{"report_id":"4cf6bba7-ff26-4959-b7b2-23fe41aab0c9","version":6,"status":"done","tags":[],"date":"2025-10-10T21:27:48Z","url":{"schema":"http","addr":"396883239.xyz/video_list/index12.html","fqdn":"396883239.xyz","domain":"396883239.xyz","tld":"xyz"},"ip":{"addr":"172.67.162.51","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"yshsqz.115794629.xyz/video_list/index12.html","fqdn":"yshsqz.115794629.xyz","domain":"115794629.xyz","tld":"xyz"},"title":"卡通动画"},"submit":{"url":{"schema":"http","addr":"396883239.xyz/video_list/index12.html","fqdn":"396883239.xyz","domain":"396883239.xyz","tld":"xyz"},"ip":{"addr":"172.67.162.51","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-14T21:27:48Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"396883239.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null},"summary":[{"fqdn":"yshsqz.115794629.xyz","ip":{"addr":"104.21.10.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-07-14","domain_rank":0,"first_seen":"2025-10-10T16:20:20.22885Z","last_seen":"2025-10-10T16:20:20.22885Z","alert_count":0,"request_count":11,"received_data":1406500,"sent_data":5177,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"10ae25508186a486ddg.qydrcig.com","ip":{"addr":"203.107.63.104","port":8007,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"domain_registered":"2025-09-01","domain_rank":0,"first_seen":"2025-10-10T09:14:40.461741Z","last_seen":"2025-10-10T09:14:40.461741Z","alert_count":0,"request_count":1,"received_data":11323,"sent_data":448,"comment":"","tags":null,"fingerprints":[{"name":"PHP:5.6.31","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"le.lebsltu2025627.com","ip":{"addr":"104.20.45.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-06-27","domain_rank":4482589,"first_seen":"2025-06-28T21:18:54.00236Z","last_seen":"2025-10-07T07:15:52.741001Z","alert_count":0,"request_count":3,"received_data":171453,"sent_data":1482,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"396883239.xyz","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-03-24","domain_rank":0,"first_seen":"2025-10-01T16:56:30.920291Z","last_seen":"2025-10-01T16:56:30.920292Z","alert_count":1,"request_count":1,"received_data":42466,"sent_data":505,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"yshsqz.115794629.xyz/templets/blue888/js/page.js?t=1","fqdn":"yshsqz.115794629.xyz","domain":"115794629.xyz","tld":"xyz"},"ip":{"addr":"104.21.10.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8237d34a6ef7d2093cae52b62a3dd076","sha1":"898d2c0bae014bbf3021003448adbb87f331769b","sha256":"ba236988272f6155b88d54bc213be2d0cba5ba8d4f84469d62b79c627e1e407e","sha512":"624b866faf4c0d26c9cd0ed60c3cd133035760cb47523b5f3b704f74f9b692c96f58e7f73962505cfc38893013fb598cb567911a41c9b7bb11cfb1307a85dcbf","ssdeep":"48:f93vacnaD7lubZS78B7AUBoTrsgeY9rRaP5baF:f9SVUMCxNY9QPgF","tlshash":"59a1ab6e651d24252177b7737a9fd52cfef2a0b3a3248a087d1c51c01fb6a852292ff4","size":4814,"data":"","first_seen":"2024-08-20T14:32:57.347577Z","last_seen":"2026-03-07T15:50:44.40289Z","times_seen":334,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yshsqz.115794629.xyz/video_list/index12.html","fqdn":"yshsqz.115794629.xyz","domain":"115794629.xyz","tld":"xyz"},"ip":{"addr":"104.21.10.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"bbf453faf116dfbe13f6cbbec69c529c","sha1":"22c0a932720fc2570cb0df88ab9ccb0f499e1964","sha256":"0b95ca71f13b61ee2d7a35040a78f38b12ae71079393c7da3f3e25fbbf9c9747","sha512":"0ced028b5c2448e7b88f491e64facde14fc15e90aa85dbadf56aab3a15033da0aedd7705868233943fd9aecf9279290ed1043df751d27c3555e17e2e1c32fb4f","ssdeep":"96:WiT7rvQzK2bm+WDIPBEUO/bfWvaVwsteg:Wi/rYJbm+WplWawbg","tlshash":"e481b5ea3a94796003d72192673f9209b03ea8640baad4f1d60fc85d7f244ca817dfdd","size":4144,"data":"","first_seen":"2025-09-19T17:05:15.969942Z","last_seen":"2025-10-17T13:32:25.839746Z","times_seen":57,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yshsqz.115794629.xyz/video_list/index12.html","fqdn":"yshsqz.115794629.xyz","domain":"115794629.xyz","tld":"xyz"},"ip":{"addr":"104.21.10.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"291a1c24ece775ac5e990f2a6275340b","sha1":"a7dccecbad40710629a6dea82efe90afd4e9d587","sha256":"9d69b3b01aff5da7382f7af51dda1a2ca27e5287fefc482396997c9f6de67c19","sha512":"e502f4ecf17c7e147d345eb81b2761f5e93b17e92fec1c234acc9c578524c7ae2c2682765ed64b13944880a48d0989bdd5e3aea669255cdfa8c273193eec5876","ssdeep":"","tlshash":"db90021181156a2c00522016180cf5900c208d25008c90444855cc917c12241082c2c4","size":47,"data":"","first_seen":"2025-10-01T15:34:05.657626Z","last_seen":"2025-11-25T12:36:44.332392Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"10ae25508186a486ddg.qydrcig.com:8007/sc/6109?n=llfogiez","fqdn":"10ae25508186a486ddg.qydrcig.com","domain":"qydrcig.com","tld":"com"},"ip":{"addr":"203.107.63.104","port":8007,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"1e859f253a5cabf6e2355231cecc2526","sha1":"a2b98fd130ed4a8c292706812ce176d7b8094dec","sha256":"1ee54ab692a6211620f841a9f8357ca67ca850c1835f9c1bf8d1f02016495204","sha512":"a3c948815665527a634fa7c708d3c6c4f8e6d4a92003fe219faed9f387244712c47b032c0272561c57b4060c8eb1dc111d8c97f050fbd604f8691f50a39319d4","ssdeep":"192:semVVExYpvC9e5zldti8pyP0AczHDU+UbQJPYkPrIhrHG5EUgRluJYfbEyM+JzMc:semoxKGAzldtiqAejU+UwKUgRluJObU6","tlshash":"a132d568f243b470424ba1f3297e274c703d87385b038028576ab8917a7ce9a7567ff5","size":10946,"data":"","first_seen":"2025-10-10T21:27:52.736282Z","last_seen":"2025-10-10T21:27:52.736282Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yshsqz.115794629.xyz/video_list/index12.html","fqdn":"yshsqz.115794629.xyz","domain":"115794629.xyz","tld":"xyz"},"ip":{"addr":"104.21.10.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"17ad3e955b088eba25533c36d778fa72","sha1":"002e4717b9c7b158bf145777c6413922f86188c6","sha256":"85e5073881e5fc08ddaf8f4c3be55981a168925e9a0c04223943d654b5258c8d","sha512":"b71a8054c91c367656b5b2cac63e920df60eba15d36c18e56cc5a727da453c712e20e4abc21357900abaea94463ccbcf5b3a46549bc00be6949267b7a233e0b1","ssdeep":"","tlshash":"45f0d38e9b1180a463ea6122de7ed74f0077e0c6df46d8654817c16732a4a7441364cd","size":634,"data":"","first_seen":"2025-09-19T17:05:15.967637Z","last_seen":"2025-10-17T13:32:25.492111Z","times_seen":56,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yshsqz.115794629.xyz/video_list/index12.html","fqdn":"yshsqz.115794629.xyz","domain":"115794629.xyz","tld":"xyz"},"ip":{"addr":"104.21.10.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6615dd0efba9afbe21198993ee0a0f3e","sha1":"7bffa6c29cd0d40fe7d432ba9e9ea7711eba6c4e","sha256":"da0f3edebf2f5bfca29d56cb8f64b2dbc265574a875a0b1f2f7e3d2e770e9927","sha512":"b960281932e05cd3bd17698276195c523d8e1c0f652e7db91d5a737542e5b43998a1fcadcebb3b4cf500c2cf222d2f2dca364291173b35fa32fcd2f18098e048","ssdeep":"96:RXtbKxX2uysSPzb8SzKr3yU1elYpG5wSaJ/xrn/XYfYttff42APvI0r4AMz5AhqZ:RU4JtvU1eeIStn1APvI0r4Bz5Ahy","tlshash":"2da10a444aaf66b93f47e940638625d9d8de3b30b36ae8ac572b59d340d0dcda0d78b0","size":4833,"data":"","first_seen":"2025-09-19T17:05:15.968718Z","last_seen":"2025-10-17T13:32:25.658532Z","times_seen":55,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yshsqz.115794629.xyz/templets/blue888/js/jQuery.js","fqdn":"yshsqz.115794629.xyz","domain":"115794629.xyz","tld":"xyz"},"ip":{"addr":"104.21.10.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2f6b11a7e914718e0290410e85366fe9","sha1":"69bb69e25ca7d5ef0935317584e6153f3fd9a88c","sha256":"05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e","sha512":"0d40bccaa59fedecf7243d63b33c42592541d0330fefc78ec81a4c6b9689922d5b211011ca4be23ae22621cce4c658f52a1552c92d7ac3615241eb640f8514db","ssdeep":"1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2","tlshash":"1e83c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","size":85578,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-05T09:49:59.359877Z","times_seen":263226,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yshsqz.115794629.xyz/js/seajump.js","fqdn":"yshsqz.115794629.xyz","domain":"115794629.xyz","tld":"xyz"},"ip":{"addr":"104.21.10.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6985663715c2e883e3f105447a7db0a5","sha1":"bb1a4abe14e2a0b6f486599fda6a82e1896ce347","sha256":"be51fc01b34f72e45cb6dc0a4b57117fd6c96274719a6324703f6af3d0f28a69","sha512":"f41eceec7d7c12c7bcbce151c89e52344aa00abed11a18bb7bf9b8955e240818d33c5563f3f254b7f89d129f4562def555cb8e05a8199712d220477ddfc0dafd","ssdeep":"","tlshash":"2c31be123b0ddac9a5a34d2ac0bd2ed3e93ec0360055dec2d811c65ff0d41e947be94a","size":1758,"data":"","first_seen":"2025-05-29T17:52:49.729459Z","last_seen":"2025-12-08T23:52:41.348887Z","times_seen":386,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yshsqz.115794629.xyz/js/ads/99.js","fqdn":"yshsqz.115794629.xyz","domain":"115794629.xyz","tld":"xyz"},"ip":{"addr":"104.21.10.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"082d5b19d8aa5cc8c72f40a10416bb8d","sha1":"c004cd4285e23756e6822cf7f3a5913716d3ab5a","sha256":"6b27d447dd2eb2a2cff1d2f2a8946fb10afda731f82772f0b0cf5a848cb1fa30","sha512":"7fa59b1df55d8e650b5f8dbd4beecf5a5577875df52576d448bc23b490dc684e20c0b30429c6f2343dc6fe0fca504ace7383e7fca7f5db0537da4562a1860865","ssdeep":"","tlshash":"bd4184e257b052a72b7211985474f7bd74fee0bddc532a11893f1e85c483bac888da47","size":2316,"data":"","first_seen":"2025-09-19T17:05:15.950164Z","last_seen":"2025-11-09T10:49:11.233654Z","times_seen":136,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yshsqz.115794629.xyz/js/ads/top1.js","fqdn":"yshsqz.115794629.xyz","domain":"115794629.xyz","tld":"xyz"},"ip":{"addr":"104.21.10.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1ff784875748f01acc91d34b8b6e0fd2","sha1":"9b28357595eb3cb1de8636585411c43e5367885b","sha256":"48324c5bdcdb67bd905190461f8d8ceb9cdad4615b851a23c1460cf36811beb5","sha512":"ae18a7329ae3d1b54480f34c23cd4c92f1f3d524f6563c48d39ba2fb4c80d4a3da5bd2c525dda38acd62659fe44de8fbbfe599f461e0466d495d1db8c734ebd4","ssdeep":"","tlshash":"adf04c5483a5e528ac610492c288f2f87829fd7d4f02cb2fe71e393e940161d1e4b5d6","size":574,"data":"","first_seen":"2025-09-25T04:58:55.824553Z","last_seen":"2025-10-13T00:12:36.979542Z","times_seen":80,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"5c36d43169be3ba4f282218be6ad52f5","sha1":"9dfa90379800a25a08ecc97d650c3cd794bcaa12","sha256":"a95dd711205d543164fc97e1b84d46737391f686d4ab061a4254bee3b71737fc","sha512":"bc575de6d53be1a31be645caceacd75d679dd75f03b3b39d689434ca411bc54ebef694ded1daf07b68be936f3e5ef9c8ec31f6e0c40c2bcbcbc1438aab70d3db","ssdeep":"","tlshash":"34800003acea238a23b0220e80002828830220f003008c00308088c28a8a280800ca8b","size":27,"data":"","first_seen":"2025-05-29T17:52:49.800664Z","last_seen":"2025-12-08T23:52:41.406505Z","times_seen":386,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"f0d0870eab66a8c3b6333a4ece03bf9b","sha1":"b9bc3defc3c3dc86d5eb7c72890f3195a29d8748","sha256":"4abcf27c129e75bec40cdc1d969c67e2c41cd2982eadbf9deaf9b486392af71f","sha512":"0b0bf312061d1d80ff9330694bc654c2336fbb47f53952c86fdcd6a612beebbf79234c8bed2658271848efebcd559d8029e60e6e46f4015a3b085ee7368cd645","ssdeep":"","tlshash":"36a0125345c004ce2710108b4000ad08001a30700c826402d46329494d0316c7509241","size":81,"data":"","first_seen":"2025-09-19T17:05:15.992597Z","last_seen":"2025-11-09T10:49:11.24204Z","times_seen":136,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"76b36a5e4f680588f909f376f1de6c0c","sha1":"49ab8fd0b697baef34e4462b27a5579d97d71084","sha256":"c1f4abb88f8c91de32583dfeb67bdfab4cfe39074cb47ad72e1b3d8d620a2ce5","sha512":"51fd1ead5aff581670345ffbe45259f5b3804e402d01a90e34fe4a49b7140edc594558f05d531b9563cafabada6680316c7780cd686b2508cf964e6fbb046b0d","ssdeep":"","tlshash":"02a0125205c056c65720504c4000a62c001e10701c822005c83229494e021646149241","size":77,"data":"","first_seen":"2025-09-19T17:05:15.98067Z","last_seen":"2025-11-09T10:49:11.248842Z","times_seen":136,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"c202710b835b12503282797d15030649","sha1":"3f70815400c9dba4c6ef7e1ed45eb79577e03f7f","sha256":"af909a893d2c8e40745487310266afa2515642bc00d2a787492b2ef4428c15c4","sha512":"c03727e9135608ffd67d2bd4922e260e173c379cfca73fc8600644d82cb77da18c1cab7606b54f7f0e072f675d8ff9f2caae8dd0e0da8882399e6879af38dd40","ssdeep":"","tlshash":"a5a0245345c044c7171150cc4000d50d001f10710cc33401d5333dcd4d03174710f341","size":77,"data":"","first_seen":"2025-09-19T17:05:15.971904Z","last_seen":"2025-11-09T10:49:11.249388Z","times_seen":136,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"7215ee9c7d9dc229d2921a40e899ec5f","sha1":"b858cb282617fb0956d960215c8e84d1ccf909c6","sha256":"36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068","sha512":"f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768","ssdeep":"","tlshash":"c700000000000000c00000300000000000000000000000000000000000000000000000","size":1,"data":"","first_seen":"2023-03-07T01:02:53Z","last_seen":"2026-04-05T08:48:45.626273Z","times_seen":34353,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"e4bcbe1b0e6bab786f7b0a0e38af89fd","sha1":"a917cc3876312495b0eb3e94edaf9a57b984868a","sha256":"80fb638e501006231cebe666550266e7e256d1e83ce92c62004a58f8e31f5098","sha512":"5178f4dde63242d265df59ffd46008c14124b08e3a26e656ec940433021201ed51cf45ffb10f14fd6c89f34f9359a87a16c53c6e4c96af130f1a06b2153895a2","ssdeep":"","tlshash":"34a01262838018c92721148a80009b14801220b88c82540158330d858d021acd408242","size":81,"data":"","first_seen":"2025-09-19T17:05:15.993777Z","last_seen":"2025-11-09T10:49:11.250381Z","times_seen":136,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"91ce51372b34fcb8934da136dd6461ef","sha1":"97d8f1a72237ce867305deb3c3ec6ac345c3a92e","sha256":"f5545b1414728d08166943e0dfc9e84f7324294568cfbe22bda4fa9efb9f7788","sha512":"3b40b386d3d5f4b931f9238b63255122d83cdc7304374127b6c897e391f1ba5caaed07407fa109a435e5e7008dc180c65bf667bc556a663f071b6ebbfc30a139","ssdeep":"","tlshash":"4ca01283828004cc2712158e54009f14401330b88c815402643309859d021acd008241","size":81,"data":"","first_seen":"2025-09-19T17:05:15.985328Z","last_seen":"2025-11-09T10:49:11.250921Z","times_seen":136,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"dbf0b3c4a4b220cce5ea7cb18660923a","sha1":"4d9970e59483bb4b1c8ab4af19bdb3a38a5f22be","sha256":"a3c4054e48e0031c4d893254b6d8052aeca6cf892ed06da22d4ac84939f0a1d0","sha512":"9725dd024545c60a17a886b172ed9ea28c2eae94f7156971299dbf67aaf635eec8255592c6e89d43a55a71afdb64dc1c9e9a10964e17f03db4fe7cd42b218464","ssdeep":"","tlshash":"0ea0124242c018c81721a44d40009b18401620b89c8110014473499589021acc008246","size":79,"data":"","first_seen":"2025-09-19T17:05:15.989411Z","last_seen":"2025-11-09T10:49:11.247273Z","times_seen":136,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"9c8d7749d91b2ff8b5d233343022ce0b","sha1":"b0e9ea81260e0280d0958db25f26054edd877e14","sha256":"14aab8b54acf24e0234ab0d62e43dae38cdac749b6b5c151857ea938d6608591","sha512":"9d732cb83aa557cb1f5ee6ad41cac11f1ff8e87a8e17bfb78f839f3c796c77d19d794c7a29f8ad3b473d7da4ddb4f6cd55f66fd6f5bf150ddd20a1b4fd97ca88","ssdeep":"","tlshash":"71a0125289c004ca275010c950009518401a10700c82240194222e498d031647109281","size":77,"data":"","first_seen":"2025-09-19T17:05:15.986241Z","last_seen":"2025-11-09T10:49:11.24094Z","times_seen":136,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"9597df32a92f9ce6bec11eb6fa61872d","sha1":"9716823ba54e04b094800ac947d1b01ef616677f","sha256":"7a65c61ad9dcbc1ecedaa90f47e57ad08449edd6e76cffce5833d3b98d8d7f4c","sha512":"e5dc14e02c9ad954e2c366b5a0d683066ead3aff912fb5b0abe569390d58103ca38d1328738ece8d6eec03cca3f3f9ad2ea08df641457b977036982099fe1c7e","ssdeep":"","tlshash":"a6c08055c3d5dd1556514140d020d8dc5417155e47225f0797313d27750b02554410d9","size":153,"data":"","first_seen":"2025-09-19T17:05:15.972942Z","last_seen":"2025-11-09T10:49:11.245158Z","times_seen":136,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"6ccc53bbb0f293229244ab39b3c2e66d","sha1":"7e4bd243389838b8aced0e44e3a5b45fc5ce5283","sha256":"16c6f7954f5ffc485065ecc370053d1d3f2de57c5122d96e37b77f954de04cbb","sha512":"f1b60907e1491f9c17fc99f35d7082c0dfdebe80d6351afeed62f1a88fbfc25ee7652d9c3b270e148c0b64134337db826e8510232cf4f8f17daa3e1207d4ca39","ssdeep":"","tlshash":"bac08051c2d59d0552504082c064d99c550b155e47124f07d7323a1b750f42864414de","size":153,"data":"","first_seen":"2025-09-25T04:58:55.908155Z","last_seen":"2025-10-13T00:12:37.032029Z","times_seen":80,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"312b765dfc2ce07b300e313b6e1f258f","sha1":"f5a1107526bce59eba7d66f933b15b22dbeac6a7","sha256":"f4b63c5f43e09c0c41a6d52b01a1e6bea3c034caed8b3658708cff138baa1550","sha512":"d425fe67831e8f636c23a915c20260f4ee22bfecdc6f8f6dc329e421bb24677543ae47ebd8090adc117e89e0bf6a7670861c869f7818bae6a1aa7817ec7bfcf7","ssdeep":"","tlshash":"068000232ccf228a33b0220f80002028c30a02f023008c003a288cca8a8a2808008083","size":29,"data":"","first_seen":"2025-05-29T17:52:49.762987Z","last_seen":"2025-12-08T23:52:41.409541Z","times_seen":386,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"3e9d3dce500394136426fb6739ac2014","sha1":"580aa4c90cd37ade3f03074478512b85ba2830de","sha256":"1c013bd054d1ea5073ef551067dbfde008d8da754c107bce12bbc9fc994e942e","sha512":"aeafb030eecc9b6e385bc919ab077ef2f13a07e3c3839196e8a07c9ed931697c7d72f1b1226c6e8618c27ee1a26eb7888c1a334645bafdf3499805fac99a485a","ssdeep":"","tlshash":"20a0125242800cc1173114694000d716801610b8dc82100548730d9589021acd409262","size":79,"data":"","first_seen":"2025-09-19T17:05:15.975042Z","last_seen":"2025-11-09T10:49:11.246243Z","times_seen":136,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"416974d13650663fa6f89a2d99187e03","sha1":"1b58950861af9c48c7e407d3b4c0b418993d6509","sha256":"2e09696cd08b6eb53505cbab75aba91ce38f15b050556658de7b0cb392f11458","sha512":"1faff53122bd47cdbfcbbc6fbf5e6d8705e7cc850fce9a4f239cff4779d13bb29f5064c1142d8db20134f726b0d5ff7416c0c8e305d02b117b0b558deb1912f0","ssdeep":"","tlshash":"61a0128283902cc01722144950009714801210f98c81100148330e8589022a8d40d255","size":77,"data":"","first_seen":"2025-09-19T17:05:15.978504Z","last_seen":"2025-11-09T10:49:11.239009Z","times_seen":136,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"4d1333d06681575863132b0e0d050ee1","sha1":"011dc9ca9ebf23fddd10fe0546f9b678461f999a","sha256":"1055ffb2d346fe94cd4d7f66dfc0b49aa6f5f07120c4e016ecaa8bc80a07159e","sha512":"c9488ecf4e086d1404413f041fe4cada706452a5bb252d10a9bd854ab62367868284335e6d776739fdb26cd959ae490c8752bad1f3baa5a4bce4850d632f2de2","ssdeep":"","tlshash":"c1a0244343c004c41751144dd000df14401310fcccc1500544330fc5cd031fcc00c741","size":77,"data":"","first_seen":"2025-09-19T17:05:15.976479Z","last_seen":"2025-11-09T10:49:11.244133Z","times_seen":136,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"0b4052603c8d0d074e7c7bc68e5e7005","sha1":"ddd9785ff7b84c9a56d946a1fea74f8b82599bf0","sha256":"5b53f2266b2b8aac92281e42c80b2f36b3b1266117c48c38db582a2584c5a358","sha512":"5428a5c922dfcf052da3c2e5eda7201b2b53a0852fd1d841c25b5b7f66f02a6cfdad008d98e0ab6f661658c3997ff613e575f25ffb05cc8d06c8f2ffc571c909","ssdeep":"","tlshash":"17a01242c69004c8275114c960009724801210b88c81140154330e85cd031a8e008281","size":77,"data":"","first_seen":"2025-09-19T17:05:15.98444Z","last_seen":"2025-11-09T10:49:11.241485Z","times_seen":136,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"609a9f48446a34594003817e916b117e","sha1":"7361863cf49828648a11a44c8f801877bae4437b","sha256":"b030fe645530abb3b273d15a8db1e0399984a02ab67f44aa6911283d9d28dd8d","sha512":"9e1cadc6472e5b2bf22aacd24e570f8b70539d1d50e2e707aa3271f8e7082c31de3c1210c3835abd5fe847b2bf561056633daff05c74ff48e9e932b304fff159","ssdeep":"","tlshash":"52a0125246c004ca2b10508948009908001b20b00d82a401942229894d02168b50d242","size":80,"data":"","first_seen":"2025-09-19T17:05:15.995985Z","last_seen":"2025-11-09T10:49:11.248296Z","times_seen":136,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"82130bd0d66d2512b5a10cf589d9a0d8","sha1":"aae9ab9a96f2d189b059e03943bcf8606b4f2889","sha256":"6d14e4d0bc351410ed843a0938cf1133f044c24a2d51508eef605929e88c2272","sha512":"f90b291532d16408e6ca96856d8f72a6c14330ceb692b97841730193305e7c5a82ec8179840357df6c7f0786a33cf8920a4e4a95ab2fa5d496680bcb2817bd1e","ssdeep":"","tlshash":"99a0129246c02cc21721104940009508401a10b10c82200188322e494d02264750e245","size":77,"data":"","first_seen":"2025-09-19T17:05:15.970992Z","last_seen":"2025-11-09T10:49:11.240059Z","times_seen":136,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"7384f25d5e0c4ea6ebe3d9e0bd351ece","sha1":"23094b9ae43fc4f84dfafa1b56680fcdcf352a58","sha256":"f420042112cad366718de61e7363c9cbb9c4ec190dbaecd80eb6ba80560377d1","sha512":"f777544e5280bb426e0c7c2c23d74f4da5eb3482192dbff57711052048b7bdf7309bdb345a6f49849a90c7586cd34617dd3d0d73b025c7f342a091262415a75c","ssdeep":"","tlshash":"b5a0125205c025c21b1410484000a508101f10700c832001842229495e02174610a246","size":74,"data":"","first_seen":"2025-09-19T17:05:15.981873Z","last_seen":"2025-11-09T10:49:11.240418Z","times_seen":136,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"d9657019a36a4e2ec8e5a03a11d2c28f","sha1":"c591949b0139ca9c2794e8674a449d6e9a940d2f","sha256":"fbace89cd3c557a0d2b5fab0d71184bbd126385797558fc5be682a0200f641b6","sha512":"297166072ff26818165285c02c5c04a5356987d37657c69f4d9a34f02925bc1a1c59193ad16fd21cfa9658fe36f5990f89b9c3269b671542c1c8f920c91de787","ssdeep":"","tlshash":"bfc08ca1c3daa90652605580d220d8d8d5071aaecb220f0bab372a2bf60a03c58821da","size":152,"data":"","first_seen":"2025-09-19T17:05:15.98723Z","last_seen":"2025-11-09T10:49:11.242586Z","times_seen":136,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"a376b4a636966e5d257863d0823b57dc","sha1":"f6b5d3812e2b541da00ff9bfc26a1a762595f580","sha256":"4b691b874a362906a1cb841aacd5a8be4209fbfc640ea18d25eb27c0ee058137","sha512":"3d16da6126a54bba9e3448ddbc545cd667072742c2b28d9635a5d2f08e64b3def5b4f24a3746649d7dcb3cf0c87e8d38d4e17591b6e680520468d2f3624be943","ssdeep":"","tlshash":"e7a0125245c049c61718208980009508401a10741c832411d82229494d02164710d241","size":77,"data":"","first_seen":"2025-09-19T17:05:15.991408Z","last_seen":"2025-11-09T10:49:11.244664Z","times_seen":136,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"c915a2f2e67ff7577e13cefdffd3ee21","sha1":"30c2f6467f10c307ccf18fb156ccb449362e639d","sha256":"c873ba64798050fd57353b5e587878f5deb1a72612b0817b050830bb92a6f228","sha512":"7df379abc5902efdac98ccd13a9d01db6028733fd747a62a53ca3f68197b845c3cd268d6b5595f4024ef02579d0c078b13765d23cf0328859f69085eeb9b39d1","ssdeep":"","tlshash":"43300000000000000000000c0000030000000000000000300300000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:56Z","last_seen":"2026-04-04T01:20:45.165527Z","times_seen":554,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"a94941a4120bf086ddfbec99315f2c94","sha1":"e9b5e517e94f48f4cfa9a0855e8bc308b03584d8","sha256":"042f823efc2eecf5bb75ee3b4bb0c3933957d6f149a277d2a793777f04c2bde5","sha512":"106ee370da812fddbd4e7616cea73d9dbb2beeeed6de58b55285bfe1f9c41ee7f30681201455dd178fc0b54b1a7b786fd7bf70024cea367cfe8f40f8f3ea0bff","ssdeep":"","tlshash":"c1a01247828004cc2731148a40109f54401230b98c815401543309858d021acd008261","size":81,"data":"","first_seen":"2025-09-19T17:05:15.988341Z","last_seen":"2025-11-09T10:49:11.246776Z","times_seen":136,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"123dc5321af85cb64d3feea199601211","sha1":"6887c1b72f02b402dd3c3a92cf5a530fdbf5e1e2","sha256":"5190f9c0a1366612a15dc5cba14f2d78829e0f503a6d7a4777a27c64a230baef","sha512":"b72e8fe6fec6f55badd9735dd048f8a3ca23f203274b8d891de77bd59a3f14b6fb8ff90d054024c779051659db400f2c0103541825a274b845c514b5c57df91d","ssdeep":"","tlshash":"81300000c0000000003000000000000000000000000000000030000000000000000000","size":5,"data":"","first_seen":"2023-03-07T01:10:45Z","last_seen":"2026-04-04T01:20:45.180088Z","times_seen":1308,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"https","addr":"yshsqz.115794629.xyz/js/ads/99.js","fqdn":"yshsqz.115794629.xyz","domain":"115794629.xyz","tld":"xyz"},"ip":{"addr":"104.21.10.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://yshsqz.115794629.xyz/video_list/index12.html","date":"2025-10-10T21:27:26.615Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"115794629.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Sep 2025 01:40:04 GMT","end":"Wed, 10 Dec 2025 02:38:26 GMT"},"fingerprint":{"sha1":"82:86:17:35:82:70:82:ED:EB:DD:35:30:4A:35:32:7A:0E:CF:9F:8D","sha256":"9D:14:5D:FA:29:0F:E2:EC:46:68:E2:71:D2:FE:B7:8C:B9:7D:BA:B6:CA:6A:AE:4F:10:A6:7A:2B:C2:BF:74:7B"}}},"request":{"raw":"GET /js/ads/99.js HTTP/1.1\r\nHost: yshsqz.115794629.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://yshsqz.115794629.xyz/video_list/index12.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 10 Oct 2025 21:27:26 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Sep 2025 04:20:37 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=g8UbxGGns2y5WQ79ahP9j0jXjf5TbDTplpMhnxrz43bszApqbEMDVipEya8Hc0gq7IIwT3qw28QCY4VI9j%2BCpXcox6niOQYlE%2BWTlI7e%2FsakQqmA\"}]}\r\nvary: Accept-Encoding\r\netag: W/\"68cb8895-90c\"\r\nexpires: Sat, 11 Oct 2025 04:19:56 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nage: 18449\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\ncf-ray: 98c933a72d7435a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2316,"size_decoded":0,"mime_type":"application/javascript","magic":"HTML document, Unicode text, UTF-8 text","md5":"082d5b19d8aa5cc8c72f40a10416bb8d","sha1":"c004cd4285e23756e6822cf7f3a5913716d3ab5a","sha256":"6b27d447dd2eb2a2cff1d2f2a8946fb10afda731f82772f0b0cf5a848cb1fa30","sha512":"7fa59b1df55d8e650b5f8dbd4beecf5a5577875df52576d448bc23b490dc684e20c0b30429c6f2343dc6fe0fca504ace7383e7fca7f5db0537da4562a1860865","ssdeep":"","tlshash":"bd4184e257b052a72b7211985474f7bd74fee0bddc532a11893f1e85c483bac888da47","first_seen":"2025-09-19T17:05:15.950164Z","last_seen":"2025-11-09T10:49:11.233654Z","times_seen":136,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"10ae25508186a486ddg.qydrcig.com:8007/sc/6109?n=llfogiez","fqdn":"10ae25508186a486ddg.qydrcig.com","domain":"qydrcig.com","tld":"com"},"ip":{"addr":"203.107.63.104","port":8007,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://yshsqz.115794629.xyz/video_list/index12.html","date":"2025-10-10T21:27:26.828Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.qjsnzzf.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 02 Sep 2025 09:55:47 GMT","end":"Mon, 01 Dec 2025 09:55:46 GMT"},"fingerprint":{"sha1":"F0:1C:92:62:FD:43:A9:D2:71:35:10:CB:C8:B7:12:35:C6:05:CB:EB","sha256":"BC:98:8B:83:3F:18:88:24:EE:6C:ED:0D:51:BA:5E:CD:1F:53:8E:8E:89:9D:73:B3:9A:B2:73:78:D5:26:79:79"}}},"request":{"raw":"GET /sc/6109?n=llfogiez HTTP/1.1\r\nHost: 10ae25508186a486ddg.qydrcig.com:8007\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://yshsqz.115794629.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0\r\nDate: Fri, 10 Oct 2025 21:27:28 GMT\r\nContent-Type: text/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.6.31\r\nP3P: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=1800\r\nPragma: max-age=1800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:5.6.31","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10946,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (10904), with CRLF line terminators","md5":"1e859f253a5cabf6e2355231cecc2526","sha1":"a2b98fd130ed4a8c292706812ce176d7b8094dec","sha256":"1ee54ab692a6211620f841a9f8357ca67ca850c1835f9c1bf8d1f02016495204","sha512":"a3c948815665527a634fa7c708d3c6c4f8e6d4a92003fe219faed9f387244712c47b032c0272561c57b4060c8eb1dc111d8c97f050fbd604f8691f50a39319d4","ssdeep":"192:semVVExYpvC9e5zldti8pyP0AczHDU+UbQJPYkPrIhrHG5EUgRluJYfbEyM+JzMc:semoxKGAzldtiqAejU+UwKUgRluJObU6","tlshash":"a132d568f243b470424ba1f3297e274c703d87385b038028576ab8917a7ce9a7567ff5","first_seen":"2025-10-10T21:27:52.736282Z","last_seen":"2025-10-10T21:27:52.736282Z","times_seen":1,"resource_available":true,"data":null}},"time_used":2881,"timings":{"blocked":1178,"dns":359,"connect":259,"send":0,"wait":536,"receive":1,"ssl":543},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yshsqz.115794629.xyz/templets/blue888/js/page.js?t=1","fqdn":"yshsqz.115794629.xyz","domain":"115794629.xyz","tld":"xyz"},"ip":{"addr":"104.21.10.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://yshsqz.115794629.xyz/video_list/index12.html","date":"2025-10-10T21:27:26.706Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"115794629.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Sep 2025 01:40:04 GMT","end":"Wed, 10 Dec 2025 02:38:26 GMT"},"fingerprint":{"sha1":"82:86:17:35:82:70:82:ED:EB:DD:35:30:4A:35:32:7A:0E:CF:9F:8D","sha256":"9D:14:5D:FA:29:0F:E2:EC:46:68:E2:71:D2:FE:B7:8C:B9:7D:BA:B6:CA:6A:AE:4F:10:A6:7A:2B:C2:BF:74:7B"}}},"request":{"raw":"GET /templets/blue888/js/page.js?t=1 HTTP/1.1\r\nHost: yshsqz.115794629.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://yshsqz.115794629.xyz/video_list/index12.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 10 Oct 2025 21:27:26 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 27 Dec 2019 07:22:36 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3bMHl9ktbwi9Is3iS0XaqEMS4AhtzqB4UrbaNUj4vLzrO5GrowUgxhB1HCO3i8pMiMV%2FnKwM6tDQW8ryHDMKaDqiHhipxpgE0VCHfF2c3yhkYYTy\"}]}\r\nvary: Accept-Encoding\r\netag: W/\"5e05b13c-12ce\"\r\nexpires: Sat, 11 Oct 2025 06:20:45 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nage: 11200\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\ncf-ray: 98c933a7ad9835a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4814,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"8237d34a6ef7d2093cae52b62a3dd076","sha1":"898d2c0bae014bbf3021003448adbb87f331769b","sha256":"ba236988272f6155b88d54bc213be2d0cba5ba8d4f84469d62b79c627e1e407e","sha512":"624b866faf4c0d26c9cd0ed60c3cd133035760cb47523b5f3b704f74f9b692c96f58e7f73962505cfc38893013fb598cb567911a41c9b7bb11cfb1307a85dcbf","ssdeep":"48:f93vacnaD7lubZS78B7AUBoTrsgeY9rRaP5baF:f9SVUMCxNY9QPgF","tlshash":"59a1ab6e651d24252177b7737a9fd52cfef2a0b3a3248a087d1c51c01fb6a852292ff4","first_seen":"2024-08-20T14:32:57.347577Z","last_seen":"2026-03-07T15:50:44.40289Z","times_seen":334,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yshsqz.115794629.xyz/hz888/ls888.gif","fqdn":"yshsqz.115794629.xyz","domain":"115794629.xyz","tld":"xyz"},"ip":{"addr":"104.21.10.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://yshsqz.115794629.xyz/video_list/index12.html","date":"2025-10-10T21:27:26.798Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"115794629.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Sep 2025 01:40:04 GMT","end":"Wed, 10 Dec 2025 02:38:26 GMT"},"fingerprint":{"sha1":"82:86:17:35:82:70:82:ED:EB:DD:35:30:4A:35:32:7A:0E:CF:9F:8D","sha256":"9D:14:5D:FA:29:0F:E2:EC:46:68:E2:71:D2:FE:B7:8C:B9:7D:BA:B6:CA:6A:AE:4F:10:A6:7A:2B:C2:BF:74:7B"}}},"request":{"raw":"GET /hz888/ls888.gif HTTP/1.1\r\nHost: yshsqz.115794629.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://yshsqz.115794629.xyz/video_list/index12.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 10 Oct 2025 21:27:26 GMT\r\ncontent-type: image/gif\r\nlast-modified: Tue, 24 Dec 2024 06:47:40 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KVRXpqQ%2FttBWGLp%2F4iuGulMIrLTYy%2FPonr1X10tdMevqf9gxpG2GnmYTFwUQW64%2BoI3aHDTHPUIvGMmirgGbTi%2F1ICsnhxSBunmd23qqC0J6N%2Ba0\"}]}\r\nvary: Accept-Encoding\r\netag: W/\"676a590c-c2d6\"\r\nexpires: Sun, 09 Nov 2025 16:19:57 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\nage: 18449\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\ncf-ray: 98c933a87dc335a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":49878,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"832dc451773aedbbd2a156af682ed9d3","sha1":"eae3d53b90e4b3558a8b57c4c1bcd9b0f769bf9a","sha256":"f21240e115865f0aa48cb655936a79e69cafb597cd1331c0dee92c78b16201c2","sha512":"144d23b7d61d09b00f7c4a11a8700cc9ccefd398feaadc984e5ec3e71abb1c8b3f3ee9bea2ee6265fda5438e50d6017d1d4153ca4a069a49656ed87382bfb01a","ssdeep":"1536:BRVg7OKec7CfWFTVWVW7lI0mlJ88h2/9M2:BRVDwD276+2/G2","tlshash":"17230283efa58528dc4364eccb5b625c79df299b5c6770b8144f6dd10b8bb8eb842086","first_seen":"2024-12-24T08:25:53.848253Z","last_seen":"2026-04-04T03:21:49.567757Z","times_seen":517,"resource_available":false,"data":null}},"time_used":71,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":61,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yshsqz.115794629.xyz/js/seajump.js","fqdn":"yshsqz.115794629.xyz","domain":"115794629.xyz","tld":"xyz"},"ip":{"addr":"104.21.10.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://yshsqz.115794629.xyz/video_list/index12.html","date":"2025-10-10T21:27:26.610Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"115794629.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Sep 2025 01:40:04 GMT","end":"Wed, 10 Dec 2025 02:38:26 GMT"},"fingerprint":{"sha1":"82:86:17:35:82:70:82:ED:EB:DD:35:30:4A:35:32:7A:0E:CF:9F:8D","sha256":"9D:14:5D:FA:29:0F:E2:EC:46:68:E2:71:D2:FE:B7:8C:B9:7D:BA:B6:CA:6A:AE:4F:10:A6:7A:2B:C2:BF:74:7B"}}},"request":{"raw":"GET /js/seajump.js HTTP/1.1\r\nHost: yshsqz.115794629.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://yshsqz.115794629.xyz/video_list/index12.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 10 Oct 2025 21:27:26 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 29 Aug 2025 08:02:19 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5jYff9%2Fx0mOTEwRIL0n2PXt4MRYePylw6UWALw63LiF8eFQiLIJry2C4pKaMdZaJTIZg9Yzb6iaiycvNS0Q5b6FuVgj04Pdxg8YQ09vgpQRberDx\"}]}\r\nvary: Accept-Encoding\r\netag: W/\"68b15e8b-6de\"\r\nexpires: Sat, 11 Oct 2025 04:19:56 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nage: 18449\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\ncf-ray: 98c933a72d7235a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1758,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with CRLF line terminators","md5":"6985663715c2e883e3f105447a7db0a5","sha1":"bb1a4abe14e2a0b6f486599fda6a82e1896ce347","sha256":"be51fc01b34f72e45cb6dc0a4b57117fd6c96274719a6324703f6af3d0f28a69","sha512":"f41eceec7d7c12c7bcbce151c89e52344aa00abed11a18bb7bf9b8955e240818d33c5563f3f254b7f89d129f4562def555cb8e05a8199712d220477ddfc0dafd","ssdeep":"","tlshash":"2c31be123b0ddac9a5a34d2ac0bd2ed3e93ec0360055dec2d811c65ff0d41e947be94a","first_seen":"2025-05-29T17:52:49.729459Z","last_seen":"2025-12-08T23:52:41.348887Z","times_seen":386,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le.lebsltu2025627.com/upload/vod/20250926-1/229424aae31b0277d8cabf1716390002.jpg","fqdn":"le.lebsltu2025627.com","domain":"lebsltu2025627.com","tld":"com"},"ip":{"addr":"104.20.45.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://yshsqz.115794629.xyz/video_list/index12.html","date":"2025-10-10T21:27:26.639Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le.lebsltu2025627.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 Aug 2025 05:16:02 GMT","end":"Mon, 24 Nov 2025 06:15:53 GMT"},"fingerprint":{"sha1":"FF:46:76:B5:18:D0:05:ED:77:4C:62:B9:9D:A4:19:EF:E8:25:11:02","sha256":"49:2F:FD:E4:7C:62:48:85:B4:FC:BE:89:00:FF:D4:A4:7C:BB:C4:07:94:32:1C:6B:B3:88:91:9B:A6:8A:7F:6A"}}},"request":{"raw":"GET /upload/vod/20250926-1/229424aae31b0277d8cabf1716390002.jpg HTTP/1.1\r\nHost: le.lebsltu2025627.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://yshsqz.115794629.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Oct 2025 21:27:26 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 11015\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\netag: \"68dd7ff6-2b07\"\r\nexpires: Sun, 09 Nov 2025 20:51:38 GMT\r\nlast-modified: Fri, 10 Oct 2025 20:56:33 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5aLNRxWy4mxgHFfEElLWh%2B0Wow3lYF5WXByeIx8pKGm9IjEXgork20AmPGBDgSMfYawLd%2BJZEVhIXcP8%2B7Y%2FrDzjEumb6fp8vqILqgw0kFnVFSM%3D\"}]}\r\ncf-ray: 98c933a91bf7712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11015,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3","md5":"5df97b339124ae61763c6fbc73d889ca","sha1":"c5526071d48d0253c3384c5bafee92694aa8349b","sha256":"48e58f74482fdccb945ea89c0de4e1c995467363bd4b8b268edc2426b27f8d44","sha512":"683749759f45507e212f01ea7d485b62e7febf419f4d9269280b16cf300c9d320c34101d2d1e5d167d5b0efedc6880117ddc873f4ae0ffab6a6aa10530003c74","ssdeep":"192:9b+6YuNk8fgccVkkPC7SAM67mjpe7193O8STHtn3f0PMsgZDWFaZPQaf8fiaN:MpuVfLxkPOTme7199GHt3SMsg1WkZY8s","tlshash":"c732ae4abed19426e40dc63fd66205356d20f7ba69f24e1b532931ce4fa2041dd8b7e3","first_seen":"2025-10-10T21:27:52.759738Z","last_seen":"2025-10-10T23:56:21.579143Z","times_seen":2,"resource_available":false,"data":null}},"time_used":333,"timings":{"blocked":259,"dns":0,"connect":0,"send":0,"wait":71,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le.lebsltu2025627.com/upload/vod/20250924-1/255fc23e0cf947bca6f1f58a9be9fb22.jpg","fqdn":"le.lebsltu2025627.com","domain":"lebsltu2025627.com","tld":"com"},"ip":{"addr":"104.20.45.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://yshsqz.115794629.xyz/video_list/index12.html","date":"2025-10-10T21:27:26.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le.lebsltu2025627.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 Aug 2025 05:16:02 GMT","end":"Mon, 24 Nov 2025 06:15:53 GMT"},"fingerprint":{"sha1":"FF:46:76:B5:18:D0:05:ED:77:4C:62:B9:9D:A4:19:EF:E8:25:11:02","sha256":"49:2F:FD:E4:7C:62:48:85:B4:FC:BE:89:00:FF:D4:A4:7C:BB:C4:07:94:32:1C:6B:B3:88:91:9B:A6:8A:7F:6A"}}},"request":{"raw":"GET /upload/vod/20250924-1/255fc23e0cf947bca6f1f58a9be9fb22.jpg HTTP/1.1\r\nHost: le.lebsltu2025627.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://yshsqz.115794629.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Oct 2025 21:27:26 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 88591\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\netag: \"68dd8d26-15a0f\"\r\nexpires: Sun, 09 Nov 2025 19:57:04 GMT\r\nlast-modified: Fri, 10 Oct 2025 20:01:59 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SLwtRNfVtLJbUhqjZ5cPD6altQSoSWTJQ3YBgjmaUHbCa90ax5C0WI%2BY8hrM6%2BbMUnm5bhT%2B%2FVUFHQ1BMN7oC9mleQGePgjevJBcp7nYGyBE4Ho%3D\"}]}\r\ncf-ray: 98c933a92c13712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":88591,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85\", baseline, precision 8, 1024x576, components 3","md5":"d3040f13438d075d09eb41fefcf2e9d1","sha1":"69a9af9710d58e7a4b54d334550dfd68a29d88b4","sha256":"1bd0aa755675451bb3dbba8eac681d5fc8b6ccb8193dbb45364cf43dc7fdb474","sha512":"27d1eac45f225c0c4f7b5714c37eda9ccaaa88410ad6ce9746f771135796bd3b9d185f3e66828fc774df2e0b66bc62e322bbd5349bc35835031901dd5ff7ed41","ssdeep":"1536:lEFiG4sW5WpcGDAMybuGDTv8mVGv51T/zvoa++8pwq0B8qnPdEZia1u8Rqqt:Q4sW5WCCGvk597oq9PB8kwpw1e","tlshash":"fe8312c5652d7b83e689b247bd762e30bb15b1fb8ba1989409f3cb5f13290bc8154e13","first_seen":"2025-10-10T21:27:52.762242Z","last_seen":"2025-10-10T23:56:21.556788Z","times_seen":2,"resource_available":false,"data":null}},"time_used":347,"timings":{"blocked":224,"dns":0,"connect":0,"send":0,"wait":75,"receive":48,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yshsqz.115794629.xyz/templets/blue888/js/jQuery.js","fqdn":"yshsqz.115794629.xyz","domain":"115794629.xyz","tld":"xyz"},"ip":{"addr":"104.21.10.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://yshsqz.115794629.xyz/video_list/index12.html","date":"2025-10-10T21:27:26.704Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"115794629.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Sep 2025 01:40:04 GMT","end":"Wed, 10 Dec 2025 02:38:26 GMT"},"fingerprint":{"sha1":"82:86:17:35:82:70:82:ED:EB:DD:35:30:4A:35:32:7A:0E:CF:9F:8D","sha256":"9D:14:5D:FA:29:0F:E2:EC:46:68:E2:71:D2:FE:B7:8C:B9:7D:BA:B6:CA:6A:AE:4F:10:A6:7A:2B:C2:BF:74:7B"}}},"request":{"raw":"GET /templets/blue888/js/jQuery.js HTTP/1.1\r\nHost: yshsqz.115794629.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://yshsqz.115794629.xyz/video_list/index12.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 10 Oct 2025 21:27:26 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 24 Mar 2022 14:08:16 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rIw4qGBkoYU67X0L%2FSrrhUV%2BY5fMM58vK2Fm5R3QAL1khlw%2B9m4XoonVd1s0SzgYUyoaNNQmWyTku3H%2Bf%2F5RDq9yV7nGwNJnTeFTTRI4WJ72A7y%2B\"}]}\r\nvary: Accept-Encoding\r\netag: W/\"623c7b50-14e4a\"\r\nexpires: Sat, 11 Oct 2025 06:20:45 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nage: 11200\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\ncf-ray: 98c933a7ad9735a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":85578,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32065)","md5":"2f6b11a7e914718e0290410e85366fe9","sha1":"69bb69e25ca7d5ef0935317584e6153f3fd9a88c","sha256":"05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e","sha512":"0d40bccaa59fedecf7243d63b33c42592541d0330fefc78ec81a4c6b9689922d5b211011ca4be23ae22621cce4c658f52a1552c92d7ac3615241eb640f8514db","ssdeep":"1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2","tlshash":"1e83c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-05T09:49:59.359877Z","times_seen":263226,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yshsqz.115794629.xyz/favicon.ico","fqdn":"yshsqz.115794629.xyz","domain":"115794629.xyz","tld":"xyz"},"ip":{"addr":"104.21.10.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://yshsqz.115794629.xyz/video_list/index12.html","date":"2025-10-10T21:27:27.444Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"115794629.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Sep 2025 01:40:04 GMT","end":"Wed, 10 Dec 2025 02:38:26 GMT"},"fingerprint":{"sha1":"82:86:17:35:82:70:82:ED:EB:DD:35:30:4A:35:32:7A:0E:CF:9F:8D","sha256":"9D:14:5D:FA:29:0F:E2:EC:46:68:E2:71:D2:FE:B7:8C:B9:7D:BA:B6:CA:6A:AE:4F:10:A6:7A:2B:C2:BF:74:7B"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: yshsqz.115794629.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://yshsqz.115794629.xyz/video_list/index12.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 10 Oct 2025 21:27:27 GMT\r\ncontent-type: image/x-icon\r\nvary: accept-encoding\r\nlast-modified: Sat, 10 May 2025 13:44:23 GMT\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"681f5837-423e\"\r\nage: 3209\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=C7r1S5JanCFdMetdF749z1uVEkuwTE6GvAUM1WvLgL7xcghyEzDjXB86wZq1UJ7hFUAl3sgxWMm6QpozIjidGkmJznB7L4K4UelpGPNKVJ1EmxWF\"}]}\r\ncf-ray: 98c933ac8e3e35a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16958,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel","md5":"1e69e79934b0b0ae310b8b826371e559","sha1":"6551b7d5ef4855a66ff79e01d82f15cf3cf14e7f","sha256":"918c6ff1584dfe866754e6a4ba88ee0acce7ef1b49c53f557d14a58ec65329ce","sha512":"252379846b1325d8393cd3888db2e7f1758ec71e35f5e39aed15912bdca23f60a6c2bfcc7fccfbff1b70cd4ebe976c3f5c3c052143c793cc69630dd0ee00b46f","ssdeep":"384:YsGGGGGGGGGGGGGbSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSvJJJJJJJU:YsGGGGGGGGGGGGGbSSSSSSSSSSSSSSS1","tlshash":"d972ca04e238ed63c7755837432684abcca90fb6ad6e2bfc3f023d546a7d25e7641168","first_seen":"2023-05-17T22:27:12Z","last_seen":"2026-03-18T15:20:20.91604Z","times_seen":460,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":6,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yshsqz.115794629.xyz/hz888/202488.gif","fqdn":"yshsqz.115794629.xyz","domain":"115794629.xyz","tld":"xyz"},"ip":{"addr":"104.21.10.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://yshsqz.115794629.xyz/video_list/index12.html","date":"2025-10-10T21:27:26.796Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"115794629.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Sep 2025 01:40:04 GMT","end":"Wed, 10 Dec 2025 02:38:26 GMT"},"fingerprint":{"sha1":"82:86:17:35:82:70:82:ED:EB:DD:35:30:4A:35:32:7A:0E:CF:9F:8D","sha256":"9D:14:5D:FA:29:0F:E2:EC:46:68:E2:71:D2:FE:B7:8C:B9:7D:BA:B6:CA:6A:AE:4F:10:A6:7A:2B:C2:BF:74:7B"}}},"request":{"raw":"GET /hz888/202488.gif HTTP/1.1\r\nHost: yshsqz.115794629.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://yshsqz.115794629.xyz/video_list/index12.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 10 Oct 2025 21:27:26 GMT\r\ncontent-type: image/gif\r\nlast-modified: Tue, 02 Sep 2025 00:29:49 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8%2BOqqL9Joyg2sCBoxW%2F13fOWSsxALikxybCULHidyjaZPXSetY9F%2BrcXjJQHE0pYfih595ewiQ5W4Dr0DBdD9zIVErrNZJ9dQaNn9rF895jb8hyG\"}]}\r\nvary: Accept-Encoding\r\netag: W/\"68b63a7d-55adb\"\r\nexpires: Sun, 09 Nov 2025 16:19:57 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\nage: 18449\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\ncf-ray: 98c933a87dc235a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":350939,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"a0361389d378ef39eeee4dfe068d4838","sha1":"ff2688ab69052edecc0b298efb0ab46b5b635c87","sha256":"6f834c40db0d88c83e67bcf3a9dd26eb81d7389df3d6bd06313e46fc74a00dfd","sha512":"b6b5e42e503b809d9db060c8c37c42d664b25ceed5294ddd479be90a06e5646672af120aa1f93cb8a1b53c25744d31eed2982cb2aedd97465f9defdbed70786a","ssdeep":"6144:aH6kohryCA+SJ+bAdWFN6Tzf+LBx115oPxNyMM/AXvI8Gu7:anoh7FAde6WLdQPXyEv/V","tlshash":"477423ce254b8d00c98063bf1bbd653e5d5765e4ade0bf3ebdd0f6a342a6466c0e0291","first_seen":"2025-09-03T09:52:42.289854Z","last_seen":"2026-01-11T14:29:31.720068Z","times_seen":524,"resource_available":false,"data":null}},"time_used":137,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":131,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yshsqz.115794629.xyz/templets/blue888/css/style.css","fqdn":"yshsqz.115794629.xyz","domain":"115794629.xyz","tld":"xyz"},"ip":{"addr":"104.21.10.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://yshsqz.115794629.xyz/video_list/index12.html","date":"2025-10-10T21:27:26.612Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"115794629.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Sep 2025 01:40:04 GMT","end":"Wed, 10 Dec 2025 02:38:26 GMT"},"fingerprint":{"sha1":"82:86:17:35:82:70:82:ED:EB:DD:35:30:4A:35:32:7A:0E:CF:9F:8D","sha256":"9D:14:5D:FA:29:0F:E2:EC:46:68:E2:71:D2:FE:B7:8C:B9:7D:BA:B6:CA:6A:AE:4F:10:A6:7A:2B:C2:BF:74:7B"}}},"request":{"raw":"GET /templets/blue888/css/style.css HTTP/1.1\r\nHost: yshsqz.115794629.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://yshsqz.115794629.xyz/video_list/index12.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 10 Oct 2025 21:27:26 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 14 Mar 2025 08:28:43 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=B0OHx%2BtA2Sfay2SMZQ%2B3fLk6GWmZ79MnBA7bS7Pe%2BBFzFiZ2aQFEklIQ9Ziti7Jwe5%2Fc5%2F4WGxEDfvs%2FKZHrMMMVbnaPdjY6BYb%2Fe41W7xZRA8Vt\"}]}\r\nvary: Accept-Encoding\r\netag: W/\"67d3e8bb-85b5\"\r\nexpires: Sat, 11 Oct 2025 04:19:56 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nage: 18449\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\ncf-ray: 98c933a72d7335a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":34229,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (3600)","md5":"88627f8b2c50f110aba05c9b238a8740","sha1":"c0e2469ad8e644023a0fe72fc6a43c4dd3e1e4d6","sha256":"3094bcddc3f4c55f0e5475079b229f0a9c5525dabc05f6b27a59f53dd3fca7e0","sha512":"87e94ac80cc59da5ba297809873588cbc1a05bd4dd3ca90f3153f99cfe5331b5883486de885f1fd0c5ee91fce8b5b709d1914373bce834b905ff586b82b4cf94","ssdeep":"768:zvTz/Tw206WV+FohIoaA29zc1ScFisz5IMu:zvTt/wI9P+5If","tlshash":"7fe2d622d664220ef223c066b8d157ba7224d127f2275bfef4657070cecf5ab15727a8","first_seen":"2025-05-29T17:52:49.722603Z","last_seen":"2025-12-08T23:52:41.362036Z","times_seen":386,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le.lebsltu2025627.com/upload/vod/20250924-1/bf7c5feafdaa7ab02375ec17990b9952.jpg","fqdn":"le.lebsltu2025627.com","domain":"lebsltu2025627.com","tld":"com"},"ip":{"addr":"104.20.45.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://yshsqz.115794629.xyz/video_list/index12.html","date":"2025-10-10T21:27:26.672Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le.lebsltu2025627.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 Aug 2025 05:16:02 GMT","end":"Mon, 24 Nov 2025 06:15:53 GMT"},"fingerprint":{"sha1":"FF:46:76:B5:18:D0:05:ED:77:4C:62:B9:9D:A4:19:EF:E8:25:11:02","sha256":"49:2F:FD:E4:7C:62:48:85:B4:FC:BE:89:00:FF:D4:A4:7C:BB:C4:07:94:32:1C:6B:B3:88:91:9B:A6:8A:7F:6A"}}},"request":{"raw":"GET /upload/vod/20250924-1/bf7c5feafdaa7ab02375ec17990b9952.jpg HTTP/1.1\r\nHost: le.lebsltu2025627.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://yshsqz.115794629.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Oct 2025 21:27:26 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 69612\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\netag: \"68dd8d27-10fec\"\r\nexpires: Sun, 09 Nov 2025 11:45:06 GMT\r\nlast-modified: Fri, 10 Oct 2025 11:50:01 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nksgRlGiglGIjJ%2FxoXvoJIZ9KdwI31xS0EqR7B4s8MGsaBJXn3EM9KdTcUiNfeITBXbQrt3Lr5QAZtw99V5k0K0An93z%2F%2BAQRIo3ksuUOS6ARrM%3D\"}]}\r\ncf-ray: 98c933a92c11712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":69612,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85\", baseline, precision 8, 1024x576, components 3","md5":"22220560917c27cf869805af0250a62d","sha1":"952a4451985ee44fd7c1a1c95af763992770cf5a","sha256":"0250c70c0f4cff3cf343b9ef495297322f545a43dd75bd583a71b015f968eff7","sha512":"6b3b6d3acf45be32494d25929fb1fcf094e07c3ff099a88b853889e8bc463208ff9d538ccf105c66f7e6f82e3f684486d405608e5f7cfd1c657f3620f783b683","ssdeep":"1536:lR603RqF8D6bq+E/XCfKQmtxJAgFus9bxXkruGJ:bSF8CE6fct7LTtx0rjJ","tlshash":"b963025e19605702de1a3cb4dce42f8d6ec89b7146cb4df7df44a5f023ba604a1892ce","first_seen":"2025-10-10T21:27:52.78533Z","last_seen":"2025-10-10T23:56:21.563622Z","times_seen":2,"resource_available":false,"data":null}},"time_used":343,"timings":{"blocked":227,"dns":0,"connect":0,"send":0,"wait":73,"receive":43,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"396883239.xyz/video_list/index12.html","fqdn":"396883239.xyz","domain":"396883239.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-10T21:27:25.159Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"396883239.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 13:14:28 GMT","end":"Tue, 16 Dec 2025 14:12:51 GMT"},"fingerprint":{"sha1":"9B:25:84:D8:B2:1E:05:73:EE:A2:E3:98:9C:6D:EC:F3:C5:DE:40:B6","sha256":"E0:08:9C:E0:CC:88:DB:65:83:F9:B0:E1:8F:03:85:62:2D:CD:0C:B5:EF:EA:39:54:75:4B:CE:76:C6:63:0D:D7"}}},"request":{"raw":"GET /video_list/index12.html HTTP/1.1\r\nHost: 396883239.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ndate: Fri, 10 Oct 2025 21:27:25 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: https://yshsqz.115794629.xyz/video_list/index12.html\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VXVojtK7TCgDCeZGpGmAS8KeCNUOHRH9L2mp3XJiCo1POazPwVvhsi%2F%2BtOuNba6jjEWiZRdySSmx0pmV90YrE49o9GwX8JHvE5ku\"}]}\r\ncf-ray: 98c9339f8e0bb4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":41880,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T09:47:05.247441Z","times_seen":13369813,"resource_available":true,"data":null}},"time_used":798,"timings":{"blocked":208,"dns":37,"connect":1,"send":0,"wait":383,"receive":0,"ssl":167},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"396883239.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"yshsqz.115794629.xyz/video_list/index12.html","fqdn":"yshsqz.115794629.xyz","domain":"115794629.xyz","tld":"xyz"},"ip":{"addr":"104.21.10.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-10T21:27:25.759Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"115794629.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Sep 2025 01:40:04 GMT","end":"Wed, 10 Dec 2025 02:38:26 GMT"},"fingerprint":{"sha1":"82:86:17:35:82:70:82:ED:EB:DD:35:30:4A:35:32:7A:0E:CF:9F:8D","sha256":"9D:14:5D:FA:29:0F:E2:EC:46:68:E2:71:D2:FE:B7:8C:B9:7D:BA:B6:CA:6A:AE:4F:10:A6:7A:2B:C2:BF:74:7B"}}},"request":{"raw":"GET /video_list/index12.html HTTP/1.1\r\nHost: yshsqz.115794629.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Oct 2025 21:27:26 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Mon, 06 Oct 2025 13:41:12 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=It5gGyPzLd9DhhYP3l1QRxTvn%2FdBe3AByneITr3bzYEKcD9QZ4jA6WxXLwScwvWLCTIMZDxY2M3r32sNNdY8s%2FP5dCogk79%2BxNYszGi%2BOGA76IiA\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 98c933a32ff1b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":41880,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5507)","md5":"3b6008aa9a1239b96cda3ac4fa3da5fb","sha1":"a7ec1ae91976da177ae7e84fd5a846d0f6b242f2","sha256":"7052ba1a7c3ff57020f1c0457d40cf06789cf3ca41c98971a6f8344b3ea56a4b","sha512":"5c262723639aad037ed60b93ef96028935a6cc6d22a7a546fc2262dc2cbb28174363fd4bc31c977d6cc456c669eb9074b17626ef4565f960190303052c53c460","ssdeep":"384:lBM+cHvIVqDc6Asp6/0xt4jq7PGhkz+gveQxyz09ILeNIGbH1jxV3sf3J3s63zY0:C3s3J3/3uvPKgXJWfJyOBGPT1eeY5","tlshash":"5c13a41e05d49b6b292f29f918c42e6db1a733fc81c38d41b2611ade9fc1fe1944e45e","first_seen":"2025-10-01T15:34:05.650853Z","last_seen":"2025-10-10T21:27:52.790411Z","times_seen":2,"resource_available":false,"data":null}},"time_used":764,"timings":{"blocked":190,"dns":21,"connect":1,"send":0,"wait":382,"receive":0,"ssl":167},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yshsqz.115794629.xyz/js/ads/top1.js","fqdn":"yshsqz.115794629.xyz","domain":"115794629.xyz","tld":"xyz"},"ip":{"addr":"104.21.10.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://yshsqz.115794629.xyz/video_list/index12.html","date":"2025-10-10T21:27:26.618Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"115794629.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Sep 2025 01:40:04 GMT","end":"Wed, 10 Dec 2025 02:38:26 GMT"},"fingerprint":{"sha1":"82:86:17:35:82:70:82:ED:EB:DD:35:30:4A:35:32:7A:0E:CF:9F:8D","sha256":"9D:14:5D:FA:29:0F:E2:EC:46:68:E2:71:D2:FE:B7:8C:B9:7D:BA:B6:CA:6A:AE:4F:10:A6:7A:2B:C2:BF:74:7B"}}},"request":{"raw":"GET /js/ads/top1.js HTTP/1.1\r\nHost: yshsqz.115794629.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://yshsqz.115794629.xyz/video_list/index12.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 10 Oct 2025 21:27:26 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Tue, 23 Sep 2025 14:36:29 GMT\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Sat, 11 Oct 2025 04:19:56 GMT\r\ncache-control: max-age=43200\r\netag: W/\"68d2b06d-23e\"\r\nage: 18449\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Q1fRoFl9SpIKNdrizb6jwZ8k4TeQUk91ZwBHFP0GRLTSiaFEL07l9Hz0jqK0UlZxa1vjxhiFZP26wAARYB1qbfZ4sHCx5WMti%2FXb7YEAxceGHjMZ\"}]}\r\ncf-ray: 98c933a72d7635a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":574,"size_decoded":0,"mime_type":"application/javascript","magic":"HTML document, ASCII text","md5":"1ff784875748f01acc91d34b8b6e0fd2","sha1":"9b28357595eb3cb1de8636585411c43e5367885b","sha256":"48324c5bdcdb67bd905190461f8d8ceb9cdad4615b851a23c1460cf36811beb5","sha512":"ae18a7329ae3d1b54480f34c23cd4c92f1f3d524f6563c48d39ba2fb4c80d4a3da5bd2c525dda38acd62659fe44de8fbbfe599f461e0466d495d1db8c734ebd4","ssdeep":"","tlshash":"adf04c5483a5e528ac610492c288f2f87829fd7d4f02cb2fe71e393e940161d1e4b5d6","first_seen":"2025-09-25T04:58:55.824553Z","last_seen":"2025-10-13T00:12:36.979542Z","times_seen":80,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yshsqz.115794629.xyz/hz888/202588.gif","fqdn":"yshsqz.115794629.xyz","domain":"115794629.xyz","tld":"xyz"},"ip":{"addr":"104.21.10.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://yshsqz.115794629.xyz/video_list/index12.html","date":"2025-10-10T21:27:26.800Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"115794629.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Sep 2025 01:40:04 GMT","end":"Wed, 10 Dec 2025 02:38:26 GMT"},"fingerprint":{"sha1":"82:86:17:35:82:70:82:ED:EB:DD:35:30:4A:35:32:7A:0E:CF:9F:8D","sha256":"9D:14:5D:FA:29:0F:E2:EC:46:68:E2:71:D2:FE:B7:8C:B9:7D:BA:B6:CA:6A:AE:4F:10:A6:7A:2B:C2:BF:74:7B"}}},"request":{"raw":"GET /hz888/202588.gif HTTP/1.1\r\nHost: yshsqz.115794629.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://yshsqz.115794629.xyz/video_list/index12.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 10 Oct 2025 21:27:26 GMT\r\ncontent-type: image/gif\r\nlast-modified: Mon, 06 Oct 2025 09:43:17 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=E%2F2PPlVzhjYjgCq3e3wB6b9YJ0AmcyXqK7B7OGNJ%2Bo2KK5Thj7LVYjOjqrd%2FhL7i%2FtZy%2F428Vd5eDbxuQhBQwEccUkq5HCJPGe485IKoLd3h0woa\"}]}\r\nvary: Accept-Encoding\r\netag: W/\"68e38f35-c5ac9\"\r\nexpires: Sun, 09 Nov 2025 16:19:57 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\nage: 18449\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\ncf-ray: 98c933a87dc435a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":809673,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"86787ea5a45b4aa0b63d1b1dcc082136","sha1":"081844da11e9d6f2fbcd84929397fbdfb0ff04f2","sha256":"f793e5f10be6866509a0effe2eddd0173f28300e446cde9db58bb0b1dbdd1d97","sha512":"478106389e7927c474738ffca05a80b0c88784052b848f1ba341b8dc16ef25230e04aca86b151860644506c0204628396fc23e72986023b6b8b925e554f322e2","ssdeep":"12288:vEsZaYPNKCWNKCWNKCaNTx89Yx89Yx89Yx8hfeB6+C1Qu64C1Qu64C1Qu68KN+cx:Lp1kkou9F9F9FhU0xx1cbsFsFs5G","tlshash":"1305236983fe0360336d13b09b78e0e5ee87bca5d16c964f068f6f7c6a00d598165b1b","first_seen":"2024-01-29T08:16:01Z","last_seen":"2026-04-04T03:21:49.52676Z","times_seen":392,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":144,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}