{"report_id":"509a7eb0-efef-413d-8a4d-ef91db89aa76","version":6,"status":"done","tags":[],"date":"2026-03-23T02:07:24Z","url":{"schema":"http","addr":"xinyujidian.com/","fqdn":"xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"23.231.42.48","port":0,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"final":{"url":{"schema":"http","addr":"www.xinyujidian.com/","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"title":"悟空体育官网 | WUKONG SPORTS-官方集团平台","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"xinyujidian.com/","fqdn":"xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"23.231.42.48","port":0,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-27T02:07:24Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":5}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"xinyujidian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.xinyujidian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"fcl.xueyuxingfeng.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"fcl.xueyuxingfeng.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"test.xinxiyidiantong.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.xinyujidian.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2025-11-11","domain_rank":0,"first_seen":"2026-03-23T02:07:25.705482Z","last_seen":"2026-03-23T02:07:25.705482Z","alert_count":27,"request_count":27,"received_data":1911422,"sent_data":10334,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]}]},{"fqdn":"test.xinxiyidiantong.com","ip":{"addr":"27.124.44.50","port":2096,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"domain_registered":"2019-08-03","domain_rank":0,"first_seen":"2021-06-25T14:04:50Z","last_seen":"2026-03-21T06:33:27.022221Z","alert_count":3,"request_count":3,"received_data":42827,"sent_data":1369,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.dlripuli.com","ip":{"addr":"180.163.146.39","port":80,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":13,"received_data":1377460,"sent_data":4909,"comment":"","tags":null,"fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}]},{"fqdn":"xinyujidian.com","ip":{"addr":"23.231.42.48","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":2,"request_count":2,"received_data":195,"sent_data":884,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fcl.xueyuxingfeng.com","ip":{"addr":"27.124.44.6","port":6987,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"domain_registered":"2021-06-17","domain_rank":0,"first_seen":"2021-06-17T13:30:21Z","last_seen":"2026-03-17T00:31:00.03382Z","alert_count":2,"request_count":1,"received_data":3644,"sent_data":431,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"chat.chem17.com","ip":{"addr":"180.163.146.45","port":443,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"domain_registered":"2003-03-17","domain_rank":0,"first_seen":"2014-05-27T23:58:43Z","last_seen":"2026-03-21T12:22:43.388659Z","alert_count":0,"request_count":2,"received_data":1797,"sent_data":855,"comment":"","tags":null,"fingerprints":[{"name":"Microsoft ASP.NET:4.0.30319","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}]},{"fqdn":"www.chem17.com","ip":{"addr":"180.163.146.43","port":443,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"domain_registered":"2003-03-17","domain_rank":3165666,"first_seen":"2013-06-12T07:47:44Z","last_seen":"2026-03-18T11:43:18.642829Z","alert_count":0,"request_count":1,"received_data":1407,"sent_data":655,"comment":"","tags":null,"fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Microsoft ASP.NET:4.0.30319","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}]},{"fqdn":"img54.chem17.com","ip":{"addr":"101.71.10.236","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"domain_registered":"2003-03-17","domain_rank":0,"first_seen":"2013-11-27T18:29:56Z","last_seen":"2026-03-19T06:27:39.356561Z","alert_count":0,"request_count":1,"received_data":155,"sent_data":385,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.28.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"img44.chem17.com","ip":{"addr":"101.71.10.236","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"domain_registered":"2003-03-17","domain_rank":0,"first_seen":"2017-02-06T17:25:39Z","last_seen":"2026-03-19T02:49:55.58883Z","alert_count":0,"request_count":1,"received_data":155,"sent_data":461,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.28.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"api.share.baidu.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"1999-10-11","domain_rank":1421601,"first_seen":"2013-04-25T14:45:11Z","last_seen":"2026-03-18T23:10:38.734704Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":387,"comment":"","tags":null,"fingerprints":null},{"fqdn":"collect-v6.51.la","ip":{"addr":"43.159.107.113","port":80,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"domain_registered":"2005-01-17","domain_rank":348646,"first_seen":"2021-03-08T16:03:54Z","last_seen":"2026-03-16T04:41:01.468216Z","alert_count":0,"request_count":2,"received_data":733,"sent_data":800,"comment":"","tags":null,"fingerprints":null},{"fqdn":"img45.chem17.com","ip":{"addr":"101.71.10.236","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"domain_registered":"2003-03-17","domain_rank":0,"first_seen":"2016-08-23T23:54:56Z","last_seen":"2026-03-20T10:57:33.16342Z","alert_count":0,"request_count":1,"received_data":155,"sent_data":461,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.28.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"img58.chem17.com","ip":{"addr":"101.71.10.236","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"domain_registered":"2003-03-17","domain_rank":0,"first_seen":"2013-11-27T18:29:53Z","last_seen":"2026-03-16T06:14:47.263738Z","alert_count":0,"request_count":1,"received_data":155,"sent_data":461,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.28.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"img47.chem17.com","ip":{"addr":"101.71.10.236","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"domain_registered":"2003-03-17","domain_rank":0,"first_seen":"2018-01-22T02:37:37Z","last_seen":"2026-03-21T14:43:09.188149Z","alert_count":0,"request_count":1,"received_data":155,"sent_data":461,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.28.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"img48.chem17.com","ip":{"addr":"101.71.10.236","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"domain_registered":"2003-03-17","domain_rank":0,"first_seen":"2018-01-22T02:37:37Z","last_seen":"2026-03-18T11:43:18.793498Z","alert_count":0,"request_count":1,"received_data":155,"sent_data":461,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.28.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"89tongji.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2023-08-03","domain_rank":3345724,"first_seen":"2023-08-03T16:00:12Z","last_seen":"2026-03-17T20:28:47.577827Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":415,"comment":"","tags":null,"fingerprints":null},{"fqdn":"img50.chem17.com","ip":{"addr":"101.71.10.236","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"domain_registered":"2003-03-17","domain_rank":0,"first_seen":"2018-01-04T13:20:18Z","last_seen":"2026-03-19T06:27:38.628492Z","alert_count":0,"request_count":1,"received_data":155,"sent_data":461,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.28.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"img49.chem17.com","ip":{"addr":"101.71.10.236","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"domain_registered":"2003-03-17","domain_rank":0,"first_seen":"2018-01-22T02:37:37Z","last_seen":"2026-03-21T14:43:10.221289Z","alert_count":0,"request_count":2,"received_data":310,"sent_data":922,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.28.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"pinganfafa.com","ip":{"addr":"143.92.57.25","port":25858,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"domain_registered":"2024-12-12","domain_rank":6845800,"first_seen":"2024-12-18T10:35:17.798759Z","last_seen":"2026-03-16T05:29:28.966581Z","alert_count":0,"request_count":1,"received_data":3260,"sent_data":784,"comment":"","tags":null,"fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"push.zhanzhang.baidu.com","ip":{"addr":"182.61.201.94","port":80,"asn":38365,"as":"Beijing Baidu Netcom Science and Technology Co., Ltd.","country":"China","country_code":"CN"},"domain_registered":"1999-10-11","domain_rank":1485849,"first_seen":"2015-07-22T05:44:02Z","last_seen":"2026-03-19T01:54:50.296368Z","alert_count":0,"request_count":1,"received_data":426,"sent_data":342,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"www.xinyujidian.com/","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"a2ececd99eb8b469b23c23962ff04d41","sha1":"ae6d536789900ca69d05362c76dd1915a55f8698","sha256":"7208ebf799b428adab7bb3b7ba4b9a7854f97a178f16cf7a8eb4e04b436d0c95","sha512":"f45c63764e9f0467f1489193a3e1fdd2e7cf5d06b24b0dd6f32b4441d3d13b7cf0c58493fb7f265c568b0287498d5fdba6beabc6a41a385c544755d53368cd19","ssdeep":"","tlshash":"ccb0120ca05bd0970613713c27c10004222b4023a22c0f0235bc43c44f650f85367d1c","size":92,"data":"","first_seen":"2023-03-11T23:41:52Z","last_seen":"2026-04-02T12:43:45.805648Z","times_seen":94,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sdk.51.la/js-sdk-pro.min.js","fqdn":"sdk.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8a41c9449b73e8ba0224c6be1f0b7e8","sha1":"33d79319d4110bcf5c44c36f7dd4a291972ac546","sha256":"52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565","sha512":"472d0395a65a3ade2d215559b196a88ffcdacde3ac0f573eb8663b524f201d72c9339bcacbc198d82452a0ac367c0efd407b12795943cdd2755d95a8cf71b977","ssdeep":"768:swetbD3SkE+a/l1jaKUiQU5eqEh9GMXBOXAA/EXBeJMlbJfuPT:BetbD3SVT/3+KUc5eqEh9GMXBYEXBeJ7","tlshash":"dbf23d9577c0317cc3c783ea362b501ae1a69e910059a8bcf345f6907d34e56a37fba8","size":36114,"data":"","first_seen":"2025-03-10T03:40:31.536734Z","last_seen":"2026-04-05T07:45:35.102707Z","times_seen":81715,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/jquery.min.js","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"23.231.42.48","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a75ada17c3011458d74a0e4c5cc17ffa","sha1":"8e57d597b1caeb46af5a4578034187eda8bf8b26","sha256":"8056951f7605e0cc00e96769abe87124de09d74273e83efb7992dddc056390ce","sha512":"b56551f614e99478ac6a0e273fe4bb4b796c29e118732b903d11ec3dfc8368f0872386a3970dad897a0b5dceb21adb5557827c6dad66a642480a1f52c45fef4e","ssdeep":"","tlshash":"d30181d8c7c4d89baecc5e43ea24deca25b3813b97d832838318fe8c01ad157c89c049","size":718,"data":"","first_seen":"2023-03-07T12:26:46Z","last_seen":"2026-04-02T16:01:36.350899Z","times_seen":124,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"e130741516773f10b6a14586d4b505aa","sha1":"627b34692f52ff985762948fe689bcf20bff5e82","sha256":"3cdf6746db6b53c3e4755472b7829088b68fa6c3996e80246fc726fcf228d2c0","sha512":"e8fe7e3f62bf9dfddb24d60ff22ed0b06d00d29947c1fd47666f28c454d651fdc8f1770b8a5f4068e4ece88288c417283fd3d8198fd261801b767b916a0f0ef2","ssdeep":"","tlshash":"62a0026f27143a3166f6f161a55fb34459770156208318159dffc6d05e3cabc525284d","size":69,"data":"","first_seen":"2023-03-10T14:21:57Z","last_seen":"2026-04-04T22:22:39.480555Z","times_seen":272,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"cf5828a020ac8ecdee84adfcbbb61bdf","sha1":"053c9a453564dfe807312d533eca1aed907d597f","sha256":"a7042a76d18bd55d1947c386e69661f7ab1bec10d666406673b92c8c0d4a6000","sha512":"18ce8661d9189022a0df8aa91ea6510d51172102eb7af00f52efcc2fb5f13871bad45bdb66f7e895195e66bf4e562452507fc336911b755d184501755acb0110","ssdeep":"","tlshash":"676000020a000020002308002008800220800820002882202802a08c20000000a82800","size":17,"data":"","first_seen":"2023-03-10T14:21:57Z","last_seen":"2026-04-04T05:59:34.951906Z","times_seen":320,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chem17.com/asyncstat.aspx?u=xuaili\u0026referer=\u0026title=%u609F%u7A7A%u4F53%u80B2%u5B98%u7F51%20%7C%20WUKONG%20SPORTS-%u5B98%u65B9%u96C6%u56E2%u5E73%u53F0","fqdn":"www.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"180.163.146.43","port":443,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":true,"md5":"8702527515d402eb2f8731c1b245a538","sha1":"0545f19e8fdbf05e1b73f33c4094c81fc5d45711","sha256":"8e483b7636bf62bec086de8c661c8ef30c733aa0165d90cec8f49806b1ac2102","sha512":"9bfa7d631e609b81f27865dfd93050aca6a47b2d10f51eb3858df105eb1a7fb483291d036f8f70594dfc90c42f1bbb6696c6166a4087258f5106cfe8f15af36d","ssdeep":"","tlshash":"62f059bb4500d6fa8801b9aeffa1a340c55b0b6f3052d972a127018122201b7b0acddb","size":500,"data":"","first_seen":"2026-03-08T19:30:27.987668Z","last_seen":"2026-03-23T02:07:42.294403Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2cc0b6c71d3371fb64fc681e1fc03c52","sha1":"6d4bafdbbbf6d54b65fa8dd77b806c6434927685","sha256":"dc623aed01109dd56bebbf642d6de76a42937402871d11a6ad7396316957a231","sha512":"4db23328357ac4626e41f04747d8c73e395feda3868770d668d3a37007a9b3c87a62d12258401b7b077a5d432912fd255cc52e21b8ad4b9a8a978e66cddfe981","ssdeep":"","tlshash":"d8f097aed881a1586ad734f89babd648d0ae2026d00ed813b5dac5cd2d38fc80821b5c","size":502,"data":"","first_seen":"2024-08-20T18:13:05.447193Z","last_seen":"2026-03-23T02:07:42.296392Z","times_seen":20,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7aefcc9c0090e31a4a5f268688dfcac6","sha1":"b0f600ad8579722851fee6e753b755af7a7f046e","sha256":"d7c53adf9e997035823407705123f2c5a0670eee693b725123ba064ab76182cb","sha512":"3472fd777376b3a973b83911f5aecc37dda30a4071ea3ece9d8ad82b7a114bb798653629db32348ab7bdf915085960a7798fccce14ec3301422a9ebcd76ddc87","ssdeep":"","tlshash":"75f09eaeec41a9545ac324b897dfd648d15e0028d009c417a5d9c8cd2d38fc5082174c","size":502,"data":"","first_seen":"2023-06-28T06:11:32Z","last_seen":"2026-03-29T21:47:46.939286Z","times_seen":55,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6866512ca900018e6bc0d0f1b6681fa9","sha1":"d90f250f86726c6fb49aca164b66a8af102f9d60","sha256":"0784888aef902f39bc9a8b5757604b413a72b947068ddfa3075eda0aaa0ef150","sha512":"307398d0f7e072d0884a3ae15258d1d62690c43ae4a776e7d1cb1b3d8fe7c28253056fcb5c5e29b3fe416a9cb274a78c9f707359ef73ae7f210cb1a7831269df","ssdeep":"","tlshash":"5231e4f7e6d644b20aa7d2f7a3305778e8d2401fcd129a92d9ac12610668e52b117e89","size":1452,"data":"","first_seen":"2026-03-18T22:08:46.899518Z","last_seen":"2026-03-23T02:07:42.297773Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fcl.xueyuxingfeng.com:6987/067/ade/sj.js","fqdn":"fcl.xueyuxingfeng.com","domain":"xueyuxingfeng.com","tld":"com"},"ip":{"addr":"27.124.44.6","port":6987,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"fa19716607c7d8137d9cfbe623dba7cb","sha1":"e46242940c345610d692c2b1ce8fe9c1152aa46c","sha256":"cc9193fc7e8e2722b308b5de9881b0442e21363e33b296824381d574816bae16","sha512":"391ff0cdc99fdcfb81af8a0a72425b9e178309d74d5ec96642dbfc1fdd98be8529260af73ac6896dd45266adde8cfcfa96083e4c94a10ef1a3e593de0915d60b","ssdeep":"","tlshash":"4b611f54ef8d20338e133155ae6f958c24be68577d48eca7f84c64d44fa0d38852beac","size":3363,"data":"","first_seen":"2024-12-18T10:35:23.532443Z","last_seen":"2026-04-04T22:13:19.170087Z","times_seen":212,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/skins/2078/js/swiper.min.js","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"23.231.42.48","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"667782b67d018fa3f7935429dd5bb3fe","sha1":"98cc13dbec3be4e892be33b774b9d05eb5b74d22","sha256":"6ed2b0bc81da6a70eb947eb1878fd7e00f099b13504a9f16f25f53b16f265365","sha512":"9823dfd3966eab93fea368412835990c5dea0cf35bec057e24387bd2859759cb55c1c57c3df534b4c840fbd5d4f3f89ace0e7e71659b2ace12823bb40b0c24e4","ssdeep":"1536:CyOkN3TklR3ZIFD7+Y7n2L5ydUTq0tSQfCBTR:vTF73uTq/","tlshash":"4f93d66db314f3e295d3214a679ac64122f21706b849dae870b54c4a68bcc5d03bffbd","size":96118,"data":"","first_seen":"2024-10-26T07:48:10.555998Z","last_seen":"2026-03-23T02:07:42.282349Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"push.zhanzhang.baidu.com/push.js","fqdn":"push.zhanzhang.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"182.61.201.94","port":80,"asn":38365,"as":"Beijing Baidu Netcom Science and Technology Co., Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"1bb5a3267c9865ad4abe8d937734b62b","sha1":"b5478dd2edb3e64242eced1db2dbd945ef81f592","sha256":"674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2","sha512":"33318ed944a49a8fa334983408d68853b1fbe4f80b19adef6235f23d7708b616cd4f8dd28c8b8ebfbb5776aab8088229f3060cd789af34fe1db5038a98bd0d39","ssdeep":"","tlshash":"91d02be874a0c41c0ce710b17fab328cfab20b2755244d40c05b90013614b1f824bfe9","size":281,"data":"","first_seen":"2023-03-07T01:02:09Z","last_seen":"2026-04-05T07:15:15.461149Z","times_seen":20923,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sdk.51.la/js-sdk-pro.min.js","fqdn":"sdk.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8a41c9449b73e8ba0224c6be1f0b7e8","sha1":"33d79319d4110bcf5c44c36f7dd4a291972ac546","sha256":"52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565","sha512":"472d0395a65a3ade2d215559b196a88ffcdacde3ac0f573eb8663b524f201d72c9339bcacbc198d82452a0ac367c0efd407b12795943cdd2755d95a8cf71b977","ssdeep":"768:swetbD3SkE+a/l1jaKUiQU5eqEh9GMXBOXAA/EXBeJMlbJfuPT:BetbD3SVT/3+KUc5eqEh9GMXBYEXBeJ7","tlshash":"dbf23d9577c0317cc3c783ea362b501ae1a69e910059a8bcf345f6907d34e56a37fba8","size":36114,"data":"","first_seen":"2025-03-10T03:40:31.536734Z","last_seen":"2026-04-05T07:45:35.102707Z","times_seen":81715,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"89662c1820175c0552b97cbc79d2ebce","sha1":"f3172d74834b9d81b5bd16e0055926f114cbf008","sha256":"a752324cfeb3830ce38db4d243f1ecdd9a35c0d3de75132b558c84aacf2fcb75","sha512":"33068a75315f73eb63ba74e7263590abc8e1f351e018516e622e99a7c169868a4e94566b779017972d14941ade9b0b2c9fc524bd053ec4a558fd29dd556a90b1","ssdeep":"","tlshash":"dea0027f35d4735521011553a556194e65b75434d440847cab5455941478c545799c44","size":80,"data":"","first_seen":"2026-03-08T19:30:27.989133Z","last_seen":"2026-03-23T02:07:42.2984Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chat.chem17.com/chat/KFCenterBox/2078","fqdn":"chat.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"180.163.146.45","port":443,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"b936460ba988b30cd79d99ae93c77106","sha1":"a44405ff5b67abf66ef77714e4364e6c3f1e9940","sha256":"6cd604b71e1e21050b6a41602716b9a722e769a5d7cfb3b97152f3d73dcef5c9","sha512":"ad4731faf916fbb7118af38e25fa7e15814294950676fbd4ec41aeba5c7508ed34b7a7a4c98e1834e1096ea92e6301935699ed6df01a7416632e39063c0c9661","ssdeep":"","tlshash":"3990023209b10052711510915943e1456595959129de9915a00004a572529539a06d51","size":49,"data":"","first_seen":"2023-03-07T12:42:46Z","last_seen":"2026-04-05T04:58:55.066133Z","times_seen":582,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chat.chem17.com/chat/KFRightBox/2078","fqdn":"chat.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"180.163.146.45","port":443,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"b936460ba988b30cd79d99ae93c77106","sha1":"a44405ff5b67abf66ef77714e4364e6c3f1e9940","sha256":"6cd604b71e1e21050b6a41602716b9a722e769a5d7cfb3b97152f3d73dcef5c9","sha512":"ad4731faf916fbb7118af38e25fa7e15814294950676fbd4ec41aeba5c7508ed34b7a7a4c98e1834e1096ea92e6301935699ed6df01a7416632e39063c0c9661","ssdeep":"","tlshash":"3990023209b10052711510915943e1456595959129de9915a00004a572529539a06d51","size":49,"data":"","first_seen":"2023-03-07T12:42:46Z","last_seen":"2026-04-05T04:58:55.066133Z","times_seen":582,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.chem17.com/mystat.aspx?u=xuaili","fqdn":"www.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"34db67b94486dba9506f1fd1218542a2","sha1":"13c02b4e420bf817c6a9581b816a34c714a3248b","sha256":"c8997719f68828f268b31bfc325810a804429ecab25bd7534ac769d969316b47","sha512":"64257ec595fcce6444ecdb186fd2fbe2eccd3134135eca80fd604c0bd424466563e0472a6b7765cfcbbfb3e1af14b5a99a5e8970cd16dcddf29024d113506c21","ssdeep":"","tlshash":"bc214d541d06c0a4bc36713d89b7c13cd2b11a273865d77278cca9084f78fa525deeea","size":1357,"data":"","first_seen":"2026-03-08T19:30:27.993772Z","last_seen":"2026-03-23T02:07:42.300214Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"443d148f6da800479ebfa2df1d43a364","sha1":"45f4c4e1ec799fdfd185eefb125e57bc499f71d5","sha256":"eabe977f0a37a175fa49f5d9bb4b20553a458e89f3a9c8a7a9ae406ce750d77c","sha512":"5ec541bb8b1b657dbd93fb888d1106706c85d5badbfc8b0f5ad328f5b5738a6bcabf572b55a710398911ec93cee6c61032a8ea871bf4481bc1cfe85554643991","ssdeep":"","tlshash":"b7b0121f22450c3045867162000857803c08c2920ba01941b03411158510e41c246b55","size":87,"data":"","first_seen":"2023-03-10T10:50:17Z","last_seen":"2026-04-04T22:22:39.481392Z","times_seen":149,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6dfbf4d70bfb4ec42400f1a89c936fee","sha1":"2e364ac87c9a896e2ef50d303525f47c493ddfb2","sha256":"fec590e4b0997a2e2babdbe4ceda1c0eac22b49ff90f423f808dbe272c6ac504","sha512":"c65aee43d51eaed5655ab42a250f375f2889ab9d8c3d1a0ea73e1060286f47c51953ddb937e16489e8d628ed1b05d2f346e4373b25b53b951e02f79947496f55","ssdeep":"","tlshash":"a2f0fca5f788567020fb723a45ee30c82aaf85074f498641fb7481b45fdda0b25abd49","size":585,"data":"","first_seen":"2023-03-07T12:56:00Z","last_seen":"2026-04-04T22:22:39.482319Z","times_seen":152,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4235e8a71d9a3460627d087b93fab381","sha1":"68d7c37a8e27ff6619f6d7656b12159a6f4185c4","sha256":"c8abdfa56cb6da86f2ef779dc091e3f1ae27a2202febb2f706b518007e433c12","sha512":"f4e3f8364a6f51e321a01679e9202ab8e8c1e276cd568215296294798d768328c793f1742633ae1773ddcaf4d9e7a4ecdd1cdd36fea8cf2b300586534746846d","ssdeep":"","tlshash":"18f097c10209a13ac633d67b466f31136bba0053d8de78f8b0ce09c4dfa923c02dab60","size":492,"data":"","first_seen":"2025-03-08T04:39:14.089861Z","last_seen":"2026-03-23T02:07:42.303226Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/jquery.la.min.js","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"23.231.42.48","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8fd4b6cce314883a0f42ecdd36ee4a0c","sha1":"589bc7e2a54ca867dc40c02b117b8f8a514a79f2","sha256":"98dbd7adb78c3ae0190868fdb4f5501183030b3b99928f95c044052c1b16bb5a","sha512":"09dd35061d7958d3857f8746108030b6abfccc329390afdc4c832d9d7382a96664faf01f37cc704ec24be70d9f7e483169a0c64ac2dfd73af2366034c02d81a9","ssdeep":"","tlshash":"9c21c15efc05e2146f56397633b7d9ace9ae10319409d80665eec0ac7c25ff94511e0c","size":1221,"data":"","first_seen":"2023-11-23T05:47:09Z","last_seen":"2026-03-28T00:31:05.150443Z","times_seen":37,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/skins/2078/js/wow.min.js","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"23.231.42.48","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4b253cabaafa86647183695c4c4365e7","sha1":"d653b2ed6a5d94f718b4ddcbef28d57bd8668cef","sha256":"027931e5177abc3f452dd92ffea8867a18381bcce1779bfe3843d4d7a582f97a","sha512":"029b932197a229594b96a294b0a4e7e660ddda4c870ddbf1d923aa6703467919720bcc3ef83ea2040925a2154970021ace58b1fb453232b642a1560c129f2501","ssdeep":"96:2PV6GqKyR6TYATHF/suCg5OVEE1nce1gJ1IHImBaokbl:2PVfSWFsuCsOVEENceiJmHILoe","tlshash":"e0e177c9bb877031d79791f2873f0506b33a59ada028047cb6a884e53d74c59523bf78","size":7057,"data":"","first_seen":"2023-03-07T12:05:24Z","last_seen":"2026-04-05T05:10:25.385229Z","times_seen":2246,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/js/JSChat.js","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"23.231.42.48","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c585663f5b83e34d09092e44326b9377","sha1":"498b43fec7eb7cb801257cc121f97c12be542abc","sha256":"97da6e4048ee96ed0c9d00a4f87b00c26adb4af9af53df68e5d8b6669f4bb690","sha512":"5e9a059d9ff3f80b3aa58f6411925c2744e579450f08885deaf41bbdfcb95af3254195a4fde2454047d63838ec6a4eb5cd4d3b213bf1d94df9d5d30ba86f44e9","ssdeep":"","tlshash":"7731dfb28913d31609194e63c716174ca267915b9103e9623d3d7e643f88d2bb3997f0","size":1622,"data":"","first_seen":"2024-01-31T06:36:47Z","last_seen":"2026-04-05T04:58:55.073774Z","times_seen":497,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/skins/2078/js/jquery-3.6.0.min.js","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"23.231.42.48","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"bca813b98301491f92e4dd010c283161","sha1":"b2089f223aca2065f95df86a8348b12d429929b5","sha256":"07aa40890d0e075c167808ec0d2612525ba305dc20881e0fc3dc5549d701dce4","sha512":"8595d0160c3f30ea8d0f4de3f8cb86e6cc0ed4e8680c5f6f843c2409a2518465c07c365cdcf7608c4988e5f8fcc742c545fa24d47d42e6989331e5070c1586b2","ssdeep":"1536:ajExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiXYmQ1vy:aIh8GgP3hujzwbhdXXvxiDQ47GKn","tlshash":"a79309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","size":89405,"data":"","first_seen":"2023-05-10T09:17:04Z","last_seen":"2026-03-28T00:31:05.158738Z","times_seen":126,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"a9abecb1ade8ecdf36711241c0553008","sha1":"17f35e8b76d244373474e78fc78f3f02bc743d0e","sha256":"32ffa8c2dc21eed0a8fc099eccb4031470ced409aadd912f00bfec6579f02cbc","sha512":"80f1034747a5064a20b53dcbccb05a9008fa354af7852181f65c89689d6573a3b9a8adb6e5ded6f380225a62b4438f7d3b49e19f6f6ca33619df57a6e0e697cb","ssdeep":"","tlshash":"3e2108854128657682a3a27f1c3f6311695f92cbc8de3cb1749d01408f7915e55fe7f4","size":1267,"data":"","first_seen":"2026-03-08T19:30:27.99524Z","last_seen":"2026-03-23T02:07:42.304871Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b3bf742b87eab13561c08070eaee6416","sha1":"fd4c07a8cccbfa6136825ee1e464c182ac0ad0d1","sha256":"95f8b67817f438cf0f147a83f95ae7c2846cf875691a1836239095cdf98f752b","sha512":"8dc25424a6738fabba8148bd305777d8238168992299a9ac467547678048ad60eb9cf1a50b98e3bbac3ec89e205f34ad100a3bbeefd4c38266d0663df0cf0afb","ssdeep":"","tlshash":"c1e026aa29721674578419fa992ff92cf1aa627c0554e003f58dfc230424eef4e2ead5","size":345,"data":"","first_seen":"2023-03-11T21:10:52Z","last_seen":"2026-04-05T04:58:55.074767Z","times_seen":2795,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/skins/2078/js/common.js","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"23.231.42.48","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"46e7fd486cd27a9717dec0729e0bca86","sha1":"034cc54aa2c374c9a66d3fcd9c1fa8de303a72b9","sha256":"c70b16aff1c3030555744fb64709dac810ef9a270b05c10cccc3ea36e109c08f","sha512":"19fcc543f515b0523531012f0859c0a0444fcb2a69c122885e2437aeab810936c6ba21c504f076592876ce768cd847f52b317b3cc13bf21ef67b2e283e2f9c20","ssdeep":"","tlshash":"a401006cf289652101fb717a9e2fd3c9382834533487a586a05d48f81db47be4415d88","size":771,"data":"","first_seen":"2026-03-08T19:30:27.964191Z","last_seen":"2026-03-23T02:07:42.26299Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"cfa73d662a1a5113223fedd26fcfe86a","sha1":"df22c737d66225471ba43fb8ef71d91523280a22","sha256":"7e6689eb259bfdbaacc5f82affe6f7675709232d915b5e4a455652c6e75808f2","sha512":"6f395848bdbbf80cad2a60ea4c2640e258c17df8584d1175ec4c39752b508a709718ec87e06e30d2c6f9454fc10aba7795be68399329d1d9289f802e3e267b7a","ssdeep":"","tlshash":"04f097ae5c81e5586ad734e89babd24cc46e2026500ed813b5dac5cd3d38fd80825b5c","size":508,"data":"","first_seen":"2024-08-20T18:13:05.466466Z","last_seen":"2026-03-28T00:31:05.17177Z","times_seen":37,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"ced45f00ebb2e79b6c6a66647bd89fbc","sha1":"0525aaba011f7b314a407d666e5fad6a61370fbc","sha256":"8da60e60c86598053d45c148804f4b0875c5ad94b1e765df389e3f5ef4283904","sha512":"7502d1edb7d811b367aac6f9b0d4741ef7ad65cf67945988b4c4fd36f1639bda25fdb7cf2c2781e641e17042b647092aec0cf31d5c902085a42c40fdd431685a","ssdeep":"","tlshash":"94a022033e02c088ac0200ebb0b0f83cf0a33820a882ec0cccf000282cb33ccce00002","size":78,"data":"","first_seen":"2023-11-23T05:47:09Z","last_seen":"2026-04-02T16:01:36.424947Z","times_seen":124,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"4d14415e19c22cec55e1f6184cf3bff1","sha1":"76f09bf3037a2de1695e2c4ea49c94c181416153","sha256":"09f90dcb2f46cbf260aea52da1b2cf44ac9ca2a9b8644874eaa252d65ad54502","sha512":"0af3dc47020dddd0dbf7c5eb7bd6fc850dc3f02615cf8acaba854fe209b9a54cde69128b4fd4f8c339c4c22054b8576f61dd3b81af49200afe533551a86feb3e","ssdeep":"","tlshash":"e6c02b835d01c84942004ac4d0a2fc2cd090f0398514dc8dc0d034cc21c05d90c011c4","size":133,"data":"","first_seen":"2023-03-07T12:26:46Z","last_seen":"2026-04-02T16:01:36.383121Z","times_seen":124,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"76ba1733a7a17246e9a53acccbe4e5e4","sha1":"addc4ab6279e6315bc0fb1b9545bb81df1f2c06d","sha256":"657de2632d664d872a23787eb194b092615ede05360f65d8dcfcb5375c313266","sha512":"20bcc8a350a37541a12a8673b3047b4cd18da270f7512c879c698c2fddcf961cc9fe237d342d6450a033944887eb68c29f43018d534a4fea3ea68941813fd1b2","ssdeep":"","tlshash":"a7d097be062112a45c04b08a70e5732d56b2280b28a02b784ecf3a00d20824950a02aa","size":231,"data":"","first_seen":"2026-03-08T19:30:27.997961Z","last_seen":"2026-03-23T02:07:42.309495Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"c3ca4ba6c01c13e6a51ee2c51ccf2d3d","sha1":"41566e9de7847112faa799e017e327b75437bc8c","sha256":"b38f5e3a240aadf59d384c57c408422f1364bde5c499f33ebae59e35ef59abc6","sha512":"d883779ce9b2c6c1c96dce5b9d9535dbdf7cdcb8240801957879c9c9aface04d46970b5238ace6acad7b72532f7b67e433974b14350ec504d59ed680996ffe91","ssdeep":"","tlshash":"aef046771a81580e6370c235f8dab495e8429587866c9896f08831df1ff0f68d4d329d","size":605,"data":"","first_seen":"2024-12-18T10:35:23.553201Z","last_seen":"2026-04-04T22:13:19.184035Z","times_seen":109,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"4948e87ff90354f9aa958fe3aae5ee9f","sha1":"49a5806481fc3de5de79121750759ad03fee7200","sha256":"d9e8faebcefb68e7ccd4a16e07a49a81692e052c51d869cda30c24615fc2e260","sha512":"ce3980a744ed9afb1d494e387693e29060e0b75204b19c029016e39dfb6176e255a48bee3dd25249e2edede9686eb677522435be416a45a9bb228a78936666cb","ssdeep":"","tlshash":"9ff09eae6c41e9545ad3249897efd24cd15e00281009c417a5d9c8cd3d38fd50c2574c","size":508,"data":"","first_seen":"2023-06-17T18:58:05Z","last_seen":"2026-03-29T21:47:46.968596Z","times_seen":108,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"http","addr":"www.dlripuli.com/skins/2078/images/ind_about_bg.jpg","fqdn":"www.dlripuli.com","domain":"dlripuli.com","tld":"com"},"ip":{"addr":"180.163.146.39","port":80,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:02.200Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/2078/images/ind_about_bg.jpg HTTP/1.1\r\nHost: www.dlripuli.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.xinyujidian.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Tengine\r\nContent-Type: image/jpeg\r\nContent-Length: 12191\r\nConnection: keep-alive\r\nDate: Mon, 23 Mar 2026 02:07:02 GMT\r\nLast-Modified: Fri, 20 Dec 2024 03:55:07 GMT\r\nAccept-Ranges: bytes\r\nETag: \"809f32f59252db1:0\"\r\nX-Powered-By: AN-115.4.181\r\nX-Download-Options: noopen\r\nX-Frame-Options: SAMEORIGIN\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-XSS-Protection: 1; mode=block\r\nContent-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;\r\nX-Content-Type-Options: nosniff\r\nVia: cache49.l2cn8786[75,74,200-0,M], cache49.l2cn8786[77,0], kunlun9.cn7174[105,104,200-0,M], kunlun10.cn7174[106,0]\r\nAli-Swift-Global-Savetime: 1774231622\r\nX-Cache: MISS TCP_MISS dirn:-2:-2\r\nX-Swift-SaveTime: Mon, 23 Mar 2026 02:07:02 GMT\r\nX-Swift-CacheTime: 0\r\nTiming-Allow-Origin: *\r\nEagleId: b4a3921e17742316227826147e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":12191,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x470, components 3","md5":"d66e46600bd905c3db1956adb71ccecd","sha1":"5fd750d58676e800dfa347462197084415bd4ea8","sha256":"e48fde67c063244024039bc0c421b45433ab0017327b03af8eb339e2d58bfc0c","sha512":"81b1c949e25cfd064657b7e0f88ddc141b47109cdb3a9168c07e54e1c7435a4c0af5505465e04b982346a175b65831295a80b7f6e9a68bccfb222ddb6f54692e","ssdeep":"48:ZKS2Nn2D4HRJ3qbRNUvZiA5O3fz66z66z66z66z66z66z66z66z66z66z66z66zs:YSK23NIh5CLXXXXXXXXXXXXXXs","tlshash":"5b42a01a95506f0ecbe829f1d6c7e7212e17486190d3044bec6bb1b673e037de60ee5a","first_seen":"2026-03-08T19:30:27.971345Z","last_seen":"2026-03-23T02:07:42.217269Z","times_seen":2,"resource_available":false,"data":null}},"time_used":837,"timings":{"blocked":464,"dns":0,"connect":0,"send":0,"wait":361,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"xinyujidian.com/","fqdn":"xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"23.231.42.48","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-23T02:06:59.049Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: xinyujidian.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 02:06:04 GMT\r\nContent-Type: text/html\r\nContent-Length: 178\r\nConnection: keep-alive\r\nLocation: http://www.xinyujidian.com/\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":442,"timings":{"blocked":146,"dns":1,"connect":148,"send":0,"wait":147,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"xinyujidian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xinyujidian.com/","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-23T02:06:59.350Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: www.xinyujidian.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":147,"timings":{"blocked":147,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.xinyujidian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"23.231.42.48","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-23T02:06:59.676Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: www.xinyujidian.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 02:06:05 GMT\r\nContent-Type: text/html;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]}],"data":{"size":22861,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (633)","md5":"d032a5efaa6d40cb815f2e875336ad39","sha1":"c835e7868543dad833130cdc0278f8bc47bfd9f3","sha256":"2d1ab06d0d1d582f6ecfba3947bd9d7598165e7ae602501422b053404f0e9772","sha512":"d0b52b3c1d9ca910f9e5c1bcf03506a89d0c33c7e911a3919e53f119e596bf7fd4f8ac727f99a5bc1223c8fdc3a2c4cdef6ffa6eba185f978c34a484e93b2e03","ssdeep":"384:iagOOqOZxiHg9SqsvAHQJr2d/R5Efwr+d:iDOOqOZag8qUAir2FR5Evd","tlshash":"7fa2c63245d4583b016221e4b6b87b2fb4c6e217e8935d2172fca7dadfc6fc68c02099","first_seen":"2026-03-08T19:30:27.977433Z","last_seen":"2026-03-23T02:07:42.22204Z","times_seen":2,"resource_available":true,"data":null}},"time_used":543,"timings":{"blocked":164,"dns":1,"connect":165,"send":0,"wait":212,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.xinyujidian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/skins/2078/images/logo.jpg","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"23.231.42.48","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:00.222Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/2078/images/logo.jpg HTTP/1.1\r\nHost: www.xinyujidian.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 02:06:06 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.dlripuli.com/skins/2078/images/logo.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":21061,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":1578,"timings":{"blocked":1414,"dns":0,"connect":0,"send":0,"wait":164,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.xinyujidian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/skins/2078/images/banner1.jpg","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"23.231.42.48","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:01.853Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/2078/images/banner1.jpg HTTP/1.1\r\nHost: www.xinyujidian.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 02:06:07 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.dlripuli.com/skins/2078/images/banner1.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":515010,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":189,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":189,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.xinyujidian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/skins/2078/css/style.css","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"23.231.42.48","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:00.202Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/2078/css/style.css HTTP/1.1\r\nHost: www.xinyujidian.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 02:06:05 GMT\r\nContent-Type: text/css;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":138620,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (542)","md5":"684f0bbf6fba643a8a7cbfb1c3d5ab6e","sha1":"5b1d1eb7fb9679e1d769cb24a0718377d6059d3d","sha256":"3f586ac1d969756ffe6cb245b99236dbee37232f165c53bcd6ffeb3402aa832b","sha512":"736391716719aa2e0cbff1db520c4e90d360585fd1c8dce1747833eb39d0bb846c3b8bb32fada5ab98830bdf673379451de431911705f705c1d10f34f069c2ec","ssdeep":"3072:AXjHjjRzp2/vIsSwVzNp07AzyGihipzgC5jzMG8zgnkdz/zMG5C5zWdKA03zxGqg:0jHjjRzp2/vIsSwVzNp07AzyGihipzgt","tlshash":"e2d33132db81220df277a6767b926bdd231dc946f3c60afc5e606930d1cf16a40f2665","first_seen":"2026-03-08T19:30:27.972928Z","last_seen":"2026-03-23T02:07:42.224796Z","times_seen":2,"resource_available":false,"data":null}},"time_used":590,"timings":{"blocked":134,"dns":1,"connect":145,"send":0,"wait":165,"receive":145,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.xinyujidian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/skins/2078/js/wow.min.js","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"23.231.42.48","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:00.215Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/2078/js/wow.min.js HTTP/1.1\r\nHost: www.xinyujidian.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 02:06:05 GMT\r\nContent-Type: application/javascript;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":7057,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (7027)","md5":"4b253cabaafa86647183695c4c4365e7","sha1":"d653b2ed6a5d94f718b4ddcbef28d57bd8668cef","sha256":"027931e5177abc3f452dd92ffea8867a18381bcce1779bfe3843d4d7a582f97a","sha512":"029b932197a229594b96a294b0a4e7e660ddda4c870ddbf1d923aa6703467919720bcc3ef83ea2040925a2154970021ace58b1fb453232b642a1560c129f2501","ssdeep":"96:2PV6GqKyR6TYATHF/suCg5OVEE1nce1gJ1IHImBaokbl:2PVfSWFsuCsOVEENceiJmHILoe","tlshash":"e0e177c9bb877031d79791f2873f0506b33a59ada028047cb6a884e53d74c59523bf78","first_seen":"2023-03-07T12:05:24Z","last_seen":"2026-04-05T05:10:25.385229Z","times_seen":2246,"resource_available":true,"data":null}},"time_used":475,"timings":{"blocked":285,"dns":0,"connect":0,"send":0,"wait":190,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.xinyujidian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/js/JSChat.js","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"23.231.42.48","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:00.217Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/JSChat.js HTTP/1.1\r\nHost: www.xinyujidian.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 02:06:05 GMT\r\nContent-Type: application/javascript;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1596,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text","md5":"5122b87041a34991740a2418cf688de4","sha1":"ae0142e84d1e0f3c4749ea58827ae56d2a32fbbc","sha256":"40061d6dc948529ad974ca45b9b63d65ff87037086f65629d1e958cb1de10ccd","sha512":"a96700940fd242137764811caa4748780c79b6925f05ad2b31238126ee24d24ab70c05f0c72de11fde17efd99247a5b3225dbdc708249c59f9b047d5e435a481","ssdeep":"","tlshash":"de31edb24a53931209094ea3c71a134ce267915b9117e8623d3d6d643f88927b7997f0","first_seen":"2025-04-06T23:54:49.048059Z","last_seen":"2026-04-05T04:58:55.064088Z","times_seen":470,"resource_available":false,"data":null}},"time_used":476,"timings":{"blocked":286,"dns":0,"connect":0,"send":0,"wait":190,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.xinyujidian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"img50.chem17.com/gxhpic_fa9eab87f0/49061c4bc00b0b40e75e17710f1b77c1f16b581c56a9088f40e67fbc9fa02fd7b85ebba9d1f086d3_400_400_5.jpg","fqdn":"img50.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"101.71.10.236","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:00.230Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_fa9eab87f0/49061c4bc00b0b40e75e17710f1b77c1f16b581c56a9088f40e67fbc9fa02fd7b85ebba9d1f086d3_400_400_5.jpg HTTP/1.1\r\nHost: img50.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nServer: nginx/1.28.1\r\nDate: Mon, 23 Mar 2026 02:07:02 GMT\r\nContent-Type: text/html\r\nContent-Length: 153\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Nginx:1.28.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":1999,"timings":{"blocked":1407,"dns":0,"connect":296,"send":0,"wait":296,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/skins/2078/images/banner2.jpg","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"23.231.42.48","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:01.855Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/2078/images/banner2.jpg HTTP/1.1\r\nHost: www.xinyujidian.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 02:06:07 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.dlripuli.com/skins/2078/images/banner2.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":178379,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":186,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":186,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.xinyujidian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fcl.xueyuxingfeng.com:6987/067/ade/sj.js","fqdn":"fcl.xueyuxingfeng.com","domain":"xueyuxingfeng.com","tld":"com"},"ip":{"addr":"27.124.44.6","port":6987,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:00.363Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"fcl.xueyuxingfeng.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 02:39:06 GMT","end":"Mon, 15 Jun 2026 02:39:05 GMT"},"fingerprint":{"sha1":"9C:02:BC:FD:E6:FD:6F:73:A8:FF:02:17:D8:7B:9B:7F:1C:15:3C:76","sha256":"C8:B1:53:77:6B:D6:88:15:FD:58:31:16:AE:D3:12:44:08:D5:BD:EF:E6:F5:9E:D4:9A:66:25:E8:50:22:88:B1"}}},"request":{"raw":"GET /067/ade/sj.js HTTP/1.1\r\nHost: fcl.xueyuxingfeng.com:6987\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 02:07:01 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 13 Dec 2024 04:59:05 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"675bbf19-d26\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3366,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text","md5":"fa19716607c7d8137d9cfbe623dba7cb","sha1":"e46242940c345610d692c2b1ce8fe9c1152aa46c","sha256":"cc9193fc7e8e2722b308b5de9881b0442e21363e33b296824381d574816bae16","sha512":"391ff0cdc99fdcfb81af8a0a72425b9e178309d74d5ec96642dbfc1fdd98be8529260af73ac6896dd45266adde8cfcfa96083e4c94a10ef1a3e593de0915d60b","ssdeep":"","tlshash":"4b611f54ef8d20338e133155ae6f958c24be68577d48eca7f84c64d44fa0d38852beac","first_seen":"2024-12-18T10:35:23.532443Z","last_seen":"2026-04-04T22:13:19.170087Z","times_seen":212,"resource_available":true,"data":null}},"time_used":2099,"timings":{"blocked":900,"dns":7,"connect":295,"send":0,"wait":298,"receive":0,"ssl":596},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"fcl.xueyuxingfeng.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"fcl.xueyuxingfeng.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.dlripuli.com/skins/2078/images/jt3.png","fqdn":"www.dlripuli.com","domain":"dlripuli.com","tld":"com"},"ip":{"addr":"180.163.146.39","port":80,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:02.214Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/2078/images/jt3.png HTTP/1.1\r\nHost: www.dlripuli.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.xinyujidian.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Tengine\r\nContent-Type: image/png\r\nContent-Length: 15026\r\nConnection: keep-alive\r\nDate: Mon, 23 Mar 2026 02:07:02 GMT\r\nLast-Modified: Fri, 20 Dec 2024 03:55:05 GMT\r\nAccept-Ranges: bytes\r\nETag: \"80721f49252db1:0\"\r\nX-Powered-By: AN-115.4.179\r\nX-Download-Options: noopen\r\nX-Frame-Options: SAMEORIGIN\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-XSS-Protection: 1; mode=block\r\nContent-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;\r\nX-Content-Type-Options: nosniff\r\nVia: cache18.l2cn8786[25,25,200-0,M], cache60.l2cn8786[26,0], kunlun3.cn7174[45,44,200-0,M], kunlun5.cn7174[48,0]\r\nAli-Swift-Global-Savetime: 1774231622\r\nX-Cache: MISS TCP_MISS dirn:-2:-2\r\nX-Swift-SaveTime: Mon, 23 Mar 2026 02:07:02 GMT\r\nX-Swift-CacheTime: 0\r\nTiming-Allow-Origin: *\r\nEagleId: b4a3921917742316228091877e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":15026,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 20, 8-bit/color RGBA, non-interlaced","md5":"eac80817892db29c6adb4cebfe65b5a3","sha1":"98b7b7814a24b22774fca24bcbaeb9881e546fa0","sha256":"6bfe790155f8919dd162f3c5aa8b35f498313770b4af8d9f5cb70dd7033cf2a8","sha512":"79fe83eda123f0c0050ce4054f9e9c210b1f744296ce294ab5699d29b2b8196f3fc79670de716b85fab7e819db22c800cabf5526bef679643586073d38b189e0","ssdeep":"48:u/6uuh8k29WJsEvIfl280vbuN5BL7KxN+Y97sc5a77SQ9ke:uSj8kEWmzQzoexNX7sc5at9ke","tlshash":"89626560fdf175a4a6c9d4722dd635095d330683d9c09d85bace5c57af00bea0c8f197","first_seen":"2026-03-08T19:30:27.969503Z","last_seen":"2026-03-23T02:07:42.230523Z","times_seen":2,"resource_available":false,"data":null}},"time_used":812,"timings":{"blocked":482,"dns":0,"connect":0,"send":0,"wait":307,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/jquery.la.min.js","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"23.231.42.48","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:03.026Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /jquery.la.min.js HTTP/1.1\r\nHost: www.xinyujidian.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 02:06:08 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 17 Nov 2025 11:00:49 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"691b0061-4c5\"\r\nExpires: Mon, 23 Mar 2026 03:06:08 GMT\r\nCache-Control: max-age=3600\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1221,"size_decoded":0,"mime_type":"application/javascript","magic":"HTML document, ASCII text, with very long lines (554)","md5":"8fd4b6cce314883a0f42ecdd36ee4a0c","sha1":"589bc7e2a54ca867dc40c02b117b8f8a514a79f2","sha256":"98dbd7adb78c3ae0190868fdb4f5501183030b3b99928f95c044052c1b16bb5a","sha512":"09dd35061d7958d3857f8746108030b6abfccc329390afdc4c832d9d7382a96664faf01f37cc704ec24be70d9f7e483169a0c64ac2dfd73af2366034c02d81a9","ssdeep":"","tlshash":"9c21c15efc05e2146f56397633b7d9ace9ae10319409d80665eec0ac7c25ff94511e0c","first_seen":"2023-11-23T05:47:09Z","last_seen":"2026-03-28T00:31:05.150443Z","times_seen":37,"resource_available":true,"data":null}},"time_used":172,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":171,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.xinyujidian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/jquery.min.js","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"23.231.42.48","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:00.197Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /jquery.min.js HTTP/1.1\r\nHost: www.xinyujidian.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 02:06:05 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 718\r\nLast-Modified: Mon, 17 Nov 2025 11:00:49 GMT\r\nConnection: keep-alive\r\nETag: \"691b0061-2ce\"\r\nExpires: Mon, 23 Mar 2026 03:06:05 GMT\r\nCache-Control: max-age=3600\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":718,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (718), with no line terminators","md5":"a75ada17c3011458d74a0e4c5cc17ffa","sha1":"8e57d597b1caeb46af5a4578034187eda8bf8b26","sha256":"8056951f7605e0cc00e96769abe87124de09d74273e83efb7992dddc056390ce","sha512":"b56551f614e99478ac6a0e273fe4bb4b796c29e118732b903d11ec3dfc8368f0872386a3970dad897a0b5dceb21adb5557827c6dad66a642480a1f52c45fef4e","ssdeep":"","tlshash":"d30181d8c7c4d89baecc5e43ea24deca25b3813b97d832838318fe8c01ad157c89c049","first_seen":"2023-03-07T12:26:46Z","last_seen":"2026-04-02T16:01:36.350899Z","times_seen":124,"resource_available":true,"data":null}},"time_used":165,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":165,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.xinyujidian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/skins/2078/css/common.css","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"23.231.42.48","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:00.200Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/2078/css/common.css HTTP/1.1\r\nHost: www.xinyujidian.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 02:06:05 GMT\r\nContent-Type: text/css;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":24997,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"troff or preprocessor input, ASCII text, with very long lines (331)","md5":"c310f3d40e6bca94b2bc04e3a32c309b","sha1":"bf835388dd38d57806365b34a0b4f92ba35e0b7d","sha256":"5cc9a579650c72cac551703e76b84fad347e8876bf0c56f166e13812bf60de99","sha512":"0230ca2ffa7314daa8366351f1ae2b54ee86019b18abb65897676c118559203d7ac360ddeb7a063e3ce8be40e46eb9a84e9b559ff96819253c536fd45c690144","ssdeep":"768:mE0CwE2z/rCqGcRNHxfRtfRsfR8fRtPFEqMSnJ:mE0CwE2z/rCqGcRNHxfRtfRsfR8fRtPl","tlshash":"fcb201368b412049b277d202ebd3abec9376c543a39237ac9f5db960c1cf49905fae51","first_seen":"2026-03-08T19:30:27.959101Z","last_seen":"2026-03-23T02:07:42.23723Z","times_seen":2,"resource_available":false,"data":null}},"time_used":446,"timings":{"blocked":134,"dns":1,"connect":145,"send":0,"wait":166,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.xinyujidian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"chat.chem17.com/chat/KFRightBox/2078","fqdn":"chat.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"180.163.146.45","port":443,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:00.220Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.chem17.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Fri, 30 Jan 2026 03:48:59 GMT","end":"Mon, 01 Mar 2027 03:48:58 GMT"},"fingerprint":{"sha1":"BC:1B:56:74:1F:D2:AD:8C:7B:18:74:39:16:F7:F9:FA:A4:04:D2:1B","sha256":"38:26:45:68:08:DD:6E:E5:CF:E0:F2:F5:57:2B:D9:F4:CE:AB:A9:2C:1C:DF:60:78:A7:38:7F:7A:44:1A:9C:79"}}},"request":{"raw":"GET /chat/KFRightBox/2078 HTTP/1.1\r\nHost: chat.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 49\r\ndate: Mon, 23 Mar 2026 02:07:01 GMT\r\ncache-control: private\r\nx-aspnetmvc-version: 3.0\r\nx-aspnet-version: 4.0.30319\r\nset-cookie: ASP.NET_SessionId=mxwxcflv2hws0vibs1wzomoz; path=/; HttpOnly; SameSite=Lax\nmtcached_mtsession_mxwxcflv2hws0vibs1wzomoz=10.115.3.111:9716; domain=chat.chem17.com; path=/; HttpOnly\r\nx-powered-by: ASP.NET-hg4.163\r\ncontent-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data:;\r\nvia: cache63.l2cn2601[62,62,200-0,M], cache1.l2cn2601[63,0], kunlun3.cn7174[76,76,200-0,M], kunlun8.cn7174[81,0]\r\nali-swift-global-savetime: 1774231621\r\nx-cache: MISS TCP_MISS dirn:-2:-2\r\nx-swift-savetime: Mon, 23 Mar 2026 02:07:01 GMT\r\nx-swift-cachetime: 0\r\ntiming-allow-origin: *\r\neagleid: b4a3921c17742316213833961e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET:4.0.30319","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":49,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with CRLF line terminators","md5":"b936460ba988b30cd79d99ae93c77106","sha1":"a44405ff5b67abf66ef77714e4364e6c3f1e9940","sha256":"6cd604b71e1e21050b6a41602716b9a722e769a5d7cfb3b97152f3d73dcef5c9","sha512":"ad4731faf916fbb7118af38e25fa7e15814294950676fbd4ec41aeba5c7508ed34b7a7a4c98e1834e1096ea92e6301935699ed6df01a7416632e39063c0c9661","ssdeep":"","tlshash":"3990023209b10052711510915943e1456595959129de9915a00004a572529539a06d51","first_seen":"2023-03-07T12:42:46Z","last_seen":"2026-04-05T04:58:55.066133Z","times_seen":582,"resource_available":true,"data":null}},"time_used":1425,"timings":{"blocked":-1,"dns":153,"connect":254,"send":0,"wait":588,"receive":0,"ssl":437},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/skins/2078/images/ind_about.jpg","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"23.231.42.48","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:00.234Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/2078/images/ind_about.jpg HTTP/1.1\r\nHost: www.xinyujidian.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 02:06:06 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.dlripuli.com/skins/2078/images/ind_about.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":65046,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":1581,"timings":{"blocked":1402,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.xinyujidian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/skins/2078/images/foot_tel.png","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"23.231.42.48","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:00.242Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/2078/images/foot_tel.png HTTP/1.1\r\nHost: www.xinyujidian.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 02:06:06 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.dlripuli.com/skins/2078/images/foot_tel.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1333,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":1558,"timings":{"blocked":1394,"dns":0,"connect":0,"send":0,"wait":164,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.xinyujidian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.dlripuli.com/skins/2078/images/foot_logo.png","fqdn":"www.dlripuli.com","domain":"dlripuli.com","tld":"com"},"ip":{"addr":"180.163.146.39","port":80,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:01.955Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/2078/images/foot_logo.png HTTP/1.1\r\nHost: www.dlripuli.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.xinyujidian.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Tengine\r\nContent-Type: image/png\r\nContent-Length: 11049\r\nConnection: keep-alive\r\nDate: Mon, 23 Mar 2026 02:07:02 GMT\r\nLast-Modified: Fri, 20 Dec 2024 03:54:55 GMT\r\nAccept-Ranges: bytes\r\nETag: \"8091bee9252db1:0\"\r\nX-Powered-By: AN-115.4.178\r\nX-Download-Options: noopen\r\nX-Frame-Options: SAMEORIGIN\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-XSS-Protection: 1; mode=block\r\nContent-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;\r\nX-Content-Type-Options: nosniff\r\nVia: cache31.l2cn1800[31,42,200-0,M], cache13.l2cn1800[32,0], kunlun9.cn7174[55,55,200-0,M], kunlun8.cn7174[60,0]\r\nAli-Swift-Global-Savetime: 1774231622\r\nX-Cache: MISS TCP_MISS dirn:-2:-2\r\nX-Swift-SaveTime: Mon, 23 Mar 2026 02:07:02 GMT\r\nX-Swift-CacheTime: 0\r\nTiming-Allow-Origin: *\r\nEagleId: b4a3921c17742316223328626e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":11049,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 444 x 122, 8-bit/color RGBA, non-interlaced","md5":"51ad38ce8dc862c16ecaafceb39579ab","sha1":"19c4d8e4b9ae03cab1b377c21e98b9254de095fd","sha256":"c63274b4add7d55d72a7ff49ea35dbdcdd852c8720feabca5c0fe5e9b45108a9","sha512":"66e6cc88d35e56560296f0af7894b73c0c04d2d5b243b627e49635c61ef3f5021ab69765cf46fbad957dd2aa6ac3c528afac9fd03fd7418e095d533d8ea2c28b","ssdeep":"192:uO18Ar5717MJc9QgF19l55Va8MstsbF5NzFLM6p+Q48rerm31o1knYYUlkGQ:0Ar571M4xFHl55VaqtsbF5NzFQ6pX48x","tlshash":"7632af9fde7e102ae8489e1d9ed600746742d4a048e1b678e54dda1a4e35b3c48336df","first_seen":"2026-03-08T19:30:27.940559Z","last_seen":"2026-03-23T02:07:42.240501Z","times_seen":2,"resource_available":false,"data":null}},"time_used":585,"timings":{"blocked":-1,"dns":1,"connect":259,"send":0,"wait":322,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.dlripuli.com/skins/2078/images/banner4.jpg","fqdn":"www.dlripuli.com","domain":"dlripuli.com","tld":"com"},"ip":{"addr":"180.163.146.39","port":80,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:02.061Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/2078/images/banner4.jpg HTTP/1.1\r\nHost: www.dlripuli.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.xinyujidian.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Tengine\r\nContent-Type: image/jpeg\r\nContent-Length: 311623\r\nConnection: keep-alive\r\nDate: Mon, 23 Mar 2026 02:07:03 GMT\r\nLast-Modified: Fri, 07 Mar 2025 02:58:19 GMT\r\nAccept-Ranges: bytes\r\nETag: \"29b7d8c7c8fdb1:0\"\r\nX-Powered-By: AN-114.4.179\r\nX-Download-Options: noopen\r\nX-Frame-Options: SAMEORIGIN\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-XSS-Protection: 1; mode=block\r\nContent-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;\r\nX-Content-Type-Options: nosniff\r\nVia: cache65.l2cn8003[88,88,200-0,M], cache21.l2cn8003[89,0], kunlun8.cn7174[101,101,200-0,M], kunlun10.cn7174[106,0]\r\nAli-Swift-Global-Savetime: 1774231623\r\nX-Cache: MISS TCP_MISS dirn:-2:-2\r\nX-Swift-SaveTime: Mon, 23 Mar 2026 02:07:03 GMT\r\nX-Swift-CacheTime: 0\r\nTiming-Allow-Origin: *\r\nEagleId: b4a3921e17742316231128212e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":311623,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x700, components 3","md5":"bdb20cc08684e749d325bdb0cf91d1f7","sha1":"9ff788a27e447a70f1e7213e878292d049b0fb5f","sha256":"3b3e9725a079f2c5fee5bdb09e925dac7af3e73f12e5853d2c53161a474b1f8d","sha512":"c6b5fc4282844ebe7f2dc0f217d5aebd1b1e2aa1028a3d7d2803fd78ed376e86e4ec44b2e52ed16f2e9e485a8ee7e57ed5708e05b5a5345107580be881f755f4","ssdeep":"6144:wG3DEG/j7URTzHFR1ZR2hC24KeugP54V4b7BKPjm8UfM+ep9BaduP:wG3jYRTzHZ24lhb72m8UfM+w","tlshash":"0c6423f1bcb0ed101f7c19b5059eda6fb40ef8b5878ce4fd45aa8846beac9c51806391","first_seen":"2026-03-08T19:30:27.932321Z","last_seen":"2026-03-23T02:07:42.24759Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1905,"timings":{"blocked":936,"dns":0,"connect":0,"send":0,"wait":366,"receive":603,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chem17.com/asyncstat.aspx?u=xuaili\u0026referer=\u0026title=%u609F%u7A7A%u4F53%u80B2%u5B98%u7F51%20%7C%20WUKONG%20SPORTS-%u5B98%u65B9%u96C6%u56E2%u5E73%u53F0","fqdn":"www.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"180.163.146.43","port":443,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:01.844Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.chem17.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Fri, 30 Jan 2026 03:48:59 GMT","end":"Mon, 01 Mar 2027 03:48:58 GMT"},"fingerprint":{"sha1":"BC:1B:56:74:1F:D2:AD:8C:7B:18:74:39:16:F7:F9:FA:A4:04:D2:1B","sha256":"38:26:45:68:08:DD:6E:E5:CF:E0:F2:F5:57:2B:D9:F4:CE:AB:A9:2C:1C:DF:60:78:A7:38:7F:7A:44:1A:9C:79"}}},"request":{"raw":"GET /asyncstat.aspx?u=xuaili\u0026referer=\u0026title=%u609F%u7A7A%u4F53%u80B2%u5B98%u7F51%20%7C%20WUKONG%20SPORTS-%u5B98%u65B9%u96C6%u56E2%u5E73%u53F0 HTTP/1.1\r\nHost: www.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 542\r\ndate: Mon, 23 Mar 2026 02:07:02 GMT\r\ncache-control: no-cache\r\npragma: no-cache\r\nexpires: -1\r\nx-aspnet-version: 4.0.30319\r\nset-cookie: ASP.NET_SessionId=00bkxvx4kqprbsnc44ogdjqk; path=/; HttpOnly; SameSite=Lax\nmtcached_mtsession_00bkxvx4kqprbsnc44ogdjqk=10.115.3.113:9717; domain=.chem17.com; path=/; HttpOnly\r\nx-powered-by: ASP.NET-4.25\r\ncontent-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;\r\nvia: ens-cache45.l2cn7368[36,36,200-0,M], ens-cache82.l2cn7368[37,0], kunlun8.cn7174[63,65,200-0,M], kunlun3.cn7174[69,0]\r\nali-swift-global-savetime: 1774231622\r\nx-cache: MISS TCP_MISS dirn:-2:-2\r\nx-swift-savetime: Mon, 23 Mar 2026 02:07:02 GMT\r\nx-swift-cachetime: 0\r\ntiming-allow-origin: *\r\neagleid: b4a3921717742316219641138e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Microsoft ASP.NET:4.0.30319","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":542,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (516), with CRLF line terminators","md5":"2475760a95caa8390117487a54bb26ab","sha1":"77f758d6c42bec23e40032748e3e114b4803c517","sha256":"ead488b0b322d8db77f0c3a4cddfe6cb56b44b3d980eabd90a51464c9001ae1d","sha512":"32e49f97c3827dda7726909e1edb40823e2b792c7eefeea7632e59b3aa34134123928fe869938cad50b3a1b08ed588d47db58f47d6fa746feb5b642d43f9bb6b","ssdeep":"","tlshash":"29f08b6b4c00d6ea8c00a8adeea1e344c55b0b6b3012d972a163018123202b7b09cdcb","first_seen":"2026-03-08T19:30:27.967417Z","last_seen":"2026-03-23T02:07:42.251895Z","times_seen":2,"resource_available":false,"data":null}},"time_used":332,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":332,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/skins/2078/images/banner3.jpg","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"23.231.42.48","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:01.857Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/2078/images/banner3.jpg HTTP/1.1\r\nHost: www.xinyujidian.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 02:06:07 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.dlripuli.com/skins/2078/images/banner3.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":219456,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.xinyujidian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.dlripuli.com/skins/2078/images/SSbtn_icon1.png","fqdn":"www.dlripuli.com","domain":"dlripuli.com","tld":"com"},"ip":{"addr":"180.163.146.39","port":80,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:02.057Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/2078/images/SSbtn_icon1.png HTTP/1.1\r\nHost: www.dlripuli.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.xinyujidian.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Tengine\r\nContent-Type: image/png\r\nContent-Length: 14857\r\nConnection: keep-alive\r\nDate: Mon, 23 Mar 2026 02:07:02 GMT\r\nLast-Modified: Fri, 20 Dec 2024 03:54:57 GMT\r\nAccept-Ranges: bytes\r\nETag: \"80be3cef9252db1:0\"\r\nX-Powered-By: AN-114.4.178\r\nX-Download-Options: noopen\r\nX-Frame-Options: SAMEORIGIN\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-XSS-Protection: 1; mode=block\r\nContent-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;\r\nX-Content-Type-Options: nosniff\r\nVia: ens-cache28.l2cn7857[41,40,200-0,M], ens-cache15.l2cn7857[42,0], kunlun3.cn7174[71,71,200-0,M], kunlun10.cn7174[73,0]\r\nAli-Swift-Global-Savetime: 1774231622\r\nX-Cache: MISS TCP_MISS dirn:-2:-2\r\nX-Swift-SaveTime: Mon, 23 Mar 2026 02:07:02 GMT\r\nX-Swift-CacheTime: 0\r\nTiming-Allow-Origin: *\r\nEagleId: b4a3921e17742316224294056e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":14857,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 21 x 20, 8-bit/color RGBA, non-interlaced","md5":"0216f782b8e032b0ec03b4d79950021b","sha1":"6bfc7f888c6f280a18351b533cfa5cd3f0c5558c","sha256":"52efd2b0820d7b05ea96f53904fc078956a4a487bb2fb559802ebea65bd8cd32","sha512":"0e8e37ea88ed9cf601f3413e7b58e23dba77cb10b8ee07db047491a475f5faee0dce1697e488543f04a9d565c0407c09a936dd2c3dca2077eb5b48c005a828ca","ssdeep":"48:u/6fu+k29W8sEvFxN+Y9tbQXlBC2xsc5q777pn8:uSTkEWR4xNXAsc5K7p8","tlshash":"ca627228bcf07860908aa5322cd529056c770503eac28d45fbce5c27bf02be94c9f286","first_seen":"2026-03-08T19:30:27.976043Z","last_seen":"2026-03-23T02:07:42.255769Z","times_seen":2,"resource_available":false,"data":null}},"time_used":607,"timings":{"blocked":1,"dns":1,"connect":254,"send":0,"wait":327,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"api.share.baidu.com/s.gif?l=http://www.xinyujidian.com/","fqdn":"api.share.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:02.746Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /s.gif?l=http://www.xinyujidian.com/ HTTP/1.1\r\nHost: api.share.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/skins/2078/css/animate.min.css","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"23.231.42.48","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:00.204Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/2078/css/animate.min.css HTTP/1.1\r\nHost: www.xinyujidian.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 02:06:05 GMT\r\nContent-Type: text/css;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":61206,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (61206), with no line terminators","md5":"d1dd93cef95e350ac15320b7e15bcdb5","sha1":"8e03c36b4ab20a001bad874a0b7e9361d0fc8b1f","sha256":"c00acf8d8f2e373adecea3d377ea0be17e90bc89a9e694255330a747a6f271e2","sha512":"33f6cc4d1575440ba0d27797a570e390d844c88be4d1355d7c9ee8f48fad8defbc97a059caef435bac6aecef703afe082b97aae3e40fcee0f6e6e32b6f0b59c4","ssdeep":"768:JkZlIuqI46CIBqI4IuwG1RASkMDs3Uyp5CrWeu0GT6sPasL:JkZ6IuwG1RASkMDs3Uyp5CrWeu0GTj","tlshash":"a45347ae5891228991664b66c3cc4e684b3dc77714625cdf3385684b8f87f9f33ea207","first_seen":"2026-01-17T19:58:42.585854Z","last_seen":"2026-03-23T02:07:42.259446Z","times_seen":4,"resource_available":false,"data":null}},"time_used":446,"timings":{"blocked":133,"dns":1,"connect":145,"send":0,"wait":167,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.xinyujidian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"img49.chem17.com/gxhpic_fa9eab87f0/55366089fa262a158d6c6408436a7e412c7b534904b621e0b2e275c117ee55ff6db58be4c6cff19b_400_400_5.jpg","fqdn":"img49.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"101.71.10.236","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:00.227Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_fa9eab87f0/55366089fa262a158d6c6408436a7e412c7b534904b621e0b2e275c117ee55ff6db58be4c6cff19b_400_400_5.jpg HTTP/1.1\r\nHost: img49.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nServer: nginx/1.28.1\r\nDate: Mon, 23 Mar 2026 02:07:02 GMT\r\nContent-Type: text/html\r\nContent-Length: 153\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Nginx:1.28.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":1965,"timings":{"blocked":1410,"dns":1,"connect":277,"send":0,"wait":277,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.dlripuli.com/skins/2078/images/foot_tel.png","fqdn":"www.dlripuli.com","domain":"dlripuli.com","tld":"com"},"ip":{"addr":"180.163.146.39","port":80,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:01.953Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/2078/images/foot_tel.png HTTP/1.1\r\nHost: www.dlripuli.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.xinyujidian.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Tengine\r\nContent-Type: image/png\r\nContent-Length: 1333\r\nConnection: keep-alive\r\nDate: Mon, 23 Mar 2026 02:07:02 GMT\r\nLast-Modified: Fri, 20 Dec 2024 03:55:12 GMT\r\nAccept-Ranges: bytes\r\nETag: \"0902df89252db1:0\"\r\nX-Powered-By: AN-114.4.178\r\nX-Download-Options: noopen\r\nX-Frame-Options: SAMEORIGIN\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-XSS-Protection: 1; mode=block\r\nContent-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;\r\nX-Content-Type-Options: nosniff\r\nVia: cache51.l2cn2655[30,29,200-0,M], cache50.l2cn2655[32,0], kunlun5.cn7174[44,45,200-0,M], kunlun10.cn7174[49,0]\r\nAli-Swift-Global-Savetime: 1774231622\r\nX-Cache: MISS TCP_MISS dirn:-2:-2\r\nX-Swift-SaveTime: Mon, 23 Mar 2026 02:07:02 GMT\r\nX-Swift-CacheTime: 0\r\nTiming-Allow-Origin: *\r\nEagleId: b4a3921e17742316225734922e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":1333,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 18 x 20, 8-bit/color RGBA, non-interlaced","md5":"e672dbee7b7e7e9222498cff1a6b0a3a","sha1":"4ca28c01cffb5d824fe1be425366fd7e93a663bc","sha256":"bfdee42dcce445f999cfb7f1b467246b7f56684617be65f606cb7457a8b40f26","sha512":"ca0e9e97bb1b8331ce9b1f6fb9d503843f81733538155f9634ede09862b84de68826a70021b673364c05709cf37b2045cea8c127bfd1c03d4c8b42c887e981e8","ssdeep":"","tlshash":"4c21a849bc803440f8cd5dd708f37063493644c8cae4d069b5ced9165c781b6801e5ff","first_seen":"2026-03-08T19:30:27.97902Z","last_seen":"2026-03-23T02:07:42.260498Z","times_seen":2,"resource_available":false,"data":null}},"time_used":820,"timings":{"blocked":-1,"dns":0,"connect":512,"send":0,"wait":308,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"collect-v6.51.la/v6/collect?dt=4","fqdn":"collect-v6.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"43.159.107.113","port":80,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:04.687Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /v6/collect?dt=4 HTTP/1.1\r\nHost: collect-v6.51.la\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Length: 379\r\nOrigin: http://www.xinyujidian.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 210 Unknown Status\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: http://www.xinyujidian.com\r\nAccess-Control-Allow-Credentials: true\r\nServer: TencentEdgeOne\r\nContent-Length: 0\r\nConnection: keep-alive\r\nDate: Mon, 23 Mar 2026 02:07:04 GMT\r\nEO-LOG-UUID: 15067903598474601108\r\nEO-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"210","status_text":"Unknown Status","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":366,"timings":{"blocked":60,"dns":19,"connect":19,"send":0,"wait":268,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"img45.chem17.com/gxhpic_fa9eab87f0/2edd694ecc62c499dd74b492fb6068abcfb4abf2537805e1f5a4e83ed192284e424e5489e8aa63fd_400_400_5.jpg","fqdn":"img45.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"101.71.10.236","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:00.232Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_fa9eab87f0/2edd694ecc62c499dd74b492fb6068abcfb4abf2537805e1f5a4e83ed192284e424e5489e8aa63fd_400_400_5.jpg HTTP/1.1\r\nHost: img45.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nServer: nginx/1.28.1\r\nDate: Mon, 23 Mar 2026 02:07:01 GMT\r\nContent-Type: text/html\r\nContent-Length: 153\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Nginx:1.28.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":1931,"timings":{"blocked":1405,"dns":0,"connect":263,"send":0,"wait":263,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/skins/2078/js/common.js","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"23.231.42.48","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:00.243Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/2078/js/common.js HTTP/1.1\r\nHost: www.xinyujidian.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 02:06:05 GMT\r\nContent-Type: application/javascript;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":774,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"46e7fd486cd27a9717dec0729e0bca86","sha1":"034cc54aa2c374c9a66d3fcd9c1fa8de303a72b9","sha256":"c70b16aff1c3030555744fb64709dac810ef9a270b05c10cccc3ea36e109c08f","sha512":"19fcc543f515b0523531012f0859c0a0444fcb2a69c122885e2437aeab810936c6ba21c504f076592876ce768cd847f52b317b3cc13bf21ef67b2e283e2f9c20","ssdeep":"","tlshash":"a401006cf289652101fb717a9e2fd3c9382834533487a586a05d48f81db47be4415d88","first_seen":"2026-03-08T19:30:27.964191Z","last_seen":"2026-03-23T02:07:42.26299Z","times_seen":2,"resource_available":true,"data":null}},"time_used":450,"timings":{"blocked":261,"dns":0,"connect":0,"send":0,"wait":189,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.xinyujidian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.dlripuli.com/skins/2078/images/banner2.jpg","fqdn":"www.dlripuli.com","domain":"dlripuli.com","tld":"com"},"ip":{"addr":"180.163.146.39","port":80,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:02.060Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/2078/images/banner2.jpg HTTP/1.1\r\nHost: www.dlripuli.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.xinyujidian.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Tengine\r\nContent-Type: image/jpeg\r\nContent-Length: 178379\r\nConnection: keep-alive\r\nDate: Mon, 23 Mar 2026 02:07:03 GMT\r\nLast-Modified: Thu, 10 Apr 2025 06:48:14 GMT\r\nAccept-Ranges: bytes\r\nETag: \"04b2f88e4a9db1:0\"\r\nX-Powered-By: AN-114.4.178\r\nX-Download-Options: noopen\r\nX-Frame-Options: SAMEORIGIN\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-XSS-Protection: 1; mode=block\r\nContent-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;\r\nX-Content-Type-Options: nosniff\r\nVia: cache21.l2cn8003[45,45,200-0,M], cache49.l2cn8003[47,0], kunlun1.cn7174[59,59,200-0,M], kunlun8.cn7174[70,0]\r\nAli-Swift-Global-Savetime: 1774231623\r\nX-Cache: MISS TCP_MISS dirn:-2:-2\r\nX-Swift-SaveTime: Mon, 23 Mar 2026 02:07:03 GMT\r\nX-Swift-CacheTime: 0\r\nTiming-Allow-Origin: *\r\nEagleId: b4a3921c17742316230034573e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":178379,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x700, components 3","md5":"548801feb6189c56fb6453e1d10b9b17","sha1":"6a60b2a0e2e544f6933a420b78c259f124d47f25","sha256":"20eabd3f3de77a01c14dc23c9046d9da353095efbc11ceebcc810ed18497ad92","sha512":"7da7a3885966697f62d5064c98737f3f0ee78e637ff6df0dfd5bb43be7734d156f7d009f9bb027f13b93fe28c04bca146b6b082f65f7bc853358daa479d7a4b3","ssdeep":"3072:kz+ux3SdGBT4yW81wjV7FjMYhadwcoRugMKbnhc1M5jCVptwWIAIrXpz2rr2:aqGl4yWTpA3icXKbhUMFCVMWtIr56m","tlshash":"2104128a32baeb88eec6128db97084951f3303176b15b5f7b16746fb1f136d01eb9046","first_seen":"2026-03-08T19:30:27.934778Z","last_seen":"2026-03-23T02:07:42.265383Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1742,"timings":{"blocked":809,"dns":0,"connect":0,"send":0,"wait":346,"receive":587,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"img58.chem17.com/gxhpic_fa9eab87f0/2edd694ecc62c499dd74b492fb6068ab318e4472489813365a310ddef8e31debda44480a77a5cf1a_400_400_5.jpg","fqdn":"img58.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"101.71.10.236","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:00.229Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_fa9eab87f0/2edd694ecc62c499dd74b492fb6068ab318e4472489813365a310ddef8e31debda44480a77a5cf1a_400_400_5.jpg HTTP/1.1\r\nHost: img58.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nServer: nginx/1.28.1\r\nDate: Mon, 23 Mar 2026 02:07:02 GMT\r\nContent-Type: text/html\r\nContent-Length: 153\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Nginx:1.28.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":1972,"timings":{"blocked":1408,"dns":0,"connect":282,"send":0,"wait":282,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/skins/2078/fonts/Helvetica.ttf","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"23.231.42.48","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:01.830Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/2078/fonts/Helvetica.ttf HTTP/1.1\r\nHost: www.xinyujidian.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/skins/2078/css/common.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 02:06:07 GMT\r\nContent-Type: text/html;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":4060,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (835)","md5":"0ece712b98cee7f2f6bb9f83fb252464","sha1":"bd1e3516a59fd495f1fe4a8ac251c1bcd62cdf52","sha256":"5d0cc144ec521eb1175b612bee6e9d08bf0cfc9a498ba5ad14693e97841aba14","sha512":"723e3564d3fd16c425e0b595cd6bf53296fcdc2cd03877bbb804a047d2e2cf06daa6f9539faf171330fb2acdebabfb9d90e1cd371f3eb5ba7d979be86f38133e","ssdeep":"","tlshash":"8181b730a6d71139b233c4f678a6b55cb19185ab95029b74d1febed2cf467ce6033940","first_seen":"2026-03-08T19:30:27.929476Z","last_seen":"2026-03-23T02:07:42.267802Z","times_seen":2,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.xinyujidian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.dlripuli.com/skins/2078/images/ind_about.jpg","fqdn":"www.dlripuli.com","domain":"dlripuli.com","tld":"com"},"ip":{"addr":"180.163.146.39","port":80,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:01.956Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/2078/images/ind_about.jpg HTTP/1.1\r\nHost: www.dlripuli.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.xinyujidian.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Tengine\r\nContent-Type: image/jpeg\r\nContent-Length: 65046\r\nConnection: keep-alive\r\nDate: Mon, 23 Mar 2026 02:07:02 GMT\r\nLast-Modified: Thu, 11 Sep 2025 08:47:33 GMT\r\nAccept-Ranges: bytes\r\nETag: \"8080e5b6f822dc1:0\"\r\nX-Powered-By: AN-115.4.178\r\nX-Download-Options: noopen\r\nX-Frame-Options: SAMEORIGIN\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-XSS-Protection: 1; mode=block\r\nContent-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;\r\nX-Content-Type-Options: nosniff\r\nVia: cache52.l2cn2655[32,31,200-0,M], cache17.l2cn2655[33,0], kunlun9.cn7174[240,239,200-0,M], kunlun10.cn7174[243,0]\r\nAli-Swift-Global-Savetime: 1774231622\r\nX-Cache: MISS TCP_MISS dirn:-2:-2\r\nX-Swift-SaveTime: Mon, 23 Mar 2026 02:07:02 GMT\r\nX-Swift-CacheTime: 0\r\nTiming-Allow-Origin: *\r\nEagleId: b4a3921e17742316223283498e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":65046,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 407x342, components 3","md5":"db36335cd60c06145c5d14135a83d448","sha1":"a6a6acca2af2f0162623da59e9e92af87f5ec612","sha256":"b0050b480dc3cd43e1700fa25bcc8de9b04d5171092d1b05d02fdf07b20a3242","sha512":"fab5b86de0ef52d14d9710e77aa32e92e1095f5e6a01b17f2dfd9b0fe402f299778d62413d8c2204974d0947286bdd1749187718d7810b7b0256972f76fe3233","ssdeep":"1536:87KTsV1mn3wIk9yjMqt0UfT+OUkhetWYlr7GHayI5iOrLdNH2Nn:tsVMn3wIkUXWc+OjhetNHgs55L3H2R","tlshash":"0253024cb7e0ff96d85e5f230965c0330d01deb5fb83c8852a459a6f38a6364dacd489","first_seen":"2026-03-08T19:30:27.957308Z","last_seen":"2026-03-23T02:07:42.270466Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1046,"timings":{"blocked":-1,"dns":1,"connect":261,"send":0,"wait":502,"receive":282,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.dlripuli.com/skins/2078/images/banner1.jpg","fqdn":"www.dlripuli.com","domain":"dlripuli.com","tld":"com"},"ip":{"addr":"180.163.146.39","port":80,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:02.063Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/2078/images/banner1.jpg HTTP/1.1\r\nHost: www.dlripuli.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.xinyujidian.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Tengine\r\nContent-Type: image/jpeg\r\nContent-Length: 515010\r\nConnection: keep-alive\r\nDate: Mon, 23 Mar 2026 02:07:02 GMT\r\nLast-Modified: Mon, 10 Mar 2025 02:39:58 GMT\r\nAccept-Ranges: bytes\r\nETag: \"0d3abb66591db1:0\"\r\nX-Powered-By: AN-115.4.178\r\nX-Download-Options: noopen\r\nX-Frame-Options: SAMEORIGIN\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-XSS-Protection: 1; mode=block\r\nContent-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;\r\nX-Content-Type-Options: nosniff\r\nVia: ens-cache34.l2cn7147[34,33,200-0,M], ens-cache13.l2cn7147[36,0], kunlun1.cn7174[76,75,200-0,M], kunlun8.cn7174[80,0]\r\nAli-Swift-Global-Savetime: 1774231622\r\nX-Cache: MISS TCP_MISS dirn:-2:-2\r\nX-Swift-SaveTime: Mon, 23 Mar 2026 02:07:02 GMT\r\nX-Swift-CacheTime: 0\r\nTiming-Allow-Origin: *\r\nEagleId: b4a3921c17742316226572500e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":515010,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x700, components 3","md5":"b119aab580d4471971501a1447811feb","sha1":"8f8736237fd688c110f4aae4d6024bc70839769f","sha256":"5cddcfca215cd602b6610788575683d6a0da4019e4ec9fdb9d650292503d6d97","sha512":"81d4283236d55274411482600b9af51fd50aade2fc1f06a43f69e218f7eb04e525d6d9dddcc0c6948c180aac5b74219bb89bcb51a11cbbfeb0ff0b138a993781","ssdeep":"12288:AzOqVjfnrxbXRWdwcFWhEZlFH5Di52F07d/SHl59B:AbDx7RWdwcFiEvZxi52q0v","tlshash":"2cb423db323b1be36ce97cdea5628580a4160f1bd99365f9e37613d019a03e49070b9f","first_seen":"2026-03-08T19:30:27.960797Z","last_seen":"2026-03-23T02:07:42.272949Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1726,"timings":{"blocked":470,"dns":0,"connect":0,"send":0,"wait":340,"receive":916,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/skins/2078/js/jquery-3.6.0.min.js","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"23.231.42.48","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:00.208Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/2078/js/jquery-3.6.0.min.js HTTP/1.1\r\nHost: www.xinyujidian.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 02:06:05 GMT\r\nContent-Type: application/javascript;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":89405,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65535)","md5":"bca813b98301491f92e4dd010c283161","sha1":"b2089f223aca2065f95df86a8348b12d429929b5","sha256":"07aa40890d0e075c167808ec0d2612525ba305dc20881e0fc3dc5549d701dce4","sha512":"8595d0160c3f30ea8d0f4de3f8cb86e6cc0ed4e8680c5f6f843c2409a2518465c07c365cdcf7608c4988e5f8fcc742c545fa24d47d42e6989331e5070c1586b2","ssdeep":"1536:ajExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiXYmQ1vy:aIh8GgP3hujzwbhdXXvxiDQ47GKn","tlshash":"a79309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","first_seen":"2023-05-10T09:17:04Z","last_seen":"2026-03-28T00:31:05.158738Z","times_seen":126,"resource_available":true,"data":null}},"time_used":676,"timings":{"blocked":327,"dns":0,"connect":0,"send":0,"wait":183,"receive":166,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.xinyujidian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"img47.chem17.com/gxhpic_fa9eab87f0/2edd694ecc62c499bc1590e79864067240ee792f27150464f5e5ae7411e9f4c26af737e29c6bc3d0_400_400_5.jpg","fqdn":"img47.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"101.71.10.236","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:00.226Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_fa9eab87f0/2edd694ecc62c499bc1590e79864067240ee792f27150464f5e5ae7411e9f4c26af737e29c6bc3d0_400_400_5.jpg HTTP/1.1\r\nHost: img47.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nServer: nginx/1.28.1\r\nDate: Mon, 23 Mar 2026 02:07:02 GMT\r\nContent-Type: text/html\r\nContent-Length: 153\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Nginx:1.28.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2079,"timings":{"blocked":1410,"dns":1,"connect":334,"send":0,"wait":334,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"img54.chem17.com/3/20251020/638965546263766788449.jpg","fqdn":"img54.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"101.71.10.236","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:00.239Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /3/20251020/638965546263766788449.jpg HTTP/1.1\r\nHost: img54.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nServer: nginx/1.28.1\r\nDate: Mon, 23 Mar 2026 02:07:02 GMT\r\nContent-Type: text/html\r\nContent-Length: 153\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Nginx:1.28.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":1988,"timings":{"blocked":1398,"dns":0,"connect":295,"send":0,"wait":295,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chat.chem17.com/chat/KFCenterBox/2078","fqdn":"chat.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"180.163.146.45","port":443,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:00.219Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.chem17.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Fri, 30 Jan 2026 03:48:59 GMT","end":"Mon, 01 Mar 2027 03:48:58 GMT"},"fingerprint":{"sha1":"BC:1B:56:74:1F:D2:AD:8C:7B:18:74:39:16:F7:F9:FA:A4:04:D2:1B","sha256":"38:26:45:68:08:DD:6E:E5:CF:E0:F2:F5:57:2B:D9:F4:CE:AB:A9:2C:1C:DF:60:78:A7:38:7F:7A:44:1A:9C:79"}}},"request":{"raw":"GET /chat/KFCenterBox/2078 HTTP/1.1\r\nHost: chat.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 49\r\ndate: Mon, 23 Mar 2026 02:07:01 GMT\r\ncache-control: private\r\nx-aspnetmvc-version: 3.0\r\nx-aspnet-version: 4.0.30319\r\nset-cookie: ASP.NET_SessionId=l4ntkiyf3z2d1l0vctotglji; path=/; HttpOnly; SameSite=Lax\nmtcached_mtsession_l4ntkiyf3z2d1l0vctotglji=10.115.3.111:9716; domain=chat.chem17.com; path=/; HttpOnly\r\nx-powered-by: ASP.NET-4.164\r\ncontent-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data:;\r\nvia: cache13.l2cn2601[77,76,200-0,M], cache74.l2cn2601[78,0], kunlun5.cn7174[90,90,200-0,M], kunlun8.cn7174[96,0]\r\nali-swift-global-savetime: 1774231621\r\nx-cache: MISS TCP_MISS dirn:-2:-2\r\nx-swift-savetime: Mon, 23 Mar 2026 02:07:01 GMT\r\nx-swift-cachetime: 0\r\ntiming-allow-origin: *\r\neagleid: b4a3921c17742316213833955e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Microsoft ASP.NET:4.0.30319","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":49,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with CRLF line terminators","md5":"b936460ba988b30cd79d99ae93c77106","sha1":"a44405ff5b67abf66ef77714e4364e6c3f1e9940","sha256":"6cd604b71e1e21050b6a41602716b9a722e769a5d7cfb3b97152f3d73dcef5c9","sha512":"ad4731faf916fbb7118af38e25fa7e15814294950676fbd4ec41aeba5c7508ed34b7a7a4c98e1834e1096ea92e6301935699ed6df01a7416632e39063c0c9661","ssdeep":"","tlshash":"3990023209b10052711510915943e1456595959129de9915a00004a572529539a06d51","first_seen":"2023-03-07T12:42:46Z","last_seen":"2026-04-05T04:58:55.066133Z","times_seen":582,"resource_available":true,"data":null}},"time_used":1837,"timings":{"blocked":807,"dns":0,"connect":0,"send":0,"wait":609,"receive":0,"ssl":421},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/skins/2078/images/foot_logo.png","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"23.231.42.48","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:00.241Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/2078/images/foot_logo.png HTTP/1.1\r\nHost: www.xinyujidian.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 02:06:06 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.dlripuli.com/skins/2078/images/foot_logo.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11049,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":1560,"timings":{"blocked":1395,"dns":0,"connect":0,"send":0,"wait":165,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.xinyujidian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.dlripuli.com/index_cache.html","fqdn":"www.dlripuli.com","domain":"dlripuli.com","tld":"com"},"ip":{"addr":"180.163.146.42","port":80,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:00.243Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /index_cache.html HTTP/1.1\r\nHost: www.dlripuli.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Tengine\r\nContent-Length: 0\r\nConnection: keep-alive\r\nDate: Mon, 23 Mar 2026 02:07:02 GMT\r\nCache-Control: private\r\nSet-Cookie: mtcached_mtsession_m3rowlhodb0jzfx1biyxpc1r=08c92760be0cc3786b73808dd89dbe798637679c4aa01708; SameSite=Lax\nASP.NET_SessionId=m3rowlhodb0jzfx1biyxpc1r; expires=Tue, 24-Mar-2026 02:07:02 GMT; path=/; HttpOnly; SameSite=Lax\nmtcached_mtsession_m3rowlhodb0jzfx1biyxpc1r=08c92760be0cc3786b73808dd89dbe798637679c4aa01708; domain=www.dlripuli.com; path=/; secure; HttpOnly\r\nX-Powered-By: AN-115.4.181\r\nX-Download-Options: noopen\r\nX-Frame-Options: SAMEORIGIN\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-XSS-Protection: 1; mode=block\r\nContent-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;\r\nX-Content-Type-Options: nosniff\r\nVia: cache10.l2cn8014[735,734,200-0,M], cache33.l2cn8014[736,0], kunlun5.cn7174[755,755,200-0,M], kunlun10.cn7174[757,0]\r\nAli-Swift-Global-Savetime: 1774231622\r\nX-Cache: MISS TCP_MISS dirn:-2:-2\r\nX-Swift-SaveTime: Mon, 23 Mar 2026 02:07:02 GMT\r\nX-Swift-CacheTime: 0\r\nTiming-Allow-Origin: *\r\nEagleId: b4a3921e17742316219691777e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2624,"timings":{"blocked":1393,"dns":0,"connect":236,"send":0,"wait":994,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pinganfafa.com:25858/fcl.php?keyword=%E6%82%9F%E7%A9%BA%E4%BD%93%E8%82%B2%E5%AE%98%E7%BD%91%20%7C%20WUKONG%20SPORTS-%E5%AE%98%E6%96%B9%E9%9B%86%E5%9B%A2%E5%B9%B3%E5%8F%B0\u0026from=pc\u0026originUrl=http%3A%2F%2Fwww.xinyujidian.com%2F\u0026referer=\u0026userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026v=2899","fqdn":"pinganfafa.com","domain":"pinganfafa.com","tld":"com"},"ip":{"addr":"143.92.57.25","port":25858,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:01.676Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"pinganfafa.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Mar 2026 07:52:29 GMT","end":"Sat, 06 Jun 2026 07:52:28 GMT"},"fingerprint":{"sha1":"20:85:D8:20:F4:46:24:98:F7:91:BC:23:D6:7B:1B:3C:53:5D:1E:1B","sha256":"FF:FD:69:76:22:B3:1C:AC:64:23:A8:F2:F8:47:20:D8:E3:83:3F:69:5B:69:20:F8:90:08:23:1E:FD:4D:D2:13"}}},"request":{"raw":"GET /fcl.php?keyword=%E6%82%9F%E7%A9%BA%E4%BD%93%E8%82%B2%E5%AE%98%E7%BD%91%20%7C%20WUKONG%20SPORTS-%E5%AE%98%E6%96%B9%E9%9B%86%E5%9B%A2%E5%B9%B3%E5%8F%B0\u0026from=pc\u0026originUrl=http%3A%2F%2Fwww.xinyujidian.com%2F\u0026referer=\u0026userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026v=2899 HTTP/1.1\r\nHost: pinganfafa.com:25858\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: http://www.xinyujidian.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 02:07:02 GMT\r\nContent-Type: text/html;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nAccess-Control-Allow-Origin: *\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":2993,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"dfe79710215aaf165665caf64dbe5912","sha1":"5bd2cced408bb071f01923e11b2163b38550e586","sha256":"763a58b6b7929d4c9fa46dd8648c4095028fe1c040aae57fd873c68189d93ebe","sha512":"839402283fb07bb94013dd5a7af71a42fca3d4c22e7cc5dd8a2bb3e18221380c9081f1178b8153c29abe4ba3194719910344a99700d617130e63bee38a315186","ssdeep":"","tlshash":"3951cef792c918720ab3c2e6b6a07778fce3804fce159982f4ac125b0b74e51b443a4d","first_seen":"2026-03-18T22:08:46.878894Z","last_seen":"2026-03-23T02:07:42.277334Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1287,"timings":{"blocked":0,"dns":83,"connect":293,"send":0,"wait":313,"receive":0,"ssl":597},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/skins/2078/images/ico_time.png","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"23.231.42.48","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:01.905Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/2078/images/ico_time.png HTTP/1.1\r\nHost: www.xinyujidian.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/skins/2078/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 02:06:07 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.dlripuli.com/skins/2078/images/ico_time.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1239,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":297,"timings":{"blocked":127,"dns":0,"connect":0,"send":0,"wait":170,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.xinyujidian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"test.xinxiyidiantong.com:2096/images/logo.png","fqdn":"test.xinxiyidiantong.com","domain":"xinxiyidiantong.com","tld":"com"},"ip":{"addr":"27.124.44.50","port":2096,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:03.027Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"test.xinxiyidiantong.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 02:32:06 GMT","end":"Tue, 16 Jun 2026 02:32:05 GMT"},"fingerprint":{"sha1":"F2:3E:4A:2C:AE:0F:1A:DC:04:1B:0A:91:04:E5:C8:80:09:CC:AD:F9","sha256":"C8:04:B0:6D:F6:48:F8:59:49:78:07:B9:83:C7:73:52:35:C4:D4:82:9E:3E:61:44:90:D3:1F:8A:03:C5:BD:87"}}},"request":{"raw":"GET /images/logo.png HTTP/1.1\r\nHost: test.xinxiyidiantong.com:2096\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 02:07:04 GMT\r\nContent-Type: image/png\r\nContent-Length: 27927\r\nLast-Modified: Fri, 22 Oct 2021 07:29:32 GMT\r\nConnection: keep-alive\r\nETag: \"6172685c-6d17\"\r\nExpires: Wed, 22 Apr 2026 02:07:04 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":27927,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 255 x 85, 8-bit/color RGBA, non-interlaced","md5":"1555066b01ba12346071989c467ccf25","sha1":"50c92c270ddc54e309f1499dde7e04fddcdee8c4","sha256":"a8102cc2e6a32d0e128a3757c711489f1d7426123617283cf8d3cb1fd838f101","sha512":"859208a96a6ea1d6030470c159a9dda03a06203d106e19bd71885909d8b329ea6bba0b9068629fbf8d5a1ef693d36239dbde79788f082177e745b9584af1f319","ssdeep":"768:OVmJDb1mQ/HASD6KkXkbJzKyV3Tp1I+JZ:fJD5r4S2KjzKylI+JZ","tlshash":"d5c2e189f1e16d8c20d1e40d5f916979b7d7e0c19554f6f2a0c8f8266e3a249ed08cd7","first_seen":"2023-05-06T09:29:06Z","last_seen":"2026-04-04T22:45:47.064391Z","times_seen":1726,"resource_available":false,"data":null}},"time_used":2965,"timings":{"blocked":1183,"dns":9,"connect":295,"send":0,"wait":590,"receive":2,"ssl":601},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"test.xinxiyidiantong.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"img48.chem17.com/gxhpic_fa9eab87f0/2edd694ecc62c499dd74b492fb6068ab05b7c02d9d1a258750b4c25e6edf7b255c5f1661ac139347_400_400_5.jpg","fqdn":"img48.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"101.71.10.236","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:00.228Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_fa9eab87f0/2edd694ecc62c499dd74b492fb6068ab05b7c02d9d1a258750b4c25e6edf7b255c5f1661ac139347_400_400_5.jpg HTTP/1.1\r\nHost: img48.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nServer: nginx/1.28.1\r\nDate: Mon, 23 Mar 2026 02:07:01 GMT\r\nContent-Type: text/html\r\nContent-Length: 153\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Nginx:1.28.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":1942,"timings":{"blocked":1409,"dns":0,"connect":266,"send":0,"wait":266,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.dlripuli.com/skins/2078/images/ico_time.png","fqdn":"www.dlripuli.com","domain":"dlripuli.com","tld":"com"},"ip":{"addr":"180.163.146.39","port":80,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:02.212Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/2078/images/ico_time.png HTTP/1.1\r\nHost: www.dlripuli.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.xinyujidian.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Tengine\r\nContent-Type: image/png\r\nContent-Length: 1239\r\nConnection: keep-alive\r\nDate: Mon, 23 Mar 2026 02:07:04 GMT\r\nLast-Modified: Fri, 20 Dec 2024 03:55:09 GMT\r\nAccept-Ranges: bytes\r\nETag: \"80cc63f69252db1:0\"\r\nX-Powered-By: AN-114.4.178\r\nX-Download-Options: noopen\r\nX-Frame-Options: SAMEORIGIN\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-XSS-Protection: 1; mode=block\r\nContent-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;\r\nX-Content-Type-Options: nosniff\r\nVia: cache40.l2cn1800[46,46,200-0,M], cache1.l2cn1800[48,0], kunlun9.cn7174[87,86,200-0,M], kunlun8.cn7174[89,0]\r\nAli-Swift-Global-Savetime: 1774231624\r\nX-Cache: MISS TCP_MISS dirn:-2:-2\r\nX-Swift-SaveTime: Mon, 23 Mar 2026 02:07:04 GMT\r\nX-Swift-CacheTime: 0\r\nTiming-Allow-Origin: *\r\nEagleId: b4a3921c17742316243314129e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":1239,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 14 x 14, 8-bit/color RGBA, non-interlaced","md5":"242b99cca70a70cc6d21d55d6c7aa9b7","sha1":"2537bd05c706913d77b74f83cd35df367d21b231","sha256":"77818444ec0ba708999bae25b1f58097386060ca9c1c209943d04af4bfb2d7ac","sha512":"56c40ff11fce474f8b102c546f0cc6ed204a5bd2961c962d5eebf827284342beb75588e2ec4d23a34121abf3c314eea9643beb0cd8db18d621582c04861a53ad","ssdeep":"","tlshash":"6121848cefe0bc15684ce88524f78523e9238451cae2b1a4adcac45a0930dfa60262cb","first_seen":"2026-03-08T19:30:27.942818Z","last_seen":"2026-03-23T02:07:42.280251Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2344,"timings":{"blocked":1998,"dns":0,"connect":0,"send":0,"wait":346,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"89tongji.com/tj.js?id=51","fqdn":"89tongji.com","domain":"89tongji.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:04.252Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /tj.js?id=51 HTTP/1.1\r\nHost: 89tongji.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":7960,"timings":{"blocked":7960,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/skins/2078/js/swiper.min.js","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"23.231.42.48","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:00.209Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/2078/js/swiper.min.js HTTP/1.1\r\nHost: www.xinyujidian.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 02:06:05 GMT\r\nContent-Type: application/javascript;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":96118,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (31997)","md5":"667782b67d018fa3f7935429dd5bb3fe","sha1":"98cc13dbec3be4e892be33b774b9d05eb5b74d22","sha256":"6ed2b0bc81da6a70eb947eb1878fd7e00f099b13504a9f16f25f53b16f265365","sha512":"9823dfd3966eab93fea368412835990c5dea0cf35bec057e24387bd2859759cb55c1c57c3df534b4c840fbd5d4f3f89ace0e7e71659b2ace12823bb40b0c24e4","ssdeep":"1536:CyOkN3TklR3ZIFD7+Y7n2L5ydUTq0tSQfCBTR:vTF73uTq/","tlshash":"4f93d66db314f3e295d3214a679ac64122f21706b849dae870b54c4a68bcc5d03bffbd","first_seen":"2024-10-26T07:48:10.555998Z","last_seen":"2026-03-23T02:07:42.282349Z","times_seen":3,"resource_available":true,"data":null}},"time_used":488,"timings":{"blocked":143,"dns":0,"connect":0,"send":0,"wait":180,"receive":165,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.xinyujidian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/skins/2078/images/banner4.jpg","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"23.231.42.48","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:01.858Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/2078/images/banner4.jpg HTTP/1.1\r\nHost: www.xinyujidian.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 02:06:07 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.dlripuli.com/skins/2078/images/banner4.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":311623,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":184,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":184,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.xinyujidian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.dlripuli.com/skins/2078/images/logo.jpg","fqdn":"www.dlripuli.com","domain":"dlripuli.com","tld":"com"},"ip":{"addr":"180.163.146.39","port":80,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:01.951Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/2078/images/logo.jpg HTTP/1.1\r\nHost: www.dlripuli.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.xinyujidian.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Tengine\r\nContent-Type: image/jpeg\r\nContent-Length: 21061\r\nConnection: keep-alive\r\nDate: Mon, 23 Mar 2026 02:07:02 GMT\r\nLast-Modified: Mon, 24 Feb 2025 02:58:45 GMT\r\nAccept-Ranges: bytes\r\nETag: \"80e0a146886db1:0\"\r\nX-Powered-By: AN-115.4.179\r\nX-Download-Options: noopen\r\nX-Frame-Options: SAMEORIGIN\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-XSS-Protection: 1; mode=block\r\nContent-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;\r\nX-Content-Type-Options: nosniff\r\nVia: cache4.l2cn1800[148,148,200-0,M], cache23.l2cn1800[149,0], kunlun8.cn7174[180,179,200-0,M], kunlun5.cn7174[181,0]\r\nAli-Swift-Global-Savetime: 1774231622\r\nX-Cache: MISS TCP_MISS dirn:-2:-2\r\nX-Swift-SaveTime: Mon, 23 Mar 2026 02:07:02 GMT\r\nX-Swift-CacheTime: 0\r\nTiming-Allow-Origin: *\r\nEagleId: b4a3921917742316223217080e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":21061,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x70, components 3","md5":"a2330957511b7cbdd025bd44476976cb","sha1":"61f21c095fdc1b039fb65b7e5027ff9f7b39d4e5","sha256":"ae6ce9a24cbcb14ed0c7bdcbdb4ee96219f0b891e24185f71e44e924e42d29b5","sha512":"f58b1d49214148925d20b02b0ad6e39875ac186ae2082bc97ab03f33d32f47177d41fee30262a0ddbc1c89aa03ec8169ba459335ce6b562af2e7a9337031b9a6","ssdeep":"384:khap840ktCS6UjrCc2W7646+wI+HTxZaKfbCzVfJNWTieL/AkDNVr+WY6moFQSt:4HksAXet9tjCzVJNNe9rVY6moFQe","tlshash":"2a92d0193a05370bcdd4af830ca608c72874bb403cd37158929bc629eacd362e5996cf","first_seen":"2026-03-08T19:30:27.966001Z","last_seen":"2026-03-23T02:07:42.283343Z","times_seen":2,"resource_available":false,"data":null}},"time_used":752,"timings":{"blocked":-1,"dns":2,"connect":258,"send":0,"wait":446,"receive":45,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"img44.chem17.com/gxhpic_fa9eab87f0/2edd694ecc62c499dd74b492fb6068abbe775ced1d1782d9a5fc507ddd744560304869f91d3b7b74_400_400_5.jpg","fqdn":"img44.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"101.71.10.236","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:00.232Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_fa9eab87f0/2edd694ecc62c499dd74b492fb6068abbe775ced1d1782d9a5fc507ddd744560304869f91d3b7b74_400_400_5.jpg HTTP/1.1\r\nHost: img44.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nServer: nginx/1.28.1\r\nDate: Mon, 23 Mar 2026 02:07:02 GMT\r\nContent-Type: text/html\r\nContent-Length: 153\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Nginx:1.28.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2007,"timings":{"blocked":1404,"dns":1,"connect":301,"send":0,"wait":301,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.dlripuli.com/skins/2078/images/banner3.jpg","fqdn":"www.dlripuli.com","domain":"dlripuli.com","tld":"com"},"ip":{"addr":"180.163.146.39","port":80,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:02.058Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/2078/images/banner3.jpg HTTP/1.1\r\nHost: www.dlripuli.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.xinyujidian.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Tengine\r\nContent-Type: image/jpeg\r\nContent-Length: 219456\r\nConnection: keep-alive\r\nDate: Mon, 23 Mar 2026 02:07:02 GMT\r\nLast-Modified: Fri, 07 Mar 2025 09:03:37 GMT\r\nAccept-Ranges: bytes\r\nETag: \"d381facf3f8fdb1:0\"\r\nX-Powered-By: AN-114.4.179\r\nX-Download-Options: noopen\r\nX-Frame-Options: SAMEORIGIN\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-XSS-Protection: 1; mode=block\r\nContent-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;\r\nX-Content-Type-Options: nosniff\r\nVia: cache10.l2cn8003[24,23,200-0,M], cache61.l2cn8003[26,0], kunlun6.cn7174[42,41,200-0,M], kunlun10.cn7174[45,0]\r\nAli-Swift-Global-Savetime: 1774231622\r\nX-Cache: MISS TCP_MISS dirn:-2:-2\r\nX-Swift-SaveTime: Mon, 23 Mar 2026 02:07:02 GMT\r\nX-Swift-CacheTime: 0\r\nTiming-Allow-Origin: *\r\nEagleId: b4a3921e17742316228846818e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":219456,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x700, components 3","md5":"6d03fb731069bea6a1d4af7c5bfe1020","sha1":"7300732ea563c108d765b29992782b487e38ddbc","sha256":"0d09e0545bf24d4b33e92bb829aef94fdb76d7790525315582a85d33735b12cc","sha512":"d7e3615bb276bb80e1f45ffad8939ba242f13d11bc9d9885614d649a9453b490e02a2b1dd2c4a6ac39012576e33a553118e8fb6d33c0f7d6e026022d223e9537","ssdeep":"3072:rZ++Ma0RdR+BDmWKNMtjqMIwDkGHFGTpgDD/bwF8eqa0YYvOhhoY:rZ++M/D7WKNMxnJHgTuDDj7vOAY","tlshash":"5024f18ffab3995558c8445e8ead7618898800f4b979c1feb01eecfec7ec1d72256460","first_seen":"2026-03-08T19:30:27.949721Z","last_seen":"2026-03-23T02:07:42.285745Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1646,"timings":{"blocked":708,"dns":0,"connect":0,"send":0,"wait":307,"receive":631,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"collect-v6.51.la/v6/collect?dt=4","fqdn":"collect-v6.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"43.159.107.113","port":80,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:04.710Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /v6/collect?dt=4 HTTP/1.1\r\nHost: collect-v6.51.la\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Length: 377\r\nOrigin: http://www.xinyujidian.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 210 Unknown Status\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: http://www.xinyujidian.com\r\nAccess-Control-Allow-Credentials: true\r\nServer: TencentEdgeOne\r\nContent-Length: 0\r\nConnection: keep-alive\r\nDate: Mon, 23 Mar 2026 02:07:04 GMT\r\nEO-LOG-UUID: 1563908876852656560\r\nEO-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"210","status_text":"Unknown Status","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":326,"timings":{"blocked":38,"dns":0,"connect":19,"send":0,"wait":269,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/skins/2078/css/animate.css","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"23.231.42.48","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:00.213Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/2078/css/animate.css HTTP/1.1\r\nHost: www.xinyujidian.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 02:06:05 GMT\r\nContent-Type: text/css;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":72464,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"4d39be1cba816079053b13db8aa4c936","sha1":"21392ad81bd92b24e2a548f2d73b9b893a8bcc48","sha256":"4c44061c692ab37da109cf518a16e2f0299bd69842777bbadb966e8c0d7d4c4a","sha512":"b89093145adc9b0ff938d3c4cc9ef9932e0657b0f8176a669c055f4d964041f3b3ca8753aa8e5f2c1cff89c3f4a8e846311cc8dec10af3d47ed22d3492f1bb78","ssdeep":"384:zrOmOS/x/SOmOw/l//FkFsmXmknD/S/cySy+/Z/V+/9Z4jHGJlMN3t4b:zrOmOS/x/SOmOw/l/UnD/S/cySy+/Z/+","tlshash":"97634d6d2991114452678a1983df9e78263cd1b3182aacef73ce5c8bcf86fac63c5507","first_seen":"2024-10-22T22:01:03.648855Z","last_seen":"2026-04-01T07:16:48.379201Z","times_seen":43,"resource_available":false,"data":null}},"time_used":487,"timings":{"blocked":143,"dns":0,"connect":165,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.xinyujidian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/skins/2078/images/SSbtn_icon1.png","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"23.231.42.48","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:01.829Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/2078/images/SSbtn_icon1.png HTTP/1.1\r\nHost: www.xinyujidian.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/skins/2078/css/common.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 02:06:07 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.dlripuli.com/skins/2078/images/SSbtn_icon1.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14857,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":195,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":195,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.xinyujidian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"test.xinxiyidiantong.com:2096/images/style1.css","fqdn":"test.xinxiyidiantong.com","domain":"xinxiyidiantong.com","tld":"com"},"ip":{"addr":"27.124.44.50","port":2096,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:03.025Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"test.xinxiyidiantong.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 02:32:06 GMT","end":"Tue, 16 Jun 2026 02:32:05 GMT"},"fingerprint":{"sha1":"F2:3E:4A:2C:AE:0F:1A:DC:04:1B:0A:91:04:E5:C8:80:09:CC:AD:F9","sha256":"C8:04:B0:6D:F6:48:F8:59:49:78:07:B9:83:C7:73:52:35:C4:D4:82:9E:3E:61:44:90:D3:1F:8A:03:C5:BD:87"}}},"request":{"raw":"GET /images/style1.css HTTP/1.1\r\nHost: test.xinxiyidiantong.com:2096\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 02:07:04 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 24 Apr 2023 11:24:01 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"644666d1-2acf\"\r\nExpires: Mon, 23 Mar 2026 03:07:04 GMT\r\nCache-Control: max-age=3600\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10959,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, ASCII text, with very long lines (465), with CRLF line terminators","md5":"9dcee9f3e3a9adc3a8fd044d18aff03a","sha1":"222a22156013ec694b2088c0a92e22e95cadfeb0","sha256":"53143bf9cab52824338170fc6c349fddcec4f52dd1cb999c83f7865365445d8a","sha512":"782456493e261dc963ab94961e51482abd496641b98dc345b87bd8f6d220abddc3b747fd3bad55aefc2d89435f82eccb5bb08438ad29379d05b1094c0c2445e9","ssdeep":"192:YttDBv+hilwO09z0GgvfmLkyGtKwk6NxCiGgxE3M3EEVuo0Kkzxl8AjnHI0rGLd4:YttDBoilwO09z0GgvfmLkyGtKwk6NxCp","tlshash":"48327b2b9340288f745bc77868d77599f639c064fe3dd95ea31a33a6422298e1037fc5","first_seen":"2023-05-06T09:29:06Z","last_seen":"2026-04-04T22:45:47.057064Z","times_seen":1714,"resource_available":false,"data":null}},"time_used":2079,"timings":{"blocked":892,"dns":7,"connect":292,"send":0,"wait":293,"receive":0,"ssl":592},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"test.xinxiyidiantong.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xinyujidian.com/","fqdn":"xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-23T02:06:58.735Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: xinyujidian.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":148,"timings":{"blocked":148,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"xinyujidian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/skins/2078/images/ind_about_bg.jpg","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"23.231.42.48","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:01.901Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/2078/images/ind_about_bg.jpg HTTP/1.1\r\nHost: www.xinyujidian.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/skins/2078/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 02:06:07 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.dlripuli.com/skins/2078/images/ind_about_bg.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":12191,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":289,"timings":{"blocked":104,"dns":0,"connect":0,"send":0,"wait":185,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.xinyujidian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/skins/2078/images/jt3.png","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"23.231.42.48","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:01.903Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/2078/images/jt3.png HTTP/1.1\r\nHost: www.xinyujidian.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/skins/2078/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 02:06:07 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.dlripuli.com/skins/2078/images/jt3.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15026,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":304,"timings":{"blocked":122,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.xinyujidian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"test.xinxiyidiantong.com:2096/images/favicon.ico","fqdn":"test.xinxiyidiantong.com","domain":"xinxiyidiantong.com","tld":"com"},"ip":{"addr":"27.124.44.50","port":2096,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:05.124Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"test.xinxiyidiantong.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 02:32:06 GMT","end":"Tue, 16 Jun 2026 02:32:05 GMT"},"fingerprint":{"sha1":"F2:3E:4A:2C:AE:0F:1A:DC:04:1B:0A:91:04:E5:C8:80:09:CC:AD:F9","sha256":"C8:04:B0:6D:F6:48:F8:59:49:78:07:B9:83:C7:73:52:35:C4:D4:82:9E:3E:61:44:90:D3:1F:8A:03:C5:BD:87"}}},"request":{"raw":"GET /images/favicon.ico HTTP/1.1\r\nHost: test.xinxiyidiantong.com:2096\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 02:07:05 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 3066\r\nLast-Modified: Fri, 22 Oct 2021 08:11:14 GMT\r\nConnection: keep-alive\r\nETag: \"61727222-bfa\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3066,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"00b726752e8713453d31b694d4f74b89","sha1":"122742a4ce71b668801ddcc8db72f07730db290c","sha256":"45d8a46c7758c43f32db8794520cbf03604db83734c969ca80d3b356f8360b37","sha512":"75660a291825839b5fd42b269bd501a9c81a5426adaab17d7b368687194da769a1373b3b5c20476085909c6f0fa5391e9b3c30714bc4be5b6e405ac018814367","ssdeep":"","tlshash":"e9515d9712b1080bc4797cb20f41bc5e95251237402dfaa57cf332d5ba80e9d629bed1","first_seen":"2023-05-06T09:29:06Z","last_seen":"2026-04-04T22:45:47.066966Z","times_seen":1723,"resource_available":false,"data":null}},"time_used":295,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":295,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"test.xinxiyidiantong.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.xinyujidian.com/skins/2078/css/swiper.min.css","fqdn":"www.xinyujidian.com","domain":"xinyujidian.com","tld":"com"},"ip":{"addr":"23.231.42.48","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:00.207Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/2078/css/swiper.min.css HTTP/1.1\r\nHost: www.xinyujidian.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 02:06:05 GMT\r\nContent-Type: text/css;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17459,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (17459), with no line terminators","md5":"d9b07f5be43f14b75aa1f1e44c133e01","sha1":"bab857a50e875e11c3b3949c2663685e83559076","sha256":"72363aab8899d20cdd71623fe70473f1b97a38062beb4185ec0e6af7b8508980","sha512":"74205ae5c876ebbbc455c9a89037deb452ef373e24772dd6b00a0db252db09ae9fa528747ce73cbab14150d69d63f37db27e71d2685d3a8ab7d76d56694404b9","ssdeep":"192:50GpaNCO8jrfg5WHmXgyXyzSHF68DJB0SwD:552CXfgWHfyXyzSl68Pe","tlshash":"be72822c17002067f6324f1987c9e77c9715c8839e4368ef6650de48cbba5a9227f7a6","first_seen":"2023-05-10T11:34:44Z","last_seen":"2026-04-01T17:18:55.446503Z","times_seen":168,"resource_available":false,"data":null}},"time_used":445,"timings":{"blocked":130,"dns":0,"connect":147,"send":0,"wait":167,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.xinyujidian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"img49.chem17.com/gxhpic_fa9eab87f0/2edd694ecc62c499dd74b492fb6068abf5a1616f6ec260465cd4766b7a02d321a87fdea3dfdc5ff5_400_400_5.jpg","fqdn":"img49.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"101.71.10.236","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:00.231Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_fa9eab87f0/2edd694ecc62c499dd74b492fb6068abf5a1616f6ec260465cd4766b7a02d321a87fdea3dfdc5ff5_400_400_5.jpg HTTP/1.1\r\nHost: img49.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nServer: nginx/1.28.1\r\nDate: Mon, 23 Mar 2026 02:07:02 GMT\r\nContent-Type: text/html\r\nContent-Length: 153\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Nginx:1.28.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":1969,"timings":{"blocked":1406,"dns":0,"connect":282,"send":0,"wait":281,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"push.zhanzhang.baidu.com/push.js","fqdn":"push.zhanzhang.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"182.61.201.94","port":80,"asn":38365,"as":"Beijing Baidu Netcom Science and Technology Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.xinyujidian.com/","date":"2026-03-23T02:07:01.948Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /push.js HTTP/1.1\r\nHost: push.zhanzhang.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xinyujidian.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Encoding: gzip\r\nContent-Length: 232\r\nContent-Type: text/javascript\r\nServer: bfe\r\nDate: Mon, 23 Mar 2026 02:07:02 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":281,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text, with no line terminators","md5":"1bb5a3267c9865ad4abe8d937734b62b","sha1":"b5478dd2edb3e64242eced1db2dbd945ef81f592","sha256":"674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2","sha512":"33318ed944a49a8fa334983408d68853b1fbe4f80b19adef6235f23d7708b616cd4f8dd28c8b8ebfbb5776aab8088229f3060cd789af34fe1db5038a98bd0d39","ssdeep":"","tlshash":"91d02be874a0c41c0ce710b17fab328cfab20b2755244d40c05b90013614b1f824bfe9","first_seen":"2023-03-07T01:02:09Z","last_seen":"2026-04-05T07:15:15.461149Z","times_seen":20923,"resource_available":true,"data":null}},"time_used":790,"timings":{"blocked":-1,"dns":290,"connect":250,"send":0,"wait":250,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}