBUBNKIBAQIKEAAAMQaaoIcSE7JAAaAUAAECAAgkBECQFoAIBYCMQJZABgIJLAAFFAiEABICiAAAQgkgACFlgRCGQIAAgY4QAAGACIpAAFhKAgAkgGZAAMQQkBIEhAKgQiAAiARMQQEUQggBZoAI4AFAmgAAgYACAAGEIJwADKMKmEAjIGQggAwRIoAAgAkCWCC2MBBQQxwp4ECgAQAEC0Fy3AQJAQCSQSwEiAcRFgIEDtBQEQQBaJuoFQBgHBFSiEoGRyJJGgAAgAAICBAEggcAwLwIBCoIGSBAxQADQRAMgiAEEAkIAALBBCwEJBaADAACKBShAEQkSQAQSYQkAAAMCEDSGQWiIgoBDYAiJARIkE4QASAiAEEsIiAEKmwCAMACCASCARgkAkBAEDgAQKIUiC4oAEMWCggUEAAEIQBsAIDKgEAGUIAHCwQI1kNRWUEiyDAAALIMIA8SYABA5KAeogSBoAAiAhMkUCqt2ISQgEACCSCAIEgQAKCAAACG4CAAClAAQzAQZBFACgsFglIBQDEFEQhDEkABAEQAICEokCAjSCQIgQGAAAyCSoQiQBwAgAMtYIRYBABxFghgYQJAIoIAcgCAjAEQhAIoAQDADBFASgQGIiAANIATAOwSAZAAACHCCAECJRcKZAooBiABBIATQImhBIGirACgCIgAgAAWUCiwCMBAIMkACIwECGQEESQA5whBVEggaEAQfohgAKUFgAETApAwiwAAIEEAI7BQQAgAgAqgBANAA0QACCOhAIZHKwAAAYIFAaAGqhFEhAAAgEhAECAWDABASUAQYgJEBYIEpAAABAAxCA1EICYKAzQUAAAQEgBIgIEAjBQJ8BAuQCwiKDoARgIAAAULioCEEACAJAFwAQ0BA0QENACAAAMAgAI0BIAgAFxACCJACRGBdkCEIB4EBSAAACAoIUABIgAIgjEpaQBBDGAAAIiCDAABFMDAEAACkAFAYwpICEEiAAGADAiABgRIwAEAC4ACGAABApKIADikBBAgLRAgAAARiTCYEMAAgKDEwQABAhgoAAMAJAAEEQEQghBIAAJrAhCTIGAQkGvAAAUgmHCkBBgAgUAwKQgMACAAQIoAhpAAgCAgAIBQABIKQYFgQCoABAhAgBAJSBTgJkKAYgE4KsCABV1sgljAAYA4ThUSAAAhIAAQGgQiAFdAIIiAAyjBSEQAAWIBFTQQgCmDIIAIAOZIAEglAAQQgIGAABIg0AARqkAQgIAAECAQAgESzIEyN0ICQAIsLggJAAReEqA6iWhhIDYTC1BFBAkAAICQAEAIAABCBIGAAStAJJmgCBQIOURmEAAmgEBZEEQTJgUIHAqgIBAggQJIERAIgCAV5BCMARSqAARCASApMACQgAqACgAABKGASBQCAQYCABE1CBAAMAEUIGkMACgQAAAKCAgNRgBEIAoBAQUAANMEMAAACJABAAhMOBACgIACAoQJAAQIAABQBDBA0IAAAAwBAEIsAiIUgEQIAgQJhAEQBRQJEIKJAISAAAAwnA0mwAAAEIAQgAAAADmAGCJIEAQVEADCAGESgQlCBAAQwQiAAgIgAaQl4REDAFAEwggSJBmCAAAQBgBkgiBEEQCACBFIBIfAIPQEABEIEAAgDYFoIUtgGAWxYBAEAQAKQEiAJIQABMbEEBADIEMRAAYwFogJWhA8jgIABBAZhUgQABGAAxIAGAjEkABAwLABII0AMRRAgIIBTEEEEEPhCAQIAMChwAGBEAJAABCAAACkJyABACoIYAA4AEBIAkQIgAAIAgUSKTYoBAgLIDAcDKAQBigHmQIpFEAaoSAFLlAgwhQOYEAQBsABECAAA0IQAGOIEFBAAQXEChiAQAGBCTIREOCBlACCAFCRJxICDQlFAIhHDiAIAYgEAOINAEApKAEAiMNChASgMAABAABooCqBoAGAAIUEIAAmwDggCCAADI0AAIgCEWAQAQlBAJAAAAEFITwAFDAABEOEABmJAADCQKBkIgKlCCCSIOFyCAIC6YlARBABEBRAAgBAAECoITbAvAeTACCIYApAgoAgGCAkUqEIEEAkARyhG0IAAAABwAFACAJIUwDAAqCCAAZgGAKBCCFxHMWiIOAnAAgACGBYEEEhAUAiCACAWiAAsKiCiABEACYLACiGBMCQwJAEnBoIEiDqEAQEUgABHKDAAQgAABA4AgChEBIBQBBAIoJAQEACJQCABEaCAgKA4kQECtRggCASECYBMDEAgIIE/8CQCiFAjABEQIgABATAACJEAJAQhgYxgARBgABQnDBCEEAUxAJBRAMAJDwhsiRCAAgAgn4BIApLA5IjxwYgQA2ACFJSyhIIQUYQTWSEDEIQAgIEADAARRAAJoGBZmoAAAwEAEMA8BABABECDdgIiAWkAnACRpACBBJHJkAjmQAYAAARAAYAIJJQbCWoSYhgAogIIgSFFFCBUIiiMECgLSgCQQEIECAgIgOSCBkAAAmKIFgQABkJJOAYQAgBAAAAAMcJUypmBKBAs4BEENATWiKAgiCCAIFgSIGBwIwAmGKAF0gCwRRIAggIRAAAg2RGOEYE4oESACJAAKDIAAAABAIQQhCA0CAFJgxBTCCCEEEEgAgEBAAAhQA0QzAgEkAggIBkT0CACgEhwKg0FYARBwQiE0AoDDICUEwWAogEVfKgpAQUExBAkOAYwQIAEQQYiBKRAAoIEElLAwgGgyUg5AYgVRSAqoKCiADQABCCAAkhEABAGDAcGJAABEBBlFBDWkFBQgjYkLAhAFUADIKAJmZCAIgBYCYÊ\u0001\u0003W10"}},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 08 Jun 2025 22:30:08 GMT\r\nContent-Type: image/png\r\nContent-Length: 4713\r\nLast-Modified: Sun, 27 Aug 2023 17:08:09 GMT\r\nETag: \"64eb82f9-1269\"\r\nExpires: Sun, 08 Jun 2025 22:31:08 GMT\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nCache-Control: max-age=698\r\nX-Cache: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4713,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 260 x 55, 8-bit colormap, non-interlaced","md5":"d140262c1430c13ac293736aed99d4ed","sha1":"b64c6980a2cdf2de15b037a849a2157fa5c2fa72","sha256":"7f3ef832d89b914b86626a28bda611ad59ec0ca56d5d9147788c2ebaab70f199","sha512":"c9acc955ae33fc04a4cca5bb872d5df4fc41a9fb532103489f29f155826909807800b64a8389762cecc1cdfe864f76cdb00e100f51d094412a9c70692d78dbf1","ssdeep":"96:1QU4WuvSte3otKWPLjsroBNuikOY1WRRAAzAxwoRIxCzyA:1F4J2MopTIroBNuwJRApqDA","tlshash":"48a16e64e762144c9252e00ba4f717730e190c48fe929e51dabec19e3a315f3a44efc9","first_seen":"2023-10-19T13:47:14Z","last_seen":"2026-05-30T09:14:27.135629Z","times_seen":88,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.mresou.com/img/23112003.gif","fqdn":"img.mresou.com","domain":"mresou.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"https://x12j45jqkuf2gwut.com:58010/dh/index.html","date":"2025-06-11T18:32:57.639Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mresou.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 19 Apr 2025 10:45:26 GMT","end":"Fri, 18 Jul 2025 11:43:49 GMT"},"fingerprint":{"sha1":"CF:8E:36:58:46:F0:03:EB:DC:A2:D2:E0:1D:C1:48:46:B5:32:89:5A","sha256":"34:1F:33:03:45:E2:62:6A:25:72:3F:86:D4:BC:2F:33:86:76:FB:9E:E1:C6:71:42:7B:A0:90:D7:78:D4:74:20"}}},"request":{"raw":"GET /img/23112003.gif HTTP/1.1\r\nHost: img.mresou.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x12j45jqkuf2gwut.com:58010/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 11 Jun 2025 18:32:57 GMT\r\ncontent-type: image/gif\r\ncontent-length: 136346\r\nserver: cloudflare\r\nlast-modified: Mon, 20 Nov 2023 14:02:31 GMT\r\nvary: accept-encoding\r\netag: \"655b66f7-2149a\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nage: 433292\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-ray: 94e331b09fff56aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":136346,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 640 x 200","md5":"726d2998b3400f9ac3e6da5ce5d0423c","sha1":"3cf09d2bc2b100be0806a7f4d0b17516d0b35bd0","sha256":"9e6a4649882b910cdadab83c2d4d2f6770325c63fa542e8e042d39c5549b9afd","sha512":"6e61fd672797b8b2bd12f87c3d16b0764e8bad5e6af2e5fb160bc2df2dfe36ada5be907d563d472b1ff45913f2c4e6d6aba186b51e8f06891671a75e8a0eb1bf","ssdeep":"3072:iMSMJbsyzLvScjRZqKtwLqlmhG5UBYI+Z10Li4cxC5jOy7gaoAd5:LSe/qoLqIqGlF4OcUaoy5","tlshash":"61d31259e9c347aa706565e1c7f3b4d20c7369423c78a1b974b1aa6f8635038e83933f","first_seen":"2024-08-20T11:51:23.192754Z","last_seen":"2026-04-27T20:16:44.971112Z","times_seen":20,"resource_available":false,"data":null}},"time_used":188,"timings":{"blocked":61,"dns":1,"connect":1,"send":0,"wait":38,"receive":27,"ssl":55},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cbu01.alicdn.com/img/ibank/O1CN01qhjD6y1Bs337BAaN2_!!0-1-cib.gif","fqdn":"cbu01.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"163.181.253.193","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"","requested_by":"https://x12j45jqkuf2gwut.com:58010/dh/index.html","date":"2025-06-11T18:32:58.537Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 06 Mar 2025 10:12:19 GMT","end":"Mon, 21 Jul 2025 09:06:01 GMT"},"fingerprint":{"sha1":"DA:3A:AA:7B:92:DB:F4:10:34:34:38:95:9D:FD:3C:A4:2B:74:29:F5","sha256":"90:CE:EB:B4:94:30:E1:A8:3F:B5:2F:79:8D:96:46:0D:88:A3:DF:8A:B8:AE:83:53:91:0B:0E:97:FC:3E:04:B5"}}},"request":{"raw":"GET /img/ibank/O1CN01qhjD6y1Bs337BAaN2_!!0-1-cib.gif HTTP/1.1\r\nHost: cbu01.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://x12j45jqkuf2gwut.com:58010/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET","post_data":{"size":444,"data":"page=time\u0026id=5619071389\u0026r=7148591\u0026is_logs=1\u0026navigationStart=0\u0026unloadEventStart=0\u0026unloadEventEnd=0\u0026redirectStart=0\u0026redirectEnd=0\u0026fetchStart=40\u0026domainLookupStart=43\u0026domainLookupEnd=91\u0026connectStart=91\u0026connectEnd=874\u0026secureConnectionStart=263\u0026requestStart=874\u0026responseStart=1184\u0026responseEnd=1356\u0026domLoading=1419\u0026domInteractive=2862\u0026domContentLoadedEventStart=2865\u0026domContentLoadedEventEnd=2981\u0026domComplete=3676\u0026loadEventStart=3676\u0026loadEventEnd=3676"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 173807\r\ndate: Fri, 18 Apr 2025 14:35:36 GMT\r\nlast-modified: Thu, 17 Apr 2025 10:42:12 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: MISS\r\nrequest-time: 0.008\r\ntraceid: a3b5fdb117449869364678616e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2\r\ncache-control: max-age=31536000\r\nvia: cache28.l2fr1[217,217,200-0,M], cache4.l2fr1[218,0], ens-cache25.fr6[0,0,200-0,H], ens-cache6.fr6[1,0]\r\naccess-control-allow-origin: *\r\nage: 4679842\r\nali-swift-global-savetime: 1744986936\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 18 Apr 2025 14:35:36 GMT\r\nx-swift-cachetime: 31536000\r\ntiming-allow-origin: *\r\neagleid: a3b5fd9a17496667787025004e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":173807,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 640 x 150","md5":"2402ee44cb711133d92bdb1ebef733a0","sha1":"385f2fd79a996edbcc9c327d0425f616d7be75c2","sha256":"4338a5737b31ad8039de005e41272bc546d3153b8fee936def8711e691114842","sha512":"96803ab5f6687e836e9bb56098587404a4143d01fae90241a64ecfbbd2fbfd0bfe01d972b26159b8d88945221cc28358a26f037a2ae6ad246982177f08edabc0","ssdeep":"3072:tlcJZ0ddZ0ddZ0ddZ0FgBGNNGeRSwmGeRSwmGeRSwmGeRSB:jryyqgQNNGekGekGekGem","tlshash":"ed040293ad87f24fef838f37f848322435e005b4f698dc5cfa28de6617997590652612","first_seen":"2025-05-12T04:16:38.1739Z","last_seen":"2026-05-30T09:14:27.131735Z","times_seen":52,"resource_available":false,"data":null}},"time_used":464,"timings":{"blocked":175,"dns":66,"connect":33,"send":0,"wait":34,"receive":79,"ssl":74},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"k.f713.cc/","fqdn":"k.f713.cc","domain":"f713.cc","tld":"cc"},"ip":{"addr":"23.224.177.250","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-06-11T18:32:52.854Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: k.f713.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET","post_data":{"size":122,"data":"pid=7577\u0026referrer=\u0026current_url=https%3A%2F%2Fwww.solarspring.de%2Fen%2F\u0026query_string=\u0026is_category=\u0026is_archive=\u0026is_preview="}},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 11 Jun 2025 18:32:53 GMT\r\nContent-Type: text/html\r\nContent-Length: 434\r\nLast-Modified: Sun, 27 Nov 2022 14:21:20 GMT\r\nConnection: keep-alive\r\nETag: \"63837260-1b2\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":434,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"99b599ea7513742be54a78dc16386ed3","sha1":"40db5659479a7607fdfeb3052d3bc4cad5ed47a8","sha256":"1bbbf09993ea58977f4ebfd2ecbefe8ceda8fe24c0bb0ae13b88fd75ca0fc5e0","sha512":"62a09b8e83cbf7b828f163fbbae44cb79e31a24a10e7da61d1be99a107322904433535a184993b52d70c1bd6ad1bba64743fbeb75b41a923e278f8866933cbb9","ssdeep":"","tlshash":"9de055536c13cc1c506042f1eca2e094d4aaad30a313ac40d1c4b85f1ccaf84dd9baa5","first_seen":"2023-06-02T23:30:32Z","last_seen":"2026-05-30T09:14:27.144817Z","times_seen":60,"resource_available":true,"data":null}},"time_used":952,"timings":{"blocked":393,"dns":1,"connect":405,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-11","alert":"Sinkholed","trigger":"f713.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"x12j45jqkuf2gwut.com:58010/dh/index.html","fqdn":"x12j45jqkuf2gwut.com","domain":"x12j45jqkuf2gwut.com","tld":"com"},"ip":{"addr":"172.247.94.210","port":58010,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-06-11T18:32:53.720Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"asia8.youporn.la","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Mon, 13 Jan 2025 17:04:08 GMT","end":"Thu, 12 Feb 2026 17:04:07 GMT"},"fingerprint":{"sha1":"6A:21:9D:78:AB:B7:D7:EA:A4:62:D5:FE:A2:3A:F8:FE:23:E2:50:5D","sha256":"07:73:9D:C2:C7:3E:81:BF:AD:6D:B5:CF:54:B0:77:7C:99:55:47:0C:57:C5:6F:D8:2D:A7:DB:21:49:59:3D:4D"}}},"request":{"raw":"GET /dh/index.html HTTP/1.1\r\nHost: x12j45jqkuf2gwut.com:58010\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://k.f713.cc/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 11 Jun 2025 03:00:55 GMT\r\nContent-Type: text/html\r\nLast-Modified: Wed, 11 Jun 2025 02:51:40 GMT\r\nETag: \"6848ef3c-b17\"\r\nExpires: Wed, 11 Jun 2025 03:01:55 GMT\r\nContent-Length: 1362\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nConnection: keep-alive\r\nCache-Control: max-age=697\r\nX-Cache: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2839,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"e71a35ad2ace7d7dbd524d48941835e8","sha1":"0c0de83b6e8f61022914bf6a487cf4a985f5c8fa","sha256":"6ea6d4bfd084822db03c38994b72e83e9fccb48683a7449cc1969403736a0e2c","sha512":"68e43b4332ffb0788b0dcda67119a3a4f0f6ff42b5ea6ff9707970070fd2731e54b0f6435345ff548a12004da71008762fc42b6cbb9317b1d78becc492fc5792","ssdeep":"","tlshash":"9f519626e953c513f38143f7fdb1f32a400bc903c3869d546ad638dd99c87aa990a57d","first_seen":"2025-06-11T18:33:15.484038Z","last_seen":"2025-06-11T18:33:15.484038Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1095,"timings":{"blocked":470,"dns":1,"connect":153,"send":0,"wait":153,"receive":0,"ssl":315},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x12j45jqkuf2gwut.com:58010/dh/bk.png","fqdn":"x12j45jqkuf2gwut.com","domain":"x12j45jqkuf2gwut.com","tld":"com"},"ip":{"addr":"172.247.94.250","port":58010,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://x12j45jqkuf2gwut.com:58010/dh/index.html","date":"2025-06-11T18:32:54.742Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"asia8.youporn.la","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Mon, 13 Jan 2025 17:04:08 GMT","end":"Thu, 12 Feb 2026 17:04:07 GMT"},"fingerprint":{"sha1":"6A:21:9D:78:AB:B7:D7:EA:A4:62:D5:FE:A2:3A:F8:FE:23:E2:50:5D","sha256":"07:73:9D:C2:C7:3E:81:BF:AD:6D:B5:CF:54:B0:77:7C:99:55:47:0C:57:C5:6F:D8:2D:A7:DB:21:49:59:3D:4D"}}},"request":{"raw":"GET /dh/bk.png HTTP/1.1\r\nHost: x12j45jqkuf2gwut.com:58010\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x12j45jqkuf2gwut.com:58010/dh/index.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 08 Jun 2025 22:30:08 GMT\r\nContent-Type: image/png\r\nContent-Length: 999\r\nLast-Modified: Sun, 27 Aug 2023 17:08:08 GMT\r\nETag: \"64eb82f8-3e7\"\r\nExpires: Sun, 08 Jun 2025 22:31:08 GMT\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nCache-Control: max-age=2510\r\nX-Cache: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":999,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 10 x 10, 8-bit/color RGB, non-interlaced","md5":"ce95f50706fead30fc5c02e6b4f0a6d1","sha1":"a4c43a6a64b5633943ba5824c3c80dba4f2b0c13","sha256":"056829fe951fc1db4ad7c5e9d61f5d729a82b7419a9fd1f3cd5314e9bfd82649","sha512":"d86c61c4b6a79ec8e5a8d570cef37b28b7f038ee87bcb59361a39c7f60d714487da8fabf266e766f2faa14a1ed83fcbe8d638db977f68d2ce81cb8c32d62b416","ssdeep":"","tlshash":"1b11214ee5425801d6dcda4224f7c0579e638880eed1fcbab9cfc42b1a642f6846d9cf","first_seen":"2023-10-19T13:47:14Z","last_seen":"2026-05-31T19:12:42.131698Z","times_seen":84,"resource_available":false,"data":null}},"time_used":1111,"timings":{"blocked":473,"dns":3,"connect":156,"send":0,"wait":156,"receive":2,"ssl":318},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"files.shenqizhilv.com:36666/js/tj.js","fqdn":"files.shenqizhilv.com","domain":"shenqizhilv.com","tld":"com"},"ip":{"addr":"23.224.135.66","port":36666,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://x12j45jqkuf2gwut.com:58010/dh/index.html","date":"2025-06-11T18:32:54.744Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.shenqizhilv.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Tue, 25 Mar 2025 00:00:00 GMT","end":"Wed, 25 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F2:E2:56:4B:D2:6B:D6:6C:CD:46:66:2C:EA:1A:38:01:CA:7E:76:FD","sha256":"CE:6D:0D:D4:91:40:A9:08:29:E4:53:21:04:55:33:FF:59:87:22:27:CC:B7:C2:56:CE:52:C5:4F:7B:EA:E2:A5"}}},"request":{"raw":"GET /js/tj.js HTTP/1.1\r\nHost: files.shenqizhilv.com:36666\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x12j45jqkuf2gwut.com:58010/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Jun 2025 18:32:54 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 292\r\nlast-modified: Mon, 08 Jan 2024 12:02:27 GMT\r\netag: \"659be453-124\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":292,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with CRLF line terminators","md5":"bb58678f34e96b713547007d11b913df","sha1":"405d1d727595776164ce74ac60911566e18d7fee","sha256":"1b97f997ba0aaf74b21a52aba026e8e702471a29069910c61e0a9831388c9ce5","sha512":"116f89d968c5d03be72e898e2e2ad9befd6bdbd0c2f0ff8510ccd4df4ddcc8fc02d455aaa2de76b43667a82915bd9956f94a28c09b4d33b61b05ccaa44cafbe2","ssdeep":"","tlshash":"b7e02bff0025870a0702154272708b493665e036732694b0f9fc5812f3f0e95a462fde","first_seen":"2023-10-19T13:47:14Z","last_seen":"2026-05-31T19:12:42.143991Z","times_seen":68,"resource_available":true,"data":null}},"time_used":1464,"timings":{"blocked":652,"dns":299,"connect":155,"send":0,"wait":153,"receive":1,"ssl":200},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"users.shenqizhilv.com:59168/dh/dh.js?v=0.747721806231363","fqdn":"users.shenqizhilv.com","domain":"shenqizhilv.com","tld":"com"},"ip":{"addr":"36.158.237.74","port":59168,"asn":56047,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"https://x12j45jqkuf2gwut.com:58010/dh/index.html","date":"2025-06-11T18:32:54.747Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.shenqizhilv.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Tue, 25 Mar 2025 00:00:00 GMT","end":"Wed, 25 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F2:E2:56:4B:D2:6B:D6:6C:CD:46:66:2C:EA:1A:38:01:CA:7E:76:FD","sha256":"CE:6D:0D:D4:91:40:A9:08:29:E4:53:21:04:55:33:FF:59:87:22:27:CC:B7:C2:56:CE:52:C5:4F:7B:EA:E2:A5"}}},"request":{"raw":"GET /dh/dh.js?v=0.747721806231363 HTTP/1.1\r\nHost: users.shenqizhilv.com:59168\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x12j45jqkuf2gwut.com:58010/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Jun 2025 18:32:57 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 07 Jun 2025 02:00:40 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68439d48-ae7\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2791,"size_decoded":0,"mime_type":"application/javascript","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (455), with CRLF line terminators","md5":"b7efee24b9cb07cb61323b13516b6bd0","sha1":"07c14e1d52c75f931b248a75ac435f4223640fce","sha256":"979e392520173a64e70e49692117c001f1929c3f27280a9e4439b6c74eb00469","sha512":"a31020bcbba1e5df1b38fda293a2a0e2d4d942f5ee7ea342d3d6d3ab565d3b115147998e3d3a05f28d192da3c8b0bf4576e9588240c76b3462aac9f2c418b5a9","ssdeep":"","tlshash":"7d514293e442253f47da7aba7203538d7871804bbe41e192b97c74c0efa0add50b95ce","first_seen":"2025-06-11T18:33:15.490262Z","last_seen":"2025-06-11T18:33:15.490262Z","times_seen":1,"resource_available":true,"data":null}},"time_used":4073,"timings":{"blocked":1188,"dns":299,"connect":570,"send":0,"wait":1689,"receive":0,"ssl":322},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.asujp.com:58081/api.html","fqdn":"www.asujp.com","domain":"asujp.com","tld":"com"},"ip":{"addr":"172.247.94.98","port":58081,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://x12j45jqkuf2gwut.com:58010/dh/index.html","date":"2025-06-11T18:32:55.600Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.asujp.com","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Thu, 04 Jul 2024 07:55:44 GMT","end":"Sun, 03 Aug 2025 07:55:43 GMT"},"fingerprint":{"sha1":"E4:42:9A:ED:11:D2:DE:59:C3:81:59:A1:1E:80:91:DC:8B:61:E6:E5","sha256":"B5:1E:C3:E5:28:5E:11:56:BF:9F:CD:5D:3F:A3:36:AD:15:53:B2:6F:55:2D:DD:09:38:12:7A:A6:58:EB:72:F0"}}},"request":{"raw":"GET /api.html HTTP/1.1\r\nHost: www.asujp.com:58081\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x12j45jqkuf2gwut.com:58010/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Jun 2025 18:32:56 GMT\r\ncontent-type: text/html\r\ncontent-length: 292\r\nlast-modified: Wed, 05 Jul 2023 21:32:54 GMT\r\netag: \"64a5e186-124\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":292,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"d04463cd63e6e531dc0110167b7fcfb7","sha1":"dca049136730245401364f3d0713546224684977","sha256":"be8b6170fb0f1d6f13bb47bcfd0dd5d8a280c4b2598a36153dd9339016e29761","sha512":"07853f3a5c6097d693fe9cec212bee039bc5d79cb8eb5e305f2a9a735c61bc7e659994bdcc51f1453e36b778240d63c5258bca465d1190796943d555d86c7c69","ssdeep":"","tlshash":"24e02b5f2c58583873b405b4517bf88cf9a1a0ac4239d105a1dde8111460ee16c2abc4","first_seen":"2023-10-19T13:47:14Z","last_seen":"2026-05-31T19:12:42.105607Z","times_seen":68,"resource_available":false,"data":null}},"time_used":1917,"timings":{"blocked":878,"dns":461,"connect":163,"send":0,"wait":161,"receive":0,"ssl":247},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?38ce17e5ef2191b2c5929506808e2c73","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.183.79","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"https://www.asujp.com:58081/api.html","date":"2025-06-11T18:32:56.833Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 08 Jul 2024 01:41:02 GMT","end":"Sat, 09 Aug 2025 01:41:01 GMT"},"fingerprint":{"sha1":"EF:0F:BE:13:02:E2:C4:D4:89:BA:8F:BA:88:EF:6F:95:DC:CF:7B:E0","sha256":"90:73:DE:D9:D9:93:A9:34:C2:9C:5E:C3:C6:AF:A7:28:6D:2F:0F:88:48:35:2F:94:D0:20:35:86:5D:85:68:E2"}}},"request":{"raw":"GET /hm.js?38ce17e5ef2191b2c5929506808e2c73 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.asujp.com:58081/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET","post_data":{"size":467,"data":"[[1,null,null,null,null,null,null,null,null,null,[null,null,null,null,\"fr\",null,null,null,null,[4,0]]],1112,[[\"1749666744897\",null,null,null,null,null,null,\"[\\\"teC3Ol4rUD2tNY71qvzm7Y_NfmRNJYE51DEI7xD7rzM\\\",12,0,null,\\\"479804274173-r45r8k754cctj1nrqsnsmhirmeip5kg7.apps.googleusercontent.com\\\",\\\"https://www.rentila.com\\\",[],null,null,null,null,null,null,85,null,null,null,[1,1,1,270,2,1,1]]\",null,null,12,null,null,null,0,null,null,null,null,null,1]],\"1749666754899\"]"}},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\nContent-Length: 11289\r\nContent-Type: application/javascript\r\nDate: Wed, 11 Jun 2025 18:32:57 GMT\r\nEtag: 3504545c9e592fa966accd213d092f07\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=E40A68141EB237AE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":29895,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (619)","md5":"5cdaa4ffa0ee29fe9bcaf3206890c712","sha1":"5ce017a165b81f37a6d1fabe7792437f37c2e319","sha256":"b107db5f3b27c2ed1c5dab329f3dfa926310fd27f1b71c63a5bcb121767a52db","sha512":"e5796a646e7f8ee4d405db648900484e750ca7fef5cd27d8a0ce51da87733a5bd69aca0fc35d4a578545b471f8392941ec04b6be49b71b4952a3ea7b17fb5adf","ssdeep":"384:cNJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:cN4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"25d2d9a9b282713293a324a5153f724af07b5a54bd4968a4f11894c07d38fbb027bfdd","first_seen":"2025-06-11T18:33:15.495032Z","last_seen":"2025-06-11T18:33:15.495032Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1932,"timings":{"blocked":804,"dns":0,"connect":259,"send":0,"wait":323,"receive":3,"ssl":538},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=E40A68141EB237AE\u0026cc=0\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=35\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1025054700\u0026si=38ce17e5ef2191b2c5929506808e2c73\u0026su=https%3A%2F%2Fx12j45jqkuf2gwut.com%3A58010%2F\u0026v=1.3.2\u0026lv=1\u0026sn=13348\u0026r=0\u0026ww=0\u0026u=https%3A%2F%2Fwww.asujp.com%3A58081%2Fapi.html","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.183.79","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"https://www.asujp.com:58081/api.html","date":"2025-06-11T18:32:58.089Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 08 Jul 2024 01:41:02 GMT","end":"Sat, 09 Aug 2025 01:41:01 GMT"},"fingerprint":{"sha1":"EF:0F:BE:13:02:E2:C4:D4:89:BA:8F:BA:88:EF:6F:95:DC:CF:7B:E0","sha256":"90:73:DE:D9:D9:93:A9:34:C2:9C:5E:C3:C6:AF:A7:28:6D:2F:0F:88:48:35:2F:94:D0:20:35:86:5D:85:68:E2"}}},"request":{"raw":"GET /hm.gif?hca=E40A68141EB237AE\u0026cc=0\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=35\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1025054700\u0026si=38ce17e5ef2191b2c5929506808e2c73\u0026su=https%3A%2F%2Fx12j45jqkuf2gwut.com%3A58010%2F\u0026v=1.3.2\u0026lv=1\u0026sn=13348\u0026r=0\u0026ww=0\u0026u=https%3A%2F%2Fwww.asujp.com%3A58081%2Fapi.html HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.asujp.com:58081/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET","post_data":{"size":313,"data":"{\"meta\":\"{\\\"language\\\":\\\"en\\\",\\\"location\\\":\\\"https://jandboutdoors1.jimdoweb.com/hours/\\\",\\\"timeSpentOnPageInMS\\\":1,\\\"scrollDepth\\\":0,\\\"referrer\\\":\\\"\\\",\\\"maxScrollDepth\\\":0,\\\"query\\\":{},\\\"auto\\\":true}\",\"topic\":\"creator.website.page.interactive\",\"seq\":1,\"sid\":\"1749666767066-58ek5\",\"websiteId\":\"sed01abf17a63638c\"}"}},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Wed, 11 Jun 2025 18:32:58 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=9B959A4C5A03C793; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-06-04T17:36:00.84563Z","times_seen":365319,"resource_available":true,"data":null}},"time_used":333,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":332,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"k.f713.cc/","fqdn":"k.f713.cc","domain":"f713.cc","tld":"cc"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-06-11T18:32:49.381Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: k.f713.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET","post_data":{"size":1448,"data":"{\"channel\":\"web\",\"context\":{\"app\":{\"name\":\"RudderLabs JavaScript SDK\",\"namespace\":\"com.rudderlabs.javascript\",\"version\":\"1.33.0\"},\"traits\":{},\"library\":{\"name\":\"RudderLabs JavaScript SDK\",\"version\":\"1.33.0\"},\"userAgent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"locale\":\"en-US\",\"os\":{\"name\":\"\",\"version\":\"\"},\"screen\":{\"density\":1,\"width\":1280,\"height\":1024,\"innerWidth\":1280,\"innerHeight\":1024},\"sessionId\":1749666743165,\"campaign\":{},\"page\":{\"path\":\"/signin\",\"referrer\":\"$direct\",\"referring_domain\":\"\",\"search\":\"?redirect=%252F\",\"title\":\"n8n.io - Workflow Automation\",\"url\":\"https://confiaonline.org/signin?redirect=%252F\",\"tab_url\":\"https://confiaonline.org/signin?redirect=%252F\",\"initial_referrer\":\"$direct\",\"initial_referring_domain\":\"\"},\"ip\":\"0.0.0.0\"},\"type\":\"page\",\"messageId\":\"51489591-08c5-46a8-aa8d-3fc3cc98ad20\",\"originalTimestamp\":\"2025-06-11T18:32:23.182Z\",\"anonymousId\":\"6dbc827d-747f-40a6-8ebe-8d7bb05182f5\",\"userId\":\"\",\"properties\":{\"theme\":\"light\",\"name\":\"SigninView\",\"category\":\"auth\",\"path\":\"/signin\",\"referrer\":\"$direct\",\"referring_domain\":\"\",\"search\":\"?redirect=%252F\",\"title\":\"n8n.io - Workflow Automation\",\"url\":\"https://confiaonline.org/signin?redirect=%252F\",\"tab_url\":\"https://confiaonline.org/signin?redirect=%252F\",\"initial_referrer\":\"$direct\",\"initial_referring_domain\":\"\"},\"integrations\":{\"All\":true},\"name\":\"SigninView\",\"category\":\"auth\",\"sentAt\":\"2025-06-11T18:32:23.188Z\"}"}},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-04T17:49:05.69935Z","times_seen":16118648,"resource_available":true,"data":null}},"time_used":3259,"timings":{"blocked":3259,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-11","alert":"Sinkholed","trigger":"f713.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"x12j45jqkuf2gwut.com:58010/favicon.ico","fqdn":"x12j45jqkuf2gwut.com","domain":"x12j45jqkuf2gwut.com","tld":"com"},"ip":{"addr":"172.247.94.210","port":58010,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://x12j45jqkuf2gwut.com:58010/dh/index.html","date":"2025-06-11T18:32:55.706Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"asia8.youporn.la","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Mon, 13 Jan 2025 17:04:08 GMT","end":"Thu, 12 Feb 2026 17:04:07 GMT"},"fingerprint":{"sha1":"6A:21:9D:78:AB:B7:D7:EA:A4:62:D5:FE:A2:3A:F8:FE:23:E2:50:5D","sha256":"07:73:9D:C2:C7:3E:81:BF:AD:6D:B5:CF:54:B0:77:7C:99:55:47:0C:57:C5:6F:D8:2D:A7:DB:21:49:59:3D:4D"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: x12j45jqkuf2gwut.com:58010\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x12j45jqkuf2gwut.com:58010/dh/index.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 08 Jun 2025 22:30:10 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 4286\r\nLast-Modified: Sun, 05 Mar 2023 17:30:37 GMT\r\nETag: \"6404d1bd-10be\"\r\nExpires: Sun, 08 Jun 2025 22:31:10 GMT\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nCache-Control: max-age=274\r\nX-Cache: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4286,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel","md5":"dfce00c59ba2ba11b46e573410197ada","sha1":"6ea119e7580de2e45fe3f975b3942349d8a23658","sha256":"5f86d83d972a5bed8d627e1a2e84827c318ce8716d95ba6dd2c48d9e4025b421","sha512":"12c22295bfa3a22d07a5d4dcb4dfe3c90415cca51c2dc8c13e938e472684c231cfefe303db1f455cb956250e4c660e29afbcdc00c618ebaca203fd24cd5e5b23","ssdeep":"48:UXHhHhHAsHDHsmdMNeesXBe6OFSFRkcd2Bjt:UXHhHhHAsHDHsmdMNhsXBe6OFSFRABJ","tlshash":"c8917c0bcd07706ad14695fde0c7e33d2a475d8a8435d1b60ce68c8f3265abc696c4f2","first_seen":"2023-06-02T23:30:32Z","last_seen":"2026-05-31T19:12:42.135694Z","times_seen":75,"resource_available":false,"data":null}},"time_used":165,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":153,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.blkj58.com/images/a5082cb1-e6a9-44eb-941d-cc022dfa464b","fqdn":"img.blkj58.com","domain":"blkj58.com","tld":"com"},"ip":{"addr":"141.164.35.160","port":443,"asn":20473,"as":"AS-VULTR","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"","requested_by":"https://x12j45jqkuf2gwut.com:58010/dh/index.html","date":"2025-06-11T18:32:57.636Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img.blkj58.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Jun 2025 05:47:00 GMT","end":"Sat, 30 Aug 2025 05:46:59 GMT"},"fingerprint":{"sha1":"87:6E:D9:04:7F:15:31:CE:22:F4:E4:CC:48:69:69:F9:B1:56:2C:2E","sha256":"BC:CD:FA:AC:11:CC:1B:CE:7A:83:11:B8:EF:8A:EB:3D:81:2D:B7:D8:CB:66:4F:2D:A4:09:6B:B7:C3:25:06:2B"}}},"request":{"raw":"GET /images/a5082cb1-e6a9-44eb-941d-cc022dfa464b HTTP/1.1\r\nHost: img.blkj58.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x12j45jqkuf2gwut.com:58010/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Wed, 11 Jun 2025 18:32:58 GMT\r\ncontent-length: 0\r\nlocation: https://cbu01.alicdn.com/img/ibank/O1CN01qhjD6y1Bs337BAaN2_!!0-1-cib.gif\r\nserver: BunnyCDN-KR1-1192\r\ncdn-pullzone: 3585066\r\ncdn-uid: 8a1e3a5b-fc2a-4295-8794-fe818b65c954\r\ncdn-requestcountrycode: NO\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\nstrict-transport-security: max-age=31536000\r\ncdn-proxyver: 1.28\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 302\r\ncdn-cachedat: 06/11/2025 14:38:09\r\ncdn-edgestorageid: 1192\r\ncdn-requestid: 83f76c8c4acfdd947039a457b9f40536\r\ncdn-cache: HIT\r\ncdn-status: 302\r\ncdn-requesttime: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":173807,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-04T17:49:05.69935Z","times_seen":16118648,"resource_available":true,"data":null}},"time_used":1494,"timings":{"blocked":600,"dns":1,"connect":295,"send":0,"wait":294,"receive":0,"ssl":299},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}