{"report_id":"3b68287d-65a3-480b-94d5-39f237b47bc6","version":6,"status":"done","tags":[],"date":"2026-04-10T12:42:42Z","url":{"schema":"http","addr":"lingyuclub.com/","fqdn":"lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":0,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"final":{"url":{"schema":"http","addr":"www.lingyuclub.com/","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"title":"九游电子_九游(中国)","dom":{"size":20511,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1181)","md5":"a21842964629d9e169b6ba81660a29e4","sha1":"846babaa6704311e9a73271dc8994e206b683805","sha256":"e9219b2894fb6523f29a70c02f5183fe955ead18e02e06cd5fa14d12338b0989","sha512":"c65864a22849172b0167e86d44bf76b8ae8cbbc22fd4d6a6afc69dcdc8553ce25d4a61a343625ff3a99e2954357b16d7f37a407b61872b6810ef031fcc971e4b","ssdeep":"384:iAeLAa76E6dODCJkxPNRj63aojKAxuxMx0xSxh:nA76E6dODCJkxPNV63aojKMCYgWh","tlshash":"f8922e6644f304771273a0a66b6a678b3fa4ea13c90b8a457bec1be45fc2d52cd0314e","dom_hash":"domhashc626c8f1316f5704e62e6dd6f75fae1a","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"lingyuclub.com/","fqdn":"lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":0,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-15T12:42:42Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":6}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-10T12:42:20Z","timestamp":1775824940,"ip_dst":{"addr":"Client IP","port":60878,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"168.76.192.225","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"severity":"medium","alert":"ET DROP Spamhaus DROP Listed Traffic Inbound group 31","source":"{\"timestamp\":\"2026-04-10T12:42:20.246387+0000\",\"flow_id\":1265773841205448,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"168.76.192.225\",\"src_port\":443,\"dest_ip\":\"172.18.0.26\",\"dest_port\":60878,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.Evil\",\"ET.DROPIP\"]},\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2400030,\"rev\":4421,\"signature\":\"ET DROP Spamhaus DROP Listed Traffic Inbound group 31\",\"category\":\"Misc Attack\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Any\"],\"created_at\":[\"2010_12_30\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Minor\"],\"tag\":[\"Dshield\"],\"updated_at\":[\"2025_08_01\"]}},\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":1,\"bytes_toserver\":74,\"bytes_toclient\":54,\"start\":\"2026-04-10T12:42:19.968904+0000\"}}"}],"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.zuizhongjs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.zuizhongjs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"zuizhongjs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"zuizhongjs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.ptfafa.com","ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"domain_registered":"2023-11-25","domain_rank":0,"first_seen":"2023-12-24T17:28:39Z","last_seen":"2026-04-05T08:25:10.674116Z","alert_count":72,"request_count":36,"received_data":1513448,"sent_data":18218,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"zuizhongjs.com","ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"domain_registered":"2024-11-11","domain_rank":2159447,"first_seen":"2025-05-16T22:08:31.21743Z","last_seen":"2026-04-04T14:53:25.060692Z","alert_count":2,"request_count":1,"received_data":3163,"sent_data":421,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"push.zhanzhang.baidu.com","ip":{"addr":"163.177.17.97","port":80,"asn":136958,"as":"China Unicom Guangdong IP network","country":"China","country_code":"CN"},"domain_registered":"1999-10-11","domain_rank":1485849,"first_seen":"2015-07-22T05:44:02Z","last_seen":"2026-04-09T05:21:11.482831Z","alert_count":0,"request_count":1,"received_data":426,"sent_data":341,"comment":"","tags":null,"fingerprints":null},{"fqdn":"v3.jiathis.com","ip":{"addr":"104.21.59.230","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-04-30","domain_rank":4764201,"first_seen":"2012-07-31T22:38:30Z","last_seen":"2026-04-01T07:16:38.208886Z","alert_count":0,"request_count":1,"received_data":3893,"sent_data":335,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"collect-v6.51.la","ip":{"addr":"43.159.107.113","port":80,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"domain_registered":"2005-01-17","domain_rank":348646,"first_seen":"2021-03-08T16:03:54Z","last_seen":"2026-04-06T05:04:06.615629Z","alert_count":0,"request_count":3,"received_data":1095,"sent_data":1194,"comment":"","tags":null,"fingerprints":null},{"fqdn":"hm.baidu.com","ip":{"addr":"14.215.183.79","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"domain_registered":"1999-10-11","domain_rank":54491,"first_seen":"2012-05-26T08:38:45Z","last_seen":"2026-04-06T04:32:17.512298Z","alert_count":0,"request_count":8,"received_data":124433,"sent_data":4636,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"lingyuclub.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":2,"received_data":201,"sent_data":882,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"api.share.baidu.com","ip":{"addr":"39.156.68.163","port":80,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"domain_registered":"1999-10-11","domain_rank":1421601,"first_seen":"2013-04-25T14:45:11Z","last_seen":"2026-04-08T23:25:58.99785Z","alert_count":0,"request_count":1,"received_data":116,"sent_data":385,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.zuizhongjs.com","ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"domain_registered":"2024-11-11","domain_rank":0,"first_seen":"2024-12-07T06:59:27.693003Z","last_seen":"2026-04-05T08:25:10.658218Z","alert_count":2,"request_count":1,"received_data":2043,"sent_data":418,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.lingyuclub.com","ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":60,"received_data":3525593,"sent_data":34622,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"www.lingyuclub.com/","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"39c4985bda6f1cf709a458ea196e9d25","sha1":"c135cd9cf989b8ab6d4f38856c38e02ab16ebe17","sha256":"f73edb8ddc968366fd1717764da82729e1dd7e7c92c1c787a84229b73d2ec2c5","sha512":"9b8e93bad547fe47273bffa540f9935d7e731cb59ad0dcf6e8b617c89a7f0fe0ee0ff4b745ff8250d839edf81e4d8693ab5f3843ae99381d9114682e4cc0fbbe","ssdeep":"","tlshash":"62f03019b066264914b76815e76ff42c35986217e3178c01fe7d6bbe4fc1452e3319cb","size":495,"data":"","first_seen":"2026-04-10T12:42:54.876163Z","last_seen":"2026-04-10T12:42:54.876163Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-04-10T14:48:27.020126Z","times_seen":104142,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a80e25aee27d0810b2e64cf820a57247","sha1":"c427931c4bfb53c93d20b1081809d6e432990abf","sha256":"97a051dc77b112413b418be4a45e947af4d121023549dbdd9640cc15c7bf68d2","sha512":"162cbb93d3b28814ee1bad0a7d29f3dab23426c9970724490e247cc083b0677c8f7dea9817769171522e0d711c21ab831819d4717cd3f7a3723b5ec1ac789dfc","ssdeep":"","tlshash":"1bf052bed841a1989ad228bcababd749d0ae0426d00ed852a4d5c8cd7d28fc9043124c","size":504,"data":"","first_seen":"2024-08-19T13:35:26.417841Z","last_seen":"2026-04-10T12:42:54.877766Z","times_seen":37,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-04-10T14:48:27.020126Z","times_seen":104142,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-04-10T14:48:27.020126Z","times_seen":104142,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sdk.51.la/js-sdk-pro.min.js","fqdn":"sdk.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8a41c9449b73e8ba0224c6be1f0b7e8","sha1":"33d79319d4110bcf5c44c36f7dd4a291972ac546","sha256":"52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565","sha512":"472d0395a65a3ade2d215559b196a88ffcdacde3ac0f573eb8663b524f201d72c9339bcacbc198d82452a0ac367c0efd407b12795943cdd2755d95a8cf71b977","ssdeep":"768:swetbD3SkE+a/l1jaKUiQU5eqEh9GMXBOXAA/EXBeJMlbJfuPT:BetbD3SVT/3+KUc5eqEh9GMXBYEXBeJ7","tlshash":"dbf23d9577c0317cc3c783ea362b501ae1a69e910059a8bcf345f6907d34e56a37fba8","size":36114,"data":"","first_seen":"2025-03-10T03:40:31.536734Z","last_seen":"2026-04-10T14:50:18.316805Z","times_seen":83128,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"942539ee19e346b73385c58d35811eb9","sha1":"d8db48a0c5f177710e219b2d151f7394981f32fc","sha256":"f294e0971049c9de11b353442acd3d4251e81c331e7372592f5b7ce58e264fe8","sha512":"3493a26145ed7ce1044256581f99111433ab13bfec97f77693b7e9a621ebb20685071f6e67bf8f1cc8c96250d4014ca14e29cf60f0c8b2cccfa62762534e1a09","ssdeep":"","tlshash":"7fe020cf3385dcc875d3aca86515244962955db43ce46594c8903447197ae6354c35fb","size":351,"data":"","first_seen":"2026-04-10T12:42:54.881968Z","last_seen":"2026-04-10T12:42:54.881968Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"push.zhanzhang.baidu.com/push.js","fqdn":"push.zhanzhang.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"163.177.17.97","port":80,"asn":136958,"as":"China Unicom Guangdong IP network","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"1bb5a3267c9865ad4abe8d937734b62b","sha1":"b5478dd2edb3e64242eced1db2dbd945ef81f592","sha256":"674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2","sha512":"33318ed944a49a8fa334983408d68853b1fbe4f80b19adef6235f23d7708b616cd4f8dd28c8b8ebfbb5776aab8088229f3060cd789af34fe1db5038a98bd0d39","ssdeep":"","tlshash":"91d02be874a0c41c0ce710b17fab328cfab20b2755244d40c05b90013614b1f824bfe9","size":281,"data":"","first_seen":"2023-03-07T01:02:09Z","last_seen":"2026-04-10T13:13:42.644528Z","times_seen":21095,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/static/js/jquery.min.js","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"ed5d820aae73fcec34ea7157cfddddfc","sha1":"42febe5a54f6950910af22d5dad70d9f768b1621","sha256":"00b4b7ac4936e9decea689135a6d4a534a03879b8f48dc14530281b08ea09b6d","sha512":"b6391a0fed92f2c5f37817b7bbb06591044ab10285b10de03e15b961fce9b0334f9f0697ce0eed567a7c996304324eff8e1d8e2e723f8802753483c3cd518ff0","ssdeep":"1536:KxZLrMgzv9HXprbJGLz6sUdj4HR64F7omep/11E97fHWhZPMu0X8+2Hzd0elLTfJ:oFj4MOMt11UHUPu2HzdD0xzqXR","tlshash":"b9f31d8a6ae32031a227b07d4f5fd809b535985f1e88fd103e4c52a59f1c83c57baf99","size":157860,"data":"","first_seen":"2024-05-10T11:06:42Z","last_seen":"2026-04-10T14:48:27.002192Z","times_seen":2289,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/ky.html","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"Function","is_inline":false,"md5":"26421ac860f4dba7f27811712a149502","sha1":"aaf37d59cb4b28ac48ecefa82a2824a8e6210d5b","sha256":"266f482d6e5dd0302fca1871e22db5996e068d1188d1ba9cd96b892552fbcab3","sha512":"919156d81b248a368b0559741a8e0ce24a14178806923d1c1e783b25c3e61815727c3b81cf21e8f4ccd6c29c49f43e8a4d3cfe5bf386b43b01913f328d864e4d","ssdeep":"","tlshash":"6e9004d730c350345f53135404571cc5513cc470144c4d44c0c0d4517cd50345115c5c","size":39,"data":"","first_seen":"2023-04-12T04:16:13Z","last_seen":"2026-04-10T14:54:04.9855Z","times_seen":12749,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.zuizhongjs.com/js/ky1.js","fqdn":"www.zuizhongjs.com","domain":"zuizhongjs.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"994f0c9a304160cbf2beb68093f36751","sha1":"9c8e3bf2883946a0d58a5336330463847c6cab11","sha256":"4011c3afd99ebf1b563b026776ea43a49dfa14a9ec7720201bf4b94d848f0b0c","sha512":"3f08ed48ce733be2a49a94a01c05fb4dc22a13f514fbd2059b201e90ec47fca3e0edb5892f1000686a05ff33925ab241b1010b2da9a9835e801799f3d17b9425","ssdeep":"","tlshash":"723132d4abd27d2d033153346c36da5496ba8831ed079d40785ffd909fa45a80eaacec","size":1765,"data":"","first_seen":"2025-09-30T03:00:09.656491Z","last_seen":"2026-04-10T12:42:54.826419Z","times_seen":323,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/static/web/js/main.js","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"introduction_type":"scriptElement","is_inline":false,"md5":"bfbf6097a68d42e156354fc0cd826074","sha1":"3376e69359b92b209047acab737d850ba6b5210e","sha256":"1dbb0354bcdb5d9af80ed272fd7cb78997b705449cc65ac0a7517f847e124c56","sha512":"775386454b4d022459e4cb70f4047106673310fae9153d95b3840f3a91f872d734db74de04c2a5e5b03a46ab767160b70cbe5681fb84bea6e0108f2da5398716","ssdeep":"","tlshash":"f2c08c09b85162846027ba308e2f4004dc18109f1a8a8e28ba5c48fcaf30528a49de8c","size":163,"data":"","first_seen":"2026-04-10T12:42:54.816071Z","last_seen":"2026-04-10T12:42:54.816071Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"7477ddb4772e85dda0bc5bc3ea6ea082","sha1":"b6e238b5b2103c0b36c674fbf2c716805ce8f573","sha256":"5282166a969932cf86240249dba242d6ac1ae1ae5b1a9285628af863eec12d7c","sha512":"d28693363932ea617bf0b1aea2b173f93ed55db2662cc7e5f52a8e47ec8289c6057540aed6741419876c49eaa6094c95bee3ae9326bd3b05a393cc7444c9b98b","ssdeep":"","tlshash":"2fd0a700f9760064515770ea3dbf100a9eb0008782548940750c08d14f9492dd530b4f","size":269,"data":"","first_seen":"2026-04-10T12:42:54.88349Z","last_seen":"2026-04-10T12:42:54.88349Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"v3.jiathis.com/code/jia.js","fqdn":"v3.jiathis.com","domain":"jiathis.com","tld":"com"},"ip":{"addr":"104.21.59.230","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9290ac1456d44b65c4c4c1b8550c545c","sha1":"6c02d187d541ef91f7bde1961d113058270862db","sha256":"0fac39cca94610c17d0dd16ed52c0b7adb4823b5ea924280bee79fb121937127","sha512":"1473da801d3ca87ffd02949b0cc5a3082ab7f0dffc90103a6bd2b8a940cb56480f8125e7681d6a4342237d87ec2fbda3ecedfc8f0ba6a96cedaa32d39f0e7177","ssdeep":"","tlshash":"3c512b0bed3528746765043911ebda4cf1e2524cd03de10584dde4904a64fd5582e7c8","size":3159,"data":"","first_seen":"2026-03-17T08:54:57.747604Z","last_seen":"2026-04-10T12:42:54.775866Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?619b4901600e6cc6880e96c099454dea","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.183.79","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"854017df4c999cee48e3074483ec0d1f","sha1":"2e9bfac4aea270d2017f50f9681ddde17967bf38","sha256":"e52dd88d4161dc8d74f08c0c862dbaa382276bab497e2fa900b4695d2f367fe4","sha512":"c0c0119aacf59955be6d16911d3e89ecf2186673b7e903e47f91affdf3890ed3bd6e3bd3bbb89487abe6f706ea4e3effc9156d76d023ea59cb3a9016ced6860d","ssdeep":"384:/0JSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:/04VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"fad2d9e9b282713293a324a5153f724af07b5a54bd4968a4f11894c07d38fbb027bfdd","size":29900,"data":"","first_seen":"2026-04-10T12:42:54.850052Z","last_seen":"2026-04-10T12:42:54.850052Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"51036ae6e39a2f82f62c12dac538db5e","sha1":"9ec4cd0cedbf09322b7e710d965dbe3eddebe02f","sha256":"aa67750d9550a3a56e40760de4e1f3effa2a1844342c805b21eb26903aaf5f15","sha512":"e93eaf8663129b81946ccfea09808774377d4ea25be473fd817bd25211ae6c55e3e9cf4f28a81808e97ecbdde8cabe876704f623843c8df5ff01e85fd42b9e42","ssdeep":"","tlshash":"b9e0c0cf2281ccc821e25cf835402208a1c94d526df418c0c450308614a856254c24fb","size":344,"data":"","first_seen":"2026-04-10T12:42:54.884685Z","last_seen":"2026-04-10T12:42:54.884685Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-04-10T14:48:27.020126Z","times_seen":104142,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aeceeecbfe53d701db10fbe9c2761dfd","sha1":"f78ad7c5569df98f083511a906dfbe4e2fbc83b6","sha256":"a9a2d521a746bd30ed52543544e5b16c16e02e78d30861bf7a559f84184f3e20","sha512":"1505016f94b1d1776704e5edb7e70a37c27b926c3467ae1a0fe8604eaa612bb46bc8f34bfe6c5c1d1c0a50181e189d898f53ddb123a3adbbb2158e327e2200b1","ssdeep":"","tlshash":"fde078cf53c7c4cc35d7bcd87915700875d65d607cf45590898034162879a6354e35f7","size":345,"data":"","first_seen":"2026-04-10T12:42:54.88745Z","last_seen":"2026-04-10T12:42:54.88745Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"80b0cda7b0eaab945c6a59657a8b0596","sha1":"befb5a7724cd3131b1bb1c2c518b257c3170f9d3","sha256":"797b0b1d8d6baf8ee384d527a7b2cc929b3fcd94dd19f48d40506cd46681147b","sha512":"45cd22d8a3006be0bce0302a09a9c5d371a4bc45b8c4838c6a5c07639cf8474527bca9b85189c912efc5675ea4481dce080377c56b0c142eb9d82718e6ca186f","ssdeep":"","tlshash":"5de026962c5382fc0b610ea1c668b138e1ad924af8c2ea46781dcd9407643ac621c869","size":361,"data":"","first_seen":"2026-04-10T12:42:54.888414Z","last_seen":"2026-04-10T12:42:54.888414Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-04-10T14:48:27.020126Z","times_seen":104142,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"a3947a04f5f1ddbf1d9e627a3100b63a","sha1":"a2d2d96383a79af30e99e8dcc3b046ab9d54428f","sha256":"5685809f1454fffcfdac55a91a2bb3a7ba113f111b83a9c900e7c89426d6ee9c","sha512":"a45ad07589629ab68842ab7e7b57468af533db5f008b9ac5e9c83985d6df41183cd05623af37412bb2c24117621ec835d44bd8e618317f36a04f30c18ae0c0f2","ssdeep":"","tlshash":"0de05e2f6c5764b476ab142e13bfd688b191605f6075c10174cde8914f55e904829bc8","size":360,"data":"","first_seen":"2026-04-10T12:42:54.889748Z","last_seen":"2026-04-10T12:42:54.889748Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sdk.51.la/js-sdk-pro.min.js","fqdn":"sdk.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8a41c9449b73e8ba0224c6be1f0b7e8","sha1":"33d79319d4110bcf5c44c36f7dd4a291972ac546","sha256":"52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565","sha512":"472d0395a65a3ade2d215559b196a88ffcdacde3ac0f573eb8663b524f201d72c9339bcacbc198d82452a0ac367c0efd407b12795943cdd2755d95a8cf71b977","ssdeep":"768:swetbD3SkE+a/l1jaKUiQU5eqEh9GMXBOXAA/EXBeJMlbJfuPT:BetbD3SVT/3+KUc5eqEh9GMXBYEXBeJ7","tlshash":"dbf23d9577c0317cc3c783ea362b501ae1a69e910059a8bcf345f6907d34e56a37fba8","size":36114,"data":"","first_seen":"2025-03-10T03:40:31.536734Z","last_seen":"2026-04-10T14:50:18.316805Z","times_seen":83128,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"36536b831391d9f2f644b3a34e14355f","sha1":"8879e17e8428cceef469ea0d890392fbbdc9378e","sha256":"fb1c770bebb3f902e6577a132d8938c9cec2b4c214a6c481bd2bb939c85a0300","sha512":"42fde38c80f16c8ddd01de8ffe07bec3240e86867a8c58773eaac7dbecf32baa5e0de0ed7edf72b345088a7458ad2b85c40a8fd56e45c30d8222f155278c0452","ssdeep":"","tlshash":"4201b41df8e7542411b3b4778e6f44082c62601f554dce017d5d2bfa1f62134a592f64","size":665,"data":"","first_seen":"2026-04-10T12:42:54.890811Z","last_seen":"2026-04-10T12:42:54.890811Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"257c3b8b3d160ca8007a254e49c4e25c","sha1":"64ae242f1b22675dcd8cd4ed3b36de0dc1aeac72","sha256":"cfcd798261b57615275d1fdc7794c6481ec5999f8b4e834606d06d014279c09b","sha512":"269bfbdeabd243f3cddbd72f6c3e9cb9625ebbb9214952f12e63be8d29354cf7bbbcf481d25deebcd24bf96e7af2946dfea7653302ae3274ebf7dc42446cd887","ssdeep":"","tlshash":"7ef097bfdc61a6586ad328bda7ebe648e0ae0464d40ad847a5dac5cd2d3cfcc142134c","size":504,"data":"","first_seen":"2025-12-10T22:49:00.788286Z","last_seen":"2026-04-10T12:42:54.892087Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"3cc00602c740f51dd3e91456d647ceaa","sha1":"54fe3840d63b5c4412d851c3670d1f954454cb38","sha256":"87ce03345da614d78d90be2497b56983ff98d39dc882f44d9ada1743be911bf0","sha512":"ff1c2895e18e1fe4f43274754e1b3b2fa6eac117f772d9bf36bc313f820c2696ab6f088460a631bd462d108c9b24408b7c67a07b7e627dd62e924115308082c1","ssdeep":"","tlshash":"a4510584ef5d243f4935a37e1a3d52cd233c40616626c82fed988cb444e8a7e571fa16","size":2863,"data":"","first_seen":"2026-04-10T12:42:54.893341Z","last_seen":"2026-04-10T12:42:54.893341Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"998600178864fac2e10d3a97fdb8336b","sha1":"807d4fd27421809e162b0e9e7e0154d6f6be2163","sha256":"d4d0c7a56d824804d356e331c36ddeaf5dfd74c6d86c01450f8ab2079bae991b","sha512":"9d2bcce65218211f1d367b97dd778aaee6372e1fb2debbd73881aca47953a523d27d1e56a410c2d9deceb6c658f4baf934455d8a598e9b4506e886ed8890b5dc","ssdeep":"","tlshash":"d7515350fb0e30ca46b730b8ee6e53ca422cb226485adc75dc75608429e1cade116fbc","size":2764,"data":"","first_seen":"2026-04-10T12:42:54.894341Z","last_seen":"2026-04-10T12:42:54.894341Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?7d86eb847ecfd3c972fa457a6abaa0da","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.183.79","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"9638d2a2c6d4bdd5e6046c1d8450a488","sha1":"7edbcd2fca37660a371e51a132575549c1fc28fb","sha256":"ba521d14213d8361002f03a6a4e38800af5d9b6883a39b2932bcdb9efbe7e70c","sha512":"a7817a1e7d20fa6bda624d40ccda1196604b7de1cb9fa62d6af3c8aa0ffb425472b561188d034f310680eb7e449fbdf537844d0444f4bfb4ad7ad12d3d0f7ee8","ssdeep":"384:yQXJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:1X4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"6cd2d9e9b282713293a324a5153f724af07b5a54bd4968a4f11894c07d38fbb027bfdd","size":29895,"data":"","first_seen":"2026-04-10T12:42:54.862137Z","last_seen":"2026-04-10T12:42:54.862137Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"567646f064a9ec9d9c906faa2b54ac26","sha1":"4e0f36511484057993ff05fb097cd9331d56a0b2","sha256":"7626226cef8b4bdbc5705b44e16f7479518b11cf7e8c04466c768aaed47c3573","sha512":"b7249a0beeb9082e8a2aac9a8c01a33dd38bf3c266a6506d121bb2c5acfcc12fa726db0f3fe384b8a4dfd7028f01cc2121298788af8977e0e830435a93308bbc","ssdeep":"","tlshash":"ffb0924a7e1ac158690108c0e8b0ea38a079a8309d42edacc9aa683864c678c6f01910","size":125,"data":"","first_seen":"2024-12-19T08:11:36.846009Z","last_seen":"2026-04-10T12:42:54.895186Z","times_seen":382,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-04-10T14:48:27.020126Z","times_seen":104142,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-04-10T14:48:27.020126Z","times_seen":104142,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?8e1df91611627c21bf39ae4ad3304f2d","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.183.79","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"17317b1d9a16b5d6442e1c3d24dd05fb","sha1":"655e1fe7adebc01678a09f3ce00400ae6db153ee","sha256":"52531bc1d097924042cd9665877483ec50180d7384ac1c9746b0980961e1a920","sha512":"ce2676cce2e9765616687462e780d14681ca54140f4ba3cd1f95e4f249c144469962f5b6919eb974e189c5addf9296f2d38282b637886d93344e74fd237e517e","ssdeep":"384:wsJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:ws4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"1bd2c9a9b282713293a324a5153f724af07b5a54bd4968a4f11894c07d38fbb027bfdd","size":29911,"data":"","first_seen":"2026-04-10T12:42:54.867597Z","last_seen":"2026-04-10T12:42:54.867597Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"2ffe8e374c68d9749b195bf1ca94d928","sha1":"205cb311dc8f75f7ecbb58fcce8837921fd79dd1","sha256":"f15e65bdb87a3151cc57384da04e7f538393a92e57b03a3219ba8b4753d64231","sha512":"75d118ec0c94bb595002ba421c791da865a8c39f8218968db4660ec724b9e90a9dd0d9d318a3a72b11faf7d1e65150630c002cab35fda30982a8193ab758793a","ssdeep":"","tlshash":"39115924f72d199f0072b27ea93e2edc213e61952a0085a59d7684901cd163f3f4ff75","size":1081,"data":"","first_seen":"2026-04-10T12:42:54.895701Z","last_seen":"2026-04-10T12:42:54.895701Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"67ec6a55cc19c1a0424f2231713233ab","sha1":"0622046ad7faa37116e6abaf3ef29e36349f83d1","sha256":"a9acd400db4f37dce9e1b0a138e549f43d8266c63fa62a5cd7e0258d47fe7c94","sha512":"ff812e051a48789774445992a953343c53beb7526b3a92cc2a6740bffa818ca79bac9fe642f20716b3bcfc77ad9d90fcf4ec6b0133234594724ad925915919e7","ssdeep":"1536:dGOAVJgML3D3xRXt5DWVBoW+BBL7528I5OonnKVlNx:Azg9BOCC","tlshash":"c3830b4d6223b3f365e32159a75ec64222b51402b905d9f875a90cca64fcc5cc3befba","size":86616,"data":"","first_seen":"2023-03-07T12:24:28Z","last_seen":"2026-04-10T12:42:54.779835Z","times_seen":58,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/ky.html","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"c0e542a00c4f67dcf361b2f1ca4ac319","sha1":"53d829ff898a01d5262bbc061db94b8566077b3e","sha256":"12829b2fd951e9ae845ec6c99dfadde459cc5a0080a0783fdbccac10f230d3f5","sha512":"c9031260fe87ffc147e65848492cdca4b9fc493e45e1c52ff84e250afde74ff8889449788ffec819fb18635d05f7a0b610ca7a737bbd0ff0d1d7e0c0d8674e6b","ssdeep":"","tlshash":"1ec08c157ec7cd28814142e28865e20890a8f52be602ed08b6fe41805f82b480800920","size":160,"data":"","first_seen":"2024-09-19T08:05:04Z","last_seen":"2026-04-10T14:48:27.021752Z","times_seen":2238,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/static/web/js/jquery-1.8.3.min.js","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"introduction_type":"scriptElement","is_inline":false,"md5":"3576a6e73c9dccdbbc4a2cf8ff544ad7","sha1":"06e872300088b9ba8a08427d28ed0efcdf9c6ff5","sha256":"61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf","sha512":"27d41f6cfb8596a183d8261509aeb39fcffb3c48199c6a4ce6ab45381660c2e8e30e71b9c39163c78e98ceabc887f391b2d723ee5b92b6fbc81e48ac422e522b","ssdeep":"1536:s6IzxETpavYSGaW4snuHEk/yosnSFngC/VEEG0vd0KO4emAp2LSEMBoviR+I1z5T:O+vIklosn/BLXjxzMhsSQ","tlshash":"b393f8ed73c6717243ab30ae40af610ef1365869280d8410f129e8f9bc79a499277f7d","size":93636,"data":"","first_seen":"2023-03-07T01:02:53Z","last_seen":"2026-04-10T13:35:58.05787Z","times_seen":30816,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-04-10T14:48:27.020126Z","times_seen":104142,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"d20b83ce630482986c78e8232b1a6a75","sha1":"824a5a76e6d7aa5b32e4f64ce5019677210b1c90","sha256":"4976da7e60928e2ae06bb91b0eaa4131c555aa1b77245782f8b003b62c15de9e","sha512":"f238524561b9254d17d026f456e47ddf96a536b8e993dd8db44d248e461ed529a31acbcdb77b8fb65ab56da8e1785de4978c3a7926cfd81b30f4baf75284c926","ssdeep":"","tlshash":"9ce026ce3382c8dc69e76df82951745ca2da1e60a89858d48c4030522aa9b6354d76fb","size":344,"data":"","first_seen":"2026-04-10T12:42:54.897041Z","last_seen":"2026-04-10T12:42:54.897041Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/static/js/cslink.js?v=0.42477986199661855","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"28b8cf59ec7b33ea40f6f46891602a99","sha1":"47f5e64cd79d73f8436b796b24a3904636991ec9","sha256":"b4ab6b0a671f876e8c29e3451fd886d738dace8d05c8d41df5c46651e10011fb","sha512":"c0c6eaa893b90924bd84b0da3f1a6ecbc1893f85241d4e1bead6dd6f0fc259149626ef5ff4b615ef417658cfa4e56fa9b061639ad79c60223dfba4ea2c42898f","ssdeep":"48:ROpsvd2jsjYu/yvj2B19jTjsUv/PipppTy3+lu7hc/a/7YwMPlFju8Vp+5i4EA4h:ROm2IcIYCdHYOuTX2hU+7jMPyJJk","tlshash":"59c18b9685445c9207b527347fab712de0bf622dd91e894ebe8193e02e31037b909abd","size":5811,"data":"","first_seen":"2026-04-10T12:42:54.850968Z","last_seen":"2026-04-10T12:42:54.850968Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/ky.html","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"00c555dabdabf1e9406d4f20fe831c0e","sha1":"6cd31c13b293ee212dba00d42b97886859993e63","sha256":"73a23da441c178ad941ac049ff0786a0632cd15b165d01e768a11f351a72ecca","sha512":"0e79332498455b468b7b508bed3504cc9c4945c90cdf3f91802eee447223c561b8cc9e86c3cf982aadb0a818b95bcba5523668cbb1ec617066116becd6b84296","ssdeep":"","tlshash":"0201cd4a25a2b55312bb35390b9f600079242043c08acf12bcace6c54f408bc927aa2f","size":692,"data":"","first_seen":"2025-10-19T08:12:02.926Z","last_seen":"2026-04-10T14:48:27.025818Z","times_seen":1009,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8e5c4d98059524ae694a3e769c10fda1","sha1":"d57e47ea219e8d180fc979a6849303431022413e","sha256":"2233df334dbbd3aa1e6deda37d12bc0fbc33ade8fbeefdca34b4743eced7b7d7","sha512":"7f191b20ff5b576fed0b2092fdd56e01ba608915a143134b6c0722013582977aa80c9eddae89dd2c59a9a186e2bbd3b44932ff988c1880227729802bb29ddbda","ssdeep":"","tlshash":"a3f09eaede41e2685ad239f9d7dfd649d05e1028d009d457a4dac4cd2d38fc8042134c","size":504,"data":"","first_seen":"2024-08-19T13:35:26.416336Z","last_seen":"2026-04-10T12:42:54.89861Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/ky.html","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"ac4f05cd99971a89faaa424c466ee257","sha1":"a52f375772efd5f2d773b8f9b82983bd99e6ec9c","sha256":"c98a6e9e0f903fce0e7bbdc64da7fa1f3ce1be445bd5199a407fbf20493524b9","sha512":"128f0c09bb1d3d1a1d348957fecb31d289caf34c7224461c2871a50999ebd839063d80829dde5cf7685ab99374f58635c54aac5879ae1ee9273c579417a23a19","ssdeep":"","tlshash":"735135ee24564cba0f57648873b0164464a12b6163b2dfdff9061d57b205cf98312def","size":2980,"data":"","first_seen":"2025-07-14T06:22:23.50895Z","last_seen":"2026-04-10T14:48:27.026643Z","times_seen":1322,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/ky.html","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"Function","is_inline":false,"md5":"26421ac860f4dba7f27811712a149502","sha1":"aaf37d59cb4b28ac48ecefa82a2824a8e6210d5b","sha256":"266f482d6e5dd0302fca1871e22db5996e068d1188d1ba9cd96b892552fbcab3","sha512":"919156d81b248a368b0559741a8e0ce24a14178806923d1c1e783b25c3e61815727c3b81cf21e8f4ccd6c29c49f43e8a4d3cfe5bf386b43b01913f328d864e4d","ssdeep":"","tlshash":"6e9004d730c350345f53135404571cc5513cc470144c4d44c0c0d4517cd50345115c5c","size":39,"data":"","first_seen":"2023-04-12T04:16:13Z","last_seen":"2026-04-10T14:54:04.9855Z","times_seen":12749,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zuizhongjs.com/js/25/8/7/ky1.js","fqdn":"zuizhongjs.com","domain":"zuizhongjs.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"08c69d307049251400eacd9c9d904553","sha1":"e92916375af7d2fd995bd59f642e734cc805ec3d","sha256":"575108c648993d4fd614f2f460c8b50914db1a455f1107e360adaf44e7eedef1","sha512":"5fb852c71d6fb2f2e595fd7800f0d66cdcaa2f29bcfbb296ef110c2df782fa22c5bc7f01085e800850a20257e41ce7bf604d9e7b1c62439f75a7f4cad4a12f73","ssdeep":"","tlshash":"4751541fbd55e92427a228362ebbea8cf8be0474101dd40684dfd4ac9d34ff50926748","size":2885,"data":"","first_seen":"2025-10-17T18:53:07.083735Z","last_seen":"2026-04-10T12:42:54.830428Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"67ec6a55cc19c1a0424f2231713233ab","sha1":"0622046ad7faa37116e6abaf3ef29e36349f83d1","sha256":"a9acd400db4f37dce9e1b0a138e549f43d8266c63fa62a5cd7e0258d47fe7c94","sha512":"ff812e051a48789774445992a953343c53beb7526b3a92cc2a6740bffa818ca79bac9fe642f20716b3bcfc77ad9d90fcf4ec6b0133234594724ad925915919e7","ssdeep":"1536:dGOAVJgML3D3xRXt5DWVBoW+BBL7528I5OonnKVlNx:Azg9BOCC","tlshash":"c3830b4d6223b3f365e32159a75ec64222b51402b905d9f875a90cca64fcc5cc3befba","size":86616,"data":"","first_seen":"2023-03-07T12:24:28Z","last_seen":"2026-04-10T12:42:54.779835Z","times_seen":58,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sdk.51.la/js-sdk-pro.min.js","fqdn":"sdk.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8a41c9449b73e8ba0224c6be1f0b7e8","sha1":"33d79319d4110bcf5c44c36f7dd4a291972ac546","sha256":"52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565","sha512":"472d0395a65a3ade2d215559b196a88ffcdacde3ac0f573eb8663b524f201d72c9339bcacbc198d82452a0ac367c0efd407b12795943cdd2755d95a8cf71b977","ssdeep":"768:swetbD3SkE+a/l1jaKUiQU5eqEh9GMXBOXAA/EXBeJMlbJfuPT:BetbD3SVT/3+KUc5eqEh9GMXBYEXBeJ7","tlshash":"dbf23d9577c0317cc3c783ea362b501ae1a69e910059a8bcf345f6907d34e56a37fba8","size":36114,"data":"","first_seen":"2025-03-10T03:40:31.536734Z","last_seen":"2026-04-10T14:50:18.316805Z","times_seen":83128,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?af71f27a888db2d1cb746d1ff59bd029","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.183.79","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"4d3729f81eabcbd3a70bd609d510894e","sha1":"69859f6105f192e9b1f4bdc05d463f0af7218cc9","sha256":"099c12f4fb9e2f9af15da3dad28e834305f210d549886ae8a2e1f49ed75b60c2","sha512":"0bdfcd260912caae8da385e5d80f1c8670ad91fecf6dfb7d041e71ade282752ceb08e501317d2669ca2fc6b049c0a3550d59997de0341e82bd2a214ec06f0986","ssdeep":"384:NzBzTA/WdnloRh3KA7yUpNHR5D4f/gvJqan5XJuR5C1JwJAOovmkgbUzYRxefRff:NJvUpNHQf/gzn9JjCJAOoukgbUtff","tlshash":"31d2cae5b186b13297b220a5117f320af0b75a50fc4958a4f15998c07d38fbb027bfad","size":30799,"data":"","first_seen":"2026-04-10T12:42:54.865862Z","last_seen":"2026-04-10T12:42:54.865862Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"59cf81439a8bf9b569e5577fe5aa0de8","sha1":"7310f3ea09ddff6601e9da7bf0665b0edd6d1435","sha256":"235f11ebdcfb5a9e00906afc39c11efbaeed816b9040567cd61f18f9ce7242d4","sha512":"0b0c2f3ecaf57f468c4c73afbe288ef366f90a46fabc52916757e1bd9181fd34bfe73f77488a1ab464b22e7ffb92d592382c23a5d214119e1dab10d1bb6cbfbd","ssdeep":"","tlshash":"9aa01275087384306074895030429b986001802043140d0453163c20406c10f50a10e1","size":77,"data":"","first_seen":"2023-03-07T01:06:53Z","last_seen":"2026-04-10T14:48:27.037886Z","times_seen":5430,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"38b99736e991d961335f0a6eed5fc930","sha1":"fc7bb9218b7b2813f9b267fddf5d8b476eec564f","sha256":"f586d612c00723dedb1ced3c5f41ec9def9333bd0669dfe697d48f99c9e19fc2","sha512":"5e9de643402ac719742cc97cf203ddd839c50fc5825e8afbb6343da31b70ba36d68ec016426633997e29b5a80591a00a74afd74568c158c7010ff4b550aa0e7a","ssdeep":"","tlshash":"47b01270c54ae43cd136f140914087cf2668118ef6b75f0c453cbab2d0ce9942c7d5c1","size":102,"data":"","first_seen":"2023-03-07T01:11:52Z","last_seen":"2026-04-10T14:48:27.041721Z","times_seen":3467,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"0a3a0b592b9c285e050805307cee87c2","sha1":"125a168e24b2bd38aadb84cbb5f87f316b073c41","sha256":"aac32651b10f567c461b9b4f255d6fb1fa6859b5368d8bd9a51af920ab21cf23","sha512":"4097f05a9ce819914160aeba71fa11524f6b291a39b7c948509d756318b600934f1d195980df66bc7731e327979135bfcbe0e9ff3758d779a72481ed623cd3a5","ssdeep":"","tlshash":"a34000000000000000000000003000000000c000000000000000000000c0000cc00000","size":6,"data":"","first_seen":"2023-03-07T01:02:09Z","last_seen":"2026-04-10T14:52:26.057409Z","times_seen":230051,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"c45be88c732ac2ea12ea82c2d32c61af","sha1":"3cf5229d9cd023a191504a348644b3ffe5ad43f2","sha256":"2bef864d44bc8c06e9f2d6092d4b69604babaac75f1cb7be57cc5ad87e859e2c","sha512":"75c3c11800d6b59155b2cadc1369bcffbbcb11e2b7e1135877da6de81f3e18786ea6c64f8a843f9e2be29c4dda71c268a74d44953f8c707b87ef57ddccdce037","ssdeep":"","tlshash":"8eb0120b7d16c04c5c0108c0f8b0fa38d01574200941ececc9f4683874c63cc6f01510","size":105,"data":"","first_seen":"2024-12-19T08:11:36.84867Z","last_seen":"2026-04-10T12:42:54.901609Z","times_seen":385,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"6107c347ed382e3b7752ba623b61e951","sha1":"88541d4521a0f49f61e9c41da8ba0039b2cea6c5","sha256":"1a0f2813d59ea8c689fc4c24f25f872b84de08a35b09e440cfb3e3e61aa23d30","sha512":"0fe39c0153a3788998669bf71e91d17f3db2f25d856e6a99c97a6ea0e41baf4a54521120d079cb26a57000afa5cb05c14a241aad4b2f1b31d95b07029716c294","ssdeep":"","tlshash":"74f052be9c41e5989ae328acabafd34dc0ae0426500ed852a4d5c8cd7d28fd9083524c","size":508,"data":"","first_seen":"2024-06-29T08:40:47Z","last_seen":"2026-04-10T12:42:54.902101Z","times_seen":1040,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"3e555a05eaab9e8810ca1705d4ebc2de","sha1":"9f3bade72b2f607867e3f2e36cacb20d9c9d8265","sha256":"86d146db5efeeafc6fedd58efc6e18a2327848d5144ffb62f4cf1de1b364ffd3","sha512":"6f8e57f63744f8b5c3e6d81fcfb52720d6ab393eaebb6939332c9aac007580717ae318d843583d2ec19380ee27f901899313afec698baf1732bb1725fd437be4","ssdeep":"","tlshash":"09f09eae5e81e6685ad239e9d7efe64dc45e1028900dd457b4dac4cd3d38fd8042574c","size":508,"data":"","first_seen":"2024-08-19T13:35:26.430467Z","last_seen":"2026-04-10T12:42:54.902632Z","times_seen":217,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"9d9c5f44f72785e0ed1c0a423839a16a","sha1":"d2e636af3f1b0c65048c1d78443abdd0e00dff9e","sha256":"470653174fac30249530cd659af32d5635651a57eadd3d87ddc43450b6b0dd21","sha512":"7356e33066cb3ed176790c7db4fc856ba0b5c9e8125dd9823d67cf85bb4a838a378e03050e41f6af200812331a6cf0c41856d83a11a919e3462cbbc9da12176a","ssdeep":"","tlshash":"daf007bf9c60e6186ad328aca7ebe20cd4ae0064000ed847a5dac0cc3d3cfdc082134c","size":508,"data":"","first_seen":"2025-10-01T02:13:07.770411Z","last_seen":"2026-04-10T12:42:54.903304Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"78ac2aa5ccc29c90a345c90aab40b442","sha1":"cac604932faa4add2955602b41de8a8bff362ebd","sha256":"53db339b0b80637f13dfc63813d7366c899cebe0db896602886ece619163d82e","sha512":"5c76abfa8f4091277643f4dad57c37d9eb71d33c9691f0e85bc82ac5f303d4e3da4937cbc2354e4d5c5d0022746d7c06f975f209067df2cefa55bd3827d892a7","ssdeep":"","tlshash":"31b01242d0575c0e0170c236ec485418474d4a7d9fa708010dc6ab5c0c99f1405e549c","size":103,"data":"","first_seen":"2023-03-07T01:06:53Z","last_seen":"2026-04-10T14:48:27.041068Z","times_seen":11260,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"abba9c28bfbac9ceff750ce0813bcf55","sha1":"98c2f8e678cf25bb7c66159acf16753f5e45c4b4","sha256":"8b793a510d16d06ef6a09d1d26705450a159c3df3d8e9fe68a340f6b387b16bf","sha512":"a70bd6d06f76ff9dd8a8edfb26c481f460159510d1d9d38e98727160b715f0f3d3591e2af5a26f0dfbb8c5f5bf4d5d027d6edb1f686563f1c25ccd18f114ebf9","ssdeep":"","tlshash":"e7c0c0731041504c0920c0e631340c0460436f9af743e9b065e23851210f9d809d03dc","size":185,"data":"","first_seen":"2025-09-30T03:00:09.711542Z","last_seen":"2026-04-10T12:42:54.910903Z","times_seen":325,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"692ca1a2eedf1dd66037ffd45097e843","sha1":"252434b10589f4591408611a0d01d3e18bf5a4ae","sha256":"6ba428290cedaa4155bc0e9ac5938ce22700ce8f49de4ffee847dd6f6bee794f","sha512":"8526f2cf7c721d15f7bc97592e1803f8415e96d6dc08c8492bd65db5be55115a82b41295626b91ffdf1bda3f497465ca9ce08f4e4c1c763ed8a510f48152cb13","ssdeep":"","tlshash":"f5c08c4a2e6a80284a204ed6eaa4863040483e803692cc54886c581c01e439cbd18705","size":146,"data":"","first_seen":"2026-04-10T12:42:54.911424Z","last_seen":"2026-04-10T12:42:54.911424Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"http","addr":"www.lingyuclub.com/wanboguanwangmanbetx/static/web/img/favicon.ico","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:30.917Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /wanboguanwangmanbetx/static/web/img/favicon.ico HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nCookie: __vtins__3He6gkvYRqxh6SLX=%7B%22sid%22%3A%20%222208c28d-cc6b-5a9a-aec6-931f0f701d5f%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201775826747292%2C%20%22ct%22%3A%201775824947292%7D; __51uvsct__3He6gkvYRqxh6SLX=1; __51vcke__3He6gkvYRqxh6SLX=8243ce05-3f2e-51b9-b1dc-ce6e82ead133; __51vuft__3He6gkvYRqxh6SLX=1775824947296; __vtins__3HCbdgcdQO6xCcx6=%7B%22sid%22%3A%20%22a69a80d1-a547-5f2d-aff9-b384c944a605%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201775826747308%2C%20%22ct%22%3A%201775824947308%7D; __51uvsct__3HCbdgcdQO6xCcx6=1; __51vcke__3HCbdgcdQO6xCcx6=c689a35d-5833-56bf-a3a1-af8d7e8c73c3; __51vuft__3HCbdgcdQO6xCcx6=1775824947310; __vtins__3KANj5R9vxr5iEs2=%7B%22sid%22%3A%20%226a1a8b0b-a140-506b-8b45-890c1e84390e%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201775826747320%2C%20%22ct%22%3A%201775824947320%7D; __51uvsct__3KANj5R9vxr5iEs2=1; __51vcke__3KANj5R9vxr5iEs2=b3c5c5f9-9753-5e15-ad28-82ad7aa39ec5; __51vuft__3KANj5R9vxr5iEs2=1775824947323; Hm_lvt_af71f27a888db2d1cb746d1ff59bd029=1775824947; Hm_lpvt_af71f27a888db2d1cb746d1ff59bd029=1775824947; HMACCOUNT=2A071DFBDD5E2E2D; Hm_lvt_619b4901600e6cc6880e96c099454dea=1775824947; Hm_lpvt_619b4901600e6cc6880e96c099454dea=1775824947; Hm_lvt_8e1df91611627c21bf39ae4ad3304f2d=1775824947; Hm_lpvt_8e1df91611627c21bf39ae4ad3304f2d=1775824947; Hm_lvt_7d86eb847ecfd3c972fa457a6abaa0da=1775824948; Hm_lpvt_7d86eb847ecfd3c972fa457a6abaa0da=1775824948\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:31 GMT\r\nContent-Type: image/x-icon\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1150,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel","md5":"363dc7508729be292a119a9ad25bef32","sha1":"4d11494317ac455cc6d2e74c4dde12649293ef4b","sha256":"5b498263de9f3c9c1043357315af182065db7aa8258cc9260d84d99cca06ace2","sha512":"dae0eb28d921c28d925ed7a13226a40fafab4f63ad740cb020b0cc38bdd34af1e5199ed9ce7ec5a1297775ed942546ef8f5569ca04c16172d7e91baa792a84e7","ssdeep":"","tlshash":"892199915f08dc24c5b23773c502ecb020dc94ee1ca5b16b7daaea7b781739c4591bc9","first_seen":"2026-04-10T12:42:54.773601Z","last_seen":"2026-04-10T12:42:54.773601Z","times_seen":1,"resource_available":false,"data":null}},"time_used":358,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":358,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/upload/2021/11/01/163575470304764bzyr.jpg","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:23.040Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/2021/11/01/163575470304764bzyr.jpg HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:24 GMT\r\nContent-Type: image/jpeg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":82286,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 1280x490, components 3","md5":"2d287168df84c5da2c010d6be587c0d6","sha1":"eb1a2c7225634a719055746dfd782922c2335a2b","sha256":"54251eb57b4761dde10aa880d485d1a451015fe7d8b2a7db3210bce96b7976a0","sha512":"a6c5dfd1cb328a862645a56d4809c833347b98e4c75abaa231d1a90efe35938593c975023e895b17e8574cd0313864b5210995624c2a55707c7580f6be64a9f0","ssdeep":"1536:BahB5QYtPrO1Miz5ljSkbGdUFWfpAUulRSLCkYaCFubos1wVJ5HXc4qEFi:k/3F0MU59SkyF6eUaCFQosajcOs","tlshash":"1d83021d27de6c0eab982d3daea18c256d10d771322684c0e7e16d18fb8f15c86dc6bd","first_seen":"2026-04-10T12:42:54.774746Z","last_seen":"2026-04-10T12:42:54.774746Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1835,"timings":{"blocked":1573,"dns":0,"connect":0,"send":0,"wait":260,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"v3.jiathis.com/code/jia.js","fqdn":"v3.jiathis.com","domain":"jiathis.com","tld":"com"},"ip":{"addr":"104.21.59.230","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:23.057Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /code/jia.js HTTP/1.1\r\nHost: v3.jiathis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 10 Apr 2026 12:42:23 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Tue, 07 Apr 2026 02:20:20 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nVary: Accept-Encoding\r\nETag: W/\"69d469e4-c57\"\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: h2=\":443\"; ma=60\r\nContent-Encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xZ45wKflS%2Bf4aICejsgNUmkFOGvwWDx6ioXSoH%2BEwNBE4WQmTKKUgThemHJxgN8ZqcgJbBPjggfCuv7ZHZyTyljTyyLYmkK4Fi8Xpvifu6RqcMEArEwsDNEFV7eTaDiaEw%3D%3D\"}]}\r\nCF-RAY: 9ea1d4c61d90783d-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3159,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"9290ac1456d44b65c4c4c1b8550c545c","sha1":"6c02d187d541ef91f7bde1961d113058270862db","sha256":"0fac39cca94610c17d0dd16ed52c0b7adb4823b5ea924280bee79fb121937127","sha512":"1473da801d3ca87ffd02949b0cc5a3082ab7f0dffc90103a6bd2b8a940cb56480f8125e7681d6a4342237d87ec2fbda3ecedfc8f0ba6a96cedaa32d39f0e7177","ssdeep":"","tlshash":"3c512b0bed3528746765043911ebda4cf1e2524cd03de10584dde4904a64fd5582e7c8","first_seen":"2026-03-17T08:54:57.747604Z","last_seen":"2026-04-10T12:42:54.775866Z","times_seen":5,"resource_available":true,"data":null}},"time_used":544,"timings":{"blocked":-1,"dns":8,"connect":1,"send":0,"wait":535,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"collect-v6.51.la/v6/collect?dt=4","fqdn":"collect-v6.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"43.159.107.113","port":80,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.331Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /v6/collect?dt=4 HTTP/1.1\r\nHost: collect-v6.51.la\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Length: 372\r\nOrigin: http://www.lingyuclub.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 210 Unknown Status\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: http://www.lingyuclub.com\r\nAccess-Control-Allow-Credentials: true\r\nServer: TencentEdgeOne\r\nContent-Length: 0\r\nConnection: keep-alive\r\nDate: Fri, 10 Apr 2026 12:42:27 GMT\r\nEO-LOG-UUID: 8625540808219044781\r\nEO-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"210","status_text":"Unknown Status","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-10T14:55:53.648324Z","times_seen":13582113,"resource_available":true,"data":null}},"time_used":291,"timings":{"blocked":0,"dns":52,"connect":19,"send":0,"wait":220,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=2A071DFBDD5E2E2D\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1741883664\u0026si=619b4901600e6cc6880e96c099454dea\u0026v=1.3.2\u0026lv=1\u0026sn=23052\u0026r=0\u0026ww=1280\u0026u=http%3A%2F%2Fwww.lingyuclub.com%2F\u0026tt=%E4%B9%9D%E6%B8%B8%E7%94%B5%E5%AD%90_%E4%B9%9D%E6%B8%B8(%E4%B8%AD%E5%9B%BD)","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.183.79","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.345Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=2A071DFBDD5E2E2D\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1741883664\u0026si=619b4901600e6cc6880e96c099454dea\u0026v=1.3.2\u0026lv=1\u0026sn=23052\u0026r=0\u0026ww=1280\u0026u=http%3A%2F%2Fwww.lingyuclub.com%2F\u0026tt=%E4%B9%9D%E6%B8%B8%E7%94%B5%E5%AD%90_%E4%B9%9D%E6%B8%B8(%E4%B8%AD%E5%9B%BD) HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Fri, 10 Apr 2026 12:42:27 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=DEAFDD5EADAE9AB0; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-10T14:54:38.580224Z","times_seen":332371,"resource_available":true,"data":null}},"time_used":386,"timings":{"blocked":62,"dns":0,"connect":0,"send":0,"wait":324,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=2A071DFBDD5E2E2D\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=873085885\u0026si=8e1df91611627c21bf39ae4ad3304f2d\u0026v=1.3.2\u0026lv=1\u0026sn=23052\u0026r=0\u0026ww=1280\u0026u=http%3A%2F%2Fwww.lingyuclub.com%2F\u0026tt=%E4%B9%9D%E6%B8%B8%E7%94%B5%E5%AD%90_%E4%B9%9D%E6%B8%B8(%E4%B8%AD%E5%9B%BD)","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"111.45.3.198","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.351Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=2A071DFBDD5E2E2D\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=873085885\u0026si=8e1df91611627c21bf39ae4ad3304f2d\u0026v=1.3.2\u0026lv=1\u0026sn=23052\u0026r=0\u0026ww=1280\u0026u=http%3A%2F%2Fwww.lingyuclub.com%2F\u0026tt=%E4%B9%9D%E6%B8%B8%E7%94%B5%E5%AD%90_%E4%B9%9D%E6%B8%B8(%E4%B8%AD%E5%9B%BD) HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Fri, 10 Apr 2026 12:42:27 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=B566BA4063A04231; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-10T14:54:38.580224Z","times_seen":332371,"resource_available":true,"data":null}},"time_used":339,"timings":{"blocked":68,"dns":0,"connect":0,"send":0,"wait":269,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/static/font/iconfont.e7187704.ttf","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.ptfafa.com/go/kaiyun1/ky.html","date":"2026-04-10T12:42:32.947Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.ptfafa.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 06:08:56 GMT","end":"Mon, 22 Jun 2026 06:08:55 GMT"},"fingerprint":{"sha1":"CF:DB:F2:B9:0F:C4:2C:E1:25:27:7A:14:A4:1A:52:E9:5D:61:CA:2D","sha256":"FF:C9:92:0D:5C:A3:C4:35:C5:42:CE:80:BE:D3:7B:42:8A:30:82:1C:21:C5:85:8E:E9:A7:77:89:8C:51:4D:AF"}}},"request":{"raw":"GET /go/kaiyun1/static/font/iconfont.e7187704.ttf HTTP/1.1\r\nHost: www.ptfafa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ptfafa.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Fri, 10 Apr 2026 12:42:33 GMT\r\nContent-Type: text/html\r\nContent-Length: 520\r\nConnection: keep-alive\r\nETag: \"619e0cae-208\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":520,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"3704f92207749f1f9b308fc856e7b7eb","sha1":"b12e7554f139b239e0cb11f2138fa328e414a761","sha256":"7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e","sha512":"c0812fb9a6cc887ce08a773103b08a719a65700c052ff79e35f3471321abc091aa18f73fe6af4600e8409732cc7524ef1760e0a3a242475d41f90fa4182a0297","ssdeep":"","tlshash":"abf00ea3b1130c0e13a8627033b1b0b4dc867dcb67030e51846a303facc16a9c7a33d8","first_seen":"2023-04-08T15:59:38Z","last_seen":"2026-04-10T14:48:26.895468Z","times_seen":6358,"resource_available":true,"data":null}},"time_used":373,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":373,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lingyuclub.com/","fqdn":"lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-10T12:42:19.162Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-10T14:55:53.648324Z","times_seen":13582113,"resource_available":true,"data":null}},"time_used":1340,"timings":{"blocked":1340,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/upload/2021/08/25/16298599542038fqtfs.png","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:23.045Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/2021/08/25/16298599542038fqtfs.png HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:27 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":109775,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 611 x 520, 8-bit/color RGB, non-interlaced","md5":"a3a3d2db84151fc6c8093ff669cbe5ed","sha1":"6e46cf0aa49541dea8719d6fe28b449da134fd60","sha256":"e9904d9d5844c0e4cbbe25a26c9051bce744d8b7e0d34c73b0a7633bfe864985","sha512":"5e3e9c008ec46b3b4ac84387acc5e5913ee2c6ab41f1a17dea32165379543bfe3ec41cdc52ef72cdaa554bd73b84850d4b3c5c2b58b2f6a2eff2b61cef8af3f2","ssdeep":"3072:YELwub2g15c2OmypYXwBUVOKyf1t2mvZCwO90idobnPsgD7I:YQwuxjc2OmKIPVO1eiCh9kDho","tlshash":"dcb3122020fc79ad336308f163d383e2a3e5d6741297b6d486ece695b1ea53ddc84b64","first_seen":"2026-04-10T12:42:54.778367Z","last_seen":"2026-04-10T12:42:54.778367Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5159,"timings":{"blocked":4052,"dns":0,"connect":0,"send":0,"wait":279,"receive":828,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/static/m/js/swiper-3.4.0.jquery.min.js?_=1775824945712","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:25.722Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/m/js/swiper-3.4.0.jquery.min.js?_=1775824945712 HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:26 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":86616,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (32046)","md5":"67ec6a55cc19c1a0424f2231713233ab","sha1":"0622046ad7faa37116e6abaf3ef29e36349f83d1","sha256":"a9acd400db4f37dce9e1b0a138e549f43d8266c63fa62a5cd7e0258d47fe7c94","sha512":"ff812e051a48789774445992a953343c53beb7526b3a92cc2a6740bffa818ca79bac9fe642f20716b3bcfc77ad9d90fcf4ec6b0133234594724ad925915919e7","ssdeep":"1536:dGOAVJgML3D3xRXt5DWVBoW+BBL7528I5OonnKVlNx:Azg9BOCC","tlshash":"c3830b4d6223b3f365e32159a75ec64222b51402b905d9f875a90cca64fcc5cc3befba","first_seen":"2023-03-07T12:24:28Z","last_seen":"2026-04-10T12:42:54.779835Z","times_seen":58,"resource_available":true,"data":null}},"time_used":1393,"timings":{"blocked":221,"dns":0,"connect":0,"send":0,"wait":905,"receive":267,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/static/picture/rbsmgwmmnw-ahnf9aabt7ce2zgq87.webp","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.ptfafa.com/go/kaiyun1/ky.html","date":"2026-04-10T12:42:27.126Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.ptfafa.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 06:08:56 GMT","end":"Mon, 22 Jun 2026 06:08:55 GMT"},"fingerprint":{"sha1":"CF:DB:F2:B9:0F:C4:2C:E1:25:27:7A:14:A4:1A:52:E9:5D:61:CA:2D","sha256":"FF:C9:92:0D:5C:A3:C4:35:C5:42:CE:80:BE:D3:7B:42:8A:30:82:1C:21:C5:85:8E:E9:A7:77:89:8C:51:4D:AF"}}},"request":{"raw":"GET /go/kaiyun1/static/picture/rbsmgwmmnw-ahnf9aabt7ce2zgq87.webp HTTP/1.1\r\nHost: www.ptfafa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ptfafa.com/go/kaiyun1/ky.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 10 Apr 2026 12:42:30 GMT\r\nContent-Type: image/webp\r\nContent-Length: 21484\r\nLast-Modified: Mon, 25 Dec 2023 15:21:03 GMT\r\nConnection: keep-alive\r\nETag: \"65899ddf-53ec\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21484,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"ccf323bf4e1c41b61aaa296ea59b8b81","sha1":"83f1f27a2fc6c58c751b5e7fc627015a1991b374","sha256":"c7959283d90c9940056378a35789761735a565490945094cd5b77c6b4bf1cc74","sha512":"e75e1bfd61482f56c07ebaa6591f3bee348cc1badbec88a9cfffe930cc5da68a8ccb80271a324fda8d0563b9ccdd4c966a14e4435caa9b9da3fbe1679a6a6e8d","ssdeep":"384:ioDvU5aozxCzakUC75bUncSMiubtHuyO9+2lm/3t0mn/gK0QqbLDng7v:1o4LaagncSzEtH4+DF0mYZfUv","tlshash":"b1a2e1f798af70b3532a495c93f695ee5b84ab340c8dac43e879986ca3352734831e05","first_seen":"2023-05-18T07:54:03Z","last_seen":"2026-04-10T14:48:26.897535Z","times_seen":2368,"resource_available":false,"data":null}},"time_used":3919,"timings":{"blocked":2938,"dns":0,"connect":0,"send":0,"wait":975,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/wanboguanwangmanbetx/static/web/img/index/icon6_03.png","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.263Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /wanboguanwangmanbetx/static/web/img/index/icon6_03.png HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/wanboguanwangmanbetx/static/web/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:29 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1033,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 27 x 24, 8-bit/color RGBA, non-interlaced","md5":"0a82881e0c50487e50f001a7b2ec16ec","sha1":"4a67ef20ebd43ae84fa7158252133ddf8e68c462","sha256":"d00846994164d17230bc8a630cc3bc25d44c9b80c3d4eadba077e17133d64cd1","sha512":"d8b9980154666fdb77f1da6619e95c1dd160ba5f1c2865abb214d8956b626bf4e49b6cbadcbac6ca2e4fb8a3a519fe9c313cf140fce3f6fc23f26dcfc4df7ea9","ssdeep":"","tlshash":"0e11725dfac22881e998d5962cea40334823cae0ddc8e0a86ccfc41b5c306f4421d9d7","first_seen":"2026-04-10T12:42:54.781594Z","last_seen":"2026-04-10T12:42:54.781594Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2763,"timings":{"blocked":2485,"dns":0,"connect":0,"send":0,"wait":278,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"api.share.baidu.com/s.gif?l=http://www.lingyuclub.com/","fqdn":"api.share.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"39.156.68.163","port":80,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.962Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /s.gif?l=http://www.lingyuclub.com/ HTTP/1.1\r\nHost: api.share.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Length: 0\r\nContent-Type: text/plain; charset=utf-8\r\nDate: Fri, 10 Apr 2026 12:42:28 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-10T14:55:53.648324Z","times_seen":13582113,"resource_available":true,"data":null}},"time_used":1400,"timings":{"blocked":562,"dns":308,"connect":255,"send":0,"wait":274,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/upload/2023/03/14/16787555723431mprr2.png","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:23.037Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/2023/03/14/16787555723431mprr2.png HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:25 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":155678,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1280 x 490, 8-bit/color RGB, non-interlaced","md5":"3b2a6909f39a9e1f0cd0ecc3fbe55637","sha1":"4022f281b8e9771515b4351376e4871875b3f760","sha256":"d351ff0b2c814c12fb56fdf7b97bc1054773d98d4cc906123a99065e4e8aaab7","sha512":"ad41c088bdc5cc9aacaa83eaa6c8012dc76034dc3e9a3907eb95f835078c5f1bce310f31c427107a562b6cec554ccf262bea469a5bad7eeda124f39e0392a021","ssdeep":"3072:V77c3vV2Nl23KqWr8RNAS+1dfUbkygff0aDCd8lu8ci88ob8Y4J8:N8t2j26qq8RNASEdjVkKb/8J48","tlshash":"64e313842adf747ad44e9ab1138073356ca63732a3b4c9fd478ac659446f0137217b8f","first_seen":"2026-04-10T12:42:54.782467Z","last_seen":"2026-04-10T12:42:54.782467Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3183,"timings":{"blocked":2644,"dns":0,"connect":0,"send":0,"wait":271,"receive":268,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/wanboguanwangmanbetx/static/web/img/index/icon7_09.png","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.295Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /wanboguanwangmanbetx/static/web/img/index/icon7_09.png HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/wanboguanwangmanbetx/static/web/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:30 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1484,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 23 x 24, 8-bit/color RGBA, non-interlaced","md5":"aa59d6b56f6713cef9a7999c476ff2cc","sha1":"5e92b7ffd99ed6c6b9f2eca3f6ad095fa7d1a013","sha256":"4c5ba5911a9669275c768c1f62215aefa57c26340ba514acf97fbab06965f6d9","sha512":"8ddc96018819033fa107c3ea54bf7b3b43a01eefcf76fbf8b1d41e95db7afb46d1c77299fa6d4c83dbd548982299f9adab1e032516d144c5106b93da38f61ddb","ssdeep":"","tlshash":"be31ec19e7916941e085e82b18e7412759234a40df83d191bccfc9121d325b4420f1de","first_seen":"2026-04-10T12:42:54.783397Z","last_seen":"2026-04-10T12:42:54.783397Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3102,"timings":{"blocked":2824,"dns":0,"connect":0,"send":0,"wait":278,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/wanboguanwangmanbetx/static/web/img/index/icon10_03.png","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.390Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /wanboguanwangmanbetx/static/web/img/index/icon10_03.png HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/wanboguanwangmanbetx/static/web/css/style.css\r\nCookie: __vtins__3He6gkvYRqxh6SLX=%7B%22sid%22%3A%20%222208c28d-cc6b-5a9a-aec6-931f0f701d5f%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201775826747292%2C%20%22ct%22%3A%201775824947292%7D; __51uvsct__3He6gkvYRqxh6SLX=1; __51vcke__3He6gkvYRqxh6SLX=8243ce05-3f2e-51b9-b1dc-ce6e82ead133; __51vuft__3He6gkvYRqxh6SLX=1775824947296; __vtins__3HCbdgcdQO6xCcx6=%7B%22sid%22%3A%20%22a69a80d1-a547-5f2d-aff9-b384c944a605%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201775826747308%2C%20%22ct%22%3A%201775824947308%7D; __51uvsct__3HCbdgcdQO6xCcx6=1; __51vcke__3HCbdgcdQO6xCcx6=c689a35d-5833-56bf-a3a1-af8d7e8c73c3; __51vuft__3HCbdgcdQO6xCcx6=1775824947310; __vtins__3KANj5R9vxr5iEs2=%7B%22sid%22%3A%20%226a1a8b0b-a140-506b-8b45-890c1e84390e%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201775826747320%2C%20%22ct%22%3A%201775824947320%7D; __51uvsct__3KANj5R9vxr5iEs2=1; __51vcke__3KANj5R9vxr5iEs2=b3c5c5f9-9753-5e15-ad28-82ad7aa39ec5; __51vuft__3KANj5R9vxr5iEs2=1775824947323; Hm_lvt_af71f27a888db2d1cb746d1ff59bd029=1775824947; Hm_lpvt_af71f27a888db2d1cb746d1ff59bd029=1775824947; HMACCOUNT=2A071DFBDD5E2E2D; Hm_lvt_619b4901600e6cc6880e96c099454dea=1775824947; Hm_lpvt_619b4901600e6cc6880e96c099454dea=1775824947; Hm_lvt_8e1df91611627c21bf39ae4ad3304f2d=1775824947; Hm_lpvt_8e1df91611627c21bf39ae4ad3304f2d=1775824947\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:30 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1017,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 14 x 13, 8-bit/color RGBA, non-interlaced","md5":"78b0696fe8b12232d125623ad277a01e","sha1":"8e2d1eb2f0573f4ada626d15044472a97b5708ae","sha256":"92425a681a62078620926c32b40667ad383d907d366aaaa3f9adf7fcb7fac669","sha512":"83a8b36808421d8eab51ef25584c420156996c0f107961a41a1e930c1d1a97364e006d3355210c0dbffba5f494f4b6a313b2e047476cd321fce81f28c661eb4d","ssdeep":"","tlshash":"db11322efac27c81f18cd54718e6513348234dc0de90f199b8cec4131d609f9825d9eb","first_seen":"2026-04-10T12:42:54.784346Z","last_seen":"2026-04-10T12:42:54.784346Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3285,"timings":{"blocked":3007,"dns":0,"connect":0,"send":0,"wait":278,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/upload/2021/08/25/1629867753925hlufi.png","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:23.046Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/2021/08/25/1629867753925hlufi.png HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:27 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":144140,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 448 x 359, 8-bit/color RGB, non-interlaced","md5":"008763bca8b74d622d86df9a85030741","sha1":"2c4c7ae2373ccba173ba74f998ed6dffd4ebc5e3","sha256":"0e4c24b39561b5d5a8ece6267783dc6444dd90149c82d120a4fe54922fbaba08","sha512":"795eadd63e40c968d11bb677ac13e8ce9df3f419ba7ca60b41576b3d9bcdd993bdd6bf8077f4d24fd44027d202bd49b9ef05cd82229a613bb5e49735f50c5841","ssdeep":"3072:zBKF1JkdXjQ/vPkImdHFcFt4VjuptnTFDQWbWrDIfuK0qZ2ORNYi:E2dYPkImdaT/3FIrc0hOwi","tlshash":"37e312d57ad30cacd47a1b9dba045d9a17c7a88fcf16a79270b9536cf06bacc0439d04","first_seen":"2026-04-10T12:42:54.785298Z","last_seen":"2026-04-10T12:42:54.785298Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4370,"timings":{"blocked":3855,"dns":0,"connect":0,"send":0,"wait":256,"receive":259,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/wanboguanwangmanbetx/static/web/img/index/pic11_03.jpg","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.222Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /wanboguanwangmanbetx/static/web/img/index/pic11_03.jpg HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/wanboguanwangmanbetx/static/web/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:27 GMT\r\nContent-Type: image/jpeg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":97688,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x413, components 3","md5":"f04d0ec534425e26ee80f666cc3141bb","sha1":"128a0325475f4df2f00d9cb3a3a4fda6728ff60b","sha256":"380abd5ce11441f87d87822ac5329ade6bdcbcfa1a35d8c379e5639d2c4d77ca","sha512":"53ed9b7b6b85befcfba6afe7e1af5aa9fae5a257a10731a600c417ff4ae5f85518b32a33d2b6b8e1e8bc1612a7913b749b6687938fa16f5b7f62d27a101a0c23","ssdeep":"1536:6COWcIt1c3PDS4x6av5wqwbNW6fqCFdymq4ix1YGHJtu2MpLVHenlna4KKHhJ:6vIUukNvWqwJt4mI8LV+AAr","tlshash":"86a3025afcd7b91329661cf6bcdc90300e87a5bb89b2c09e5cc1e05647355b882799cf","first_seen":"2026-04-10T12:42:54.786294Z","last_seen":"2026-04-10T12:42:54.786294Z","times_seen":1,"resource_available":false,"data":null}},"time_used":874,"timings":{"blocked":602,"dns":0,"connect":0,"send":0,"wait":268,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/?2e5e8cf3027f94ff5507734e958e4fbd","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.378Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /?2e5e8cf3027f94ff5507734e958e4fbd HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nCookie: __vtins__3He6gkvYRqxh6SLX=%7B%22sid%22%3A%20%222208c28d-cc6b-5a9a-aec6-931f0f701d5f%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201775826747292%2C%20%22ct%22%3A%201775824947292%7D; __51uvsct__3He6gkvYRqxh6SLX=1; __51vcke__3He6gkvYRqxh6SLX=8243ce05-3f2e-51b9-b1dc-ce6e82ead133; __51vuft__3He6gkvYRqxh6SLX=1775824947296; __vtins__3HCbdgcdQO6xCcx6=%7B%22sid%22%3A%20%22a69a80d1-a547-5f2d-aff9-b384c944a605%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201775826747308%2C%20%22ct%22%3A%201775824947308%7D; __51uvsct__3HCbdgcdQO6xCcx6=1; __51vcke__3HCbdgcdQO6xCcx6=c689a35d-5833-56bf-a3a1-af8d7e8c73c3; __51vuft__3HCbdgcdQO6xCcx6=1775824947310; __vtins__3KANj5R9vxr5iEs2=%7B%22sid%22%3A%20%226a1a8b0b-a140-506b-8b45-890c1e84390e%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201775826747320%2C%20%22ct%22%3A%201775824947320%7D; __51uvsct__3KANj5R9vxr5iEs2=1; __51vcke__3KANj5R9vxr5iEs2=b3c5c5f9-9753-5e15-ad28-82ad7aa39ec5; __51vuft__3KANj5R9vxr5iEs2=1775824947323; Hm_lvt_af71f27a888db2d1cb746d1ff59bd029=1775824947; Hm_lpvt_af71f27a888db2d1cb746d1ff59bd029=1775824947; HMACCOUNT=2A071DFBDD5E2E2D; Hm_lvt_619b4901600e6cc6880e96c099454dea=1775824947; Hm_lpvt_619b4901600e6cc6880e96c099454dea=1775824947; Hm_lvt_8e1df91611627c21bf39ae4ad3304f2d=1775824947; Hm_lpvt_8e1df91611627c21bf39ae4ad3304f2d=1775824947\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:28 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":45369,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1174), with CRLF, LF line terminators","md5":"26608d06341fca68c002b442a1c6598f","sha1":"2b5daa92b6191171b37f24d816fefc7fe778f33e","sha256":"1d2b7862d4dc2f7287fd370f4020bdd85210aca361075b9ca81e18789536bcb8","sha512":"932e59bcecfe8ab3cc4c119c6503a32f36ebde90ea4264af48a806a3c62b9ae8c1613824a706b5296b467873253c76c3f4f7c5dce0eac370b36b2f298e6cc08a","ssdeep":"768:OpOICVKLOXOeXPZdE5LQ86xyO67b63bwD+BMmmvbcKdxCA:OpTcZdE5LQ86xyO67b638D+BMmmlCA","tlshash":"b4130830f6899a3f04f362e66e359b69f5898193d5034405f3fd5ac79be1d8ada0388c","first_seen":"2026-04-10T12:42:54.787353Z","last_seen":"2026-04-10T12:42:54.787353Z","times_seen":1,"resource_available":true,"data":null}},"time_used":839,"timings":{"blocked":32,"dns":0,"connect":505,"send":0,"wait":799,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/upload/2021/08/25/16298589444008p2i29.png","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:23.052Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/2021/08/25/16298589444008p2i29.png HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:26 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":109775,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 667 x 585, 8-bit/color RGB, non-interlaced","md5":"06d7aa58e195d912ab810d20d70898ef","sha1":"946c5515f3184d0d73f7d52da2eb42f5695beeec","sha256":"62ca73b71c477ad8b69f0c5faa0c9a5157ea0a80f32e17656b27c4677f4ea1fb","sha512":"11d0374b39c504a36982da6271766e2ee5168af70f06080fbd4318d2503cd059fa9a680b65c920e6e18345b84fc016a4aa2771abc146e5a0704879c2b9602147","ssdeep":"3072:4qbDeB7QlQ+a2GI4S3jUE8az8a6WFCKX/4F7qjRn+D:aBsyI4SYE8aT6CCCwF7Yn+D","tlshash":"cbb3122788e70a3bb5f2b261d6431173bec9d45c9c29e0ab0b426f5e155acfef231512","first_seen":"2026-04-10T12:42:54.78826Z","last_seen":"2026-04-10T12:42:54.78826Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4045,"timings":{"blocked":2964,"dns":0,"connect":0,"send":0,"wait":273,"receive":808,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/ky.html","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:25.671Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.ptfafa.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 06:08:56 GMT","end":"Mon, 22 Jun 2026 06:08:55 GMT"},"fingerprint":{"sha1":"CF:DB:F2:B9:0F:C4:2C:E1:25:27:7A:14:A4:1A:52:E9:5D:61:CA:2D","sha256":"FF:C9:92:0D:5C:A3:C4:35:C5:42:CE:80:BE:D3:7B:42:8A:30:82:1C:21:C5:85:8E:E9:A7:77:89:8C:51:4D:AF"}}},"request":{"raw":"GET /go/kaiyun1/ky.html HTTP/1.1\r\nHost: www.ptfafa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 10 Apr 2026 12:42:26 GMT\r\nContent-Type: text/html\r\nLast-Modified: Tue, 31 Mar 2026 16:31:00 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69cbf6c4-4fdc\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":20444,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1181)","md5":"c65d5921c2db17897ab21429cc29f2c3","sha1":"de3b4ef6190530fc5cb6fc6e4c1e2e3a37cda402","sha256":"c3a825f55ec1cd2bea318d25ad6d873dee2032b8642594aced7470c7f43dc937","sha512":"ec64f9507f466107a043ef7b01998c39d996743715306a355d206ba5bdbe90cb59dce1b061b0e01262b3d7f0e98c64ae875419d3f866fbcf999148fa0f728efe","ssdeep":"384:i5eLAa76E6dODCJkxPNRjV3aojKAxuxMx0xSxh:IA76E6dODCJkxPNVV3aojKMCYgWh","tlshash":"b5922e6644f704771273a0a66b6a67873fa4ea13c90b8b457bec1be45fc2d92cd0314e","first_seen":"2026-04-01T22:25:42.897763Z","last_seen":"2026-04-10T12:42:54.789153Z","times_seen":14,"resource_available":false,"data":null}},"time_used":2385,"timings":{"blocked":1022,"dns":73,"connect":297,"send":0,"wait":340,"receive":1,"ssl":650},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/wanboguanwangmanbetx/static/web/img/index/icon11_03.png","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.225Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /wanboguanwangmanbetx/static/web/img/index/icon11_03.png HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/wanboguanwangmanbetx/static/web/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:29 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1357,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 59 x 17, 8-bit/color RGBA, non-interlaced","md5":"2e80a052d05389b3d4bb315ffe648c0d","sha1":"65c2c57eba8ca884a6d3bc723ddeaabfff3943ef","sha256":"5e82e6ec5192f07eadae23a121225c03184d218bf5722f55e119cd88cbfb8dc5","sha512":"460f772fe0223e3be84c887d644b055b9a2ed7bdc8ca44ecb80289d18f99bef65e85893c5da2ee97bae0b56f079c085f3e45de5e95b5d5f5ca05772fe34f81f6","ssdeep":"","tlshash":"33218658ebd1a940e5889d871ceb5033482349d0cea5d0d4added0273c352f9475f9d7","first_seen":"2026-04-10T12:42:54.789649Z","last_seen":"2026-04-10T12:42:54.789649Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2252,"timings":{"blocked":1973,"dns":0,"connect":0,"send":0,"wait":279,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/static/image/xingkonglogo.png","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.ptfafa.com/go/kaiyun1/ky.html","date":"2026-04-10T12:42:30.113Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.ptfafa.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 06:08:56 GMT","end":"Mon, 22 Jun 2026 06:08:55 GMT"},"fingerprint":{"sha1":"CF:DB:F2:B9:0F:C4:2C:E1:25:27:7A:14:A4:1A:52:E9:5D:61:CA:2D","sha256":"FF:C9:92:0D:5C:A3:C4:35:C5:42:CE:80:BE:D3:7B:42:8A:30:82:1C:21:C5:85:8E:E9:A7:77:89:8C:51:4D:AF"}}},"request":{"raw":"GET /go/kaiyun1/static/image/xingkonglogo.png HTTP/1.1\r\nHost: www.ptfafa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ptfafa.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 10 Apr 2026 12:42:32 GMT\r\nContent-Type: image/png\r\nContent-Length: 9732\r\nLast-Modified: Wed, 18 Sep 2024 08:35:10 GMT\r\nConnection: keep-alive\r\nETag: \"66ea90be-2604\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9732,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 490 x 160, 8-bit/color RGBA, non-interlaced","md5":"3a22887000ff220a744c4abfb0ca3b0e","sha1":"126d11bc998cd1140be675cd280ceb0ed9201e93","sha256":"941823b0c10802ce53f33599300ca8a56c111ad2b0dea45c963f664bcca6e170","sha512":"74c537236b0f53799981beabeced2c06d3d1cd567b35cb3a9456c72e89abcde96d5795619a5b851b4bd969695c62a0277d58f98ac42f4d406d15a555c42249c6","ssdeep":"192:MjpZjWToylY16Nv7GMl4a51odhh34AEq1C5+nN6U/njeH0aSk5C4D1111:Mjp8T6eTN4eq13SuC5U6U79SC61111","tlshash":"36129ef2ab546860d4eca4b53c78d3e38572015935e0d2ab704d8f3c88775b1b85aaee","first_seen":"2024-09-19T08:05:07Z","last_seen":"2026-04-10T14:48:27.005979Z","times_seen":2197,"resource_available":false,"data":null}},"time_used":2820,"timings":{"blocked":2523,"dns":0,"connect":0,"send":0,"wait":297,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/static/image/kaiyunlogo.png","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.ptfafa.com/go/kaiyun1/ky.html","date":"2026-04-10T12:42:30.114Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.ptfafa.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 06:08:56 GMT","end":"Mon, 22 Jun 2026 06:08:55 GMT"},"fingerprint":{"sha1":"CF:DB:F2:B9:0F:C4:2C:E1:25:27:7A:14:A4:1A:52:E9:5D:61:CA:2D","sha256":"FF:C9:92:0D:5C:A3:C4:35:C5:42:CE:80:BE:D3:7B:42:8A:30:82:1C:21:C5:85:8E:E9:A7:77:89:8C:51:4D:AF"}}},"request":{"raw":"GET /go/kaiyun1/static/image/kaiyunlogo.png HTTP/1.1\r\nHost: www.ptfafa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ptfafa.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 10 Apr 2026 12:42:33 GMT\r\nContent-Type: image/png\r\nContent-Length: 15054\r\nLast-Modified: Wed, 18 Sep 2024 07:04:06 GMT\r\nConnection: keep-alive\r\nETag: \"66ea7b66-3ace\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15054,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 814 x 200, 8-bit colormap, non-interlaced","md5":"5bdb83ec9f353d69c2ebc9c36cef090e","sha1":"e3a542a5b41ab05a8a444c3f106186806d1f025e","sha256":"fc148ba9a62f11da475123e65ced85cb59d9715e2c202655e4322942803bde0e","sha512":"465c1eb28d8641c930c163efdafb203a10dd280eb47d5fdc121459bc243309ee18c8fd5f1162bc39402ee416d6ad4034a83253195d5961633a23620a6dfcc261","ssdeep":"192:JpKA2giu6cjK+61eWj17lwRm+M2HtS7NGO+bgJvlClT+ehacY7qZFimlLKztvuBJ:Xk+6Jx7lwRmCpOPJ4T1oulZwtHa","tlshash":"1e62d1c3420996a3fe3624fc31850bada934fcbe5411f725d621758fc9f4aa34c9191e","first_seen":"2023-09-17T16:12:24Z","last_seen":"2026-04-10T14:48:27.0151Z","times_seen":2257,"resource_available":false,"data":null}},"time_used":3493,"timings":{"blocked":2820,"dns":0,"connect":0,"send":0,"wait":673,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/upload/2021/11/01/16357551829837zaac0.jpg","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:23.035Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/2021/11/01/16357551829837zaac0.jpg HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:25 GMT\r\nContent-Type: image/jpeg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":138427,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 1280x490, components 3","md5":"7acbfede4cc32e35d5808e0ad7d184b5","sha1":"42914deb6441ef6fe09dd004a88813af75103246","sha256":"460bb1075baf12b16c37b995d9e050f96124805ec5faced2d9d90413d4f1e6cd","sha512":"f6eb0cad7d94dd36ce28336317f4735a8db98569667063f7e93244ed4f891f7ee18970429f5c62394ab4489ee8371b6a1e32c79c9b48fc5e984d03a01d750439","ssdeep":"3072:Itje8DTjHj2UsahZVqcNRMtg/GnkkG4gmr16Lc8as/KgzoWJ:IDPDtcARMyOzYm5q4ngz1J","tlshash":"d9d312b1551627c2f7cd8b2c45845c22034baadd3ceae6ad45a10c0efbd13ca1b9ee56","first_seen":"2026-04-10T12:42:54.792077Z","last_seen":"2026-04-10T12:42:54.792077Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4824,"timings":{"blocked":1840,"dns":1,"connect":280,"send":0,"wait":282,"receive":836,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/static/image/milanlogo.png","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.ptfafa.com/go/kaiyun1/ky.html","date":"2026-04-10T12:42:30.111Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.ptfafa.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 06:08:56 GMT","end":"Mon, 22 Jun 2026 06:08:55 GMT"},"fingerprint":{"sha1":"CF:DB:F2:B9:0F:C4:2C:E1:25:27:7A:14:A4:1A:52:E9:5D:61:CA:2D","sha256":"FF:C9:92:0D:5C:A3:C4:35:C5:42:CE:80:BE:D3:7B:42:8A:30:82:1C:21:C5:85:8E:E9:A7:77:89:8C:51:4D:AF"}}},"request":{"raw":"GET /go/kaiyun1/static/image/milanlogo.png HTTP/1.1\r\nHost: www.ptfafa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ptfafa.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 10 Apr 2026 12:42:32 GMT\r\nContent-Type: image/png\r\nContent-Length: 31876\r\nLast-Modified: Wed, 01 Oct 2025 10:57:17 GMT\r\nConnection: keep-alive\r\nETag: \"68dd090d-7c84\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31876,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 460 x 200, 8-bit/color RGBA, non-interlaced","md5":"39210e9c9de6402d5546a3198ef2584f","sha1":"7cf2d9b624236f6d89e6adf7141a984993c0d00a","sha256":"082ce96e8972350ee17a4c9898aec45c45e6a5812f6f04c73912e08029639e7e","sha512":"dbd1c54055d23b96a76461c2461046bc247f77a40ece21eddb4053867e1379c3ee2c2857f03b4eb2364d9f9b1d5a49e7c95d1444d7c23fb6b7575b066dd6cd63","ssdeep":"768:LF06BlKZmq8To17zpRtTlbonwtJUeH9mXMks1PotXt:1lKZrLo6eBx7","tlshash":"d5e2f19a5fd1a86aaa3c94704f9bc8d20923109393f6b6f8585fef23012114d81dcff2","first_seen":"2025-10-02T15:40:47.978938Z","last_seen":"2026-04-10T14:48:26.949447Z","times_seen":707,"resource_available":false,"data":null}},"time_used":3134,"timings":{"blocked":2217,"dns":0,"connect":0,"send":0,"wait":591,"receive":326,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.lingyuclub.com/","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-10T12:42:21.342Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-10T14:55:53.648324Z","times_seen":13582113,"resource_available":true,"data":null}},"time_used":516,"timings":{"blocked":516,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/static/web/js/jquery-1.8.3.min.js","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:23.024Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/web/js/jquery-1.8.3.min.js HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:23 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":93636,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65483)","md5":"3576a6e73c9dccdbbc4a2cf8ff544ad7","sha1":"06e872300088b9ba8a08427d28ed0efcdf9c6ff5","sha256":"61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf","sha512":"27d41f6cfb8596a183d8261509aeb39fcffb3c48199c6a4ce6ab45381660c2e8e30e71b9c39163c78e98ceabc887f391b2d723ee5b92b6fbc81e48ac422e522b","ssdeep":"1536:s6IzxETpavYSGaW4snuHEk/yosnSFngC/VEEG0vd0KO4emAp2LSEMBoviR+I1z5T:O+vIklosn/BLXjxzMhsSQ","tlshash":"b393f8ed73c6717243ab30ae40af610ef1365869280d8410f129e8f9bc79a499277f7d","first_seen":"2023-03-07T01:02:53Z","last_seen":"2026-04-10T13:35:58.05787Z","times_seen":30816,"resource_available":true,"data":null}},"time_used":1846,"timings":{"blocked":239,"dns":1,"connect":257,"send":0,"wait":577,"receive":772,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/upload/2021/11/01/16357550004507spjut.jpg","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:23.038Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/2021/11/01/16357550004507spjut.jpg HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:25 GMT\r\nContent-Type: image/jpeg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":129904,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 1280x490, components 3","md5":"d736f2d0d508d6d1ac3069c59f880c3f","sha1":"0f535c93651396a3315ea8d7bd8741adba8fa7d6","sha256":"19c3bc45f81806c79f4950ed84cb2a677d850dd3df7b3eadbef606cb62819fff","sha512":"9e2c2491521b423c2ebf53174e8235a46449566bf833fd5ac979c2ddfd7e95c585fcde5d32bc82ba8d9849f8fcd2fd8ac43c57f2d9bd91e25d148642024a55b5","ssdeep":"3072:kJw+0o/NcloaqFmAHykqx+uDzPWl0VCyeMz1Pft:3+DvhsAHYxlveMBP1","tlshash":"83c312a7e782344b795c4f388ecc9e8077cbce573d62015456c33849e6a16c725ec8ae","first_seen":"2026-04-10T12:42:54.794171Z","last_seen":"2026-04-10T12:42:54.794171Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2904,"timings":{"blocked":1841,"dns":0,"connect":0,"send":0,"wait":266,"receive":797,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/wanboguanwangmanbetx/static/web/img/left.png","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.215Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /wanboguanwangmanbetx/static/web/img/left.png HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/wanboguanwangmanbetx/static/web/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:28 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1684,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 70 x 60, 8-bit/color RGBA, non-interlaced","md5":"fb17a082818b837c52d5062ecf043901","sha1":"518ba47ea4a33fbdc01818ed1d87e57b5e289ce9","sha256":"dec1a470ca1c4cafe4b6f14c3dd25433451e75964545a002784539828c878a41","sha512":"280a2f5b4d497b3f0df99f210e05942b071d3598780b385d18745303f5db0987ab6c0a9d8b8284a92d2826b6fe2c3a06e1c573a7d9a799915f69dcef7afedd8c","ssdeep":"","tlshash":"1631d85ab9f03828b24ed2c210f6c52b55168bc098d4e1a664dac52785720f9800eaef","first_seen":"2026-04-10T12:42:54.80706Z","last_seen":"2026-04-10T12:42:54.80706Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1014,"timings":{"blocked":490,"dns":0,"connect":261,"send":0,"wait":263,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/upload/2017/07/07/14994163426951oegsx.jpg","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.256Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/2017/07/07/14994163426951oegsx.jpg HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:28 GMT\r\nContent-Type: image/jpeg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":212470,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x642, components 3","md5":"eb91048ab0d9e3053d84a1be2d1da210","sha1":"edce3dfb816cf29b1c5b919efa35c7e0d04a2109","sha256":"0aa919d4743e166ee29ecf6e6f4eccbdbdd4acc661af813bf566325aa2c3bc89","sha512":"5f64871dc0930ea2da9893dab5336e56e47ab81b527c0b3716e10bc80fa3561a0f41f96cab3941cfee7a0888aace47a06763772dcff209886db2913cfdd4ea01","ssdeep":"3072:kwJwKIgSxg1+FiVhpASwKC6LuAuxyHuOpu2gSXHiDedYhBGrlKKSTZISxlmC7cWb:NJ5Sxg1+zSwjGyxYpBIZhBroSxlmCJb","tlshash":"a52422d8b9ce0e5bb201bce78574632b0091977b39977d2f8855a606b3b02f705c97e8","first_seen":"2026-04-10T12:42:54.809506Z","last_seen":"2026-04-10T12:42:54.809506Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1477,"timings":{"blocked":960,"dns":0,"connect":0,"send":0,"wait":259,"receive":258,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/upload/2025/09/02/17568031245857jk6ur.png","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.226Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/2025/09/02/17568031245857jk6ur.png HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:29 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":35066,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 324, 8-bit/color RGB, non-interlaced","md5":"69454c587ff956564b12c7d85288c1e1","sha1":"43c412ae921785740de151f91c99915ef35b6737","sha256":"8c37b44ded66ffb232f72a5fa2c67a1db82fdf9861fc6d0d3f5f6e6db1ff8f9b","sha512":"888e4e5699478c217c26d60411d70fa172bf6e3b04fb142ef97cc0eebc553b8208063804c245564f6383d354f141696c03d47cb64d3d707a1efceb4d3e4371cd","ssdeep":"768:hfddgPTog0+ORQUQnRfcZZKPJUeT0pICOe8Ff:1zgPEg0+o/QnRKZEEj1Y","tlshash":"83f2f1375a45e4a5f6d7d8aecbac0fa3e84fdd2961744abcb0d01d78131ec028612de2","first_seen":"2026-04-10T12:42:54.810498Z","last_seen":"2026-04-10T12:42:54.810498Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2898,"timings":{"blocked":2051,"dns":0,"connect":281,"send":0,"wait":285,"receive":281,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"collect-v6.51.la/v6/collect?dt=4","fqdn":"collect-v6.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"43.159.107.113","port":80,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.317Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /v6/collect?dt=4 HTTP/1.1\r\nHost: collect-v6.51.la\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Length: 371\r\nOrigin: http://www.lingyuclub.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 210 Unknown Status\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: http://www.lingyuclub.com\r\nAccess-Control-Allow-Credentials: true\r\nServer: TencentEdgeOne\r\nContent-Length: 0\r\nConnection: keep-alive\r\nDate: Fri, 10 Apr 2026 12:42:27 GMT\r\nEO-LOG-UUID: 2924013915451495711\r\nEO-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"210","status_text":"Unknown Status","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-10T14:55:53.648324Z","times_seen":13582113,"resource_available":true,"data":null}},"time_used":387,"timings":{"blocked":0,"dns":65,"connect":19,"send":0,"wait":301,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/static/picture/rbsmgwmigzeaqeisaabdvano3pe24.webp","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.ptfafa.com/go/kaiyun1/ky.html","date":"2026-04-10T12:42:27.125Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.ptfafa.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 06:08:56 GMT","end":"Mon, 22 Jun 2026 06:08:55 GMT"},"fingerprint":{"sha1":"CF:DB:F2:B9:0F:C4:2C:E1:25:27:7A:14:A4:1A:52:E9:5D:61:CA:2D","sha256":"FF:C9:92:0D:5C:A3:C4:35:C5:42:CE:80:BE:D3:7B:42:8A:30:82:1C:21:C5:85:8E:E9:A7:77:89:8C:51:4D:AF"}}},"request":{"raw":"GET /go/kaiyun1/static/picture/rbsmgwmigzeaqeisaabdvano3pe24.webp HTTP/1.1\r\nHost: www.ptfafa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ptfafa.com/go/kaiyun1/ky.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 10 Apr 2026 12:42:30 GMT\r\nContent-Type: image/webp\r\nContent-Length: 44556\r\nLast-Modified: Mon, 25 Dec 2023 15:21:02 GMT\r\nConnection: keep-alive\r\nETag: \"65899dde-ae0c\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":44556,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 206 x 173, 8-bit/color RGBA, non-interlaced","md5":"6194ced01b173481e68b89111c85d6b1","sha1":"35a559992114129a74eac4d5c165bcd9a6a2e3f1","sha256":"bf9c1ba4745317154616c229e8abf30963b05a905c43e0e38b3d795c714b6074","sha512":"ae946a383c19f2072ead7621a8a058498c8bc04272397c3d5939e2e0b988cb833b04cf3eb5c023884664e163fb0f5ca2a62d24bd998db47a70af4d1d8ca6609b","ssdeep":"768:wbU7XS2F2IS772TDQnsnw4zcI2jWEVXUy2+Ly70uHLvUZtT5miRxH0a5FxsF3:wci2F2IS772TDQsnw4zJ4NFUK5uzUZts","tlshash":"7b1302204fad1c6c223f233446852697a06cbe5c39139df50ac9b4de1e9ac3b81559bf","first_seen":"2023-05-18T07:54:04Z","last_seen":"2026-04-10T14:48:26.957948Z","times_seen":2339,"resource_available":false,"data":null}},"time_used":5067,"timings":{"blocked":2939,"dns":0,"connect":0,"send":0,"wait":467,"receive":1661,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/upload/2021/11/01/163575470304764bzyr.jpg","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.174Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/2021/11/01/163575470304764bzyr.jpg HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:28 GMT\r\nContent-Type: image/jpeg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":133526,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 1280x490, components 3","md5":"87a9155c5242e79d3faa7117080fc287","sha1":"faf48230d1289246db71af49cf67bd4d42e771bb","sha256":"c9f2ff8675fbebf81e43baecc9189ccb0435cbf385c5b2ddbc46aca205d8bc1f","sha512":"b0f5afe236169cd2f3a33e4c2c789eef97e0bab10cc15d1c0861a991edf6245ef5bc9ab8b71f49545474cff74287237f70a4b94ec4d91db8e78808f51c9dced3","ssdeep":"3072:k/3F0MU59SkyF6eUaCFQosajcOSe4stZQlWC3RFhuf:qV0MU59SkyF6eo7saj5SJLlR3Phq","tlshash":"d3d3125916c7bc0a7f85182de9a44d787e00c73736274191d2b26c18bb8b2acd1ddebd","first_seen":"2026-04-10T12:42:54.812431Z","last_seen":"2026-04-10T12:42:54.812431Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2293,"timings":{"blocked":1182,"dns":0,"connect":0,"send":0,"wait":280,"receive":831,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/wanboguanwangmanbetx/static/web/img/rigeht.png","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.213Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /wanboguanwangmanbetx/static/web/img/rigeht.png HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/wanboguanwangmanbetx/static/web/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:27 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1691,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 70 x 60, 8-bit/color RGBA, non-interlaced","md5":"deb495ae7f085612e6bd8a61a5cb2bd7","sha1":"41bfcc5c0f0ed2ea7a1822f478856b392ecf3f3d","sha256":"4a9ce9406fd02cef6342d4c52989b76f3af2e4a6cb16fd8981010eda417da7a2","sha512":"3a0712b2da41e1357d65e1e018d94c36b4b6eb7d4433f74adb78de904d94dc8a73ff5f4b0f2b5ae5c013550a31ca427b5b4b3a54c69d1124ad2db8a6d6bd25d7","ssdeep":"","tlshash":"6c319685f764e862b14cd4c9049a00379cb2a4a8d2e0e12879cee8625c610f388546cb","first_seen":"2026-04-10T12:42:54.813516Z","last_seen":"2026-04-10T12:42:54.813516Z","times_seen":1,"resource_available":false,"data":null}},"time_used":611,"timings":{"blocked":342,"dns":0,"connect":0,"send":0,"wait":267,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/upload/2023/03/02/16777266465096svo7b.png","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.228Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/2023/03/02/16777266465096svo7b.png HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:29 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":48486,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 325, 8-bit/color RGB, non-interlaced","md5":"20edad3d9d09246c3890cfeb681c8515","sha1":"9465bb76f696d2ae461e6fb2f33a5211404c723d","sha256":"d2a3042eda62cb0b887cde357276057beddec9b48a26c215c6f7f8e67b1d536a","sha512":"42fb11526dd061d5ad07a9457569c737b34ef8df5936cb705d1f838b0fabd08d9dee4b0389ab42fc570bb967e9360c5cb43501910d7b0b4b0f3c9024e867a1dd","ssdeep":"768:Z60zpGlDhSssshQHQ3teszsAdY8OEgm86Y3SnnOA6Q20p4pi2DnEJ7LW9ccn6PNf:wlVpPmu3gCYvc8Z3i920uXyYPn6PNSgj","tlshash":"a423020354a94c0f8d16d5f6649a74e63257fa002c1dadef8c6e0c356c2bb49e912b77","first_seen":"2026-04-10T12:42:54.81481Z","last_seen":"2026-04-10T12:42:54.81481Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3199,"timings":{"blocked":2070,"dns":0,"connect":281,"send":0,"wait":284,"receive":563,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/static/font/latin.fab57614.woff2","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.ptfafa.com/go/kaiyun1/ky.html","date":"2026-04-10T12:42:30.131Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.ptfafa.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 06:08:56 GMT","end":"Mon, 22 Jun 2026 06:08:55 GMT"},"fingerprint":{"sha1":"CF:DB:F2:B9:0F:C4:2C:E1:25:27:7A:14:A4:1A:52:E9:5D:61:CA:2D","sha256":"FF:C9:92:0D:5C:A3:C4:35:C5:42:CE:80:BE:D3:7B:42:8A:30:82:1C:21:C5:85:8E:E9:A7:77:89:8C:51:4D:AF"}}},"request":{"raw":"GET /go/kaiyun1/static/font/latin.fab57614.woff2 HTTP/1.1\r\nHost: www.ptfafa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ptfafa.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Fri, 10 Apr 2026 12:42:31 GMT\r\nContent-Type: text/html\r\nContent-Length: 520\r\nConnection: keep-alive\r\nETag: \"619e0cae-208\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":520,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"3704f92207749f1f9b308fc856e7b7eb","sha1":"b12e7554f139b239e0cb11f2138fa328e414a761","sha256":"7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e","sha512":"c0812fb9a6cc887ce08a773103b08a719a65700c052ff79e35f3471321abc091aa18f73fe6af4600e8409732cc7524ef1760e0a3a242475d41f90fa4182a0297","ssdeep":"","tlshash":"abf00ea3b1130c0e13a8627033b1b0b4dc867dcb67030e51846a303facc16a9c7a33d8","first_seen":"2023-04-08T15:59:38Z","last_seen":"2026-04-10T14:48:26.895468Z","times_seen":6358,"resource_available":true,"data":null}},"time_used":1319,"timings":{"blocked":915,"dns":0,"connect":0,"send":0,"wait":404,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/static/font/iconfont.e7187704.ttf","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.ptfafa.com/go/kaiyun1/ky.html","date":"2026-04-10T12:42:32.006Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.ptfafa.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 06:08:56 GMT","end":"Mon, 22 Jun 2026 06:08:55 GMT"},"fingerprint":{"sha1":"CF:DB:F2:B9:0F:C4:2C:E1:25:27:7A:14:A4:1A:52:E9:5D:61:CA:2D","sha256":"FF:C9:92:0D:5C:A3:C4:35:C5:42:CE:80:BE:D3:7B:42:8A:30:82:1C:21:C5:85:8E:E9:A7:77:89:8C:51:4D:AF"}}},"request":{"raw":"GET /go/kaiyun1/static/font/iconfont.e7187704.ttf HTTP/1.1\r\nHost: www.ptfafa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ptfafa.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Fri, 10 Apr 2026 12:42:32 GMT\r\nContent-Type: text/html\r\nContent-Length: 520\r\nConnection: keep-alive\r\nETag: \"619e0cae-208\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":520,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"3704f92207749f1f9b308fc856e7b7eb","sha1":"b12e7554f139b239e0cb11f2138fa328e414a761","sha256":"7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e","sha512":"c0812fb9a6cc887ce08a773103b08a719a65700c052ff79e35f3471321abc091aa18f73fe6af4600e8409732cc7524ef1760e0a3a242475d41f90fa4182a0297","ssdeep":"","tlshash":"abf00ea3b1130c0e13a8627033b1b0b4dc867dcb67030e51846a303facc16a9c7a33d8","first_seen":"2023-04-08T15:59:38Z","last_seen":"2026-04-10T14:48:26.895468Z","times_seen":6358,"resource_available":true,"data":null}},"time_used":321,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":321,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/static/web/js/main.js","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:23.028Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/web/js/main.js HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:23 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":163,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"bfbf6097a68d42e156354fc0cd826074","sha1":"3376e69359b92b209047acab737d850ba6b5210e","sha256":"1dbb0354bcdb5d9af80ed272fd7cb78997b705449cc65ac0a7517f847e124c56","sha512":"775386454b4d022459e4cb70f4047106673310fae9153d95b3840f3a91f872d734db74de04c2a5e5b03a46ab767160b70cbe5681fb84bea6e0108f2da5398716","ssdeep":"","tlshash":"f2c08c09b85162846027ba308e2f4004dc18109f1a8a8e28ba5c48fcaf30528a49de8c","first_seen":"2026-04-10T12:42:54.816071Z","last_seen":"2026-04-10T12:42:54.816071Z","times_seen":1,"resource_available":true,"data":null}},"time_used":971,"timings":{"blocked":237,"dns":1,"connect":254,"send":0,"wait":478,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/static/m/js/swiper-3.4.0.jquery.min.js?_=1775824947134","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.137Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/m/js/swiper-3.4.0.jquery.min.js?_=1775824947134 HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:27 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":86616,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (32046)","md5":"67ec6a55cc19c1a0424f2231713233ab","sha1":"0622046ad7faa37116e6abaf3ef29e36349f83d1","sha256":"a9acd400db4f37dce9e1b0a138e549f43d8266c63fa62a5cd7e0258d47fe7c94","sha512":"ff812e051a48789774445992a953343c53beb7526b3a92cc2a6740bffa818ca79bac9fe642f20716b3bcfc77ad9d90fcf4ec6b0133234594724ad925915919e7","ssdeep":"1536:dGOAVJgML3D3xRXt5DWVBoW+BBL7528I5OonnKVlNx:Azg9BOCC","tlshash":"c3830b4d6223b3f365e32159a75ec64222b51402b905d9f875a90cca64fcc5cc3befba","first_seen":"2023-03-07T12:24:28Z","last_seen":"2026-04-10T12:42:54.779835Z","times_seen":58,"resource_available":true,"data":null}},"time_used":417,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":413,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/static/font/montserrat-regular.949efd65.ttf","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.ptfafa.com/go/kaiyun1/ky.html","date":"2026-04-10T12:42:30.128Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.ptfafa.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 06:08:56 GMT","end":"Mon, 22 Jun 2026 06:08:55 GMT"},"fingerprint":{"sha1":"CF:DB:F2:B9:0F:C4:2C:E1:25:27:7A:14:A4:1A:52:E9:5D:61:CA:2D","sha256":"FF:C9:92:0D:5C:A3:C4:35:C5:42:CE:80:BE:D3:7B:42:8A:30:82:1C:21:C5:85:8E:E9:A7:77:89:8C:51:4D:AF"}}},"request":{"raw":"GET /go/kaiyun1/static/font/montserrat-regular.949efd65.ttf HTTP/1.1\r\nHost: www.ptfafa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ptfafa.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Fri, 10 Apr 2026 12:42:31 GMT\r\nContent-Type: text/html\r\nContent-Length: 520\r\nConnection: keep-alive\r\nETag: \"619e0cae-208\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":520,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"3704f92207749f1f9b308fc856e7b7eb","sha1":"b12e7554f139b239e0cb11f2138fa328e414a761","sha256":"7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e","sha512":"c0812fb9a6cc887ce08a773103b08a719a65700c052ff79e35f3471321abc091aa18f73fe6af4600e8409732cc7524ef1760e0a3a242475d41f90fa4182a0297","ssdeep":"","tlshash":"abf00ea3b1130c0e13a8627033b1b0b4dc867dcb67030e51846a303facc16a9c7a33d8","first_seen":"2023-04-08T15:59:38Z","last_seen":"2026-04-10T14:48:26.895468Z","times_seen":6358,"resource_available":true,"data":null}},"time_used":1241,"timings":{"blocked":773,"dns":0,"connect":0,"send":0,"wait":467,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/static/m/css/swiper-3.4.0.min.css","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:25.720Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/m/css/swiper-3.4.0.min.css HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:25 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17762,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (17459)","md5":"2f8278dfca6afaa4669a33c3fb09b55d","sha1":"2bd7f5d8161286d8a45c9e798c436c494290ba32","sha256":"2983198e93f3d01b82e3953e61e6da2fd0a02b45424d7da5c126722959379f8a","sha512":"f1654490ec0775871b03f2e760a56e76da27f0406f6de7bf91b3d5bd686140a06e4b139b491699c91ef3ef4b52c4ec800eed483c66c1fbad620c4f1d588751cb","ssdeep":"192:baN0GpaNCO8jrfg5WHmXgyXyzSHF68DJB0Swz:baN52CXfgWHfyXyzSl68Pw","tlshash":"b582832c17002067f6324f1947c9e77c9715c8839e4368ef6650de48cbbb5a9227f796","first_seen":"2025-06-22T06:41:48.753243Z","last_seen":"2026-04-10T12:42:54.81697Z","times_seen":6,"resource_available":false,"data":null}},"time_used":295,"timings":{"blocked":22,"dns":0,"connect":0,"send":0,"wait":273,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/static/js/jquery.min.js","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.ptfafa.com/go/kaiyun1/ky.html","date":"2026-04-10T12:42:27.111Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.ptfafa.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 06:08:56 GMT","end":"Mon, 22 Jun 2026 06:08:55 GMT"},"fingerprint":{"sha1":"CF:DB:F2:B9:0F:C4:2C:E1:25:27:7A:14:A4:1A:52:E9:5D:61:CA:2D","sha256":"FF:C9:92:0D:5C:A3:C4:35:C5:42:CE:80:BE:D3:7B:42:8A:30:82:1C:21:C5:85:8E:E9:A7:77:89:8C:51:4D:AF"}}},"request":{"raw":"GET /go/kaiyun1/static/js/jquery.min.js HTTP/1.1\r\nHost: www.ptfafa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ptfafa.com/go/kaiyun1/ky.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 10 Apr 2026 12:42:27 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Wed, 18 Sep 2024 07:04:28 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66ea7b7c-268a4\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":157860,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"ed5d820aae73fcec34ea7157cfddddfc","sha1":"42febe5a54f6950910af22d5dad70d9f768b1621","sha256":"00b4b7ac4936e9decea689135a6d4a534a03879b8f48dc14530281b08ea09b6d","sha512":"b6391a0fed92f2c5f37817b7bbb06591044ab10285b10de03e15b961fce9b0334f9f0697ce0eed567a7c996304324eff8e1d8e2e723f8802753483c3cd518ff0","ssdeep":"1536:KxZLrMgzv9HXprbJGLz6sUdj4HR64F7omep/11E97fHWhZPMu0X8+2Hzd0elLTfJ:oFj4MOMt11UHUPu2HzdD0xzqXR","tlshash":"b9f31d8a6ae32031a227b07d4f5fd809b535985f1e88fd103e4c52a59f1c83c57baf99","first_seen":"2024-05-10T11:06:42Z","last_seen":"2026-04-10T14:48:27.002192Z","times_seen":2289,"resource_available":true,"data":null}},"time_used":944,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":342,"receive":602,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/static/web/img/20170718/apnga1.png","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.386Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/web/img/20170718/apnga1.png HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nCookie: __vtins__3He6gkvYRqxh6SLX=%7B%22sid%22%3A%20%222208c28d-cc6b-5a9a-aec6-931f0f701d5f%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201775826747292%2C%20%22ct%22%3A%201775824947292%7D; __51uvsct__3He6gkvYRqxh6SLX=1; __51vcke__3He6gkvYRqxh6SLX=8243ce05-3f2e-51b9-b1dc-ce6e82ead133; __51vuft__3He6gkvYRqxh6SLX=1775824947296; __vtins__3HCbdgcdQO6xCcx6=%7B%22sid%22%3A%20%22a69a80d1-a547-5f2d-aff9-b384c944a605%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201775826747308%2C%20%22ct%22%3A%201775824947308%7D; __51uvsct__3HCbdgcdQO6xCcx6=1; __51vcke__3HCbdgcdQO6xCcx6=c689a35d-5833-56bf-a3a1-af8d7e8c73c3; __51vuft__3HCbdgcdQO6xCcx6=1775824947310; __vtins__3KANj5R9vxr5iEs2=%7B%22sid%22%3A%20%226a1a8b0b-a140-506b-8b45-890c1e84390e%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201775826747320%2C%20%22ct%22%3A%201775824947320%7D; __51uvsct__3KANj5R9vxr5iEs2=1; __51vcke__3KANj5R9vxr5iEs2=b3c5c5f9-9753-5e15-ad28-82ad7aa39ec5; __51vuft__3KANj5R9vxr5iEs2=1775824947323; Hm_lvt_af71f27a888db2d1cb746d1ff59bd029=1775824947; Hm_lpvt_af71f27a888db2d1cb746d1ff59bd029=1775824947; HMACCOUNT=2A071DFBDD5E2E2D; Hm_lvt_619b4901600e6cc6880e96c099454dea=1775824947; Hm_lpvt_619b4901600e6cc6880e96c099454dea=1775824947; Hm_lvt_8e1df91611627c21bf39ae4ad3304f2d=1775824947; Hm_lpvt_8e1df91611627c21bf39ae4ad3304f2d=1775824947\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:28 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1247,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 19 x 20, 8-bit/color RGBA, non-interlaced","md5":"2bfc2a1b7c0d408097e4b40dc40d36ae","sha1":"4523ff58db09e937d24a14478185ba527c896857","sha256":"4c28ae189ed25546c4f329eba9c6d83e2cd33488eb272ff83d3038dcb272736c","sha512":"c3e6bfff5e90a3793e2a6d9377ecc716ca67a5708767baccb861f43f7fb9d7e7c62aa68e6e3b68975d1a19a9aa1aaeef66afa44101048b379e63f1f75deb3fb3","ssdeep":"","tlshash":"55215107fac43881564ad9a134ff0022da434890dad2e2a66cabd87b48310f4899e1eb","first_seen":"2026-04-10T12:42:54.818502Z","last_seen":"2026-04-10T12:42:54.818502Z","times_seen":1,"resource_available":false,"data":null}},"time_used":789,"timings":{"blocked":530,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/upload/2017/06/21/14980422100168lo4do.jpg","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.397Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/2017/06/21/14980422100168lo4do.jpg HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nCookie: __vtins__3He6gkvYRqxh6SLX=%7B%22sid%22%3A%20%222208c28d-cc6b-5a9a-aec6-931f0f701d5f%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201775826747292%2C%20%22ct%22%3A%201775824947292%7D; __51uvsct__3He6gkvYRqxh6SLX=1; __51vcke__3He6gkvYRqxh6SLX=8243ce05-3f2e-51b9-b1dc-ce6e82ead133; __51vuft__3He6gkvYRqxh6SLX=1775824947296; __vtins__3HCbdgcdQO6xCcx6=%7B%22sid%22%3A%20%22a69a80d1-a547-5f2d-aff9-b384c944a605%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201775826747308%2C%20%22ct%22%3A%201775824947308%7D; __51uvsct__3HCbdgcdQO6xCcx6=1; __51vcke__3HCbdgcdQO6xCcx6=c689a35d-5833-56bf-a3a1-af8d7e8c73c3; __51vuft__3HCbdgcdQO6xCcx6=1775824947310; __vtins__3KANj5R9vxr5iEs2=%7B%22sid%22%3A%20%226a1a8b0b-a140-506b-8b45-890c1e84390e%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201775826747320%2C%20%22ct%22%3A%201775824947320%7D; __51uvsct__3KANj5R9vxr5iEs2=1; __51vcke__3KANj5R9vxr5iEs2=b3c5c5f9-9753-5e15-ad28-82ad7aa39ec5; __51vuft__3KANj5R9vxr5iEs2=1775824947323; Hm_lvt_af71f27a888db2d1cb746d1ff59bd029=1775824947; Hm_lpvt_af71f27a888db2d1cb746d1ff59bd029=1775824947; HMACCOUNT=2A071DFBDD5E2E2D; Hm_lvt_619b4901600e6cc6880e96c099454dea=1775824947; Hm_lpvt_619b4901600e6cc6880e96c099454dea=1775824947; Hm_lvt_8e1df91611627c21bf39ae4ad3304f2d=1775824947; Hm_lpvt_8e1df91611627c21bf39ae4ad3304f2d=1775824947\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:30 GMT\r\nContent-Type: image/jpeg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16591,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 173x168, components 3","md5":"acd80467489f1e1f5113abe8681d6f2a","sha1":"9e339e3e03dbeefd76ebde7b1599986199da571b","sha256":"bac19d596bc8d8592dcb0509bae0a858cc92e06b019d5cb90fbe0508a00df253","sha512":"655f872f4d98c8e1d75b15c91913f6bb92c7de25c7ff5d4e5c92273917fe49f76ee1abd7e69e4f8bdcae8a6cdbe0f84db01eb7d01af5876089e3401e3dca8f2b","ssdeep":"384:yOGdzmvURtNRhT+pauqM+GfM17UYBLrG7Q+:qTRtN+pa5MZfMOQLKX","tlshash":"3972c06efe23285cd66d6cf440e701cfd9524b90c1bbd43498cac2a3c5328b48a3a86d","first_seen":"2026-04-10T12:42:54.819393Z","last_seen":"2026-04-10T12:42:54.819393Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3316,"timings":{"blocked":3030,"dns":0,"connect":0,"send":0,"wait":285,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/static/web/img/img-01.jpg","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:23.030Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/web/img/img-01.jpg HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:24 GMT\r\nContent-Type: image/jpeg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10139,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 245x76, components 3","md5":"8fbc6951b19aa0717d749e004496d819","sha1":"180488e0b0ac95e70391d6e5234734a09f7ff149","sha256":"bb6fb3e590530550a927562fdec0a256ea83bf9d7e35b84497454f692ec41e55","sha512":"94440f908e0899a0a03850f82d24a4b523b6451f0c881c63cf9bcc10768a6be20c55726e0e8bde9d3f4376b12dca81fbce5c16e71a2dd5895a7333eb39e7f584","ssdeep":"192:bmQ/vOLx4jjjjjjjjjj1ON2JcJm8Wf32nQO5qoo62uoQDhDf/CLjjjjjjjjjjjjn:bcLGjjjjjjjjjj1/z1OXUMD1/Kjjjjjz","tlshash":"9d224c87d613bec39dcc1631e0e63dceb751328826935d9d24c5ae05c666173a5823fe","first_seen":"2026-04-10T12:42:54.820234Z","last_seen":"2026-04-10T12:42:54.820234Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3470,"timings":{"blocked":1583,"dns":1,"connect":280,"send":0,"wait":283,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/upload/2017/07/07/14994163426951oegsx.jpg","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:23.044Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/2017/07/07/14994163426951oegsx.jpg HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:26 GMT\r\nContent-Type: image/jpeg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":153158,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x642, components 3","md5":"648ccaaaa3a08dfcaedebde12a71a423","sha1":"382d95ba0560aab727028e74a343383dea227eaf","sha256":"b922eb998da64991b6c0c3c8c604630c9db0ca04190181fdeaeeb14819188cba","sha512":"69d02a6fcba34dbc3b5d771728bc2592efd1a97fdb7c6db029eb70224acde029524d0e180d35a60f186da82f6f04ee774f6656327df7985b624f19a0b654f55f","ssdeep":"3072:kwJwKIgSxg1+FiVhpASwKC6LuAuxyHuOpu2gSXHiDedYN:NJ5Sxg1+zSwjGyxYpBIZN","tlshash":"d5e312ccb6c70e67f245ecf7c475536b005296aa3c577e1f4c826a1a72b02e318987e8","first_seen":"2026-04-10T12:42:54.821491Z","last_seen":"2026-04-10T12:42:54.821491Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3529,"timings":{"blocked":2971,"dns":0,"connect":0,"send":0,"wait":282,"receive":276,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/static/picture/rbsmgwmig0oaqpqmaabq2kzlptk31.webp","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.ptfafa.com/go/kaiyun1/ky.html","date":"2026-04-10T12:42:27.122Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.ptfafa.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 06:08:56 GMT","end":"Mon, 22 Jun 2026 06:08:55 GMT"},"fingerprint":{"sha1":"CF:DB:F2:B9:0F:C4:2C:E1:25:27:7A:14:A4:1A:52:E9:5D:61:CA:2D","sha256":"FF:C9:92:0D:5C:A3:C4:35:C5:42:CE:80:BE:D3:7B:42:8A:30:82:1C:21:C5:85:8E:E9:A7:77:89:8C:51:4D:AF"}}},"request":{"raw":"GET /go/kaiyun1/static/picture/rbsmgwmig0oaqpqmaabq2kzlptk31.webp HTTP/1.1\r\nHost: www.ptfafa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ptfafa.com/go/kaiyun1/ky.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 10 Apr 2026 12:42:30 GMT\r\nContent-Type: image/webp\r\nContent-Length: 40503\r\nLast-Modified: Mon, 25 Dec 2023 15:21:00 GMT\r\nConnection: keep-alive\r\nETag: \"65899ddc-9e37\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":40503,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 206 x 173, 8-bit/color RGBA, non-interlaced","md5":"b6e859bef31336d0a03ad2ed18cd4e31","sha1":"db8b7b1e320d7e115254a646d97ab5780c52e0ae","sha256":"170ec291fd15ea3d6ff4112026d4cda5a52127fbb9afdec2360c067bc69c4047","sha512":"f6fdd16d6544a3d267d355429af12d61d17a45740b9575a9372e4f65b33908baa09be698f83584c11544830a2b5b860e7a46a1bbde718e42facae789a771ca5f","ssdeep":"768:A22vHjG0B15BZjNKTprKdweaFRo5grne0rg3RUCifsX:Ar1XZjNKThlZY5grZs33ifsX","tlshash":"1803f1d2e5605c47d171371e820e2e834c3e4b927bd8de6af95e9df5e2418fb85021a3","first_seen":"2023-05-18T07:54:04Z","last_seen":"2026-04-10T14:48:27.013511Z","times_seen":2349,"resource_available":false,"data":null}},"time_used":6734,"timings":{"blocked":2943,"dns":1,"connect":351,"send":0,"wait":486,"receive":350,"ssl":720},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/upload/2017/06/21/149804223789019d93n.jpg","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.400Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/2017/06/21/149804223789019d93n.jpg HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nCookie: __vtins__3He6gkvYRqxh6SLX=%7B%22sid%22%3A%20%222208c28d-cc6b-5a9a-aec6-931f0f701d5f%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201775826747292%2C%20%22ct%22%3A%201775824947292%7D; __51uvsct__3He6gkvYRqxh6SLX=1; __51vcke__3He6gkvYRqxh6SLX=8243ce05-3f2e-51b9-b1dc-ce6e82ead133; __51vuft__3He6gkvYRqxh6SLX=1775824947296; __vtins__3HCbdgcdQO6xCcx6=%7B%22sid%22%3A%20%22a69a80d1-a547-5f2d-aff9-b384c944a605%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201775826747308%2C%20%22ct%22%3A%201775824947308%7D; __51uvsct__3HCbdgcdQO6xCcx6=1; __51vcke__3HCbdgcdQO6xCcx6=c689a35d-5833-56bf-a3a1-af8d7e8c73c3; __51vuft__3HCbdgcdQO6xCcx6=1775824947310; __vtins__3KANj5R9vxr5iEs2=%7B%22sid%22%3A%20%226a1a8b0b-a140-506b-8b45-890c1e84390e%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201775826747320%2C%20%22ct%22%3A%201775824947320%7D; __51uvsct__3KANj5R9vxr5iEs2=1; __51vcke__3KANj5R9vxr5iEs2=b3c5c5f9-9753-5e15-ad28-82ad7aa39ec5; __51vuft__3KANj5R9vxr5iEs2=1775824947323; Hm_lvt_af71f27a888db2d1cb746d1ff59bd029=1775824947; Hm_lpvt_af71f27a888db2d1cb746d1ff59bd029=1775824947; HMACCOUNT=2A071DFBDD5E2E2D; Hm_lvt_619b4901600e6cc6880e96c099454dea=1775824947; Hm_lpvt_619b4901600e6cc6880e96c099454dea=1775824947; Hm_lvt_8e1df91611627c21bf39ae4ad3304f2d=1775824947; Hm_lpvt_8e1df91611627c21bf39ae4ad3304f2d=1775824947\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:30 GMT\r\nContent-Type: image/jpeg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23804,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 173x168, components 3","md5":"11565dab7a0a86d96a468bd63c6766ef","sha1":"3990ce32a3e106b87dbde17e6c38eb4629204f3e","sha256":"c3fee83b952829f67165aacf1f2a5f29c401d85464cdb22e1b416c4abd1549fe","sha512":"b4f061f16299c84cc8e0b1f1c7b7a0dbf57a3c6d376198bcf56983e253e21e5a332aff0b3cfb44892d2f8abf91bd48e39b14fdac3c54132e6424fb22904e07fc","ssdeep":"384:ul2xBKQVxHFXkTLSvAGTYR6NKzvpqwFTOQobFcrYxAfTBzkaJM+ESDmN2808KUHv:tRX8AHKzsKTOJ6r0AfTLbEv2FUHqi","tlshash":"16b2e12372032591501c0acbe6815eade43b7b84cca7f71a7e5d58c4c4aa2356a1c7ee","first_seen":"2026-04-10T12:42:54.823569Z","last_seen":"2026-04-10T12:42:54.823569Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3743,"timings":{"blocked":3186,"dns":0,"connect":0,"send":0,"wait":280,"receive":277,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/cslink/cslink.js?v=0.8683737519219771","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.ptfafa.com/go/kaiyun1/ky.html","date":"2026-04-10T12:42:28.101Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.ptfafa.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 06:08:56 GMT","end":"Mon, 22 Jun 2026 06:08:55 GMT"},"fingerprint":{"sha1":"CF:DB:F2:B9:0F:C4:2C:E1:25:27:7A:14:A4:1A:52:E9:5D:61:CA:2D","sha256":"FF:C9:92:0D:5C:A3:C4:35:C5:42:CE:80:BE:D3:7B:42:8A:30:82:1C:21:C5:85:8E:E9:A7:77:89:8C:51:4D:AF"}}},"request":{"raw":"GET /cslink/cslink.js?v=0.8683737519219771 HTTP/1.1\r\nHost: www.ptfafa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ptfafa.com/go/kaiyun1/ky.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Fri, 10 Apr 2026 12:42:28 GMT\r\nContent-Type: text/html\r\nContent-Length: 520\r\nConnection: keep-alive\r\nETag: \"619e0cae-208\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":520,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"3704f92207749f1f9b308fc856e7b7eb","sha1":"b12e7554f139b239e0cb11f2138fa328e414a761","sha256":"7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e","sha512":"c0812fb9a6cc887ce08a773103b08a719a65700c052ff79e35f3471321abc091aa18f73fe6af4600e8409732cc7524ef1760e0a3a242475d41f90fa4182a0297","ssdeep":"","tlshash":"abf00ea3b1130c0e13a8627033b1b0b4dc867dcb67030e51846a303facc16a9c7a33d8","first_seen":"2023-04-08T15:59:38Z","last_seen":"2026-04-10T14:48:26.895468Z","times_seen":6358,"resource_available":true,"data":null}},"time_used":301,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":301,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/upload/2021/11/01/16357552146467yj8l.jpg","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:23.034Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/2021/11/01/16357552146467yj8l.jpg HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:25 GMT\r\nContent-Type: image/jpeg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":125242,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 1280x490, components 3","md5":"5fc025ef7299819c9af2624cc90373e7","sha1":"27a45e9e017c1e22fd5a908439ed1fe9c732e334","sha256":"7d1d64ae9a5af19bad2ca6b2f9fe191abb4d408c59cfbb5a1f94bc91b67fd016","sha512":"5ee6694bfa33db28277c0ea0d25f41fbc64d89d38b7f099c27fcffdcea219ab36f1688c8551cff3cb693332ca4b473a48ed793e83a681563d3586295543c440d","ssdeep":"3072:15QgRM5sBzi+KXqzu+finvVoO2afMIjo2jVcsYZ:1lRM2O+GufivJ5MIjPa","tlshash":"d6c312c853d911b2b84d44c50aaabb104c9adc7da8bd0e9c29fd5ca7b3c56db28e5c1c","first_seen":"2026-04-10T12:42:54.824642Z","last_seen":"2026-04-10T12:42:54.824642Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3604,"timings":{"blocked":1837,"dns":0,"connect":0,"send":0,"wait":989,"receive":778,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.zuizhongjs.com/js/ky1.js","fqdn":"www.zuizhongjs.com","domain":"zuizhongjs.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:24.397Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.zuizhongjs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 06:07:52 GMT","end":"Mon, 22 Jun 2026 06:07:51 GMT"},"fingerprint":{"sha1":"BA:D1:A5:2A:2F:23:F1:F5:40:0F:39:A0:A6:57:B5:8E:F7:07:74:4C","sha256":"83:91:D0:3E:F0:16:0C:F3:9E:3D:54:49:33:9D:71:1D:60:42:E6:26:9D:99:47:F2:14:26:82:C4:4B:BC:4C:7B"}}},"request":{"raw":"GET /js/ky1.js HTTP/1.1\r\nHost: www.zuizhongjs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 10 Apr 2026 12:42:25 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sun, 28 Sep 2025 07:25:51 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68d8e2ff-6e5\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1765,"size_decoded":0,"mime_type":"application/javascript","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"994f0c9a304160cbf2beb68093f36751","sha1":"9c8e3bf2883946a0d58a5336330463847c6cab11","sha256":"4011c3afd99ebf1b563b026776ea43a49dfa14a9ec7720201bf4b94d848f0b0c","sha512":"3f08ed48ce733be2a49a94a01c05fb4dc22a13f514fbd2059b201e90ec47fca3e0edb5892f1000686a05ff33925ab241b1010b2da9a9835e801799f3d17b9425","ssdeep":"","tlshash":"723132d4abd27d2d033153346c36da5496ba8831ed079d40785ffd909fa45a80eaacec","first_seen":"2025-09-30T03:00:09.656491Z","last_seen":"2026-04-10T12:42:54.826419Z","times_seen":323,"resource_available":true,"data":null}},"time_used":2216,"timings":{"blocked":954,"dns":50,"connect":293,"send":0,"wait":306,"receive":0,"ssl":610},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.zuizhongjs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.zuizhongjs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/static/image/background.png","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.ptfafa.com/go/kaiyun1/ky.html","date":"2026-04-10T12:42:30.078Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.ptfafa.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 06:08:56 GMT","end":"Mon, 22 Jun 2026 06:08:55 GMT"},"fingerprint":{"sha1":"CF:DB:F2:B9:0F:C4:2C:E1:25:27:7A:14:A4:1A:52:E9:5D:61:CA:2D","sha256":"FF:C9:92:0D:5C:A3:C4:35:C5:42:CE:80:BE:D3:7B:42:8A:30:82:1C:21:C5:85:8E:E9:A7:77:89:8C:51:4D:AF"}}},"request":{"raw":"GET /go/kaiyun1/static/image/background.png HTTP/1.1\r\nHost: www.ptfafa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ptfafa.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 10 Apr 2026 12:42:30 GMT\r\nContent-Type: image/png\r\nContent-Length: 181983\r\nLast-Modified: Wed, 18 Sep 2024 07:03:42 GMT\r\nConnection: keep-alive\r\nETag: \"66ea7b4e-2c6df\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":181983,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 1030, 8-bit colormap, non-interlaced","md5":"05bf65d40291d266c59f26f96e67cc72","sha1":"a82f0c303aa0db6e99b37cd73853d7a6810c3e47","sha256":"1a977499b07e4c440c3b1c4284f83140194739f0308cd5090f5f7157a1cd34f3","sha512":"782b2c8345334a55ab399e0767618b74a2bad35835953181831197ce640e4016c6d829f7b5ec02ef2ebb90c91a4aed08ef611ce0b69396874f6b8fe91528ff8d","ssdeep":"3072:yH+fSTQYIsZeo40OdAbcP5CSxRg5rKI/vSk+sD1WDHMfwNNo4rDR:8+aQY1ZI95CSxK57Sk+vIfwk4rDR","tlshash":"4c0412aa6cb708f3c5844cacb0b4add476ebebac05dc7ccef691089d9953c190e84756","first_seen":"2023-09-17T16:12:24Z","last_seen":"2026-04-10T14:48:26.989529Z","times_seen":2498,"resource_available":false,"data":null}},"time_used":2021,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":384,"receive":1637,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/static/image/ldlogo.png","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.ptfafa.com/go/kaiyun1/ky.html","date":"2026-04-10T12:42:30.110Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.ptfafa.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 06:08:56 GMT","end":"Mon, 22 Jun 2026 06:08:55 GMT"},"fingerprint":{"sha1":"CF:DB:F2:B9:0F:C4:2C:E1:25:27:7A:14:A4:1A:52:E9:5D:61:CA:2D","sha256":"FF:C9:92:0D:5C:A3:C4:35:C5:42:CE:80:BE:D3:7B:42:8A:30:82:1C:21:C5:85:8E:E9:A7:77:89:8C:51:4D:AF"}}},"request":{"raw":"GET /go/kaiyun1/static/image/ldlogo.png HTTP/1.1\r\nHost: www.ptfafa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ptfafa.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 10 Apr 2026 12:42:32 GMT\r\nContent-Type: image/png\r\nContent-Length: 220743\r\nLast-Modified: Thu, 29 Feb 2024 07:27:24 GMT\r\nConnection: keep-alive\r\nETag: \"65e031dc-35e47\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":220743,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 3600 x 2000, 8-bit colormap, non-interlaced","md5":"492093dcf4b1ba9c13b19de1903d974a","sha1":"5e4a03772362bf9c43bc9a5ad75682564f5d0f76","sha256":"009a0d5c28b46ef15643b4f1b90f4af852846bce2b65a443d231d41cd21e24f5","sha512":"a1caaa66263ed8ce703221060978c9f5985ac72533b50127e272ddfc2090dbbaa00ae2f9c460b8937d3fa92397457b2b0dee538cedbf023b2d414d7a9b281c34","ssdeep":"6144:Wx8WwUNUfdl+GUc6QOkWF2zuwJKf3yeEOjEEBF:Wx83U5GUsOkNzuwkf3XEOdBF","tlshash":"d42402b5b322429fc13e5b265ac73df595f58eb106f4e77ac4653a0a033980fce91898","first_seen":"2024-05-09T23:18:45Z","last_seen":"2026-04-10T14:48:26.924086Z","times_seen":2045,"resource_available":false,"data":null}},"time_used":6203,"timings":{"blocked":2111,"dns":0,"connect":0,"send":0,"wait":1109,"receive":2983,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/static/image/sport-item-bg.png","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.ptfafa.com/go/kaiyun1/ky.html","date":"2026-04-10T12:42:30.117Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.ptfafa.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 06:08:56 GMT","end":"Mon, 22 Jun 2026 06:08:55 GMT"},"fingerprint":{"sha1":"CF:DB:F2:B9:0F:C4:2C:E1:25:27:7A:14:A4:1A:52:E9:5D:61:CA:2D","sha256":"FF:C9:92:0D:5C:A3:C4:35:C5:42:CE:80:BE:D3:7B:42:8A:30:82:1C:21:C5:85:8E:E9:A7:77:89:8C:51:4D:AF"}}},"request":{"raw":"GET /go/kaiyun1/static/image/sport-item-bg.png HTTP/1.1\r\nHost: www.ptfafa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ptfafa.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 10 Apr 2026 12:42:33 GMT\r\nContent-Type: image/png\r\nContent-Length: 12434\r\nLast-Modified: Wed, 18 Sep 2024 07:04:18 GMT\r\nConnection: keep-alive\r\nETag: \"66ea7b72-3092\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12434,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 624 x 400, 2-bit colormap, non-interlaced","md5":"ac76c6c7dd993b8bba750449be70d3ea","sha1":"2c1111bcdfa2b3549c8e440c472b866553a270d8","sha256":"b909239d687e0c2dea7608a984bd4a8ad8fe589ec72079a9305f836971c9667c","sha512":"39a33c45472eb07f3d7bd89c60e91a13ad15d94ab4a965b3ff5bdc836383b7bbb5a1a3e03ffcddd14e600583f1f38adb8066347e14f88c51dcab40a8bf0de6cf","ssdeep":"192:YYjq+N9vUOkM3NQeisvtvRdy1/VsBlArzT89SaSkqxUSriFlKtq9RcIyMMwEGI6V:Y2N9vUPpeDvn8WoX8saqxULlb9gMMwVV","tlshash":"d042c0abffcb072865968497030f71a0ea0915ee98298bcd164c7b7b161c054b16caee","first_seen":"2023-09-17T16:12:24Z","last_seen":"2026-04-10T14:48:26.990401Z","times_seen":2888,"resource_available":false,"data":null}},"time_used":3474,"timings":{"blocked":3144,"dns":0,"connect":0,"send":0,"wait":330,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/static/font/iconfont.407a95e9.woff2","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.ptfafa.com/go/kaiyun1/ky.html","date":"2026-04-10T12:42:32.340Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.ptfafa.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 06:08:56 GMT","end":"Mon, 22 Jun 2026 06:08:55 GMT"},"fingerprint":{"sha1":"CF:DB:F2:B9:0F:C4:2C:E1:25:27:7A:14:A4:1A:52:E9:5D:61:CA:2D","sha256":"FF:C9:92:0D:5C:A3:C4:35:C5:42:CE:80:BE:D3:7B:42:8A:30:82:1C:21:C5:85:8E:E9:A7:77:89:8C:51:4D:AF"}}},"request":{"raw":"GET /go/kaiyun1/static/font/iconfont.407a95e9.woff2 HTTP/1.1\r\nHost: www.ptfafa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ptfafa.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Fri, 10 Apr 2026 12:42:32 GMT\r\nContent-Type: text/html\r\nContent-Length: 520\r\nConnection: keep-alive\r\nETag: \"619e0cae-208\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":520,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"3704f92207749f1f9b308fc856e7b7eb","sha1":"b12e7554f139b239e0cb11f2138fa328e414a761","sha256":"7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e","sha512":"c0812fb9a6cc887ce08a773103b08a719a65700c052ff79e35f3471321abc091aa18f73fe6af4600e8409732cc7524ef1760e0a3a242475d41f90fa4182a0297","ssdeep":"","tlshash":"abf00ea3b1130c0e13a8627033b1b0b4dc867dcb67030e51846a303facc16a9c7a33d8","first_seen":"2023-04-08T15:59:38Z","last_seen":"2026-04-10T14:48:26.895468Z","times_seen":6358,"resource_available":true,"data":null}},"time_used":296,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":296,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuizhongjs.com/js/25/8/7/ky1.js","fqdn":"zuizhongjs.com","domain":"zuizhongjs.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:23.017Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.zuizhongjs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 06:07:52 GMT","end":"Mon, 22 Jun 2026 06:07:51 GMT"},"fingerprint":{"sha1":"BA:D1:A5:2A:2F:23:F1:F5:40:0F:39:A0:A6:57:B5:8E:F7:07:74:4C","sha256":"83:91:D0:3E:F0:16:0C:F3:9E:3D:54:49:33:9D:71:1D:60:42:E6:26:9D:99:47:F2:14:26:82:C4:4B:BC:4C:7B"}}},"request":{"raw":"GET /js/25/8/7/ky1.js HTTP/1.1\r\nHost: zuizhongjs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 10 Apr 2026 12:42:24 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 11 Oct 2025 08:27:59 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68ea150f-b45\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2885,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (555)","md5":"08c69d307049251400eacd9c9d904553","sha1":"e92916375af7d2fd995bd59f642e734cc805ec3d","sha256":"575108c648993d4fd614f2f460c8b50914db1a455f1107e360adaf44e7eedef1","sha512":"5fb852c71d6fb2f2e595fd7800f0d66cdcaa2f29bcfbb296ef110c2df782fa22c5bc7f01085e800850a20257e41ce7bf604d9e7b1c62439f75a7f4cad4a12f73","ssdeep":"","tlshash":"4751541fbd55e92427a228362ebbea8cf8be0474101dd40684dfd4ac9d34ff50926748","first_seen":"2025-10-17T18:53:07.083735Z","last_seen":"2026-04-10T12:42:54.830428Z","times_seen":14,"resource_available":true,"data":null}},"time_used":2263,"timings":{"blocked":976,"dns":63,"connect":297,"send":0,"wait":297,"receive":0,"ssl":628},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"zuizhongjs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"zuizhongjs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/static/image/1.png","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.ptfafa.com/go/kaiyun1/ky.html","date":"2026-04-10T12:42:27.120Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.ptfafa.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 06:08:56 GMT","end":"Mon, 22 Jun 2026 06:08:55 GMT"},"fingerprint":{"sha1":"CF:DB:F2:B9:0F:C4:2C:E1:25:27:7A:14:A4:1A:52:E9:5D:61:CA:2D","sha256":"FF:C9:92:0D:5C:A3:C4:35:C5:42:CE:80:BE:D3:7B:42:8A:30:82:1C:21:C5:85:8E:E9:A7:77:89:8C:51:4D:AF"}}},"request":{"raw":"GET /go/kaiyun1/static/image/1.png HTTP/1.1\r\nHost: www.ptfafa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ptfafa.com/go/kaiyun1/ky.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 10 Apr 2026 12:42:30 GMT\r\nContent-Type: image/png\r\nContent-Length: 375671\r\nLast-Modified: Wed, 18 Sep 2024 07:03:21 GMT\r\nConnection: keep-alive\r\nETag: \"66ea7b39-5bb77\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":375671,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 700 x 480, 8-bit/color RGBA, non-interlaced","md5":"16b85bfb3c5900c9a2ae11265b83c9f3","sha1":"7e3fbaddfd99d9f0da4dec4054aeeb9bce19cea4","sha256":"23f2fee730f4a41090ee7fb54df6cd6535458f25c97a53d2d5297b2076d2256e","sha512":"ddb3943583367df200cfad1c48a0393158b90ea3dea7b31ffef2cef3962cd9b0519e86337d0a48ecc20103d6bd3f6297e951b3e4c312254d2e497988574a613a","ssdeep":"6144:aBgTqju9DrGF8Jbd12thIECEu0VRDAfqTFutvzc7nPx:13Ds8JJwmE5+GIZzcTZ","tlshash":"218423f9521a3ce33b81a63929389da4fc5bf4da33d1ce757a0574ec4e31682b859c08","first_seen":"2024-02-29T22:08:49Z","last_seen":"2026-04-10T14:48:26.934436Z","times_seen":2667,"resource_available":false,"data":null}},"time_used":11883,"timings":{"blocked":2945,"dns":0,"connect":0,"send":0,"wait":1344,"receive":7594,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/static/picture/rbsmgwmigyqad1n-aaa_2muwpem57.webp","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.ptfafa.com/go/kaiyun1/ky.html","date":"2026-04-10T12:42:27.123Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.ptfafa.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 06:08:56 GMT","end":"Mon, 22 Jun 2026 06:08:55 GMT"},"fingerprint":{"sha1":"CF:DB:F2:B9:0F:C4:2C:E1:25:27:7A:14:A4:1A:52:E9:5D:61:CA:2D","sha256":"FF:C9:92:0D:5C:A3:C4:35:C5:42:CE:80:BE:D3:7B:42:8A:30:82:1C:21:C5:85:8E:E9:A7:77:89:8C:51:4D:AF"}}},"request":{"raw":"GET /go/kaiyun1/static/picture/rbsmgwmigyqad1n-aaa_2muwpem57.webp HTTP/1.1\r\nHost: www.ptfafa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ptfafa.com/go/kaiyun1/ky.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 10 Apr 2026 12:42:30 GMT\r\nContent-Type: image/webp\r\nContent-Length: 16344\r\nLast-Modified: Mon, 25 Dec 2023 15:21:01 GMT\r\nConnection: keep-alive\r\nETag: \"65899ddd-3fd8\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16344,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"be49e8277eb92cafb253fa49edb79022","sha1":"5cc65c308aa4f315b27936fc4647b37f58efdeae","sha256":"1b8cb8ad18ad2b3e0738be463ac16ec39c2bab4d56afe06cfcc5b0fa59c45391","sha512":"bfcca34c67fd47b4119ba484b0d670d5be6ef1b07d3029ea97330338252045ebec536cf90ca48ec649cd50afc4428f412237137b9d4261214715873eedaf8093","ssdeep":"384:CVlYgoa1xatkPb5WHRKY+z3eppmsOfwH/s6j:IYg575E4Y+Hj4H/s6j","tlshash":"df72cf0b455b902138cd7a9311463a50538fde107f8ab4fd6e63baa551281931fb733e","first_seen":"2023-05-18T07:54:03Z","last_seen":"2026-04-10T14:48:27.014333Z","times_seen":2438,"resource_available":false,"data":null}},"time_used":6280,"timings":{"blocked":2941,"dns":1,"connect":351,"send":0,"wait":382,"receive":2,"ssl":825},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/wanboguanwangmanbetx/static/web/img/index/icon7_03.png","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.298Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /wanboguanwangmanbetx/static/web/img/index/icon7_03.png HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/wanboguanwangmanbetx/static/web/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:30 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1024,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced","md5":"ccba60f1f07a8e056044b63cdbd9d784","sha1":"94eae8e9638d36577e3d37a7ac69eb0cee578410","sha256":"77462030226dc30464ec135846d4aede5fc0c11312aafa1a13e6f89903e10d14","sha512":"358b618dfc4ea938f74ac0ad53ba73f1e40a778c73fec806fbd31b30bbe2453741d6e6ef600a00f3158db39ccb3b05440e4fce2d883bdc520bcf4da7c5f988e2","ssdeep":"","tlshash":"3811259df5917c81e5c8f5da2ce24037983789809ed5e1a5b9cfc41369301f9422d9eb","first_seen":"2026-04-10T12:42:54.833694Z","last_seen":"2026-04-10T12:42:54.833694Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3289,"timings":{"blocked":3010,"dns":0,"connect":0,"send":0,"wait":279,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=2A071DFBDD5E2E2D\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=131634094\u0026si=7d86eb847ecfd3c972fa457a6abaa0da\u0026v=1.3.2\u0026lv=1\u0026sn=23053\u0026r=0\u0026ww=1280\u0026u=http%3A%2F%2Fwww.lingyuclub.com%2F\u0026tt=%E4%B9%9D%E6%B8%B8%E7%94%B5%E5%AD%90_%E4%B9%9D%E6%B8%B8(%E4%B8%AD%E5%9B%BD)","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.183.79","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.721Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=2A071DFBDD5E2E2D\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=131634094\u0026si=7d86eb847ecfd3c972fa457a6abaa0da\u0026v=1.3.2\u0026lv=1\u0026sn=23053\u0026r=0\u0026ww=1280\u0026u=http%3A%2F%2Fwww.lingyuclub.com%2F\u0026tt=%E4%B9%9D%E6%B8%B8%E7%94%B5%E5%AD%90_%E4%B9%9D%E6%B8%B8(%E4%B8%AD%E5%9B%BD) HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Fri, 10 Apr 2026 12:42:27 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=CCDFFD8D5985985C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-10T14:54:38.580224Z","times_seen":332371,"resource_available":true,"data":null}},"time_used":328,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":327,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/static/web/img/index/icon4_03.png","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:23.041Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/web/img/index/icon4_03.png HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:26 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6228,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 601 x 413, 8-bit/color RGBA, non-interlaced","md5":"11494aeec8fa1b4e40b8c8a99cf8c27b","sha1":"d5cbc0f449dcdee7f755574e29ba4d67d892e433","sha256":"13ae7735949929f04b94c7d5913c3ccf8cbcd00b1c2298b2849bc07888c7d72e","sha512":"3254ea1e507aa987ee68964ebb07e671ca680871b67c6d97e90e71dd9205ca617db9cef7400d069b800addca4bd1cc5881fca90888333f67b5dc5e11dfac3d22","ssdeep":"96:1SASe/TuUvB6P53VhqNxbK8VhjdBsemQYuvM5SZpcUy5kN:0E6R3VeVKYjDsemNuvM5SZadeN","tlshash":"aed1628cb6cd34b6a55c06812ce1c43da55a78844eb4f332d48eeabdf8a15b061cefc5","first_seen":"2026-04-10T12:42:54.837408Z","last_seen":"2026-04-10T12:42:54.837408Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3859,"timings":{"blocked":3601,"dns":0,"connect":0,"send":0,"wait":257,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/wanboguanwangmanbetx/static/web/img/index/icon2_05.png","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.208Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /wanboguanwangmanbetx/static/web/img/index/icon2_05.png HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/wanboguanwangmanbetx/static/web/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:28 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1791,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 31 x 31, 8-bit/color RGBA, non-interlaced","md5":"0fbf94772fae22cb0e303efe8861c488","sha1":"95c67f60c8be9e020d6b7c104e6fe87f89727947","sha256":"54e0e509befa1fa691f0f37bce81d590181d5463663a143086c58f48a54724ff","sha512":"53a1c1ac1ebd5bcfcb7451cdbdc9b796cf0868aabd9ac5563d67b5762521d66ac99ae78d126748d2f8831c953849cc5d3fe2b2321d3df30c3dcff2fef7d04af4","ssdeep":"","tlshash":"d131ebbdefd2b9819489d25124e2d4135c7a8dc4cde9e0a668cde04b1a711fc06589fb","first_seen":"2026-04-10T12:42:54.838778Z","last_seen":"2026-04-10T12:42:54.838778Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1149,"timings":{"blocked":869,"dns":0,"connect":0,"send":0,"wait":279,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/upload/2025/09/02/1756802772162n10k1.jpg","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.227Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/2025/09/02/1756802772162n10k1.jpg HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:29 GMT\r\nContent-Type: image/jpeg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9329,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 302x327, components 3","md5":"b98b1559b6482d32cc8925a56e13caf8","sha1":"fa2073024e05fecfd9f383a363d3d4d6355dfb56","sha256":"92c7808ac28832e7de0d47ad8b4c8655fbc4281aa5a3b50d984a4be6d82a0f27","sha512":"734fd5c584a1a6954535d33235b4e6a7ff30c15615316e9fd5fc7a77113d4dd2829aafa9083283eb31414b09f8b870760ee0257cd4ecbd47c056976f48be0688","ssdeep":"192:+W5ztG/rlYv+C+6sdaRRkBBEvsVBh/qWFTs:+W5BG/xOpTsDlq","tlshash":"4f123a634a019fc3b856c3667f0b0d556fc9560d79c179ee25d30ecba710335899c8ae","first_seen":"2026-04-10T12:42:54.83997Z","last_seen":"2026-04-10T12:42:54.83997Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2336,"timings":{"blocked":2059,"dns":0,"connect":0,"send":0,"wait":277,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/static/font/iconfont.e7187704.woff2","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.ptfafa.com/go/kaiyun1/ky.html","date":"2026-04-10T12:42:31.606Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.ptfafa.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 06:08:56 GMT","end":"Mon, 22 Jun 2026 06:08:55 GMT"},"fingerprint":{"sha1":"CF:DB:F2:B9:0F:C4:2C:E1:25:27:7A:14:A4:1A:52:E9:5D:61:CA:2D","sha256":"FF:C9:92:0D:5C:A3:C4:35:C5:42:CE:80:BE:D3:7B:42:8A:30:82:1C:21:C5:85:8E:E9:A7:77:89:8C:51:4D:AF"}}},"request":{"raw":"GET /go/kaiyun1/static/font/iconfont.e7187704.woff2 HTTP/1.1\r\nHost: www.ptfafa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ptfafa.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Fri, 10 Apr 2026 12:42:31 GMT\r\nContent-Type: text/html\r\nContent-Length: 520\r\nConnection: keep-alive\r\nETag: \"619e0cae-208\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":520,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"3704f92207749f1f9b308fc856e7b7eb","sha1":"b12e7554f139b239e0cb11f2138fa328e414a761","sha256":"7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e","sha512":"c0812fb9a6cc887ce08a773103b08a719a65700c052ff79e35f3471321abc091aa18f73fe6af4600e8409732cc7524ef1760e0a3a242475d41f90fa4182a0297","ssdeep":"","tlshash":"abf00ea3b1130c0e13a8627033b1b0b4dc867dcb67030e51846a303facc16a9c7a33d8","first_seen":"2023-04-08T15:59:38Z","last_seen":"2026-04-10T14:48:26.895468Z","times_seen":6358,"resource_available":true,"data":null}},"time_used":303,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":303,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/static/image/ayxlogo.png","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.ptfafa.com/go/kaiyun1/ky.html","date":"2026-04-10T12:42:30.105Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.ptfafa.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 06:08:56 GMT","end":"Mon, 22 Jun 2026 06:08:55 GMT"},"fingerprint":{"sha1":"CF:DB:F2:B9:0F:C4:2C:E1:25:27:7A:14:A4:1A:52:E9:5D:61:CA:2D","sha256":"FF:C9:92:0D:5C:A3:C4:35:C5:42:CE:80:BE:D3:7B:42:8A:30:82:1C:21:C5:85:8E:E9:A7:77:89:8C:51:4D:AF"}}},"request":{"raw":"GET /go/kaiyun1/static/image/ayxlogo.png HTTP/1.1\r\nHost: www.ptfafa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ptfafa.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 10 Apr 2026 12:42:32 GMT\r\nContent-Type: image/png\r\nContent-Length: 9641\r\nLast-Modified: Tue, 31 Mar 2026 16:28:37 GMT\r\nConnection: keep-alive\r\nETag: \"69cbf635-25a9\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9641,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 496 x 160, 8-bit colormap, non-interlaced","md5":"3a2c5cfcb2b0503f2d79fe1ad1905404","sha1":"63cae544842a72ee52274097f00f7afd17dcd989","sha256":"8fb9a3e1220754a954d6d6c78fa6f44e351a8ec80d3f4fada76bd032ea7ab29b","sha512":"41ed849908969eebb5ad195eae8939c340eb19e106ca1556655b0fea6d85966ba73b070d66c93be416bc7fe07283fd240bee9a271f02a65e35cd7c1afc41f691","ssdeep":"192:iPoNNNjXSBC1VwMSLZUZ+Vr3bku+LYIw15Jvua4IQ8LF9dPyGSDnjIol5:iP4pSBiVwhLZUZqIYIK7n4T8lKDnk05","tlshash":"b9129e276936a0f9c6c992e402ad21d54e7684a7d211ca84e4f5fce2c02e51f27c4acd","first_seen":"2024-07-28T18:16:50Z","last_seen":"2026-04-10T14:48:26.929432Z","times_seen":76,"resource_available":false,"data":null}},"time_used":2289,"timings":{"blocked":1993,"dns":0,"connect":0,"send":0,"wait":295,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/upload/2021/12/25/16404040944295nvwox.png","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:23.048Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/2021/12/25/16404040944295nvwox.png HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:26 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":109398,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 720 x 720, 8-bit/color RGB, non-interlaced","md5":"4b0dbeb6447f6a1410484dc39b9923ff","sha1":"14616ff59ccf7fe0eb56307667016c9bbdec3079","sha256":"b492ce34943494002c1190d5496e24cf8b29a8c38dd5134874b478f3780f81d3","sha512":"6fd316238aaa8c1a3c09a3873efb52f9c5116aea0164efee334a0473d89496263fdfcd0cd4e7f697814a9e1309ea43fe5c93c613b1b3d7cdb068649ac16dbb8b","ssdeep":"1536:tKr7KqG+Qt5l7O3Y7obFKtl57Tj/wzC9eP/qHbXlELj4wFuS2oJxU3W9yZ8xwM05:EXKLTXtnz/I4KIedJWCBC","tlshash":"4ab312edb1e84154bf39360e002210896bf935963178d6b5b1b5b6f03f2842ae29fbd4","first_seen":"2026-04-10T12:42:54.842557Z","last_seen":"2026-04-10T12:42:54.842557Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4657,"timings":{"blocked":3527,"dns":0,"connect":0,"send":0,"wait":285,"receive":845,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/static/web/img/ewx.jpg","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:23.055Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/web/img/ewx.jpg HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:24 GMT\r\nContent-Type: image/jpeg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11000,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 176x176, components 3","md5":"e3c97f89a8aac8d98e3bdc5ef46e0ecd","sha1":"27c8f5f2fd42ac18b560e00676bbdb6eeaa84fcc","sha256":"566d0dc35e8399095e1f8a4e022e3b30d6c3eaaa7ef47108330b3ff19bd3d4db","sha512":"97814ec0542bf54984b81fb9594ee460d3e0635a7d691e30829e1d525d599196aa52578cd9fa6583acc3475a7fa77dcddffbf9933cc4b0deff6cffcd4d928601","ssdeep":"192:WONlhUDx9Gp2j7/HdT2jGjLy3hDqO/SYluyTmy4IYwM22KNd3Pp+Ltvk3ag7ACa:5Nlhux9GQJT2syU/ouyTRdrzNd3PmAbG","tlshash":"fb32bf95631ff814d317c6326c92842383591f3a5e1d8a3971e6f6690c7d8b23cecac9","first_seen":"2026-04-10T12:42:54.843815Z","last_seen":"2026-04-10T12:42:54.843815Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1816,"timings":{"blocked":1557,"dns":0,"connect":0,"send":0,"wait":258,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/static/picture/sj.png","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.ptfafa.com/go/kaiyun1/ky.html","date":"2026-04-10T12:42:27.127Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.ptfafa.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 06:08:56 GMT","end":"Mon, 22 Jun 2026 06:08:55 GMT"},"fingerprint":{"sha1":"CF:DB:F2:B9:0F:C4:2C:E1:25:27:7A:14:A4:1A:52:E9:5D:61:CA:2D","sha256":"FF:C9:92:0D:5C:A3:C4:35:C5:42:CE:80:BE:D3:7B:42:8A:30:82:1C:21:C5:85:8E:E9:A7:77:89:8C:51:4D:AF"}}},"request":{"raw":"GET /go/kaiyun1/static/picture/sj.png HTTP/1.1\r\nHost: www.ptfafa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ptfafa.com/go/kaiyun1/ky.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 10 Apr 2026 12:42:30 GMT\r\nContent-Type: image/png\r\nContent-Length: 18810\r\nLast-Modified: Wed, 18 Sep 2024 07:08:50 GMT\r\nConnection: keep-alive\r\nETag: \"66ea7c82-497a\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18810,"size_decoded":0,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image","md5":"cdb0153d8cc3dbec5e43d569a03ab2c4","sha1":"0a7c9c3952a48a331a76089f57db3e1b618b0821","sha256":"11d707bf46d3e44e7057580208377df9b8839b00403b94495d3a9f85db23842c","sha512":"159222b548ccfbacd31fd37e9b52bdde0ff662f6b2f21b06c51a0e97022d7d8200b15ca365fb96b9063c76853ec883ebd3caf571816016639e0f953e7541238a","ssdeep":"384:a/5XGHoNGqbcToc+gL5KqF94ombm0PgVT5nlDGXIgVC28hJSb/:oXGHqPQTj+gF7oPgVTYIgU28ha/","tlshash":"9882e11861446beec0430d68fce676fbcaa059cf3a60d5251eb637237b72260abf9055","first_seen":"2023-09-17T16:12:24Z","last_seen":"2026-04-10T14:48:26.983723Z","times_seen":2553,"resource_available":false,"data":null}},"time_used":7074,"timings":{"blocked":2937,"dns":1,"connect":343,"send":0,"wait":1184,"receive":4,"ssl":699},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/upload/2017/06/21/1498041713456ts15x.jpg","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:23.042Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/2017/06/21/1498041713456ts15x.jpg HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:25 GMT\r\nContent-Type: image/jpeg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":106878,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x644, components 3","md5":"fa874f004ae91cdf1061f83030e24fb4","sha1":"235dda23b280a8bc8c4b34cbd1961107e8096a02","sha256":"2a3f7b755e8894e828027418ff4c133c7ff62e6d7f70ee5c5d42bd6b6e123dbd","sha512":"2b3d6bc0cbca3cb88ff5b19d34b94a5651bee46ac4652836254f146ea74dde2ecc0d1f9d3d173c5f952dfc693965bff85d44b00504f054fb77381cd0bd533301","ssdeep":"1536:63XDmD34x/vkG1lxaBdCpMTLxvIIeHotP90w53LOBOb+ml6VjzcWaTcRjXvtuOJu:uimpOmpm2IeHoJ53AObwcWBZ/tuOi","tlshash":"2aa3126dbd7321a2268b60f6b8372538174c2332cf2f065e37ce985766681a77687d43","first_seen":"2026-04-10T12:42:54.84694Z","last_seen":"2026-04-10T12:42:54.84694Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2699,"timings":{"blocked":1853,"dns":0,"connect":0,"send":0,"wait":284,"receive":562,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/wanboguanwangmanbetx/static/web/img/index/icon1_03.png","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.210Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /wanboguanwangmanbetx/static/web/img/index/icon1_03.png HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/wanboguanwangmanbetx/static/web/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:27 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1634,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 30 x 32, 8-bit/color RGBA, non-interlaced","md5":"5422773b06be344dc486c19314431e27","sha1":"cedd015f213a3c97e483a53f9b17b8152151cf41","sha256":"de1b41c7087ca27712b2506a88a3b8507f8944f704402f7afb8f839b588df92b","sha512":"526b385fe9366868a8462b1e4aeb8c68e42cc34b4059ac7912f8a7993d2a67afc09cb20b9f2e7cf14c51d080651832814e703a963e4fd06c79dedb03c81a4d34","ssdeep":"","tlshash":"5331e8cde4817c42aa0da4a228f4829341370d80d9d4f8a56ccbc94b56615b58e0fadb","first_seen":"2026-04-10T12:42:54.848602Z","last_seen":"2026-04-10T12:42:54.848602Z","times_seen":1,"resource_available":false,"data":null}},"time_used":865,"timings":{"blocked":309,"dns":0,"connect":276,"send":0,"wait":280,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/static/image/wblogo.png","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.ptfafa.com/go/kaiyun1/ky.html","date":"2026-04-10T12:42:30.115Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.ptfafa.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 06:08:56 GMT","end":"Mon, 22 Jun 2026 06:08:55 GMT"},"fingerprint":{"sha1":"CF:DB:F2:B9:0F:C4:2C:E1:25:27:7A:14:A4:1A:52:E9:5D:61:CA:2D","sha256":"FF:C9:92:0D:5C:A3:C4:35:C5:42:CE:80:BE:D3:7B:42:8A:30:82:1C:21:C5:85:8E:E9:A7:77:89:8C:51:4D:AF"}}},"request":{"raw":"GET /go/kaiyun1/static/image/wblogo.png HTTP/1.1\r\nHost: www.ptfafa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ptfafa.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 10 Apr 2026 12:42:33 GMT\r\nContent-Type: image/png\r\nContent-Length: 8085\r\nLast-Modified: Wed, 15 Jan 2025 12:48:18 GMT\r\nConnection: keep-alive\r\nETag: \"6787ae92-1f95\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8085,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 183 x 50, 8-bit/color RGBA, non-interlaced","md5":"ba4e53b518e93e6e98714c2548233f05","sha1":"003d6c28449cf1a1a929c328cd87a4ef8c4cf660","sha256":"f5ab541d2b50b2cf444e34876cb5e9ec0e6977c90b4672229cf00e82a66812fb","sha512":"c82da480049b25f39fa3e7bde737726e60999bec0ef90c072e0d21c8c6a925b25383a4240eae6f5717102275e424c99fdae99c6f5f1ff624176a0a216814dc61","ssdeep":"192:NpYCRfvmOunO75kKwl0DRg/fjs6OciKT5Qk+P2yzftTz2:NpjdvBuxKG0i/b+KlDHy132","tlshash":"c0f1bfcfa080d8dd1b772cfd1b76f16432e7ec1639894a00f5e1840d93a45c49b4a682","first_seen":"2023-05-05T14:06:31Z","last_seen":"2026-04-10T14:48:26.984492Z","times_seen":386,"resource_available":false,"data":null}},"time_used":3145,"timings":{"blocked":2826,"dns":0,"connect":0,"send":0,"wait":318,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?619b4901600e6cc6880e96c099454dea","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.183.79","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:24.399Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.js?619b4901600e6cc6880e96c099454dea HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\nContent-Length: 11294\r\nContent-Type: application/javascript\r\nDate: Fri, 10 Apr 2026 12:42:25 GMT\r\nEtag: d5a9b1adda5b07937819093f86564639\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=2902B034236E4635; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":29900,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (624)","md5":"854017df4c999cee48e3074483ec0d1f","sha1":"2e9bfac4aea270d2017f50f9681ddde17967bf38","sha256":"e52dd88d4161dc8d74f08c0c862dbaa382276bab497e2fa900b4695d2f367fe4","sha512":"c0c0119aacf59955be6d16911d3e89ecf2186673b7e903e47f91affdf3890ed3bd6e3bd3bbb89487abe6f706ea4e3effc9156d76d023ea59cb3a9016ced6860d","ssdeep":"384:/0JSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:/04VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"fad2d9e9b282713293a324a5153f724af07b5a54bd4968a4f11894c07d38fbb027bfdd","first_seen":"2026-04-10T12:42:54.850052Z","last_seen":"2026-04-10T12:42:54.850052Z","times_seen":1,"resource_available":true,"data":null}},"time_used":2483,"timings":{"blocked":1077,"dns":298,"connect":259,"send":0,"wait":326,"receive":1,"ssl":519},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/static/js/cslink.js?v=0.42477986199661855","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.ptfafa.com/go/kaiyun1/ky.html","date":"2026-04-10T12:42:27.113Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.ptfafa.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 06:08:56 GMT","end":"Mon, 22 Jun 2026 06:08:55 GMT"},"fingerprint":{"sha1":"CF:DB:F2:B9:0F:C4:2C:E1:25:27:7A:14:A4:1A:52:E9:5D:61:CA:2D","sha256":"FF:C9:92:0D:5C:A3:C4:35:C5:42:CE:80:BE:D3:7B:42:8A:30:82:1C:21:C5:85:8E:E9:A7:77:89:8C:51:4D:AF"}}},"request":{"raw":"GET /go/kaiyun1/static/js/cslink.js?v=0.42477986199661855 HTTP/1.1\r\nHost: www.ptfafa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ptfafa.com/go/kaiyun1/ky.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 10 Apr 2026 12:42:27 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 10 Apr 2026 10:17:41 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69d8ce45-16b3\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5811,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"28b8cf59ec7b33ea40f6f46891602a99","sha1":"47f5e64cd79d73f8436b796b24a3904636991ec9","sha256":"b4ab6b0a671f876e8c29e3451fd886d738dace8d05c8d41df5c46651e10011fb","sha512":"c0c6eaa893b90924bd84b0da3f1a6ecbc1893f85241d4e1bead6dd6f0fc259149626ef5ff4b615ef417658cfa4e56fa9b061639ad79c60223dfba4ea2c42898f","ssdeep":"48:ROpsvd2jsjYu/yvj2B19jTjsUv/PipppTy3+lu7hc/a/7YwMPlFju8Vp+5i4EA4h:ROm2IcIYCdHYOuTX2hU+7jMPyJJk","tlshash":"59c18b9685445c9207b527347fab712de0bf622dd91e894ebe8193e02e31037b909abd","first_seen":"2026-04-10T12:42:54.850968Z","last_seen":"2026-04-10T12:42:54.850968Z","times_seen":1,"resource_available":true,"data":null}},"time_used":327,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":327,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/wanboguanwangmanbetx/static/web/img/index/icon9_07.png","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.393Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /wanboguanwangmanbetx/static/web/img/index/icon9_07.png HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/wanboguanwangmanbetx/static/web/css/style.css\r\nCookie: __vtins__3He6gkvYRqxh6SLX=%7B%22sid%22%3A%20%222208c28d-cc6b-5a9a-aec6-931f0f701d5f%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201775826747292%2C%20%22ct%22%3A%201775824947292%7D; __51uvsct__3He6gkvYRqxh6SLX=1; __51vcke__3He6gkvYRqxh6SLX=8243ce05-3f2e-51b9-b1dc-ce6e82ead133; __51vuft__3He6gkvYRqxh6SLX=1775824947296; __vtins__3HCbdgcdQO6xCcx6=%7B%22sid%22%3A%20%22a69a80d1-a547-5f2d-aff9-b384c944a605%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201775826747308%2C%20%22ct%22%3A%201775824947308%7D; __51uvsct__3HCbdgcdQO6xCcx6=1; __51vcke__3HCbdgcdQO6xCcx6=c689a35d-5833-56bf-a3a1-af8d7e8c73c3; __51vuft__3HCbdgcdQO6xCcx6=1775824947310; __vtins__3KANj5R9vxr5iEs2=%7B%22sid%22%3A%20%226a1a8b0b-a140-506b-8b45-890c1e84390e%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201775826747320%2C%20%22ct%22%3A%201775824947320%7D; __51uvsct__3KANj5R9vxr5iEs2=1; __51vcke__3KANj5R9vxr5iEs2=b3c5c5f9-9753-5e15-ad28-82ad7aa39ec5; __51vuft__3KANj5R9vxr5iEs2=1775824947323; Hm_lvt_af71f27a888db2d1cb746d1ff59bd029=1775824947; Hm_lpvt_af71f27a888db2d1cb746d1ff59bd029=1775824947; HMACCOUNT=2A071DFBDD5E2E2D; Hm_lvt_619b4901600e6cc6880e96c099454dea=1775824947; Hm_lpvt_619b4901600e6cc6880e96c099454dea=1775824947; Hm_lvt_8e1df91611627c21bf39ae4ad3304f2d=1775824947; Hm_lpvt_8e1df91611627c21bf39ae4ad3304f2d=1775824947\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:30 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1172,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 46 x 13, 8-bit/color RGBA, non-interlaced","md5":"1af87d6addbd7f3d0fc6f9c777a62258","sha1":"1adbe6c7ad54f9602f8f01a48f33705275609b30","sha256":"b1c18c43de5944975da4e7b5a37d777c15f355aa67005fb9865f1b08552dbec2","sha512":"8d6afb631d138031ffc9ae9166a98ae6326aac423eca44a2cb1dcfeaa3f85119f6a421be1462a3bdc9b4da9dc8bb6a6f1d60caf7372680840923e6fe153cf186","ssdeep":"","tlshash":"4e214e5ee5d27840e088e5a628f240239c378d80de90f0e9b9cec8136a745f9025e6db","first_seen":"2026-04-10T12:42:54.851849Z","last_seen":"2026-04-10T12:42:54.851849Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3301,"timings":{"blocked":3017,"dns":0,"connect":0,"send":0,"wait":284,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/static/image/leyulogo.png","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.ptfafa.com/go/kaiyun1/ky.html","date":"2026-04-10T12:42:30.108Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.ptfafa.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 06:08:56 GMT","end":"Mon, 22 Jun 2026 06:08:55 GMT"},"fingerprint":{"sha1":"CF:DB:F2:B9:0F:C4:2C:E1:25:27:7A:14:A4:1A:52:E9:5D:61:CA:2D","sha256":"FF:C9:92:0D:5C:A3:C4:35:C5:42:CE:80:BE:D3:7B:42:8A:30:82:1C:21:C5:85:8E:E9:A7:77:89:8C:51:4D:AF"}}},"request":{"raw":"GET /go/kaiyun1/static/image/leyulogo.png HTTP/1.1\r\nHost: www.ptfafa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ptfafa.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 10 Apr 2026 12:42:32 GMT\r\nContent-Type: image/png\r\nContent-Length: 5939\r\nLast-Modified: Sun, 01 Jun 2025 06:13:05 GMT\r\nConnection: keep-alive\r\nETag: \"683bef71-1733\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5939,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 100, 8-bit colormap, non-interlaced","md5":"0766823d7d695ab7be2022a7856ba852","sha1":"8784e00785274e6a63bc8f83461d4786953b6e76","sha256":"a0f09589fdb876045b3ff19713921db68e488d1a853ac7d3872241f9bf624594","sha512":"0ab9505feb5f8a8312f9ae3ebf10a1131b37b5e545e663df68a7f941b597a3ab5c9c14bad11c74b3bd54b5e20347249e673a99e1449db46b6e23c3218d38f764","ssdeep":"96:tWaPv1GR74oIl25kQN0Fw731k8PFwrD2oX6cHuvQoAD7uvsk9wzibJD9msveFW/5:UaPgR77Il25SmRkfrz6cOvQouukJqxmE","tlshash":"42c19fd6184a5a61e142090fd4a8ea0cf8f4f15fe6dc26e4df5c8ad787c3cc85be5184","first_seen":"2024-06-11T19:41:23Z","last_seen":"2026-04-10T14:48:27.002927Z","times_seen":2073,"resource_available":false,"data":null}},"time_used":2385,"timings":{"blocked":2085,"dns":0,"connect":0,"send":0,"wait":300,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/static/image/htylogo.png","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.ptfafa.com/go/kaiyun1/ky.html","date":"2026-04-10T12:42:30.112Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.ptfafa.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 06:08:56 GMT","end":"Mon, 22 Jun 2026 06:08:55 GMT"},"fingerprint":{"sha1":"CF:DB:F2:B9:0F:C4:2C:E1:25:27:7A:14:A4:1A:52:E9:5D:61:CA:2D","sha256":"FF:C9:92:0D:5C:A3:C4:35:C5:42:CE:80:BE:D3:7B:42:8A:30:82:1C:21:C5:85:8E:E9:A7:77:89:8C:51:4D:AF"}}},"request":{"raw":"GET /go/kaiyun1/static/image/htylogo.png HTTP/1.1\r\nHost: www.ptfafa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ptfafa.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 10 Apr 2026 12:42:32 GMT\r\nContent-Type: image/png\r\nContent-Length: 6696\r\nLast-Modified: Wed, 18 Sep 2024 07:03:51 GMT\r\nConnection: keep-alive\r\nETag: \"66ea7b57-1a28\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6696,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 216 x 86, 8-bit colormap, non-interlaced","md5":"f9038799f684a3fe4635f8ffa6cb0e05","sha1":"e13a9c966a7e0a8165c306d0309268d917076e65","sha256":"c10e575138e2d70a4e1afb59b668d89b9824a7e8fa272afd11f1692e9bd6530d","sha512":"0e89c7ba019600399d19c51d4ebdda11a32c7338b64281904a82a00ec480b9a2f32f53e4dfbba13f72d357fb8f078f24f5dbd1c132a2e1728df44ef29684c54b","ssdeep":"192:7lZ9mR0Cs4QeE986T1pwqxACpWKL8+Bldc/yFWxkq71W+4Gz:RGFSeE9FTUqxaM2ysGqZW+4Gz","tlshash":"6fd18ef756b6685b4e2823085604b9e44c48a107f2f874b6c837569bae50a73a1ae463","first_seen":"2024-04-06T21:30:48Z","last_seen":"2026-04-10T14:48:26.931493Z","times_seen":2514,"resource_available":false,"data":null}},"time_used":2674,"timings":{"blocked":2381,"dns":0,"connect":0,"send":0,"wait":293,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/static/css/main.css","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.ptfafa.com/go/kaiyun1/ky.html","date":"2026-04-10T12:42:27.117Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.ptfafa.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 06:08:56 GMT","end":"Mon, 22 Jun 2026 06:08:55 GMT"},"fingerprint":{"sha1":"CF:DB:F2:B9:0F:C4:2C:E1:25:27:7A:14:A4:1A:52:E9:5D:61:CA:2D","sha256":"FF:C9:92:0D:5C:A3:C4:35:C5:42:CE:80:BE:D3:7B:42:8A:30:82:1C:21:C5:85:8E:E9:A7:77:89:8C:51:4D:AF"}}},"request":{"raw":"GET /go/kaiyun1/static/css/main.css HTTP/1.1\r\nHost: www.ptfafa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ptfafa.com/go/kaiyun1/ky.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 10 Apr 2026 12:42:28 GMT\r\nContent-Type: text/css\r\nLast-Modified: Tue, 31 Mar 2026 16:33:11 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69cbf747-19ad3\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":105171,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (20966)","md5":"6b8750dae27b146925feb84c3c5a0d91","sha1":"cba3935d437f78124b6745f0d575d084dc892c94","sha256":"7e7e7d34ce1d4c86a33885c7feba1ec676a196ba1f6b55cd2d1c5499fce8ecab","sha512":"58dbae270b7dea282736b54aac9059ee0973832e1b4d15f369fea33e56d50e2c0264d40f4f9805f9d0c7c8f146dff91e0f9098f89073c12fc018985bc542afe7","ssdeep":"1536:TZyed1/Pbxez/S0sGvVHlaLE4STizU0X4qrriMnWf9Z1l41u:NVWzPbfaLE38pS71","tlshash":"b5a35c6126f27415b12f89bf72df7b183b3c80434809f9197ef459acef893a541a2b45","first_seen":"2026-03-31T21:52:09.978873Z","last_seen":"2026-04-10T14:48:26.9446Z","times_seen":40,"resource_available":false,"data":null}},"time_used":3891,"timings":{"blocked":937,"dns":1,"connect":312,"send":0,"wait":333,"receive":1678,"ssl":627},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/upload/2023/02/28/16775523161885ar8zy.png","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.243Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/2023/02/28/16775523161885ar8zy.png HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:29 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31951,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 325, 8-bit/color RGB, non-interlaced","md5":"d49408ea72fb8fb2d68793546de3867f","sha1":"ecdd9cac2585f7dcad7e3c9d8788c97bbd088c80","sha256":"bc22118ab55d4786cedee93aaf6b105c9660df743e205f67265e97315c803d79","sha512":"0de0290b3a2949e04b406252fa2f4d5ca4b215b95e188b679fe682c0db5de619f2addcd45895553c500a9f9b645c973bc17c71ec82a85ae68c096e1279d04217","ssdeep":"768:HCsdW2Id3/9E14qPx3Ux/whqIUXoXGKddk1Byl+GK3q85:HCsd1aCxkxOqIWoV8XMQp","tlshash":"bfe2f1464ed6cd87e81ad2c73aea64d2245bea65756d112978f30b0f0c30be2d46f31e","first_seen":"2026-04-10T12:42:54.854055Z","last_seen":"2026-04-10T12:42:54.854055Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2504,"timings":{"blocked":2224,"dns":0,"connect":0,"send":0,"wait":279,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/wanboguanwangmanbetx/static/web/img/index/icon7_06.png","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.290Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /wanboguanwangmanbetx/static/web/img/index/icon7_06.png HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/wanboguanwangmanbetx/static/web/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:30 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1293,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 23 x 19, 8-bit/color RGBA, non-interlaced","md5":"c4a1997b73cc029709721ddfc22992a0","sha1":"61f54ef0c7a47f79c0e3de356ba7f9e1cc9b8445","sha256":"6ab82e3c94131afbe77d6bdddd3caad683a3255c3b0788c3d43efce3f905588e","sha512":"c7dbf4bb27caf92cd8c7d4fede556febd1c344266b479e9cbe0fb0f1789734285c87359edcd7e913ceb8fcaf40348c9c2e5e02281fbc7a224aa2df7ca93afebd","ssdeep":"","tlshash":"fb21a50cd7b1b401e948d1812ce68027d9779480ee94e199accac42359711f9820a8ef","first_seen":"2026-04-10T12:42:54.854935Z","last_seen":"2026-04-10T12:42:54.854935Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3018,"timings":{"blocked":2737,"dns":0,"connect":0,"send":0,"wait":280,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/wanboguanwangmanbetx/static/web/css/style.css","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:23.021Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /wanboguanwangmanbetx/static/web/css/style.css HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:23 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":115625,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"bfad6069e782cd4901d5290d08643628","sha1":"bb6cd7f5533fca4d575063815f1c7959ad2c8d3d","sha256":"6d32ad692438a80dc4a62a301e2153be53ed0c311ad317e886170a6a0e76b6a1","sha512":"94ab8e6fde5accd17cc0fee6d2788bb881f24d2604b7832c893ed762611675b843e593f38f5b6355bd06420cb5986a71880cce47b6a93b7b989499cb7f043d5c","ssdeep":"3072:YWlkCqMNgMGiUVTlz2bYSHwhQUghdDMwba0xTM0IJRXhe8EvRDQCnK9AM0oO4rKO:zkCqogMGiUVTlz2bYSHwhQUghdDMwba7","tlshash":"57b3ca68c7021b07b03386ae57fd1740ee38c0536b17563cbbdab6564fba0791622bd9","first_seen":"2026-04-10T12:42:54.855736Z","last_seen":"2026-04-10T12:42:54.855736Z","times_seen":1,"resource_available":false,"data":null}},"time_used":276,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":275,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/upload/2022/06/10/165484512976054o96l.jpg","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:23.031Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/2022/06/10/165484512976054o96l.jpg HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:24 GMT\r\nContent-Type: image/jpeg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":112007,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 1280x490, components 3","md5":"43538980de7ffb31ccc180cd3a4815f8","sha1":"9ec3c700ffbc0b3191401f2d65cd09205a6898b4","sha256":"793dcab76b0e489adcbbe9e94f72e3428aa5b3ee732716ea6dca5b6b3f7db8b6","sha512":"a4ed91622c87f249e42130be6597b787f7aebc2e134d32e85c6bdc2084990d1bd4a4b02c35c2d5238cc23498bd7ef1ff48afc105d830a3064518e278c26e1139","ssdeep":"1536:BFOQjOa4dOAK/PrFIl3tQZJrWqVRiZQscUf0CmbwvGF553FZsgtbj93AcNl0U1cB:WFtUrW5ZQaM3pZJtNxNj1f5C","tlshash":"b6b302723e63efec7d1816cea5746a8b184d76725c36204db1f88ae624f7312a4b446c","first_seen":"2026-04-10T12:42:54.856553Z","last_seen":"2026-04-10T12:42:54.856553Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4256,"timings":{"blocked":1581,"dns":1,"connect":257,"send":0,"wait":269,"receive":799,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/upload/2017/06/21/1498041713456ts15x.jpg","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.253Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/2017/06/21/1498041713456ts15x.jpg HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:28 GMT\r\nContent-Type: image/jpeg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":109397,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x644, components 3","md5":"db593a2a85a053adc25ba2ba22dca61a","sha1":"3c1bfd976f2b5ed59fd4f5404a3b3c5c44164dde","sha256":"5a1fb4490cbbaf92e0faff6614afd0845c175bd3f8f98801716c13bffd8381d9","sha512":"64930569edf4abad09ea6cd2888489e455ae4da6361e27828aa548b3dc5aeb83a4bdc3324ca26681a791c0adf926c761a77675b9df9a1faadbbbe09c9413b900","ssdeep":"1536:63XDmD34x/vkG1lxaBdCpMTLxvIIeHotP90w53LOBOb+ml6VjzcWaTcRjXvtuOJD:uimpOmpm2IeHoJ53AObwcWBZ/tuOP","tlshash":"1bb3126dbd631162269b60f6b8372528574c2332cf2f065d37ce9c8727a81a7b687d43","first_seen":"2026-04-10T12:42:54.857742Z","last_seen":"2026-04-10T12:42:54.857742Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1945,"timings":{"blocked":921,"dns":0,"connect":0,"send":0,"wait":259,"receive":765,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"collect-v6.51.la/v6/collect?dt=4","fqdn":"collect-v6.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"43.159.107.113","port":80,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.308Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /v6/collect?dt=4 HTTP/1.1\r\nHost: collect-v6.51.la\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Length: 371\r\nOrigin: http://www.lingyuclub.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 210 Unknown Status\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: http://www.lingyuclub.com\r\nAccess-Control-Allow-Credentials: true\r\nServer: TencentEdgeOne\r\nContent-Length: 0\r\nConnection: keep-alive\r\nDate: Fri, 10 Apr 2026 12:42:27 GMT\r\nEO-LOG-UUID: 7268110986601377466\r\nEO-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"210","status_text":"Unknown Status","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-10T14:55:53.648324Z","times_seen":13582113,"resource_available":true,"data":null}},"time_used":407,"timings":{"blocked":94,"dns":0,"connect":0,"send":0,"wait":313,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/static/font/iconfont.e7187704.woff","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.ptfafa.com/go/kaiyun1/ky.html","date":"2026-04-10T12:42:31.697Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.ptfafa.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 06:08:56 GMT","end":"Mon, 22 Jun 2026 06:08:55 GMT"},"fingerprint":{"sha1":"CF:DB:F2:B9:0F:C4:2C:E1:25:27:7A:14:A4:1A:52:E9:5D:61:CA:2D","sha256":"FF:C9:92:0D:5C:A3:C4:35:C5:42:CE:80:BE:D3:7B:42:8A:30:82:1C:21:C5:85:8E:E9:A7:77:89:8C:51:4D:AF"}}},"request":{"raw":"GET /go/kaiyun1/static/font/iconfont.e7187704.woff HTTP/1.1\r\nHost: www.ptfafa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ptfafa.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Fri, 10 Apr 2026 12:42:31 GMT\r\nContent-Type: text/html\r\nContent-Length: 520\r\nConnection: keep-alive\r\nETag: \"619e0cae-208\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":520,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"3704f92207749f1f9b308fc856e7b7eb","sha1":"b12e7554f139b239e0cb11f2138fa328e414a761","sha256":"7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e","sha512":"c0812fb9a6cc887ce08a773103b08a719a65700c052ff79e35f3471321abc091aa18f73fe6af4600e8409732cc7524ef1760e0a3a242475d41f90fa4182a0297","ssdeep":"","tlshash":"abf00ea3b1130c0e13a8627033b1b0b4dc867dcb67030e51846a303facc16a9c7a33d8","first_seen":"2023-04-08T15:59:38Z","last_seen":"2026-04-10T14:48:26.895468Z","times_seen":6358,"resource_available":true,"data":null}},"time_used":304,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":304,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/static/font/iconfont.e7187704.woff2","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.ptfafa.com/go/kaiyun1/ky.html","date":"2026-04-10T12:42:31.759Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.ptfafa.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 06:08:56 GMT","end":"Mon, 22 Jun 2026 06:08:55 GMT"},"fingerprint":{"sha1":"CF:DB:F2:B9:0F:C4:2C:E1:25:27:7A:14:A4:1A:52:E9:5D:61:CA:2D","sha256":"FF:C9:92:0D:5C:A3:C4:35:C5:42:CE:80:BE:D3:7B:42:8A:30:82:1C:21:C5:85:8E:E9:A7:77:89:8C:51:4D:AF"}}},"request":{"raw":"GET /go/kaiyun1/static/font/iconfont.e7187704.woff2 HTTP/1.1\r\nHost: www.ptfafa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ptfafa.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Fri, 10 Apr 2026 12:42:31 GMT\r\nContent-Type: text/html\r\nContent-Length: 520\r\nConnection: keep-alive\r\nETag: \"619e0cae-208\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":520,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"3704f92207749f1f9b308fc856e7b7eb","sha1":"b12e7554f139b239e0cb11f2138fa328e414a761","sha256":"7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e","sha512":"c0812fb9a6cc887ce08a773103b08a719a65700c052ff79e35f3471321abc091aa18f73fe6af4600e8409732cc7524ef1760e0a3a242475d41f90fa4182a0297","ssdeep":"","tlshash":"abf00ea3b1130c0e13a8627033b1b0b4dc867dcb67030e51846a303facc16a9c7a33d8","first_seen":"2023-04-08T15:59:38Z","last_seen":"2026-04-10T14:48:26.895468Z","times_seen":6358,"resource_available":true,"data":null}},"time_used":295,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":295,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/static/web/img/20170718/footergan.png","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:23.053Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/web/img/20170718/footergan.png HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:26 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19257,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced","md5":"c13506cdfe8a61879ce036cb4098b235","sha1":"a476029c39d61551c39d547600711a3db15c55be","sha256":"d1af4bba44136e263e9c4a28c8753a2d9e92ad434865357069ff61a5103301da","sha512":"4e2166c9179f0a89127d4fba017f750b664b5fd6192628f2ba2adbce4a7180925139187cdf171141a17e23279704d05e9ae84dd7212b60ea8b4e744a2f3b683a","ssdeep":"96:VSMllcHitlIxv9vk7C1+I4wWHLihk/xGWvki7rxmVKXUsDEVWvdNGthls+GfNXrb:VSHIIHUCD4wabkijpso15909rfEp","tlshash":"11823928fcf0b125548993393de674095c779bc3c681ac45badc8a0b6f00fa99d6b183","first_seen":"2023-05-25T06:49:40Z","last_seen":"2026-04-10T12:42:54.858505Z","times_seen":230,"resource_available":false,"data":null}},"time_used":3797,"timings":{"blocked":2962,"dns":0,"connect":278,"send":0,"wait":280,"receive":277,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/static/web/img/20170718/tele.png","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:23.056Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/web/img/20170718/tele.png HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:24 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1256,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced","md5":"6d0f1454b5c3e1c9e8ba5bf460b823e6","sha1":"8caf61c7b645a7067db40200d33f75bb825dddf7","sha256":"bb5dad727b0c5813607cba9f3c7379c66dd84a23245f384752379e1e2603c946","sha512":"24ef0a57167ae5d0e624a1a4576a4027e0b4aef179050dc188cb7d9c7e5f272799be802145bff5df68117cc4cbfa2d0830f1d64b8ad9d75185c80825953de2e3","ssdeep":"","tlshash":"0221874df4921e41a9e5e4432cdbd02a9d1284e0d6d0947eb8cdc4368d151f056244f7","first_seen":"2026-04-10T12:42:54.859618Z","last_seen":"2026-04-10T12:42:54.859618Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3424,"timings":{"blocked":1556,"dns":1,"connect":263,"send":0,"wait":266,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/wanboguanwangmanbetx/static/web/img/index/icon7_08.png","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.297Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /wanboguanwangmanbetx/static/web/img/index/icon7_08.png HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/wanboguanwangmanbetx/static/web/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:30 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1563,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 22 x 26, 8-bit/color RGBA, non-interlaced","md5":"4fdb5ea52daa36e5eb1c08f549491641","sha1":"ae0aee027e07b07fc912bd5d798590199fd8b1be","sha256":"e58757988f24f332664483c03a4beea35d2c465b7317a569464b04281df19849","sha512":"412912fc7c98de09004a178294017909d9bfdeda2f96587a7ba670bb6a08015c8a14d6b6f31b0e24da68055bda3d6f02f1b257f11560e979cb5bbf64d48f8a44","ssdeep":"","tlshash":"7331da9df5517542f048805728f78123d92bc884ad80f958becac0270f705f8a32e5eb","first_seen":"2026-04-10T12:42:54.86052Z","last_seen":"2026-04-10T12:42:54.86052Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3113,"timings":{"blocked":2828,"dns":0,"connect":0,"send":0,"wait":285,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?7d86eb847ecfd3c972fa457a6abaa0da","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.183.79","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.384Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.js?7d86eb847ecfd3c972fa457a6abaa0da HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\nContent-Length: 11289\r\nContent-Type: application/javascript\r\nDate: Fri, 10 Apr 2026 12:42:27 GMT\r\nEtag: 6e58ce46e1f47b4ab2f3ed13235efc76\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=CA53F36CC10B022E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":29895,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (619)","md5":"9638d2a2c6d4bdd5e6046c1d8450a488","sha1":"7edbcd2fca37660a371e51a132575549c1fc28fb","sha256":"ba521d14213d8361002f03a6a4e38800af5d9b6883a39b2932bcdb9efbe7e70c","sha512":"a7817a1e7d20fa6bda624d40ccda1196604b7de1cb9fa62d6af3c8aa0ffb425472b561188d034f310680eb7e449fbdf537844d0444f4bfb4ad7ad12d3d0f7ee8","ssdeep":"384:yQXJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:1X4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"6cd2d9e9b282713293a324a5153f724af07b5a54bd4968a4f11894c07d38fbb027bfdd","first_seen":"2026-04-10T12:42:54.862137Z","last_seen":"2026-04-10T12:42:54.862137Z","times_seen":1,"resource_available":true,"data":null}},"time_used":320,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":319,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-10T12:42:22.159Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:22 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":45369,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1174), with CRLF, LF line terminators","md5":"26608d06341fca68c002b442a1c6598f","sha1":"2b5daa92b6191171b37f24d816fefc7fe778f33e","sha256":"1d2b7862d4dc2f7287fd370f4020bdd85210aca361075b9ca81e18789536bcb8","sha512":"932e59bcecfe8ab3cc4c119c6503a32f36ebde90ea4264af48a806a3c62b9ae8c1613824a706b5296b467873253c76c3f4f7c5dce0eac370b36b2f298e6cc08a","ssdeep":"768:OpOICVKLOXOeXPZdE5LQ86xyO67b63bwD+BMmmvbcKdxCA:OpTcZdE5LQ86xyO67b638D+BMmmlCA","tlshash":"b4130830f6899a3f04f362e66e359b69f5898193d5034405f3fd5ac79be1d8ada0388c","first_seen":"2026-04-10T12:42:54.787353Z","last_seen":"2026-04-10T12:42:54.787353Z","times_seen":1,"resource_available":true,"data":null}},"time_used":990,"timings":{"blocked":270,"dns":1,"connect":269,"send":0,"wait":448,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/static/web/img/20170718/top.png","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:23.054Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/web/img/20170718/top.png HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:24 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":976,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 15 x 8, 8-bit/color RGBA, non-interlaced","md5":"b8850d45bf1928ed0278371d60c0c648","sha1":"4c256bf07d083e0f54ec8548a3240cd7cc49d728","sha256":"4dc220d4ef296bc085a6a4557391ef390bcb5494130e41c70fdb16a2de6cc8c2","sha512":"5091c5dedf649c5a8086822b09b6a89401f7da9fca080f26a49fc5a8207d4f9a5e743c0e1929b480e491ed86359d95171f378d7d390551e95272417d4a85a863","ssdeep":"","tlshash":"2b112145fdb01a109669e9a63ce2402e881746c0e5e0e63ae8cfe4673a310b140197cf","first_seen":"2026-04-10T12:42:54.862973Z","last_seen":"2026-04-10T12:42:54.862973Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1840,"timings":{"blocked":1558,"dns":0,"connect":0,"send":0,"wait":282,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"push.zhanzhang.baidu.com/push.js","fqdn":"push.zhanzhang.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"163.177.17.97","port":80,"asn":136958,"as":"China Unicom Guangdong IP network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.142Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /push.js HTTP/1.1\r\nHost: push.zhanzhang.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Encoding: gzip\r\nContent-Length: 232\r\nContent-Type: text/javascript\r\nServer: bfe\r\nDate: Fri, 10 Apr 2026 12:42:27 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":281,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text, with no line terminators","md5":"1bb5a3267c9865ad4abe8d937734b62b","sha1":"b5478dd2edb3e64242eced1db2dbd945ef81f592","sha256":"674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2","sha512":"33318ed944a49a8fa334983408d68853b1fbe4f80b19adef6235f23d7708b616cd4f8dd28c8b8ebfbb5776aab8088229f3060cd789af34fe1db5038a98bd0d39","ssdeep":"","tlshash":"91d02be874a0c41c0ce710b17fab328cfab20b2755244d40c05b90013614b1f824bfe9","first_seen":"2023-03-07T01:02:09Z","last_seen":"2026-04-10T13:13:42.644528Z","times_seen":21095,"resource_available":true,"data":null}},"time_used":1373,"timings":{"blocked":558,"dns":305,"connect":254,"send":0,"wait":256,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/static/font/iconfont.e7187704.woff","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.ptfafa.com/go/kaiyun1/ky.html","date":"2026-04-10T12:42:32.643Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.ptfafa.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 06:08:56 GMT","end":"Mon, 22 Jun 2026 06:08:55 GMT"},"fingerprint":{"sha1":"CF:DB:F2:B9:0F:C4:2C:E1:25:27:7A:14:A4:1A:52:E9:5D:61:CA:2D","sha256":"FF:C9:92:0D:5C:A3:C4:35:C5:42:CE:80:BE:D3:7B:42:8A:30:82:1C:21:C5:85:8E:E9:A7:77:89:8C:51:4D:AF"}}},"request":{"raw":"GET /go/kaiyun1/static/font/iconfont.e7187704.woff HTTP/1.1\r\nHost: www.ptfafa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ptfafa.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Fri, 10 Apr 2026 12:42:32 GMT\r\nContent-Type: text/html\r\nContent-Length: 520\r\nConnection: keep-alive\r\nETag: \"619e0cae-208\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":520,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"3704f92207749f1f9b308fc856e7b7eb","sha1":"b12e7554f139b239e0cb11f2138fa328e414a761","sha256":"7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e","sha512":"c0812fb9a6cc887ce08a773103b08a719a65700c052ff79e35f3471321abc091aa18f73fe6af4600e8409732cc7524ef1760e0a3a242475d41f90fa4182a0297","ssdeep":"","tlshash":"abf00ea3b1130c0e13a8627033b1b0b4dc867dcb67030e51846a303facc16a9c7a33d8","first_seen":"2023-04-08T15:59:38Z","last_seen":"2026-04-10T14:48:26.895468Z","times_seen":6358,"resource_available":true,"data":null}},"time_used":298,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":298,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/wanboguanwangmanbetx/static/web/css/reset.css","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:23.020Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /wanboguanwangmanbetx/static/web/css/reset.css HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:23 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":41675,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF, LF line terminators","md5":"474fa54022e017e85698e15d4e6315c1","sha1":"acef4c3d78b39a36d9d4bc335fd6dd9b761c22f9","sha256":"266e5d0b37be325598e6fabcf8871791798eff85cbebcba3cbfabbd792b18bc7","sha512":"42084eb045d90a3efd5cf23bf7200c5999cb07b13864b1b9e5d203da22fba2542472ed4bcab7d274a6b197a3dcc4ae267ce250f2eae538d3bb4855c89ff3c850","ssdeep":"192:Ya1/16ywdg+o3xy/KuI2VxcwpmFK5UAv+ic+y/Nze:b/1agzy/9LPmle","tlshash":"f91311bf8b8005104cb983b4ff96e719e5a412fb1e3420ddb8e46219ef36795506bf98","first_seen":"2026-04-10T12:42:54.864486Z","last_seen":"2026-04-10T12:42:54.864486Z","times_seen":1,"resource_available":false,"data":null}},"time_used":282,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":282,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/static/font/latin.fab57614.woff2","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.ptfafa.com/go/kaiyun1/ky.html","date":"2026-04-10T12:42:31.410Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.ptfafa.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 06:08:56 GMT","end":"Mon, 22 Jun 2026 06:08:55 GMT"},"fingerprint":{"sha1":"CF:DB:F2:B9:0F:C4:2C:E1:25:27:7A:14:A4:1A:52:E9:5D:61:CA:2D","sha256":"FF:C9:92:0D:5C:A3:C4:35:C5:42:CE:80:BE:D3:7B:42:8A:30:82:1C:21:C5:85:8E:E9:A7:77:89:8C:51:4D:AF"}}},"request":{"raw":"GET /go/kaiyun1/static/font/latin.fab57614.woff2 HTTP/1.1\r\nHost: www.ptfafa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ptfafa.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Fri, 10 Apr 2026 12:42:31 GMT\r\nContent-Type: text/html\r\nContent-Length: 520\r\nConnection: keep-alive\r\nETag: \"619e0cae-208\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":520,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"3704f92207749f1f9b308fc856e7b7eb","sha1":"b12e7554f139b239e0cb11f2138fa328e414a761","sha256":"7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e","sha512":"c0812fb9a6cc887ce08a773103b08a719a65700c052ff79e35f3471321abc091aa18f73fe6af4600e8409732cc7524ef1760e0a3a242475d41f90fa4182a0297","ssdeep":"","tlshash":"abf00ea3b1130c0e13a8627033b1b0b4dc867dcb67030e51846a303facc16a9c7a33d8","first_seen":"2023-04-08T15:59:38Z","last_seen":"2026-04-10T14:48:26.895468Z","times_seen":6358,"resource_available":true,"data":null}},"time_used":345,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":345,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?af71f27a888db2d1cb746d1ff59bd029","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.183.79","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:24.402Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.js?af71f27a888db2d1cb746d1ff59bd029 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\nContent-Length: 11505\r\nContent-Type: application/javascript\r\nDate: Fri, 10 Apr 2026 12:42:25 GMT\r\nEtag: 2d5f2d54c0f16e7846be686866311667\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=2A071DFBDD5E2E2D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":30799,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (632)","md5":"4d3729f81eabcbd3a70bd609d510894e","sha1":"69859f6105f192e9b1f4bdc05d463f0af7218cc9","sha256":"099c12f4fb9e2f9af15da3dad28e834305f210d549886ae8a2e1f49ed75b60c2","sha512":"0bdfcd260912caae8da385e5d80f1c8670ad91fecf6dfb7d041e71ade282752ceb08e501317d2669ca2fc6b049c0a3550d59997de0341e82bd2a214ec06f0986","ssdeep":"384:NzBzTA/WdnloRh3KA7yUpNHR5D4f/gvJqan5XJuR5C1JwJAOovmkgbUzYRxefRff:NJvUpNHQf/gzn9JjCJAOoukgbUtff","tlshash":"31d2cae5b186b13297b220a5117f320af0b75a50fc4958a4f15998c07d38fbb027bfad","first_seen":"2026-04-10T12:42:54.865862Z","last_seen":"2026-04-10T12:42:54.865862Z","times_seen":1,"resource_available":true,"data":null}},"time_used":2453,"timings":{"blocked":1070,"dns":295,"connect":255,"send":0,"wait":310,"receive":1,"ssl":519},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/static/font/iconfont.599951c1.woff2","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.ptfafa.com/go/kaiyun1/ky.html","date":"2026-04-10T12:42:30.169Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.ptfafa.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 06:08:56 GMT","end":"Mon, 22 Jun 2026 06:08:55 GMT"},"fingerprint":{"sha1":"CF:DB:F2:B9:0F:C4:2C:E1:25:27:7A:14:A4:1A:52:E9:5D:61:CA:2D","sha256":"FF:C9:92:0D:5C:A3:C4:35:C5:42:CE:80:BE:D3:7B:42:8A:30:82:1C:21:C5:85:8E:E9:A7:77:89:8C:51:4D:AF"}}},"request":{"raw":"GET /go/kaiyun1/static/font/iconfont.599951c1.woff2 HTTP/1.1\r\nHost: www.ptfafa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ptfafa.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Fri, 10 Apr 2026 12:42:31 GMT\r\nContent-Type: text/html\r\nContent-Length: 520\r\nConnection: keep-alive\r\nETag: \"619e0cae-208\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":520,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"3704f92207749f1f9b308fc856e7b7eb","sha1":"b12e7554f139b239e0cb11f2138fa328e414a761","sha256":"7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e","sha512":"c0812fb9a6cc887ce08a773103b08a719a65700c052ff79e35f3471321abc091aa18f73fe6af4600e8409732cc7524ef1760e0a3a242475d41f90fa4182a0297","ssdeep":"","tlshash":"abf00ea3b1130c0e13a8627033b1b0b4dc867dcb67030e51846a303facc16a9c7a33d8","first_seen":"2023-04-08T15:59:38Z","last_seen":"2026-04-10T14:48:26.895468Z","times_seen":6358,"resource_available":true,"data":null}},"time_used":1522,"timings":{"blocked":1200,"dns":0,"connect":0,"send":0,"wait":322,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/static/font/iconfont.e7187704.woff2","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.ptfafa.com/go/kaiyun1/ky.html","date":"2026-04-10T12:42:31.456Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.ptfafa.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 06:08:56 GMT","end":"Mon, 22 Jun 2026 06:08:55 GMT"},"fingerprint":{"sha1":"CF:DB:F2:B9:0F:C4:2C:E1:25:27:7A:14:A4:1A:52:E9:5D:61:CA:2D","sha256":"FF:C9:92:0D:5C:A3:C4:35:C5:42:CE:80:BE:D3:7B:42:8A:30:82:1C:21:C5:85:8E:E9:A7:77:89:8C:51:4D:AF"}}},"request":{"raw":"GET /go/kaiyun1/static/font/iconfont.e7187704.woff2 HTTP/1.1\r\nHost: www.ptfafa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ptfafa.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Fri, 10 Apr 2026 12:42:31 GMT\r\nContent-Type: text/html\r\nContent-Length: 520\r\nConnection: keep-alive\r\nETag: \"619e0cae-208\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":520,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"3704f92207749f1f9b308fc856e7b7eb","sha1":"b12e7554f139b239e0cb11f2138fa328e414a761","sha256":"7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e","sha512":"c0812fb9a6cc887ce08a773103b08a719a65700c052ff79e35f3471321abc091aa18f73fe6af4600e8409732cc7524ef1760e0a3a242475d41f90fa4182a0297","ssdeep":"","tlshash":"abf00ea3b1130c0e13a8627033b1b0b4dc867dcb67030e51846a303facc16a9c7a33d8","first_seen":"2023-04-08T15:59:38Z","last_seen":"2026-04-10T14:48:26.895468Z","times_seen":6358,"resource_available":true,"data":null}},"time_used":314,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":314,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/upload/2017/07/07/14994162814016hxxay.jpg","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:23.043Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/2017/07/07/14994162814016hxxay.jpg HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:25 GMT\r\nContent-Type: image/jpeg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":109774,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x642, components 3","md5":"ca7bd3101c1ed0cafff1835b3501c524","sha1":"0ebc6fa5edde97924acefe162b998e3236666894","sha256":"09e3c619463d3b8df620b87137086d79bd15ba53706efe80ba15b2e9c10df1a7","sha512":"a7118bed0cc6b01c129c0cb0a3f92eb07098ea30bd9c52002e1a42ea63c99934e6de903736f15694034bb1716b5ba447e4879e92c1325cb75426b3fb9d804dd6","ssdeep":"3072:zZ+ZreU8fnpAlJ3pf10tJTxo2c2kL1RK8Us5:zZ+D8fpM9qtBxo2PkLvKrs5","tlshash":"5bb312017b26ec48942dbbef4d7eecea7d079d6c43c305615c2a8d6f1a95580bac9cb0","first_seen":"2026-04-10T12:42:54.866692Z","last_seen":"2026-04-10T12:42:54.866692Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2972,"timings":{"blocked":1851,"dns":0,"connect":0,"send":0,"wait":283,"receive":838,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?8e1df91611627c21bf39ae4ad3304f2d","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.183.79","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:24.401Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.js?8e1df91611627c21bf39ae4ad3304f2d HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\nContent-Length: 11305\r\nContent-Type: application/javascript\r\nDate: Fri, 10 Apr 2026 12:42:25 GMT\r\nEtag: e0cec48e9adcf26b7fb4eb6182182b1d\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=B307F8834D3ACEF7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":29911,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (635)","md5":"17317b1d9a16b5d6442e1c3d24dd05fb","sha1":"655e1fe7adebc01678a09f3ce00400ae6db153ee","sha256":"52531bc1d097924042cd9665877483ec50180d7384ac1c9746b0980961e1a920","sha512":"ce2676cce2e9765616687462e780d14681ca54140f4ba3cd1f95e4f249c144469962f5b6919eb974e189c5addf9296f2d38282b637886d93344e74fd237e517e","ssdeep":"384:wsJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:ws4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"1bd2c9a9b282713293a324a5153f724af07b5a54bd4968a4f11894c07d38fbb027bfdd","first_seen":"2026-04-10T12:42:54.867597Z","last_seen":"2026-04-10T12:42:54.867597Z","times_seen":1,"resource_available":true,"data":null}},"time_used":2539,"timings":{"blocked":1102,"dns":296,"connect":267,"send":0,"wait":332,"receive":1,"ssl":539},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/wanboguanwangmanbetx/static/web/img/index/pic9_02.jpg","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.261Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /wanboguanwangmanbetx/static/web/img/index/pic9_02.jpg HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/wanboguanwangmanbetx/static/web/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:29 GMT\r\nContent-Type: image/jpeg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":75581,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x580, components 3","md5":"e961453185ea935476ff8ff02a38727e","sha1":"2e437b556ebb45f7da63131128c0d874a583512a","sha256":"99ad1378db6dcbd76bf88902b5fdb8ce2544ee942048c3925d829c2ed0679637","sha512":"373cc4e65cedbe1963b7c86b8de20b1674a07122d56476a3d2933d8009d3962600b04a362a3498ec9bbd371f00a761d6a2b15165d064800dad1b5bd84d343f39","ssdeep":"1536:+xhrsHNCG1DKVNrLKDv0f0JSEWS9Tewwhlers3pL1QbPG0V0G:eI/CLKDv0f0J2GT5glers3pLeLGwt","tlshash":"e87301be8e8a1c975a5d027f18b34189c822144713ba46fb9d85c95f433a6dd2dcbf2c","first_seen":"2026-04-10T12:42:54.868841Z","last_seen":"2026-04-10T12:42:54.868841Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2857,"timings":{"blocked":2303,"dns":0,"connect":0,"send":0,"wait":277,"receive":277,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=2A071DFBDD5E2E2D\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=365861206\u0026si=af71f27a888db2d1cb746d1ff59bd029\u0026v=1.2.85\u0026lv=1\u0026sn=23052\u0026r=0\u0026ww=1280\u0026ct=!!\u0026u=http%3A%2F%2Fwww.lingyuclub.com%2F\u0026tt=%E4%B9%9D%E6%B8%B8%E7%94%B5%E5%AD%90_%E4%B9%9D%E6%B8%B8(%E4%B8%AD%E5%9B%BD)","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.183.79","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.339Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=2A071DFBDD5E2E2D\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=365861206\u0026si=af71f27a888db2d1cb746d1ff59bd029\u0026v=1.2.85\u0026lv=1\u0026sn=23052\u0026r=0\u0026ww=1280\u0026ct=!!\u0026u=http%3A%2F%2Fwww.lingyuclub.com%2F\u0026tt=%E4%B9%9D%E6%B8%B8%E7%94%B5%E5%AD%90_%E4%B9%9D%E6%B8%B8(%E4%B8%AD%E5%9B%BD) HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Fri, 10 Apr 2026 12:42:27 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=4AE9DBEC860C60B5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-10T14:54:38.580224Z","times_seen":332371,"resource_available":true,"data":null}},"time_used":387,"timings":{"blocked":56,"dns":0,"connect":0,"send":0,"wait":331,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/upload/2021/08/25/162986757467591x1qz.png","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:23.047Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/2021/08/25/162986757467591x1qz.png HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:27 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":80847,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 588 x 505, 8-bit/color RGB, non-interlaced","md5":"24e1565d8c88493015507ba95bf7322b","sha1":"fa90568e16b5a6311081fd9f26794a3cdf472377","sha256":"39ce133a8616f8fecdbaae08b4f3134a216ff7a720afbc6c327b0589beece5d4","sha512":"1a6ff4d36881ece1f5c940cb5d71e9e85db262997e98716995617a922c208bd27affe7869e8946684afc540b4ea5c54edd59e4efa49a83923bc041bfec428735","ssdeep":"1536:CO1W1eDgdC4b70TIlyTISUsthg4dvBr8pJBTyBpiS3vjmRwvJChDBN9dgIk0c:Cj0c8s70c8TSsfT8pJBeBUSfjSwRChD2","tlshash":"748302dabde1a0755f6f89e3305d202f53c9a651228a52344fe9ec12edcd8c4e701f69","first_seen":"2026-04-10T12:42:54.87031Z","last_seen":"2026-04-10T12:42:54.87031Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4363,"timings":{"blocked":3804,"dns":0,"connect":0,"send":0,"wait":281,"receive":278,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/upload/2025/09/02/175680229688750zmhf.jpg","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.224Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/2025/09/02/175680229688750zmhf.jpg HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:28 GMT\r\nContent-Type: image/jpeg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18597,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 600x327, components 3","md5":"30f19be99cfd10a0fbbb515c7a31c237","sha1":"b81c21884cb0bdd7c75a59a82f998e8b2a0503c2","sha256":"600ab3f3733c9e1777c191111557886bd220293c9c7cc49a15e60ec13a244aa4","sha512":"dddfe8df6531f195bd64b9f87fd0b5af8375dbe88aa76c22d7908dd55848052ca5a40c142697b0ee45f4634c321a295fbae8b4f92e76b9fde18c83105d653a50","ssdeep":"384:dgjewjm4OLtnhhYAjRJpqyuuOA4qzbuKuq72oU1:dgjxxgnIwRHKuOAdbuJMK","tlshash":"bb822a538d098bc2f85947e9fd430cad2e9a570de8862bff54a51ec72d007a65c8e02e","first_seen":"2026-04-10T12:42:54.871311Z","last_seen":"2026-04-10T12:42:54.871311Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2062,"timings":{"blocked":1509,"dns":0,"connect":0,"send":0,"wait":278,"receive":275,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/upload/2021/08/25/16298589444008p2i29.png","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.258Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/2021/08/25/16298589444008p2i29.png HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:29 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":106502,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 667 x 585, 8-bit/color RGB, non-interlaced","md5":"035e1542edd433aec415d5fb21e6be8e","sha1":"6969dd315e43edafc63df1805e481801f549daf3","sha256":"a5c7894f00e76a6df2c9f33787f5f33ac6e603b08435661256985a592895dce9","sha512":"49bced4be68649f656b5d40f3b9a0da6cd112e4a88a9ed16e8dc97fc1716072ba2cd34b9dca2316b04ba04891f41f5ef5f573174ca56faacacb96d5f8be8b54e","ssdeep":"3072:4qbDeB7QlQ+a2GI4S3jUE8az8a6WFCKX/4F7qjRn+F:aBsyI4SYE8aT6CCCwF7Yn+F","tlshash":"13a3123788e70b3bb5f2b561da432173bed9c41c5c39e0ab0b426f5e149acbae231511","first_seen":"2026-04-10T12:42:54.872514Z","last_seen":"2026-04-10T12:42:54.872514Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3329,"timings":{"blocked":2221,"dns":0,"connect":0,"send":0,"wait":280,"receive":828,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/static/image/ag-66-4.png","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.ptfafa.com/go/kaiyun1/ky.html","date":"2026-04-10T12:42:30.095Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.ptfafa.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 06:08:56 GMT","end":"Mon, 22 Jun 2026 06:08:55 GMT"},"fingerprint":{"sha1":"CF:DB:F2:B9:0F:C4:2C:E1:25:27:7A:14:A4:1A:52:E9:5D:61:CA:2D","sha256":"FF:C9:92:0D:5C:A3:C4:35:C5:42:CE:80:BE:D3:7B:42:8A:30:82:1C:21:C5:85:8E:E9:A7:77:89:8C:51:4D:AF"}}},"request":{"raw":"GET /go/kaiyun1/static/image/ag-66-4.png HTTP/1.1\r\nHost: www.ptfafa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ptfafa.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 10 Apr 2026 12:42:32 GMT\r\nContent-Type: image/png\r\nContent-Length: 189185\r\nLast-Modified: Wed, 18 Sep 2024 07:03:31 GMT\r\nConnection: keep-alive\r\nETag: \"66ea7b43-2e301\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":189185,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 750 x 694, 8-bit colormap, non-interlaced","md5":"93c0060e234caf0bf804261f3cfd574c","sha1":"284959e512593ed4a2d9163b5bb604df7ca860d0","sha256":"3b3517b2a149662c9083c8307dc28e5c514a2f5e726e5ce9ce14ea931fcb304c","sha512":"0e6221c046dbc56c41dbaf7766d58605662ae7abdbf4666491433e9fc5b268f5fda3b8436034f6ba9a899e6316ebb22ab85f1a5fefd6cd301e4bd81d764b15f5","ssdeep":"3072:9djIZfl0x1w6OMDXDpTp8U0IRfFMpfxHI5c7AEtqSCOQhjArSO/G0+W//R5zx:9dUFdMTDpTp84JIpHI5c7z4+QSrzG0+u","tlshash":"8b0423f1f20c558fd9f45270bdecd62734305aa30b7a16b1c4a677c21eba21f4198d9a","first_seen":"2024-09-19T08:05:07Z","last_seen":"2026-04-10T14:48:26.938921Z","times_seen":2122,"resource_available":false,"data":null}},"time_used":5577,"timings":{"blocked":1907,"dns":0,"connect":0,"send":0,"wait":1824,"receive":1846,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/upload/2021/08/25/16298678355346cw3i3.png","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:23.051Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/2021/08/25/16298678355346cw3i3.png HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:26 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":109398,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 598 x 512, 8-bit/color RGB, non-interlaced","md5":"028cd4067387cfe4d1a738a484a8ed1d","sha1":"2851f659809f1f9b408d632b198bb94a80f44a0e","sha256":"43c139842f33629c2be53a3024bc950c3000f6329e7928e98fe59ff3aa99bac3","sha512":"ce9968b4414d27ce1d25709da96264b5a3ab4f4096b0eb675281632a8779ccb13b4e2860962d17943095438f7589a3a1d0af561c29301c6be616aba2d31676f3","ssdeep":"3072:z6GDuXqFe6DIZHMdkv1+5qnTcDF/YVEu/y9Hv1Zc:2KuXqFUxl9+5qP496","tlshash":"9ab3128c8882f727fea18309d5b0d86082966de61097a4b7175cf44b87dcdbcf6617b0","first_seen":"2026-04-10T12:42:54.874239Z","last_seen":"2026-04-10T12:42:54.874239Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4468,"timings":{"blocked":3169,"dns":0,"connect":260,"send":0,"wait":263,"receive":776,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/upload/2017/07/07/14994162814016hxxay.jpg","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.255Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/2017/07/07/14994162814016hxxay.jpg HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:28 GMT\r\nContent-Type: image/jpeg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":109774,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x642, components 3","md5":"ca7bd3101c1ed0cafff1835b3501c524","sha1":"0ebc6fa5edde97924acefe162b998e3236666894","sha256":"09e3c619463d3b8df620b87137086d79bd15ba53706efe80ba15b2e9c10df1a7","sha512":"a7118bed0cc6b01c129c0cb0a3f92eb07098ea30bd9c52002e1a42ea63c99934e6de903736f15694034bb1716b5ba447e4879e92c1325cb75426b3fb9d804dd6","ssdeep":"3072:zZ+ZreU8fnpAlJ3pf10tJTxo2c2kL1RK8Us5:zZ+D8fpM9qtBxo2PkLvKrs5","tlshash":"5bb312017b26ec48942dbbef4d7eecea7d079d6c43c305615c2a8d6f1a95580bac9cb0","first_seen":"2026-04-10T12:42:54.866692Z","last_seen":"2026-04-10T12:42:54.866692Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2043,"timings":{"blocked":949,"dns":0,"connect":0,"send":0,"wait":276,"receive":818,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/static/font/latin.fab57614.woff2","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.ptfafa.com/go/kaiyun1/ky.html","date":"2026-04-10T12:42:30.140Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.ptfafa.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 06:08:56 GMT","end":"Mon, 22 Jun 2026 06:08:55 GMT"},"fingerprint":{"sha1":"CF:DB:F2:B9:0F:C4:2C:E1:25:27:7A:14:A4:1A:52:E9:5D:61:CA:2D","sha256":"FF:C9:92:0D:5C:A3:C4:35:C5:42:CE:80:BE:D3:7B:42:8A:30:82:1C:21:C5:85:8E:E9:A7:77:89:8C:51:4D:AF"}}},"request":{"raw":"GET /go/kaiyun1/static/font/latin.fab57614.woff2 HTTP/1.1\r\nHost: www.ptfafa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ptfafa.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Fri, 10 Apr 2026 12:42:31 GMT\r\nContent-Type: text/html\r\nContent-Length: 520\r\nConnection: keep-alive\r\nETag: \"619e0cae-208\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":520,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"3704f92207749f1f9b308fc856e7b7eb","sha1":"b12e7554f139b239e0cb11f2138fa328e414a761","sha256":"7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e","sha512":"c0812fb9a6cc887ce08a773103b08a719a65700c052ff79e35f3471321abc091aa18f73fe6af4600e8409732cc7524ef1760e0a3a242475d41f90fa4182a0297","ssdeep":"","tlshash":"abf00ea3b1130c0e13a8627033b1b0b4dc867dcb67030e51846a303facc16a9c7a33d8","first_seen":"2023-04-08T15:59:38Z","last_seen":"2026-04-10T14:48:26.895468Z","times_seen":6358,"resource_available":true,"data":null}},"time_used":1461,"timings":{"blocked":1112,"dns":0,"connect":0,"send":0,"wait":349,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"lingyuclub.com/","fqdn":"lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-10T12:42:20.803Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:21 GMT\r\nContent-Type: text/html\r\nContent-Length: 185\r\nConnection: keep-alive\r\nLocation: http://www.lingyuclub.com/\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-10T14:55:53.648324Z","times_seen":13582113,"resource_available":true,"data":null}},"time_used":800,"timings":{"blocked":259,"dns":0,"connect":270,"send":0,"wait":270,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.lingyuclub.com/upload/2023/03/14/16787555723431mprr2.png","fqdn":"www.lingyuclub.com","domain":"lingyuclub.com","tld":"com"},"ip":{"addr":"168.76.192.225","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.lingyuclub.com/","date":"2026-04-10T12:42:27.172Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/2023/03/14/16787555723431mprr2.png HTTP/1.1\r\nHost: www.lingyuclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.lingyuclub.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 10 Apr 2026 12:42:28 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":109775,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1280 x 490, 8-bit/color RGB, non-interlaced","md5":"eefe91a59da8e718a3a4c8b7e88eea71","sha1":"482be1d187ea0b94d55d3dc286599e750cbf9d9c","sha256":"e6b8f07fa7fd6c599e0e3f557c941207a63b170d7fcc186f13231da505642b0f","sha512":"b13f96c299ed37e6c042a2feb6f9a43b9b4b4dff355dcdf462333da9f00982def8acf035e009a91bebd40c80e525369fb02981f92385e9aaad02e4225bd0c057","ssdeep":"3072:V77c3vV2Nl23KqWr8RNAS+1dfUbkygff0aDCd8lE:N8t2j26qq8RNASEdjVkKE","tlshash":"8bb30288958ffd79818faaf1638031359ca52b36b37885f9439b5b95889f011b212f4e","first_seen":"2026-04-10T12:42:54.875246Z","last_seen":"2026-04-10T12:42:54.875246Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2105,"timings":{"blocked":1058,"dns":0,"connect":0,"send":0,"wait":264,"receive":783,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ptfafa.com/go/kaiyun1/static/font/montserrat-black.be2a4b98.ttf","fqdn":"www.ptfafa.com","domain":"ptfafa.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.ptfafa.com/go/kaiyun1/ky.html","date":"2026-04-10T12:42:30.171Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.ptfafa.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 06:08:56 GMT","end":"Mon, 22 Jun 2026 06:08:55 GMT"},"fingerprint":{"sha1":"CF:DB:F2:B9:0F:C4:2C:E1:25:27:7A:14:A4:1A:52:E9:5D:61:CA:2D","sha256":"FF:C9:92:0D:5C:A3:C4:35:C5:42:CE:80:BE:D3:7B:42:8A:30:82:1C:21:C5:85:8E:E9:A7:77:89:8C:51:4D:AF"}}},"request":{"raw":"GET /go/kaiyun1/static/font/montserrat-black.be2a4b98.ttf HTTP/1.1\r\nHost: www.ptfafa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ptfafa.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Fri, 10 Apr 2026 12:42:32 GMT\r\nContent-Type: text/html\r\nContent-Length: 520\r\nConnection: keep-alive\r\nETag: \"619e0cae-208\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":520,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"3704f92207749f1f9b308fc856e7b7eb","sha1":"b12e7554f139b239e0cb11f2138fa328e414a761","sha256":"7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e","sha512":"c0812fb9a6cc887ce08a773103b08a719a65700c052ff79e35f3471321abc091aa18f73fe6af4600e8409732cc7524ef1760e0a3a242475d41f90fa4182a0297","ssdeep":"","tlshash":"abf00ea3b1130c0e13a8627033b1b0b4dc867dcb67030e51846a303facc16a9c7a33d8","first_seen":"2023-04-08T15:59:38Z","last_seen":"2026-04-10T14:48:26.895468Z","times_seen":6358,"resource_available":true,"data":null}},"time_used":2049,"timings":{"blocked":1739,"dns":0,"connect":0,"send":0,"wait":310,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"www.ptfafa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}