{"report_id":"52559de9-5bca-47b7-b954-a6ec6068a156","version":6,"status":"done","tags":[],"date":"2026-03-22T09:22:04Z","url":{"schema":"http","addr":"1.tv/","fqdn":"1.tv","domain":"1.tv","tld":"tv"},"ip":{"addr":"116.204.158.161","port":0,"asn":59371,"as":"Dimension Network \u0026 Communication Limited","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"4fpe2vhb.w62693.top/dy/","fqdn":"4fpe2vhb.w62693.top","domain":"w62693.top","tld":"top"},"title":"超级热门","dom":{"size":10484,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (10184), with no line terminators","md5":"00ffc9c01aab6ea0db15b5529448632a","sha1":"b21cfd55b797113c6098e8a3c9bc350c2633f99a","sha256":"b459052423c5443c6b3c5eabcfdd52b1d0ad4c70844add771c391effe855886c","sha512":"1a4b5967081f470ff408d3b48b6c5873ae8eca0d1324572daf4c1f7377c7417d1532f1a1d5ca462abf24f6705ad8f207e28457cf66b5bd904834f6137d830d18","ssdeep":"192:GPdyuz/fR4j/v55Sx2O7Ojest+7rrdBrYO6UdWvlO:e7ejnjt+7rxBBKlO","tlshash":"e82208b2d8949c7b0203d8c9f837f354b291410dc64779a4e5f992fd4bfeca9880a663","dom_hash":"domhash26e0a8f96831da514df49128f7ab52c5","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"1.tv/","fqdn":"1.tv","domain":"1.tv","tld":"tv"},"ip":{"addr":"116.204.158.161","port":0,"asn":59371,"as":"Dimension Network \u0026 Communication Limited","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-26T09:22:04Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":12,"urlquery":0,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-22T09:21:49Z","timestamp":1774171309,"ip_dst":{"addr":"Client IP","port":34340,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"207.56.160.247","port":1622,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"severity":"low","alert":"ET INFO Observed ZeroSSL SSL/TLS Certificate","source":"{\"timestamp\":\"2026-03-22T09:21:49.248579+0000\",\"flow_id\":530375657676223,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"207.56.160.247\",\"src_port\":1622,\"dest_ip\":\"172.18.0.22\",\"dest_port\":34340,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2031231,\"rev\":3,\"signature\":\"ET INFO Observed ZeroSSL SSL/TLS Certificate\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2020_11_23\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_12_01\"]}},\"tls\":{\"subject\":\"CN=207.56.160.247\",\"issuerdn\":\"C=AT, O=ZeroSSL, CN=ZeroSSL ECC Domain Secure Site CA\",\"serial\":\"33:69:FE:3D:FE:BD:77:59:B8:A0:5C:B4:5E:0F:73:C9\",\"fingerprint\":\"92:62:39:6f:5a:9c:ea:19:7a:48:d3:1c:87:2c:1b:19:9b:6e:ca:1f\",\"version\":\"TLS 1.2\",\"notbefore\":\"2026-03-09T00:00:00\",\"notafter\":\"2026-06-07T23:59:59\",\"ja3\":{\"hash\":\"ddb7e3d96a12de225f5c4fca1d2607f1\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"405adaa88faa24941b8a00ebff13546a\",\"string\":\"771,49196,65281-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":8,\"pkts_toclient\":7,\"bytes_toserver\":1146,\"bytes_toclient\":4754,\"start\":\"2026-03-22T09:21:48.482751+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-22T09:21:49Z","timestamp":1774171309,"ip_dst":{"addr":"Client IP","port":34346,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"207.56.160.247","port":1622,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"severity":"low","alert":"ET INFO Observed ZeroSSL SSL/TLS Certificate","source":"{\"timestamp\":\"2026-03-22T09:21:49.488446+0000\",\"flow_id\":2029911949455038,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"207.56.160.247\",\"src_port\":1622,\"dest_ip\":\"172.18.0.22\",\"dest_port\":34346,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2031231,\"rev\":3,\"signature\":\"ET INFO Observed ZeroSSL SSL/TLS Certificate\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2020_11_23\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_12_01\"]}},\"tls\":{\"subject\":\"CN=207.56.160.247\",\"issuerdn\":\"C=AT, O=ZeroSSL, CN=ZeroSSL ECC Domain Secure Site CA\",\"serial\":\"33:69:FE:3D:FE:BD:77:59:B8:A0:5C:B4:5E:0F:73:C9\",\"fingerprint\":\"92:62:39:6f:5a:9c:ea:19:7a:48:d3:1c:87:2c:1b:19:9b:6e:ca:1f\",\"version\":\"TLS 1.2\",\"notbefore\":\"2026-03-09T00:00:00\",\"notafter\":\"2026-06-07T23:59:59\",\"ja3\":{\"hash\":\"ddb7e3d96a12de225f5c4fca1d2607f1\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"405adaa88faa24941b8a00ebff13546a\",\"string\":\"771,49196,65281-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":8,\"pkts_toclient\":7,\"bytes_toserver\":1146,\"bytes_toclient\":4754,\"start\":\"2026-03-22T09:21:48.732862+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-22T09:21:50Z","timestamp":1774171310,"ip_dst":{"addr":"Client IP","port":34374,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"207.56.160.247","port":1622,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"severity":"low","alert":"ET INFO Observed ZeroSSL SSL/TLS Certificate","source":"{\"timestamp\":\"2026-03-22T09:21:50.391156+0000\",\"flow_id\":729765219503682,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"207.56.160.247\",\"src_port\":1622,\"dest_ip\":\"172.18.0.22\",\"dest_port\":34374,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2031231,\"rev\":3,\"signature\":\"ET INFO Observed ZeroSSL SSL/TLS Certificate\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2020_11_23\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_12_01\"]}},\"tls\":{\"subject\":\"CN=207.56.160.247\",\"issuerdn\":\"C=AT, O=ZeroSSL, CN=ZeroSSL ECC Domain Secure Site CA\",\"serial\":\"33:69:FE:3D:FE:BD:77:59:B8:A0:5C:B4:5E:0F:73:C9\",\"fingerprint\":\"92:62:39:6f:5a:9c:ea:19:7a:48:d3:1c:87:2c:1b:19:9b:6e:ca:1f\",\"version\":\"TLS 1.2\",\"notbefore\":\"2026-03-09T00:00:00\",\"notafter\":\"2026-06-07T23:59:59\",\"ja3\":{\"hash\":\"ddb7e3d96a12de225f5c4fca1d2607f1\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"405adaa88faa24941b8a00ebff13546a\",\"string\":\"771,49196,65281-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":8,\"pkts_toclient\":7,\"bytes_toserver\":1146,\"bytes_toclient\":4755,\"start\":\"2026-03-22T09:21:49.626242+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-22T09:21:50Z","timestamp":1774171310,"ip_dst":{"addr":"Client IP","port":34350,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"207.56.160.247","port":1622,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"severity":"low","alert":"ET INFO Observed ZeroSSL SSL/TLS Certificate","source":"{\"timestamp\":\"2026-03-22T09:21:50.394544+0000\",\"flow_id\":2200817288182923,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"207.56.160.247\",\"src_port\":1622,\"dest_ip\":\"172.18.0.22\",\"dest_port\":34350,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2031231,\"rev\":3,\"signature\":\"ET INFO Observed ZeroSSL SSL/TLS Certificate\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2020_11_23\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_12_01\"]}},\"tls\":{\"subject\":\"CN=207.56.160.247\",\"issuerdn\":\"C=AT, O=ZeroSSL, CN=ZeroSSL ECC Domain Secure Site CA\",\"serial\":\"33:69:FE:3D:FE:BD:77:59:B8:A0:5C:B4:5E:0F:73:C9\",\"fingerprint\":\"92:62:39:6f:5a:9c:ea:19:7a:48:d3:1c:87:2c:1b:19:9b:6e:ca:1f\",\"version\":\"TLS 1.2\",\"notbefore\":\"2026-03-09T00:00:00\",\"notafter\":\"2026-06-07T23:59:59\",\"ja3\":{\"hash\":\"ddb7e3d96a12de225f5c4fca1d2607f1\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"405adaa88faa24941b8a00ebff13546a\",\"string\":\"771,49196,65281-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":8,\"pkts_toclient\":7,\"bytes_toserver\":1146,\"bytes_toclient\":4754,\"start\":\"2026-03-22T09:21:49.621707+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-22T09:21:50Z","timestamp":1774171310,"ip_dst":{"addr":"Client IP","port":34362,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"207.56.160.247","port":1622,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"severity":"low","alert":"ET INFO Observed ZeroSSL SSL/TLS Certificate","source":"{\"timestamp\":\"2026-03-22T09:21:50.406360+0000\",\"flow_id\":210099946489485,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"207.56.160.247\",\"src_port\":1622,\"dest_ip\":\"172.18.0.22\",\"dest_port\":34362,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2031231,\"rev\":3,\"signature\":\"ET INFO Observed ZeroSSL SSL/TLS Certificate\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2020_11_23\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_12_01\"]}},\"tls\":{\"subject\":\"CN=207.56.160.247\",\"issuerdn\":\"C=AT, O=ZeroSSL, CN=ZeroSSL ECC Domain Secure Site CA\",\"serial\":\"33:69:FE:3D:FE:BD:77:59:B8:A0:5C:B4:5E:0F:73:C9\",\"fingerprint\":\"92:62:39:6f:5a:9c:ea:19:7a:48:d3:1c:87:2c:1b:19:9b:6e:ca:1f\",\"version\":\"TLS 1.2\",\"notbefore\":\"2026-03-09T00:00:00\",\"notafter\":\"2026-06-07T23:59:59\",\"ja3\":{\"hash\":\"ddb7e3d96a12de225f5c4fca1d2607f1\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"405adaa88faa24941b8a00ebff13546a\",\"string\":\"771,49196,65281-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":8,\"pkts_toclient\":7,\"bytes_toserver\":1146,\"bytes_toclient\":4754,\"start\":\"2026-03-22T09:21:49.624269+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-22T09:21:50Z","timestamp":1774171310,"ip_dst":{"addr":"Client IP","port":34378,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"207.56.160.247","port":1622,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"severity":"low","alert":"ET INFO Observed ZeroSSL SSL/TLS Certificate","source":"{\"timestamp\":\"2026-03-22T09:21:50.415924+0000\",\"flow_id\":1882130714824999,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"207.56.160.247\",\"src_port\":1622,\"dest_ip\":\"172.18.0.22\",\"dest_port\":34378,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2031231,\"rev\":3,\"signature\":\"ET INFO Observed ZeroSSL SSL/TLS Certificate\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2020_11_23\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_12_01\"]}},\"tls\":{\"subject\":\"CN=207.56.160.247\",\"issuerdn\":\"C=AT, O=ZeroSSL, CN=ZeroSSL ECC Domain Secure Site CA\",\"serial\":\"33:69:FE:3D:FE:BD:77:59:B8:A0:5C:B4:5E:0F:73:C9\",\"fingerprint\":\"92:62:39:6f:5a:9c:ea:19:7a:48:d3:1c:87:2c:1b:19:9b:6e:ca:1f\",\"version\":\"TLS 1.2\",\"notbefore\":\"2026-03-09T00:00:00\",\"notafter\":\"2026-06-07T23:59:59\",\"ja3\":{\"hash\":\"ddb7e3d96a12de225f5c4fca1d2607f1\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"405adaa88faa24941b8a00ebff13546a\",\"string\":\"771,49196,65281-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":8,\"pkts_toclient\":7,\"bytes_toserver\":1146,\"bytes_toclient\":4754,\"start\":\"2026-03-22T09:21:49.626983+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-22T09:21:50Z","timestamp":1774171310,"ip_dst":{"addr":"Client IP","port":34406,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"207.56.160.247","port":1622,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"severity":"low","alert":"ET INFO Observed ZeroSSL SSL/TLS Certificate","source":"{\"timestamp\":\"2026-03-22T09:21:50.649912+0000\",\"flow_id\":709346944966437,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"207.56.160.247\",\"src_port\":1622,\"dest_ip\":\"172.18.0.22\",\"dest_port\":34406,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2031231,\"rev\":3,\"signature\":\"ET INFO Observed ZeroSSL SSL/TLS Certificate\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2020_11_23\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_12_01\"]}},\"tls\":{\"subject\":\"CN=207.56.160.247\",\"issuerdn\":\"C=AT, O=ZeroSSL, CN=ZeroSSL ECC Domain Secure Site CA\",\"serial\":\"33:69:FE:3D:FE:BD:77:59:B8:A0:5C:B4:5E:0F:73:C9\",\"fingerprint\":\"92:62:39:6f:5a:9c:ea:19:7a:48:d3:1c:87:2c:1b:19:9b:6e:ca:1f\",\"version\":\"TLS 1.2\",\"notbefore\":\"2026-03-09T00:00:00\",\"notafter\":\"2026-06-07T23:59:59\",\"ja3\":{\"hash\":\"ddb7e3d96a12de225f5c4fca1d2607f1\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"405adaa88faa24941b8a00ebff13546a\",\"string\":\"771,49196,65281-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":8,\"pkts_toclient\":7,\"bytes_toserver\":1146,\"bytes_toclient\":4753,\"start\":\"2026-03-22T09:21:49.876325+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-22T09:21:50Z","timestamp":1774171310,"ip_dst":{"addr":"Client IP","port":34394,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"207.56.160.247","port":1622,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"severity":"low","alert":"ET INFO Observed ZeroSSL SSL/TLS Certificate","source":"{\"timestamp\":\"2026-03-22T09:21:50.664844+0000\",\"flow_id\":277427853810835,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"207.56.160.247\",\"src_port\":1622,\"dest_ip\":\"172.18.0.22\",\"dest_port\":34394,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2031231,\"rev\":3,\"signature\":\"ET INFO Observed ZeroSSL SSL/TLS Certificate\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2020_11_23\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_12_01\"]}},\"tls\":{\"subject\":\"CN=207.56.160.247\",\"issuerdn\":\"C=AT, O=ZeroSSL, CN=ZeroSSL ECC Domain Secure Site CA\",\"serial\":\"33:69:FE:3D:FE:BD:77:59:B8:A0:5C:B4:5E:0F:73:C9\",\"fingerprint\":\"92:62:39:6f:5a:9c:ea:19:7a:48:d3:1c:87:2c:1b:19:9b:6e:ca:1f\",\"version\":\"TLS 1.2\",\"notbefore\":\"2026-03-09T00:00:00\",\"notafter\":\"2026-06-07T23:59:59\",\"ja3\":{\"hash\":\"ddb7e3d96a12de225f5c4fca1d2607f1\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"405adaa88faa24941b8a00ebff13546a\",\"string\":\"771,49196,65281-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":8,\"pkts_toclient\":7,\"bytes_toserver\":1146,\"bytes_toclient\":4753,\"start\":\"2026-03-22T09:21:49.875667+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-22T09:21:50Z","timestamp":1774171310,"ip_dst":{"addr":"Client IP","port":34418,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"207.56.160.247","port":1622,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"severity":"low","alert":"ET INFO Observed ZeroSSL SSL/TLS Certificate","source":"{\"timestamp\":\"2026-03-22T09:21:50.669215+0000\",\"flow_id\":1599517571769181,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"207.56.160.247\",\"src_port\":1622,\"dest_ip\":\"172.18.0.22\",\"dest_port\":34418,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2031231,\"rev\":3,\"signature\":\"ET INFO Observed ZeroSSL SSL/TLS Certificate\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2020_11_23\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_12_01\"]}},\"tls\":{\"subject\":\"CN=207.56.160.247\",\"issuerdn\":\"C=AT, O=ZeroSSL, CN=ZeroSSL ECC Domain Secure Site CA\",\"serial\":\"33:69:FE:3D:FE:BD:77:59:B8:A0:5C:B4:5E:0F:73:C9\",\"fingerprint\":\"92:62:39:6f:5a:9c:ea:19:7a:48:d3:1c:87:2c:1b:19:9b:6e:ca:1f\",\"version\":\"TLS 1.2\",\"notbefore\":\"2026-03-09T00:00:00\",\"notafter\":\"2026-06-07T23:59:59\",\"ja3\":{\"hash\":\"3271cf62f45f551e79405f26e227ebda\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"405adaa88faa24941b8a00ebff13546a\",\"string\":\"771,49196,65281-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":8,\"pkts_toclient\":7,\"bytes_toserver\":1218,\"bytes_toclient\":4754,\"start\":\"2026-03-22T09:21:49.877405+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-22T09:21:52Z","timestamp":1774171312,"ip_dst":{"addr":"Client IP","port":41406,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"18.179.136.192","port":443,"asn":16509,"as":"AMAZON-02","country":"Japan","country_code":"JP"},"severity":"medium","alert":"ET HUNTING Observed Let's Encrypt Certificate for Suspicious TLD (.xyz)","source":"{\"timestamp\":\"2026-03-22T09:21:52.588156+0000\",\"flow_id\":1039758779201399,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"18.179.136.192\",\"src_port\":443,\"dest_ip\":\"172.18.0.22\",\"dest_port\":41406,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2025194,\"rev\":3,\"signature\":\"ET HUNTING Observed Let's Encrypt Certificate for Suspicious TLD (.xyz)\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2018_01_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_16\"]}},\"tls\":{\"subject\":\"CN=inter.nextapistep.xyz\",\"issuerdn\":\"C=US, O=Let's Encrypt, CN=E7\",\"serial\":\"05:2C:FE:64:75:E2:25:50:A9:B9:76:32:E4:8E:63:D5:85:60\",\"fingerprint\":\"21:d5:e1:29:90:6d:16:c7:c0:ca:77:85:e6:07:2a:f4:01:22:29:20\",\"sni\":\"inter.nextapistep.xyz\",\"version\":\"TLS 1.2\",\"notbefore\":\"2026-01-29T12:45:08\",\"notafter\":\"2026-04-29T12:45:07\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"fe0146829eef1917ba6c2dd4f5c08905\",\"string\":\"771,49196,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":5,\"bytes_toserver\":1014,\"bytes_toclient\":2695,\"start\":\"2026-03-22T09:21:51.767863+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-22T09:21:52Z","timestamp":1774171312,"ip_dst":{"addr":"Client IP","port":41390,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"18.179.136.192","port":443,"asn":16509,"as":"AMAZON-02","country":"Japan","country_code":"JP"},"severity":"medium","alert":"ET HUNTING Observed Let's Encrypt Certificate for Suspicious TLD (.xyz)","source":"{\"timestamp\":\"2026-03-22T09:21:52.610170+0000\",\"flow_id\":1734628653119177,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"18.179.136.192\",\"src_port\":443,\"dest_ip\":\"172.18.0.22\",\"dest_port\":41390,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2025194,\"rev\":3,\"signature\":\"ET HUNTING Observed Let's Encrypt Certificate for Suspicious TLD (.xyz)\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2018_01_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_16\"]}},\"tls\":{\"subject\":\"CN=inter.nextapistep.xyz\",\"issuerdn\":\"C=US, O=Let's Encrypt, CN=E7\",\"serial\":\"05:2C:FE:64:75:E2:25:50:A9:B9:76:32:E4:8E:63:D5:85:60\",\"fingerprint\":\"21:d5:e1:29:90:6d:16:c7:c0:ca:77:85:e6:07:2a:f4:01:22:29:20\",\"sni\":\"inter.nextapistep.xyz\",\"version\":\"TLS 1.2\",\"notbefore\":\"2026-01-29T12:45:08\",\"notafter\":\"2026-04-29T12:45:07\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"fe0146829eef1917ba6c2dd4f5c08905\",\"string\":\"771,49196,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":5,\"bytes_toserver\":1014,\"bytes_toclient\":2695,\"start\":\"2026-03-22T09:21:51.767689+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-22T09:21:52Z","timestamp":1774171312,"ip_dst":{"addr":"Client IP","port":41410,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"18.179.136.192","port":443,"asn":16509,"as":"AMAZON-02","country":"Japan","country_code":"JP"},"severity":"medium","alert":"ET HUNTING Observed Let's Encrypt Certificate for Suspicious TLD (.xyz)","source":"{\"timestamp\":\"2026-03-22T09:21:52.871374+0000\",\"flow_id\":1010935253715955,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"18.179.136.192\",\"src_port\":443,\"dest_ip\":\"172.18.0.22\",\"dest_port\":41410,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2025194,\"rev\":3,\"signature\":\"ET HUNTING Observed Let's Encrypt Certificate for Suspicious TLD (.xyz)\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2018_01_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_16\"]}},\"tls\":{\"subject\":\"CN=inter.nextapistep.xyz\",\"issuerdn\":\"C=US, O=Let's Encrypt, CN=E7\",\"serial\":\"05:2C:FE:64:75:E2:25:50:A9:B9:76:32:E4:8E:63:D5:85:60\",\"fingerprint\":\"21:d5:e1:29:90:6d:16:c7:c0:ca:77:85:e6:07:2a:f4:01:22:29:20\",\"sni\":\"inter.nextapistep.xyz\",\"version\":\"TLS 1.2\",\"notbefore\":\"2026-01-29T12:45:08\",\"notafter\":\"2026-04-29T12:45:07\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"fe0146829eef1917ba6c2dd4f5c08905\",\"string\":\"771,49196,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":5,\"bytes_toserver\":1148,\"bytes_toclient\":2695,\"start\":\"2026-03-22T09:21:52.019443+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"4fpe2vhb.w62693.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"api.qrserver.com","ip":{"addr":"95.216.163.127","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"domain_registered":"2009-05-16","domain_rank":342339,"first_seen":"2012-06-20T10:01:45Z","last_seen":"2026-03-16T07:55:00.306149Z","alert_count":0,"request_count":1,"received_data":736,"sent_data":508,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"inter.nextapistep.xyz","ip":{"addr":"18.179.136.192","port":443,"asn":16509,"as":"AMAZON-02","country":"Japan","country_code":"JP"},"domain_registered":"2023-12-04","domain_rank":0,"first_seen":"2025-06-09T18:33:50.860048Z","last_seen":"2026-01-25T01:03:51.564313Z","alert_count":0,"request_count":4,"received_data":8078,"sent_data":2160,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"1.tv","ip":{"addr":"123.108.77.206","port":443,"asn":59371,"as":"Dimension Network \u0026 Communication Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":4646017,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":314,"sent_data":473,"comment":"","tags":null,"fingerprints":null},{"fqdn":"dy-1.top","ip":{"addr":"123.108.77.206","port":443,"asn":59371,"as":"Dimension Network \u0026 Communication Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":4,"received_data":3651,"sent_data":1768,"comment":"","tags":null,"fingerprints":null},{"fqdn":"207.56.160.247","ip":{"addr":"207.56.160.247","port":1622,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":13,"received_data":1148936,"sent_data":5771,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"4fpe2vhb.w62693.top","ip":{"addr":"123.108.77.206","port":443,"asn":59371,"as":"Dimension Network \u0026 Communication Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":8,"request_count":8,"received_data":357948,"sent_data":3669,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"4fpe2vhb.w62693.top/dy/js/script.js","fqdn":"4fpe2vhb.w62693.top","domain":"w62693.top","tld":"top"},"ip":{"addr":"123.108.77.206","port":443,"asn":59371,"as":"Dimension Network \u0026 Communication Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"885342e00ba2d42248e364a87f6b62c2","sha1":"f39c10b2b4f0567a1d45d3789398f3baad050d78","sha256":"ebd6bf27a541dab46a4b3cb2eb1507e5150774c5f1c3c45078a2f3c5e68f6b54","sha512":"615b0f066cb5220cb27efaf90d46a0545164c81145b44c0a059616db966138c6db72a3139466ac72d4cdbd0864c26cbb9fe79b63d9363faaed2ba6b2cfdd678f","ssdeep":"96:lwpc1tls38GK3paHO0eve0Td6mwLMlGQYLjfI/AbS+GJOG60rq:HsDHO7vead9wLssjsAm+GP67","tlshash":"afb1d84539fa053302eb04f325db9f4e3a709007ad5ac50979bc99e11fe1ea166635c7","size":5469,"data":"","first_seen":"2026-03-22T09:22:15.183163Z","last_seen":"2026-03-22T09:22:15.183163Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"207.56.160.247:1622/index?key=c9f99843333da895d715b85b1dc9f597","fqdn":"207.56.160.247","domain":"207.56.160.247","tld":""},"ip":{"addr":"207.56.160.247","port":1622,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"b6486ccc3895fd175e1ad8f2a4675078","sha1":"c0c7e7c5236bdfbd5127297a8b9195892f98bc9f","sha256":"2161a49ae3d1e42d9ea02d11bfd5e23ce1accceddaa4a8ac6ce4dc07c194033a","sha512":"444d81415c00ccaf5e068171f4c2f822ce663c762803208e641ffde9cf58ed46c0fb3849fa1b2cbb491b21cb6f86d536e3d062da7fdd9d803a445b5beaff0a7a","ssdeep":"384:zuLFP1Ll1L11Ll1Lp1LR1LpnCKIrERURU0MMfH6ZKZxLduBLLYNRzTKkS/awGt/e:HYee3G6sZfuBL0NRzTZSgt/NRclDfpag","tlshash":"05922e89fcdc20c56424a6e047a106caa76fdbbf29137c7271e8f1392d6eaf4af44415","size":21154,"data":"","first_seen":"2026-02-08T13:51:52.74515Z","last_seen":"2026-03-22T09:22:15.217472Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"207.56.160.247:1622/static/js/sac~sar.8fbad5.js","fqdn":"207.56.160.247","domain":"207.56.160.247","tld":""},"ip":{"addr":"207.56.160.247","port":1622,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"83c9c1c1a8b518d21b89eda8659c2b30","sha1":"86788176b576541afb027f6f0745e4a49be719a2","sha256":"a620600d107c531d16510b7ee05bd507d26a91d2f667669b9e9654320f99b806","sha512":"d096f8780af23d49d1ddeada1078c7956fe9a02064642fba986eee57b8f35607fde8ffd44226505fb18abe38947dd2148f1f7431d94375ab1a8c56a52e3884d2","ssdeep":"384:2a/shMGWyQFzP9SLKqQ5YKDqDHHqLlfAo+LKZ/zLf0OXs/xqLdkA2BiVf/:2bz/QNPmvQSwqDHHAfAE8P4ygVf/","tlshash":"c6c2c85ab8d3f8b50a079060412b2120b13a2ed9e4159789fab4cdd25ef4e4d632fb7d","size":27672,"data":"","first_seen":"2025-11-19T06:32:30.988272Z","last_seen":"2026-03-22T09:22:15.20062Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"207.56.160.247:1622/libs/tac.min.js","fqdn":"207.56.160.247","domain":"207.56.160.247","tld":""},"ip":{"addr":"207.56.160.247","port":1622,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3c0da0a25410079211ad9ab45fa6e276","sha1":"198f5aab358fb34ef75f7a11b031548f3b03aee6","sha256":"2ebddc5392800dac27e9c39acba1bc0a8a38f2a06c4c7f8f47870cfadfb7c6d7","sha512":"8d1f8ecb1452757ab93a930efa60ceca5cebaa35d7a68e8e118ad66b5d7d66d32170920737a854038b327fe2f797f778bbda37ef7584f2d35c31cc81db32e9f2","ssdeep":"768:6BA3Nn+7WqwdDOm4+M3pGjpG842DP7esBOZy/9Q5BvzMcgDeOeKpltDd3zVcPZxR:6BgJjOmwKBUyFQ5JgDeYz3zWDsa","tlshash":"88336dbb719110b18a9204e2523b9e48f02b6ad0f50a4458fabed5e56f3ecd6d032f75","size":54789,"data":"","first_seen":"2024-12-15T19:25:59.326203Z","last_seen":"2026-03-22T09:22:15.179962Z","times_seen":39,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"207.56.160.247:1622/static/js/app.fdf7e2.js","fqdn":"207.56.160.247","domain":"207.56.160.247","tld":""},"ip":{"addr":"207.56.160.247","port":1622,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"75caa6330a7550f9689dc06d2fb29ecf","sha1":"51624ceaf50452b5c15665a2fa156edb6e413190","sha256":"dfa85c1216b96ce67cd6ede445ccb69a5e7f0ccda4d9451c2788cef6af00cf19","sha512":"2a4f2f703c8026701a3363b512c3014e48039ea4383f680dd8433ceaefc01f44a0fed89102806a12d67288df78483e1a2fcbc4249109990c4e3d8a3720c26b50","ssdeep":"6144:EjwpYAfxiXLkOXVnfse5fSmztq17go3wRD1VETCMoH+QcUp4AtJ5z0z/zSLk+6mV:UwpYAfxiXLkOXVnfse5fSmztq17go3w3","tlshash":"786453cfb3f6a68d04096160cc3a9ddc049a2e908074e17e9fff4acbd948a1495dbb57","size":317067,"data":"","first_seen":"2026-02-08T13:51:52.733865Z","last_seen":"2026-03-22T09:22:15.20579Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dy-1.top/conf.js","fqdn":"dy-1.top","domain":"dy-1.top","tld":"top"},"ip":{"addr":"123.108.77.206","port":443,"asn":59371,"as":"Dimension Network \u0026 Communication Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"065ab359f6842c488a1aee4a0e967030","sha1":"2ecf7ca64b725784ff5e248ab08d62adcdded95b","sha256":"088b24b6e6bd2d2318bb7b07bd74718d703955716e7eee7d851e68499fdb7d15","sha512":"6cc6c5b21a9b75bb9409ed7e48e9a34e44e6e6685b1e968103ac1a18c633ba379c74b7c92b0264926619ce157ae51ad5f92b690389dba21a001f5fb16a6c651a","ssdeep":"","tlshash":"1fb09210f1693cb20061aa28024b1a59e40912871c0f2804aa0deb3c2f1c81ac423adc","size":111,"data":"","first_seen":"2026-03-22T09:22:15.199696Z","last_seen":"2026-03-22T09:22:15.199696Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"207.56.160.247:1622/libs/base.js","fqdn":"207.56.160.247","domain":"207.56.160.247","tld":""},"ip":{"addr":"207.56.160.247","port":1622,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"82e1a54c6e00b518d5483aabba57ac80","sha1":"042c906489821f59269469bcbea0b879d1a54bca","sha256":"a7476aeb5c1a080fcf7b1deeddf3f784ef6677511608639e2c75ff81d69d9dee","sha512":"429fb929df0183d97d15ba0354baca17a18c2e782d9ec83eb58f8d14ca003daf1e292ffda05a9ec0313d4f1971893d03a7b312e866a63d5c1977cc33eaffe682","ssdeep":"1536:wvUBZXjRPalYaU/EUaB6pwqZSc2L6zx1CmUMQZV:hZXjouaDEND2L6zxkmUMQZV","tlshash":"8783e6c9b295707107a720e5447f510bf23b7919a80ac1e8f256e8da3dbc88d91a7f3d","size":87463,"data":"","first_seen":"2023-05-18T18:44:13Z","last_seen":"2026-03-22T09:22:15.179047Z","times_seen":52,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"207.56.160.247:1622/adapt.js?t=1774171309609","fqdn":"207.56.160.247","domain":"207.56.160.247","tld":""},"ip":{"addr":"207.56.160.247","port":1622,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"31b26b695ced81c7e67f1f20ac35a17d","sha1":"a245b9a373afd0cb642da886ed2665306596a466","sha256":"869560da809284c2ecbc5412cb4b9b9a3ad532815e83d93f7dedf37452fc8bda","sha512":"110c24fc6a0da69edef21335a67e3049d4f87328484f846ac65d43bb14767e2b85fe013c4c37c7bafd7cdb7f9ede8a9b774259171e6400599d60a7eb1f6a0b18","ssdeep":"","tlshash":"08d05e8eac450288ad78bf9012662a4af79fc64a5553373031dcb9303869297cf34005","size":248,"data":"","first_seen":"2026-03-22T09:22:15.188377Z","last_seen":"2026-03-22T09:22:15.188377Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"207.56.160.247:1622/static/js/common.ab7f0f.js","fqdn":"207.56.160.247","domain":"207.56.160.247","tld":""},"ip":{"addr":"207.56.160.247","port":1622,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"33e3f8ca3dfb04c8901563feb364fe26","sha1":"88aa5d3184d2b54d4c46a40b225ab17de9883b90","sha256":"926edea0ec4805bbbc9aed5692bcc3b5bd3cea88c45c53a47cdbb6027a7dcd59","sha512":"f33ec26675ff90e9683154f79535bcc693623e4ce806442b5d19d4aabd1d4f45e7f518185db72a547387ac2999130381072ad9ac2c241843693e624000d33eec","ssdeep":"6144:zh1rLBqBfShU+dF1fFiPi4upO+Ok7tQYkaBRz:zv3B/W+3i0akpkaBRz","tlshash":"964409ccba85f0a957d335a4803f650bb1772a69f40e94d0e6a2d5d1ac7898f4237e3c","size":278523,"data":"","first_seen":"2025-05-30T04:35:26.875361Z","last_seen":"2026-03-22T09:22:15.180858Z","times_seen":20,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"207.56.160.247:1622/static/emojis.js","fqdn":"207.56.160.247","domain":"207.56.160.247","tld":""},"ip":{"addr":"207.56.160.247","port":1622,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e3bb05347ffb23b2d13005726b09c1b6","sha1":"3254a3a88703edd1e40fbc94a1f3fbb0a45a5497","sha256":"580a6858fe6475b6197385335869eb20c98321cbb8f5cdd5798ee0f4218fa99c","sha512":"1b2c0c43ef814672e24ca8322f4cad861442b9bd1121e5d30ee612d80752f907f4cdfbd95da91fcc2543fcd90c281138c6402c9a946abf6b6cd723ca8e32eaa3","ssdeep":"","tlshash":"e311662701881e3e0bf4e1a96391cc4145ef443a3322c7aab7dd83c42dc0f64645342b","size":914,"data":"","first_seen":"2025-06-09T18:33:55.809903Z","last_seen":"2026-03-22T09:22:15.213783Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dy-1.top/dy.html","fqdn":"dy-1.top","domain":"dy-1.top","tld":"top"},"ip":{"addr":"123.108.77.206","port":443,"asn":59371,"as":"Dimension Network \u0026 Communication Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"e9fb5408fb256e653f1fde35d30e92c7","sha1":"c47f58383c7d1d306692a48e5b7f1cbfb3300b1f","sha256":"0b0b93ff36c68d73dbc9bbefca7293f15661aece6a3aeba2efd402c0b4d52e2b","sha512":"b550c0b9d056d7bf847db246d5b84844ac1a768c1699f29782f6447bbdb372e6eb7d17c304dfafd3253072f5d75edccab492f462ff6d5296130e2ff6f495d002","ssdeep":"","tlshash":"de214b5a72a700540ae6a26b2fc333007021a51b3a45d84d7f5c96a04f76a9ae5f6ecc","size":1241,"data":"","first_seen":"2026-03-22T09:22:15.218254Z","last_seen":"2026-03-22T09:22:15.218254Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"4fpe2vhb.w62693.top/dy/conf.js","fqdn":"4fpe2vhb.w62693.top","domain":"w62693.top","tld":"top"},"ip":{"addr":"123.108.77.206","port":443,"asn":59371,"as":"Dimension Network \u0026 Communication Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"0352f432f5b35fb7de3316abcb30ae34","sha1":"d45a744cb9bf27c316564f56c8729ba9ef840bbf","sha256":"543850a89fb723f1da185a21bd322b5da1803af2c96280763237e6ff34617fed","sha512":"f3455823a5d22a86766ce5e50213a53f7b3fa36b04a0757ef9e62acfbc8f76bad01a90602db12e4ab9ae67524e46c02149ee9b82067983106677d13527b69328","ssdeep":"","tlshash":"6101dce70744d20baf4249e0419b3a40764f261f58c1dec4f021688446f124b30a63ba","size":730,"data":"","first_seen":"2026-03-22T09:22:15.186831Z","last_seen":"2026-03-22T09:22:15.186831Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"207.56.160.247:1622/libs/wssBase.js","fqdn":"207.56.160.247","domain":"207.56.160.247","tld":""},"ip":{"addr":"207.56.160.247","port":1622,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"ecb5ba27bd6c70cb303af812ec97af7c","sha1":"8c60680281bf2a975d7d5a825f5c130fdbe77f4a","sha256":"844b0386cc004fe0caeaa5d688d88092bcb8edad710fe9e6f352c7c1a120eb24","sha512":"33f5d77512b29bd0493b1e438fc5584bbe13eae962d808b2b3c0111a3c70418b68e32e8bdd8973c862f5370958942ec419abc2be5370e515901156b1d9d3b55a","ssdeep":"1536:HUH1kVMHFByr/r2Vj6bh39ZLZdP6k/aS2uuqMX/8ITOznfGjcLEW:0HuVMXC2V6bh3btdP6k/aSUxpQLEW","tlshash":"9183e7c5f46170a103e7a2b481bf120763b6993a640d84e4f7a4d8fa5d7c98d932bf39","size":83103,"data":"","first_seen":"2023-05-18T18:44:13Z","last_seen":"2026-03-22T09:22:15.213214Z","times_seen":52,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"207.56.160.247:1622/index?key=c9f99843333da895d715b85b1dc9f597","fqdn":"207.56.160.247","domain":"207.56.160.247","tld":""},"ip":{"addr":"207.56.160.247","port":1622,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3a0c40869d24336067452daf0569a17c","sha1":"f1fc644c4e6d808a70edb32deddd67fef981ac43","sha256":"2f9b9d452afb38a9f7743dbeb06407a5fa197e6d4ce6f137da8deacd5b4acbe3","sha512":"5fdb958092c10a4027b3d276218751b055e47c9d23aedf6f9d6d24c23976ba7c82411bb4b6a7b38738fac73c0c331ced2e3a791a3af101fdd1493995a575b506","ssdeep":"","tlshash":"8771d7953298f5bc0286ec19643ff06af2791a2a485ca4e8c71bc4b47c7dd8f4406fd9","size":3647,"data":"","first_seen":"2026-02-08T13:51:52.749666Z","last_seen":"2026-03-22T09:22:15.219578Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"207.56.160.247:1622/static/js/sac.fc58f0.js","fqdn":"207.56.160.247","domain":"207.56.160.247","tld":""},"ip":{"addr":"207.56.160.247","port":1622,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"905ef51dc0117c7037a07f8e289ef2ee","sha1":"44aabe2dbfed02c3b2b0acbe9e5933a7f8e275ab","sha256":"25fba547a5e7346f8bb80878cd470290dfd87dfd1c384eba072300bc9403978e","sha512":"158db75ad752aca8f788c89089cb8529ece5b1fc7d9a6c5bacf89f9a526574f94c92968e9b6cad6a08b63cbccede169b83ba5e27feed978a36cc604f47054217","ssdeep":"1536:mcoYH61iZjZHZmdWjUXh7pR5MN4RaWAwrDsoA2p+F94tMFlYl+Z+ne:mc5esFdFlY0","tlshash":"b663b80fa99afc720b5564e0402f1634a6367a857007a27dfd34ace14aece49613fb7d","size":71918,"data":"","first_seen":"2026-01-25T01:03:58.1931Z","last_seen":"2026-03-22T09:22:15.189476Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"45bcaa69e75aeea38ec4c76149bf400a","sha1":"8e16509d9628351c6ef5d0802c47e1fa5b65694a","sha256":"91e33eaa6a117f73855ca84d4a1de62c75badb3e3bf78cfba919dd70758396ae","sha512":"3a27c9968598d176207b8e0ba6b1c0b997d10e7363b936010cb20d2ce0352f2937797ca8ba92ab9dbb20c8ac6f6c2a343f2e8c085caf8f82682f4f11b738eb31","ssdeep":"96:TGcq5zuuz/C7RPfuz1Dvujst+7rrdBrlqZ2XIUVZX6Rm:aP5yuz/qRP4est+7rrdBrYO6A","tlshash":"4fb1daa63964e9ec1242b815ed37b1d8f215442e88aadcd8c5e6c0f43af9dcd0443be2","size":5562,"data":"","first_seen":"2026-03-22T09:22:15.220429Z","last_seen":"2026-03-22T09:22:15.220429Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"https","addr":"207.56.160.247:1622/libs/base.js","fqdn":"207.56.160.247","domain":"207.56.160.247","tld":""},"ip":{"addr":"207.56.160.247","port":1622,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://207.56.160.247:1622/index?key=c9f99843333da895d715b85b1dc9f597","date":"2026-03-22T09:21:49.628Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"207.56.160.247","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Sun, 07 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:62:39:6F:5A:9C:EA:19:7A:48:D3:1C:87:2C:1B:19:9B:6E:CA:1F","sha256":"49:9A:99:FC:9C:25:42:EE:FF:C7:FD:37:96:7F:1D:36:FE:05:FA:C8:EE:89:A4:99:92:13:70:55:58:1E:73:2D"}}},"request":{"raw":"GET /libs/base.js HTTP/1.1\r\nHost: 207.56.160.247:1622\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 22 Mar 2026 09:21:49 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nLast-Modified: Tue, 03 Mar 2026 03:48:28 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69a65a0c-155a9\"\r\nExpires: Tue, 21 Apr 2026 09:21:49 GMT\r\nCache-Control: max-age=2592000\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Methods: GET, OPTIONS\r\nAccess-Control-Allow-Headers: Origin,Cookie,Set-Cookie,x-requested-with,content-type,Accept,x-v-token\r\nContent-Encoding: br\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":87465,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (64794)","md5":"82e1a54c6e00b518d5483aabba57ac80","sha1":"042c906489821f59269469bcbea0b879d1a54bca","sha256":"a7476aeb5c1a080fcf7b1deeddf3f784ef6677511608639e2c75ff81d69d9dee","sha512":"429fb929df0183d97d15ba0354baca17a18c2e782d9ec83eb58f8d14ca003daf1e292ffda05a9ec0313d4f1971893d03a7b312e866a63d5c1977cc33eaffe682","ssdeep":"1536:wvUBZXjRPalYaU/EUaB6pwqZSc2L6zx1CmUMQZV:hZXjouaDEND2L6zxkmUMQZV","tlshash":"8783e6c9b295707107a720e5447f510bf23b7919a80ac1e8f256e8da3dbc88d91a7f3d","first_seen":"2023-05-18T18:44:13Z","last_seen":"2026-03-22T09:22:15.179047Z","times_seen":52,"resource_available":true,"data":null}},"time_used":758,"timings":{"blocked":243,"dns":0,"connect":0,"send":0,"wait":514,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"207.56.160.247:1622/libs/tac.min.js","fqdn":"207.56.160.247","domain":"207.56.160.247","tld":""},"ip":{"addr":"207.56.160.247","port":1622,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://207.56.160.247:1622/index?key=c9f99843333da895d715b85b1dc9f597","date":"2026-03-22T09:21:49.630Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"207.56.160.247","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Sun, 07 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:62:39:6F:5A:9C:EA:19:7A:48:D3:1C:87:2C:1B:19:9B:6E:CA:1F","sha256":"49:9A:99:FC:9C:25:42:EE:FF:C7:FD:37:96:7F:1D:36:FE:05:FA:C8:EE:89:A4:99:92:13:70:55:58:1E:73:2D"}}},"request":{"raw":"GET /libs/tac.min.js HTTP/1.1\r\nHost: 207.56.160.247:1622\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://207.56.160.247:1622/index?key=c9f99843333da895d715b85b1dc9f597\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 22 Mar 2026 09:21:50 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nLast-Modified: Tue, 03 Mar 2026 03:48:28 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69a65a0c-d605\"\r\nExpires: Tue, 21 Apr 2026 09:21:50 GMT\r\nCache-Control: max-age=2592000\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Methods: GET, OPTIONS\r\nAccess-Control-Allow-Headers: Origin,Cookie,Set-Cookie,x-requested-with,content-type,Accept,x-v-token\r\nContent-Encoding: br\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":54789,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (54766)","md5":"3c0da0a25410079211ad9ab45fa6e276","sha1":"198f5aab358fb34ef75f7a11b031548f3b03aee6","sha256":"2ebddc5392800dac27e9c39acba1bc0a8a38f2a06c4c7f8f47870cfadfb7c6d7","sha512":"8d1f8ecb1452757ab93a930efa60ceca5cebaa35d7a68e8e118ad66b5d7d66d32170920737a854038b327fe2f797f778bbda37ef7584f2d35c31cc81db32e9f2","ssdeep":"768:6BA3Nn+7WqwdDOm4+M3pGjpG842DP7esBOZy/9Q5BvzMcgDeOeKpltDd3zVcPZxR:6BgJjOmwKBUyFQ5JgDeYz3zWDsa","tlshash":"88336dbb719110b18a9204e2523b9e48f02b6ad0f50a4458fabed5e56f3ecd6d032f75","first_seen":"2024-12-15T19:25:59.326203Z","last_seen":"2026-03-22T09:22:15.179962Z","times_seen":39,"resource_available":true,"data":null}},"time_used":2044,"timings":{"blocked":765,"dns":0,"connect":250,"send":0,"wait":504,"receive":1,"ssl":520},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"207.56.160.247:1622/static/js/common.ab7f0f.js","fqdn":"207.56.160.247","domain":"207.56.160.247","tld":""},"ip":{"addr":"207.56.160.247","port":1622,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://207.56.160.247:1622/index?key=c9f99843333da895d715b85b1dc9f597","date":"2026-03-22T09:21:49.632Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"207.56.160.247","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Sun, 07 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:62:39:6F:5A:9C:EA:19:7A:48:D3:1C:87:2C:1B:19:9B:6E:CA:1F","sha256":"49:9A:99:FC:9C:25:42:EE:FF:C7:FD:37:96:7F:1D:36:FE:05:FA:C8:EE:89:A4:99:92:13:70:55:58:1E:73:2D"}}},"request":{"raw":"GET /static/js/common.ab7f0f.js HTTP/1.1\r\nHost: 207.56.160.247:1622\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://207.56.160.247:1622/index?key=c9f99843333da895d715b85b1dc9f597\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 22 Mar 2026 09:21:50 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nLast-Modified: Tue, 03 Mar 2026 03:48:28 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69a65a0c-43ffb\"\r\nExpires: Tue, 21 Apr 2026 09:21:50 GMT\r\nCache-Control: max-age=2592000\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Methods: GET, OPTIONS\r\nAccess-Control-Allow-Headers: Origin,Cookie,Set-Cookie,x-requested-with,content-type,Accept,x-v-token\r\nContent-Encoding: br\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":278523,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"33e3f8ca3dfb04c8901563feb364fe26","sha1":"88aa5d3184d2b54d4c46a40b225ab17de9883b90","sha256":"926edea0ec4805bbbc9aed5692bcc3b5bd3cea88c45c53a47cdbb6027a7dcd59","sha512":"f33ec26675ff90e9683154f79535bcc693623e4ce806442b5d19d4aabd1d4f45e7f518185db72a547387ac2999130381072ad9ac2c241843693e624000d33eec","ssdeep":"6144:zh1rLBqBfShU+dF1fFiPi4upO+Ok7tQYkaBRz:zv3B/W+3i0akpkaBRz","tlshash":"964409ccba85f0a957d335a4803f650bb1772a69f40e94d0e6a2d5d1ac7898f4237e3c","first_seen":"2025-05-30T04:35:26.875361Z","last_seen":"2026-03-22T09:22:15.180858Z","times_seen":20,"resource_available":true,"data":null}},"time_used":2635,"timings":{"blocked":778,"dns":0,"connect":258,"send":0,"wait":553,"receive":518,"ssl":525},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"207.56.160.247:1622/static/css/sac~sar.8e2bfe0c.css","fqdn":"207.56.160.247","domain":"207.56.160.247","tld":""},"ip":{"addr":"207.56.160.247","port":1622,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://207.56.160.247:1622/index?key=c9f99843333da895d715b85b1dc9f597","date":"2026-03-22T09:21:53.186Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"207.56.160.247","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Sun, 07 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:62:39:6F:5A:9C:EA:19:7A:48:D3:1C:87:2C:1B:19:9B:6E:CA:1F","sha256":"49:9A:99:FC:9C:25:42:EE:FF:C7:FD:37:96:7F:1D:36:FE:05:FA:C8:EE:89:A4:99:92:13:70:55:58:1E:73:2D"}}},"request":{"raw":"GET /static/css/sac~sar.8e2bfe0c.css HTTP/1.1\r\nHost: 207.56.160.247:1622\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 22 Mar 2026 09:21:53 GMT\r\nContent-Type: text/css\r\nLast-Modified: Tue, 03 Mar 2026 03:48:28 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69a65a0c-2a1c7\"\r\nExpires: Tue, 21 Apr 2026 09:21:53 GMT\r\nCache-Control: max-age=2592000\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Methods: GET, OPTIONS\r\nAccess-Control-Allow-Headers: Origin,Cookie,Set-Cookie,x-requested-with,content-type,Accept,x-v-token\r\nContent-Encoding: br\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":172487,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65534), with no line terminators","md5":"6bc1ea80106c60984a6b702365522824","sha1":"1d3cf813cbd43a777064f7174106617c920fb8a9","sha256":"03b0df0d105e1a10387bd7ee1cef9506afbd06047072b524c30230d1ff54fce2","sha512":"f6ca045e82febcd416b6892130d8847d3a214c280029573c4cf4a1da86752b164cfd5c97d0abc127ed6af3b96e3bfe8ab1f63ff8eb16eac0f5dab75537165089","ssdeep":"3072:GyhKRO8Y57L/p4Ws0zzHKUlTd8h65L5qDOhWpPYb:jkY5/R4Ws0zzfNd8h65L5qDin","tlshash":"c2f3af3f74c0362aa44fce3161d40ac58561c557e1a356bcfab53a18ca9f8eaa33714f","first_seen":"2026-02-08T13:51:52.743027Z","last_seen":"2026-03-22T09:22:15.181676Z","times_seen":3,"resource_available":false,"data":null}},"time_used":796,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":533,"receive":263,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"4fpe2vhb.w62693.top/dy","fqdn":"4fpe2vhb.w62693.top","domain":"w62693.top","tld":"top"},"ip":{"addr":"123.108.77.206","port":443,"asn":59371,"as":"Dimension Network \u0026 Communication Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-22T09:21:45.365Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.w62693.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 26 Feb 2026 07:01:57 GMT","end":"Wed, 27 May 2026 07:01:56 GMT"},"fingerprint":{"sha1":"E2:0D:2E:02:78:47:34:C1:F3:2E:F2:CC:F1:8C:97:B2:95:E0:F1:BE","sha256":"D0:88:8A:7E:2F:D1:72:51:97:49:AE:E6:AA:5A:12:23:33:22:16:E1:BD:9A:76:F2:D8:29:51:D3:59:DB:1C:C1"}}},"request":{"raw":"GET /dy HTTP/1.1\r\nHost: 4fpe2vhb.w62693.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dy-1.top/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Sun, 22 Mar 2026 09:21:46 GMT\r\nContent-Type: text/html\r\nContent-Length: 162\r\nConnection: keep-alive\r\nLocation: http://4fpe2vhb.w62693.top/dy/\r\nServer: cdn\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":null,"data":{"size":442,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T02:47:04.217168Z","times_seen":13356183,"resource_available":true,"data":null}},"time_used":3317,"timings":{"blocked":1541,"dns":860,"connect":223,"send":0,"wait":234,"receive":0,"ssl":455},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"4fpe2vhb.w62693.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"4fpe2vhb.w62693.top/dy/js/script.js","fqdn":"4fpe2vhb.w62693.top","domain":"w62693.top","tld":"top"},"ip":{"addr":"123.108.77.206","port":443,"asn":59371,"as":"Dimension Network \u0026 Communication Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://4fpe2vhb.w62693.top/dy/","date":"2026-03-22T09:21:47.533Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.w62693.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 26 Feb 2026 07:01:57 GMT","end":"Wed, 27 May 2026 07:01:56 GMT"},"fingerprint":{"sha1":"E2:0D:2E:02:78:47:34:C1:F3:2E:F2:CC:F1:8C:97:B2:95:E0:F1:BE","sha256":"D0:88:8A:7E:2F:D1:72:51:97:49:AE:E6:AA:5A:12:23:33:22:16:E1:BD:9A:76:F2:D8:29:51:D3:59:DB:1C:C1"}}},"request":{"raw":"GET /dy/js/script.js HTTP/1.1\r\nHost: 4fpe2vhb.w62693.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://4fpe2vhb.w62693.top/dy/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 22 Mar 2026 09:21:48 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 21 Jan 2026 08:00:49 GMT\r\nVary: Accept-Encoding, Accept-Encoding\r\nETag: W/\"697087b1-155d\"\r\nExpires: Sun, 22 Mar 2026 21:21:48 GMT\r\nCache-Control: max-age=43200\r\nServer: cdn\r\nX-Cache-Status: MISS\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5469,"size_decoded":0,"mime_type":"application/javascript","magic":"exported SGML document, Unicode text, UTF-8 text","md5":"885342e00ba2d42248e364a87f6b62c2","sha1":"f39c10b2b4f0567a1d45d3789398f3baad050d78","sha256":"ebd6bf27a541dab46a4b3cb2eb1507e5150774c5f1c3c45078a2f3c5e68f6b54","sha512":"615b0f066cb5220cb27efaf90d46a0545164c81145b44c0a059616db966138c6db72a3139466ac72d4cdbd0864c26cbb9fe79b63d9363faaed2ba6b2cfdd678f","ssdeep":"96:lwpc1tls38GK3paHO0eve0Td6mwLMlGQYLjfI/AbS+GJOG60rq:HsDHO7vead9wLssjsAm+GP67","tlshash":"afb1d84539fa053302eb04f325db9f4e3a709007ad5ac50979bc99e11fe1ea166635c7","first_seen":"2026-03-22T09:22:15.183163Z","last_seen":"2026-03-22T09:22:15.183163Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1603,"timings":{"blocked":677,"dns":1,"connect":226,"send":0,"wait":245,"receive":0,"ssl":451},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"4fpe2vhb.w62693.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.qrserver.com/v1/create-qr-code/?data=https%3A%2F%2F4fpe2vhb.w62693.top%2Fdy%2F\u0026size=200x200","fqdn":"api.qrserver.com","domain":"qrserver.com","tld":"com"},"ip":{"addr":"95.216.163.127","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://4fpe2vhb.w62693.top/dy/","date":"2026-03-22T09:21:48.491Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qrserver.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 23:01:13 GMT","end":"Tue, 28 Apr 2026 23:01:12 GMT"},"fingerprint":{"sha1":"36:66:7A:C6:21:AB:9B:AD:56:08:9E:97:8C:DC:16:0A:C5:FA:E1:E8","sha256":"E2:57:F5:4B:0D:54:D1:C1:94:D5:3A:F8:BC:8F:59:3E:39:88:29:15:4C:43:4D:94:6B:1C:FD:91:9A:D1:DE:A9"}}},"request":{"raw":"GET /v1/create-qr-code/?data=https%3A%2F%2F4fpe2vhb.w62693.top%2Fdy%2F\u0026size=200x200 HTTP/1.1\r\nHost: api.qrserver.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://4fpe2vhb.w62693.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 22 Mar 2026 09:21:48 GMT\r\ncontent-type: image/png\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT\r\naccess-control-max-age: 7200\r\naccess-control-allow-headers: Accept, Accept-Language, Content-Language, Content-Type, Origin, Authorization, X-Requested-With, Client-Security-Token\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":346,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 1-bit colormap, non-interlaced","md5":"dd33da05e038745d4f38fe26cde26ec2","sha1":"7f17f033fc20b90aff6de915f8425faad961638d","sha256":"28e5c5ba8aabdc29bc4888ae78f0658af5df7245281a45f9e337253a3e1c6685","sha512":"696813e81922343579fc732c1f79c87381d8038055ee1fd0d5b0ac418848eaacfbdec15b9ce32986b59f70a9d7a8dfba98340b92dd547e51ae2a790469839397","ssdeep":"","tlshash":"63e0c6f29980ec09103c12326fa26062d0da3a120cf8cb0359abe1838c209e85c80a26","first_seen":"2026-03-22T09:22:15.184779Z","last_seen":"2026-03-22T09:22:15.184779Z","times_seen":1,"resource_available":false,"data":null}},"time_used":253,"timings":{"blocked":107,"dns":15,"connect":27,"send":0,"wait":36,"receive":0,"ssl":66},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"inter.nextapistep.xyz/api/v1/v/qn/list?cid=1472","fqdn":"inter.nextapistep.xyz","domain":"nextapistep.xyz","tld":"xyz"},"ip":{"addr":"18.179.136.192","port":443,"asn":16509,"as":"AMAZON-02","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://207.56.160.247:1622/index?key=c9f99843333da895d715b85b1dc9f597","date":"2026-03-22T09:21:54.354Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"inter.nextapistep.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 12:45:08 GMT","end":"Wed, 29 Apr 2026 12:45:07 GMT"},"fingerprint":{"sha1":"21:D5:E1:29:90:6D:16:C7:C0:CA:77:85:E6:07:2A:F4:01:22:29:20","sha256":"56:AE:5B:09:8B:EF:19:B2:F4:39:D6:77:DB:1E:05:C8:C9:96:EC:31:0A:E1:8A:82:FA:1A:91:B8:BF:BA:ED:1E"}}},"request":{"raw":"POST /api/v1/v/qn/list?cid=1472 HTTP/1.1\r\nHost: inter.nextapistep.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json; charset=UTF-8\r\nx-v-token: b60efe7d2b594f49a9e2b85733aa4e7b\r\nContent-Length: 36\r\nOrigin: https://207.56.160.247:1622\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":36,"data":"{\"cid\":\"1472\",\"lan\":\"en\",\"sid\":null}"}},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx\r\nDate: Sun, 22 Mar 2026 09:21:54 GMT\r\nContent-Type: application/json;charset=UTF-8\r\nContent-Length: 45\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://207.56.160.247:1622\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Headers: Origin,Cookie,Set-Cookie,x-requested-with,content-type,Accept,x-v-token\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":45,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"d54b975e1420fad1294ffebc783ba5f4","sha1":"e4a6149ca2901be9e7122484c68e4cb13eb109b1","sha256":"c27d89d3114fac65fe85546b23c98024ddc113beec58c571db9830fa76ee5e09","sha512":"40655c178b6f1da1598dcfd009a7c711169b4ea50a1da097ccf05aed82480f214969b81e10ccbc2dbd3cecc941464b646b5cfcea19ed514059786b34025b8a98","ssdeep":"","tlshash":"1d9002891c18464294830165950a6605002c3163150496584c5d972580981706040828","first_seen":"2023-05-18T18:44:13Z","last_seen":"2026-03-22T09:22:15.18616Z","times_seen":17,"resource_available":false,"data":null}},"time_used":282,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":282,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"4fpe2vhb.w62693.top/dy/conf.js","fqdn":"4fpe2vhb.w62693.top","domain":"w62693.top","tld":"top"},"ip":{"addr":"123.108.77.206","port":443,"asn":59371,"as":"Dimension Network \u0026 Communication Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://4fpe2vhb.w62693.top/dy/","date":"2026-03-22T09:21:47.532Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.w62693.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 26 Feb 2026 07:01:57 GMT","end":"Wed, 27 May 2026 07:01:56 GMT"},"fingerprint":{"sha1":"E2:0D:2E:02:78:47:34:C1:F3:2E:F2:CC:F1:8C:97:B2:95:E0:F1:BE","sha256":"D0:88:8A:7E:2F:D1:72:51:97:49:AE:E6:AA:5A:12:23:33:22:16:E1:BD:9A:76:F2:D8:29:51:D3:59:DB:1C:C1"}}},"request":{"raw":"GET /dy/conf.js HTTP/1.1\r\nHost: 4fpe2vhb.w62693.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://4fpe2vhb.w62693.top/dy/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 22 Mar 2026 09:21:48 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 730\r\nConnection: keep-alive\r\nLast-Modified: Tue, 17 Mar 2026 11:11:50 GMT\r\nETag: \"69b936f6-2da\"\r\nExpires: Sun, 22 Mar 2026 21:21:48 GMT\r\nCache-Control: max-age=43200\r\nServer: cdn\r\nX-Cache-Status: MISS\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":730,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text","md5":"0352f432f5b35fb7de3316abcb30ae34","sha1":"d45a744cb9bf27c316564f56c8729ba9ef840bbf","sha256":"543850a89fb723f1da185a21bd322b5da1803af2c96280763237e6ff34617fed","sha512":"f3455823a5d22a86766ce5e50213a53f7b3fa36b04a0757ef9e62acfbc8f76bad01a90602db12e4ab9ae67524e46c02149ee9b82067983106677d13527b69328","ssdeep":"","tlshash":"6101dce70744d20baf4249e0419b3a40764f261f58c1dec4f021688446f124b30a63ba","first_seen":"2026-03-22T09:22:15.186831Z","last_seen":"2026-03-22T09:22:15.186831Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1571,"timings":{"blocked":670,"dns":1,"connect":223,"send":0,"wait":227,"receive":1,"ssl":446},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"4fpe2vhb.w62693.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"207.56.160.247:1622/adapt.js?t=1774171309609","fqdn":"207.56.160.247","domain":"207.56.160.247","tld":""},"ip":{"addr":"207.56.160.247","port":1622,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://207.56.160.247:1622/index?key=c9f99843333da895d715b85b1dc9f597","date":"2026-03-22T09:21:49.631Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"207.56.160.247","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Sun, 07 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:62:39:6F:5A:9C:EA:19:7A:48:D3:1C:87:2C:1B:19:9B:6E:CA:1F","sha256":"49:9A:99:FC:9C:25:42:EE:FF:C7:FD:37:96:7F:1D:36:FE:05:FA:C8:EE:89:A4:99:92:13:70:55:58:1E:73:2D"}}},"request":{"raw":"GET /adapt.js?t=1774171309609 HTTP/1.1\r\nHost: 207.56.160.247:1622\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://207.56.160.247:1622/index?key=c9f99843333da895d715b85b1dc9f597\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 22 Mar 2026 09:21:50 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nLast-Modified: Tue, 03 Mar 2026 03:48:28 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69a65a0c-f8\"\r\nExpires: Tue, 21 Apr 2026 09:21:50 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: br\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":248,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"31b26b695ced81c7e67f1f20ac35a17d","sha1":"a245b9a373afd0cb642da886ed2665306596a466","sha256":"869560da809284c2ecbc5412cb4b9b9a3ad532815e83d93f7dedf37452fc8bda","sha512":"110c24fc6a0da69edef21335a67e3049d4f87328484f846ac65d43bb14767e2b85fe013c4c37c7bafd7cdb7f9ede8a9b774259171e6400599d60a7eb1f6a0b18","ssdeep":"","tlshash":"08d05e8eac450288ad78bf9012662a4af79fc64a5553373031dcb9303869297cf34005","first_seen":"2026-03-22T09:22:15.188377Z","last_seen":"2026-03-22T09:22:15.188377Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1786,"timings":{"blocked":763,"dns":0,"connect":253,"send":0,"wait":254,"receive":1,"ssl":512},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"207.56.160.247:1622/static/js/sac.fc58f0.js","fqdn":"207.56.160.247","domain":"207.56.160.247","tld":""},"ip":{"addr":"207.56.160.247","port":1622,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://207.56.160.247:1622/index?key=c9f99843333da895d715b85b1dc9f597","date":"2026-03-22T09:21:53.191Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"207.56.160.247","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Sun, 07 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:62:39:6F:5A:9C:EA:19:7A:48:D3:1C:87:2C:1B:19:9B:6E:CA:1F","sha256":"49:9A:99:FC:9C:25:42:EE:FF:C7:FD:37:96:7F:1D:36:FE:05:FA:C8:EE:89:A4:99:92:13:70:55:58:1E:73:2D"}}},"request":{"raw":"GET /static/js/sac.fc58f0.js HTTP/1.1\r\nHost: 207.56.160.247:1622\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 22 Mar 2026 09:21:53 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nLast-Modified: Tue, 03 Mar 2026 03:48:28 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69a65a0c-118ee\"\r\nExpires: Tue, 21 Apr 2026 09:21:53 GMT\r\nCache-Control: max-age=2592000\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Methods: GET, OPTIONS\r\nAccess-Control-Allow-Headers: Origin,Cookie,Set-Cookie,x-requested-with,content-type,Accept,x-v-token\r\nContent-Encoding: br\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":71918,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"905ef51dc0117c7037a07f8e289ef2ee","sha1":"44aabe2dbfed02c3b2b0acbe9e5933a7f8e275ab","sha256":"25fba547a5e7346f8bb80878cd470290dfd87dfd1c384eba072300bc9403978e","sha512":"158db75ad752aca8f788c89089cb8529ece5b1fc7d9a6c5bacf89f9a526574f94c92968e9b6cad6a08b63cbccede169b83ba5e27feed978a36cc604f47054217","ssdeep":"1536:mcoYH61iZjZHZmdWjUXh7pR5MN4RaWAwrDsoA2p+F94tMFlYl+Z+ne:mc5esFdFlY0","tlshash":"b663b80fa99afc720b5564e0402f1634a6367a857007a27dfd34ace14aece49613fb7d","first_seen":"2026-01-25T01:03:58.1931Z","last_seen":"2026-03-22T09:22:15.189476Z","times_seen":4,"resource_available":true,"data":null}},"time_used":522,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":521,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"inter.nextapistep.xyz/api/v1/v/qn/list?cid=1472","fqdn":"inter.nextapistep.xyz","domain":"nextapistep.xyz","tld":"xyz"},"ip":{"addr":"18.179.136.192","port":443,"asn":16509,"as":"AMAZON-02","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://207.56.160.247:1622/index?key=c9f99843333da895d715b85b1dc9f597","date":"2026-03-22T09:21:54.079Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"inter.nextapistep.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 12:45:08 GMT","end":"Wed, 29 Apr 2026 12:45:07 GMT"},"fingerprint":{"sha1":"21:D5:E1:29:90:6D:16:C7:C0:CA:77:85:E6:07:2A:F4:01:22:29:20","sha256":"56:AE:5B:09:8B:EF:19:B2:F4:39:D6:77:DB:1E:05:C8:C9:96:EC:31:0A:E1:8A:82:FA:1A:91:B8:BF:BA:ED:1E"}}},"request":{"raw":"OPTIONS /api/v1/v/qn/list?cid=1472 HTTP/1.1\r\nHost: inter.nextapistep.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,x-v-token\r\nOrigin: https://207.56.160.247:1622\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx\r\nDate: Sun, 22 Mar 2026 09:21:54 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://207.56.160.247:1622\r\nAccess-Control-Allow-Methods: POST\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Headers: content-type, x-v-token, Origin,Cookie,Set-Cookie,x-requested-with,content-type,Accept,x-v-token\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T02:47:04.217168Z","times_seen":13356183,"resource_available":true,"data":null}},"time_used":271,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":271,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"4fpe2vhb.w62693.top/dy/js/style.css","fqdn":"4fpe2vhb.w62693.top","domain":"w62693.top","tld":"top"},"ip":{"addr":"123.108.77.206","port":443,"asn":59371,"as":"Dimension Network \u0026 Communication Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://4fpe2vhb.w62693.top/dy/","date":"2026-03-22T09:21:47.530Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.w62693.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 26 Feb 2026 07:01:57 GMT","end":"Wed, 27 May 2026 07:01:56 GMT"},"fingerprint":{"sha1":"E2:0D:2E:02:78:47:34:C1:F3:2E:F2:CC:F1:8C:97:B2:95:E0:F1:BE","sha256":"D0:88:8A:7E:2F:D1:72:51:97:49:AE:E6:AA:5A:12:23:33:22:16:E1:BD:9A:76:F2:D8:29:51:D3:59:DB:1C:C1"}}},"request":{"raw":"GET /dy/js/style.css HTTP/1.1\r\nHost: 4fpe2vhb.w62693.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://4fpe2vhb.w62693.top/dy/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 22 Mar 2026 09:21:47 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Sat, 31 Jan 2026 08:23:34 GMT\r\nVary: Accept-Encoding, Accept-Encoding\r\nETag: W/\"697dbc06-1126\"\r\nExpires: Sun, 22 Mar 2026 21:21:47 GMT\r\nCache-Control: max-age=43200\r\nServer: cdn\r\nX-Cache-Status: MISS\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4390,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"7b4206209703f1f3bda2dec3d6708c59","sha1":"356806fe1b474ccb861d29548131cb93b6873f26","sha256":"15bbda14fb586a1dc950544bddac008b310763dcd016d2877780fe47e8a5aa76","sha512":"846ffd2a8425a97a033159417482d77398b8aafe8373a4c48ab0d79eebfffb06a032bca94987d4b14b3122eed83934716294a6c55df47dba80849ed87132cb20","ssdeep":"96:s8CFL7xtZj2rz72EZpp80Cf5c4jSQKGUpFCr16snCerM:Qbi7jB87f5cCTKGUurEKrM","tlshash":"749100c76fb50408745fc4a879a29faa636d4413a20fcc3d77f4305caf862d952b6b98","first_seen":"2026-03-22T09:22:15.190233Z","last_seen":"2026-03-22T09:22:15.190233Z","times_seen":1,"resource_available":false,"data":null}},"time_used":234,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":234,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"4fpe2vhb.w62693.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"inter.nextapistep.xyz/api/v1/v/init","fqdn":"inter.nextapistep.xyz","domain":"nextapistep.xyz","tld":"xyz"},"ip":{"addr":"18.179.136.192","port":443,"asn":16509,"as":"AMAZON-02","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://207.56.160.247:1622/index?key=c9f99843333da895d715b85b1dc9f597","date":"2026-03-22T09:21:52.920Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"inter.nextapistep.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 12:45:08 GMT","end":"Wed, 29 Apr 2026 12:45:07 GMT"},"fingerprint":{"sha1":"21:D5:E1:29:90:6D:16:C7:C0:CA:77:85:E6:07:2A:F4:01:22:29:20","sha256":"56:AE:5B:09:8B:EF:19:B2:F4:39:D6:77:DB:1E:05:C8:C9:96:EC:31:0A:E1:8A:82:FA:1A:91:B8:BF:BA:ED:1E"}}},"request":{"raw":"POST /api/v1/v/init HTTP/1.1\r\nHost: inter.nextapistep.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json; charset=UTF-8\r\nx-v-token: null\r\nContent-Length: 51\r\nOrigin: https://207.56.160.247:1622\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":51,"data":"{\"cid\":\"c9f99843333da895d715b85b1dc9f597\",\"vid\":\"\"}"}},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx\r\nDate: Sun, 22 Mar 2026 09:21:53 GMT\r\nContent-Type: application/json;charset=UTF-8\r\nContent-Length: 6255\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://207.56.160.247:1622\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Headers: Origin,Cookie,Set-Cookie,x-requested-with,content-type,Accept,x-v-token\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6255,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"689d795f16732141722db5d905ea7647","sha1":"d6d4aa1dcf8dfd7548d786049a38ec2e77f3f25f","sha256":"ea3f7fb0953ae82b8a19959748fda4abcc548a04901dee7f89dc34037b35c752","sha512":"c3db2fec060548d01667beade1c6e97575329f61e32b2aea48650e3b72568cab7d3cc34c4d9d7bc285530ee425b42481b27e6b6ab2694258977aa3e796d2987c","ssdeep":"96:K9mgftkTJ53RzbP+mK9O05ZO2tPw4RCJ531p8Mbu+BcS29/R38n1MjPTLFZLgDMj:so5Bzjy5ZO2tPY5iNR377RZM4AWwY","tlshash":"4ed11fc398a4dae3c2918cde1ab46eb094013c75c3bf6c2e58c8ecaa15ac1716772477","first_seen":"2026-03-22T09:22:15.191338Z","last_seen":"2026-03-22T09:22:15.191338Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1542,"timings":{"blocked":-1,"dns":140,"connect":279,"send":0,"wait":301,"receive":1,"ssl":564},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"inter.nextapistep.xyz/api/v1/v/init","fqdn":"inter.nextapistep.xyz","domain":"nextapistep.xyz","tld":"xyz"},"ip":{"addr":"18.179.136.192","port":443,"asn":16509,"as":"AMAZON-02","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://207.56.160.247:1622/index?key=c9f99843333da895d715b85b1dc9f597","date":"2026-03-22T09:21:51.631Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"inter.nextapistep.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 12:45:08 GMT","end":"Wed, 29 Apr 2026 12:45:07 GMT"},"fingerprint":{"sha1":"21:D5:E1:29:90:6D:16:C7:C0:CA:77:85:E6:07:2A:F4:01:22:29:20","sha256":"56:AE:5B:09:8B:EF:19:B2:F4:39:D6:77:DB:1E:05:C8:C9:96:EC:31:0A:E1:8A:82:FA:1A:91:B8:BF:BA:ED:1E"}}},"request":{"raw":"OPTIONS /api/v1/v/init HTTP/1.1\r\nHost: inter.nextapistep.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,x-v-token\r\nOrigin: https://207.56.160.247:1622\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx\r\nDate: Sun, 22 Mar 2026 09:21:52 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://207.56.160.247:1622\r\nAccess-Control-Allow-Methods: POST\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Headers: content-type, x-v-token, Origin,Cookie,Set-Cookie,x-requested-with,content-type,Accept,x-v-token\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T02:47:04.217168Z","times_seen":13356183,"resource_available":true,"data":null}},"time_used":2191,"timings":{"blocked":960,"dns":137,"connect":270,"send":0,"wait":271,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1.tv/","fqdn":"1.tv","domain":"1.tv","tld":"tv"},"ip":{"addr":"123.108.77.206","port":443,"asn":59371,"as":"Dimension Network \u0026 Communication Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-22T09:21:41.682Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"1.tv","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Mar 2026 06:42:01 GMT","end":"Tue, 09 Jun 2026 06:42:00 GMT"},"fingerprint":{"sha1":"62:9D:EC:F3:7C:B1:61:5C:83:43:96:A9:68:C7:BC:E4:AD:39:93:C9","sha256":"2E:27:55:B1:73:B2:F7:3B:9F:2A:E2:23:D5:59:68:F8:41:FC:D3:B7:D9:42:C7:7F:7F:C5:85:50:9C:F5:49:96"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 1.tv\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 22 Mar 2026 09:21:42 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Accept-Encoding\r\nServer: cdn\r\nX-Cache-Status: MISS\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":67,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"e02c4df9b736f8978887d8e5f60c2e79","sha1":"3d9dd78b7a251af349828f47dfcd82d33731c3e4","sha256":"5dafc19e3cb9cc363dcbdf997b8914dd4223200199523fefe2f7e85cdb787064","sha512":"aef8d3a06010fba10fa7c67eacfcb8e4fe1eeb699b1b721339be80fdc53da8e84217722d45c0df155bf07047f32ea9b0ccbafa8b0615e375ae724f667280c649","ssdeep":"","tlshash":"37a002e71c40ea0527e592614ee2b10f745351af5980f85354c2182232253ea8d1adc9","first_seen":"2026-03-22T09:22:15.197352Z","last_seen":"2026-03-22T09:22:15.197352Z","times_seen":1,"resource_available":true,"data":null}},"time_used":2487,"timings":{"blocked":1127,"dns":451,"connect":223,"send":0,"wait":233,"receive":0,"ssl":451},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dy-1.top/dy.html","fqdn":"dy-1.top","domain":"dy-1.top","tld":"top"},"ip":{"addr":"123.108.77.206","port":443,"asn":59371,"as":"Dimension Network \u0026 Communication Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-22T09:21:43.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"dy-1.top","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 00:06:13 GMT","end":"Sat, 20 Jun 2026 00:06:12 GMT"},"fingerprint":{"sha1":"4D:D2:A2:82:21:5C:D7:96:36:4C:4D:4D:42:35:C0:57:29:0B:B5:CB","sha256":"96:54:A3:AC:7D:AB:FF:BC:90:5B:36:8F:A3:87:DA:E2:BF:12:16:DA:E8:22:FA:5A:9C:3E:86:E8:2D:4B:2B:59"}}},"request":{"raw":"GET /dy.html HTTP/1.1\r\nHost: dy-1.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1.tv/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 22 Mar 2026 09:21:44 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 20 Jan 2026 01:41:09 GMT\r\nVary: Accept-Encoding, Accept-Encoding\r\nETag: W/\"696edd35-a20\"\r\nServer: cdn\r\nX-Cache-Status: MISS\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2592,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"ead79ab29658f33f2ff3af41b5b4f0a3","sha1":"1060a4f76237e3d4e9ba9fdeb0a4964bf11426d9","sha256":"2599ec40421006139510fef765d89f0faddea949b1a00eb5af4638c3799d018c","sha512":"e81f2ec4a787304b46cab37266597e91eba520aa5be12b83c4c6cfdc8e07866ceb8d56bedf166db0cca502b0eb93719ab6d1c7993fe25fd4389a45a31daa2c2a","ssdeep":"","tlshash":"2751105a76a300459597a1a63fc373042060e40b6b4ad86d7f8ca2a08f96b9dd5f3bcc","first_seen":"2026-03-22T09:22:15.198524Z","last_seen":"2026-03-22T09:22:15.198524Z","times_seen":1,"resource_available":true,"data":null}},"time_used":3280,"timings":{"blocked":1437,"dns":752,"connect":226,"send":0,"wait":404,"receive":1,"ssl":457},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dy-1.top/conf.js","fqdn":"dy-1.top","domain":"dy-1.top","tld":"top"},"ip":{"addr":"123.108.77.206","port":443,"asn":59371,"as":"Dimension Network \u0026 Communication Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dy-1.top/dy.html","date":"2026-03-22T09:21:45.104Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"dy-1.top","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 00:06:13 GMT","end":"Sat, 20 Jun 2026 00:06:12 GMT"},"fingerprint":{"sha1":"4D:D2:A2:82:21:5C:D7:96:36:4C:4D:4D:42:35:C0:57:29:0B:B5:CB","sha256":"96:54:A3:AC:7D:AB:FF:BC:90:5B:36:8F:A3:87:DA:E2:BF:12:16:DA:E8:22:FA:5A:9C:3E:86:E8:2D:4B:2B:59"}}},"request":{"raw":"GET /conf.js HTTP/1.1\r\nHost: dy-1.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dy-1.top/dy.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 22 Mar 2026 09:21:45 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 111\r\nConnection: keep-alive\r\nLast-Modified: Thu, 26 Feb 2026 08:05:06 GMT\r\nETag: \"699ffeb2-6f\"\r\nExpires: Sun, 22 Mar 2026 21:21:26 GMT\r\nCache-Control: max-age=43200\r\nServer: cdn\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":111,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"065ab359f6842c488a1aee4a0e967030","sha1":"2ecf7ca64b725784ff5e248ab08d62adcdded95b","sha256":"088b24b6e6bd2d2318bb7b07bd74718d703955716e7eee7d851e68499fdb7d15","sha512":"6cc6c5b21a9b75bb9409ed7e48e9a34e44e6e6685b1e968103ac1a18c633ba379c74b7c92b0264926619ce157ae51ad5f92b690389dba21a001f5fb16a6c651a","ssdeep":"","tlshash":"1fb09210f1693cb20061aa28024b1a59e40912871c0f2804aa0deb3c2f1c81ac423adc","first_seen":"2026-03-22T09:22:15.199696Z","last_seen":"2026-03-22T09:22:15.199696Z","times_seen":1,"resource_available":true,"data":null}},"time_used":226,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":226,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"207.56.160.247:1622/static/js/sac~sar.8fbad5.js","fqdn":"207.56.160.247","domain":"207.56.160.247","tld":""},"ip":{"addr":"207.56.160.247","port":1622,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://207.56.160.247:1622/index?key=c9f99843333da895d715b85b1dc9f597","date":"2026-03-22T09:21:53.189Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"207.56.160.247","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Sun, 07 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:62:39:6F:5A:9C:EA:19:7A:48:D3:1C:87:2C:1B:19:9B:6E:CA:1F","sha256":"49:9A:99:FC:9C:25:42:EE:FF:C7:FD:37:96:7F:1D:36:FE:05:FA:C8:EE:89:A4:99:92:13:70:55:58:1E:73:2D"}}},"request":{"raw":"GET /static/js/sac~sar.8fbad5.js HTTP/1.1\r\nHost: 207.56.160.247:1622\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 22 Mar 2026 09:21:53 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nLast-Modified: Tue, 03 Mar 2026 03:48:28 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69a65a0c-6c18\"\r\nExpires: Tue, 21 Apr 2026 09:21:53 GMT\r\nCache-Control: max-age=2592000\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Methods: GET, OPTIONS\r\nAccess-Control-Allow-Headers: Origin,Cookie,Set-Cookie,x-requested-with,content-type,Accept,x-v-token\r\nContent-Encoding: br\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":27672,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (27672), with no line terminators","md5":"83c9c1c1a8b518d21b89eda8659c2b30","sha1":"86788176b576541afb027f6f0745e4a49be719a2","sha256":"a620600d107c531d16510b7ee05bd507d26a91d2f667669b9e9654320f99b806","sha512":"d096f8780af23d49d1ddeada1078c7956fe9a02064642fba986eee57b8f35607fde8ffd44226505fb18abe38947dd2148f1f7431d94375ab1a8c56a52e3884d2","ssdeep":"384:2a/shMGWyQFzP9SLKqQ5YKDqDHHqLlfAo+LKZ/zLf0OXs/xqLdkA2BiVf/:2bz/QNPmvQSwqDHHAfAE8P4ygVf/","tlshash":"c6c2c85ab8d3f8b50a079060412b2120b13a2ed9e4159789fab4cdd25ef4e4d632fb7d","first_seen":"2025-11-19T06:32:30.988272Z","last_seen":"2026-03-22T09:22:15.20062Z","times_seen":8,"resource_available":true,"data":null}},"time_used":254,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":254,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"4fpe2vhb.w62693.top/dy/","fqdn":"4fpe2vhb.w62693.top","domain":"w62693.top","tld":"top"},"ip":{"addr":"123.108.77.206","port":443,"asn":59371,"as":"Dimension Network \u0026 Communication Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-22T09:21:47.150Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.w62693.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 26 Feb 2026 07:01:57 GMT","end":"Wed, 27 May 2026 07:01:56 GMT"},"fingerprint":{"sha1":"E2:0D:2E:02:78:47:34:C1:F3:2E:F2:CC:F1:8C:97:B2:95:E0:F1:BE","sha256":"D0:88:8A:7E:2F:D1:72:51:97:49:AE:E6:AA:5A:12:23:33:22:16:E1:BD:9A:76:F2:D8:29:51:D3:59:DB:1C:C1"}}},"request":{"raw":"GET /dy/ HTTP/1.1\r\nHost: 4fpe2vhb.w62693.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 22 Mar 2026 09:21:47 GMT\r\nContent-Type: text/html\r\nContent-Length: 442\r\nConnection: keep-alive\r\nLast-Modified: Tue, 20 Jan 2026 01:41:33 GMT\r\nETag: \"696edd4d-1ba\"\r\nAccept-Ranges: bytes\r\nServer: cdn\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":442,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"8e8d106dd8e3e9cf5a9f2cd990c611f6","sha1":"1c3ad2ccd42bf653a2fe24f461f8f3945f804cd1","sha256":"abe230fe53f73fd7cfd529f2d71552f04cffe8b114b8b9070691a50e21f638c6","sha512":"32daf87976a04f5c5e0e06631c4c7b189dda1d65ab90bb215f057e716c3ac93a8bfb04d11f73471121db6e1e66803c16d4740bd5311d01c4402b57660ef29db4","ssdeep":"","tlshash":"84f05547cc51c80c42904a6a5cf4f21e02c6ded84789dd541ce9982a4898bcccd97894","first_seen":"2026-03-22T09:22:15.201228Z","last_seen":"2026-03-22T09:22:15.201228Z","times_seen":1,"resource_available":true,"data":null}},"time_used":243,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"4fpe2vhb.w62693.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"4fpe2vhb.w62693.top/dy/js/bg.js","fqdn":"4fpe2vhb.w62693.top","domain":"w62693.top","tld":"top"},"ip":{"addr":"123.108.77.206","port":443,"asn":59371,"as":"Dimension Network \u0026 Communication Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://4fpe2vhb.w62693.top/dy/","date":"2026-03-22T09:21:48.443Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.w62693.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 26 Feb 2026 07:01:57 GMT","end":"Wed, 27 May 2026 07:01:56 GMT"},"fingerprint":{"sha1":"E2:0D:2E:02:78:47:34:C1:F3:2E:F2:CC:F1:8C:97:B2:95:E0:F1:BE","sha256":"D0:88:8A:7E:2F:D1:72:51:97:49:AE:E6:AA:5A:12:23:33:22:16:E1:BD:9A:76:F2:D8:29:51:D3:59:DB:1C:C1"}}},"request":{"raw":"GET /dy/js/bg.js HTTP/1.1\r\nHost: 4fpe2vhb.w62693.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://4fpe2vhb.w62693.top/dy/js/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 22 Mar 2026 09:21:48 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Mon, 30 Jun 2025 20:04:07 GMT\r\nVary: Accept-Encoding, Accept-Encoding\r\nETag: W/\"6862edb7-48016\"\r\nExpires: Sun, 22 Mar 2026 21:21:48 GMT\r\nCache-Control: max-age=43200\r\nServer: cdn\r\nX-Cache-Status: MISS\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":294934,"size_decoded":0,"mime_type":"application/javascript","magic":"data","md5":"17540767e3876922243dcd76578cbf5c","sha1":"38ad9204453e6c36630a41727c3fd78f0fe0233b","sha256":"1e85876499f8727004b7a551f0a854df7f62e30372d394b44817fb65cb4e5f75","sha512":"7836c8ef2c6ebe940664bf1041378268effdeaaaf079895d610f8c1d3482c120380ae32e777418c540ce96ba76cf44543dc94343bac903d0293ddb5bf7f34d00","ssdeep":"12288:jTd/cmiYocjI+6w3pwgrW9km3GO4TC4i1YIS/F0TfIJ1TVBSTkX:VcI1v3p+kUz4plBSAX","tlshash":"7194f101a250f330e3a660f9682606c46614af94b7d7fe90c67cd7906d9f12973ef8e2","first_seen":"2025-07-28T08:58:01.077988Z","last_seen":"2026-03-22T09:22:15.202145Z","times_seen":3,"resource_available":false,"data":null}},"time_used":3233,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":283,"receive":2950,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"4fpe2vhb.w62693.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"4fpe2vhb.w62693.top/favicon.ico","fqdn":"4fpe2vhb.w62693.top","domain":"w62693.top","tld":"top"},"ip":{"addr":"123.108.77.206","port":443,"asn":59371,"as":"Dimension Network \u0026 Communication Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://4fpe2vhb.w62693.top/dy/","date":"2026-03-22T09:21:48.884Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.w62693.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 26 Feb 2026 07:01:57 GMT","end":"Wed, 27 May 2026 07:01:56 GMT"},"fingerprint":{"sha1":"E2:0D:2E:02:78:47:34:C1:F3:2E:F2:CC:F1:8C:97:B2:95:E0:F1:BE","sha256":"D0:88:8A:7E:2F:D1:72:51:97:49:AE:E6:AA:5A:12:23:33:22:16:E1:BD:9A:76:F2:D8:29:51:D3:59:DB:1C:C1"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 4fpe2vhb.w62693.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://4fpe2vhb.w62693.top/dy/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Sun, 22 Mar 2026 09:21:48 GMT\r\nContent-Type: text/html\r\nContent-Length: 146\r\nConnection: keep-alive\r\nServer: cdn\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-04-05T02:44:13.297507Z","times_seen":478947,"resource_available":true,"data":null}},"time_used":224,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":224,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"4fpe2vhb.w62693.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"207.56.160.247:1622/static/js/app.fdf7e2.js","fqdn":"207.56.160.247","domain":"207.56.160.247","tld":""},"ip":{"addr":"207.56.160.247","port":1622,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://207.56.160.247:1622/index?key=c9f99843333da895d715b85b1dc9f597","date":"2026-03-22T09:21:49.633Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"207.56.160.247","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Sun, 07 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:62:39:6F:5A:9C:EA:19:7A:48:D3:1C:87:2C:1B:19:9B:6E:CA:1F","sha256":"49:9A:99:FC:9C:25:42:EE:FF:C7:FD:37:96:7F:1D:36:FE:05:FA:C8:EE:89:A4:99:92:13:70:55:58:1E:73:2D"}}},"request":{"raw":"GET /static/js/app.fdf7e2.js HTTP/1.1\r\nHost: 207.56.160.247:1622\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://207.56.160.247:1622/index?key=c9f99843333da895d715b85b1dc9f597\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 22 Mar 2026 09:21:50 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nLast-Modified: Tue, 03 Mar 2026 03:48:28 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69a65a0c-4d68b\"\r\nExpires: Tue, 21 Apr 2026 09:21:50 GMT\r\nCache-Control: max-age=2592000\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Methods: GET, OPTIONS\r\nAccess-Control-Allow-Headers: Origin,Cookie,Set-Cookie,x-requested-with,content-type,Accept,x-v-token\r\nContent-Encoding: br\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":317067,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"75caa6330a7550f9689dc06d2fb29ecf","sha1":"51624ceaf50452b5c15665a2fa156edb6e413190","sha256":"dfa85c1216b96ce67cd6ede445ccb69a5e7f0ccda4d9451c2788cef6af00cf19","sha512":"2a4f2f703c8026701a3363b512c3014e48039ea4383f680dd8433ceaefc01f44a0fed89102806a12d67288df78483e1a2fcbc4249109990c4e3d8a3720c26b50","ssdeep":"6144:EjwpYAfxiXLkOXVnfse5fSmztq17go3wRD1VETCMoH+QcUp4AtJ5z0z/zSLk+6mV:UwpYAfxiXLkOXVnfse5fSmztq17go3w3","tlshash":"786453cfb3f6a68d04096160cc3a9ddc049a2e908074e17e9fff4acbd948a1495dbb57","first_seen":"2026-02-08T13:51:52.733865Z","last_seen":"2026-03-22T09:22:15.20579Z","times_seen":4,"resource_available":true,"data":null}},"time_used":2405,"timings":{"blocked":783,"dns":0,"connect":260,"send":0,"wait":572,"receive":261,"ssl":525},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dy-1.top/jt.png","fqdn":"dy-1.top","domain":"dy-1.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dy-1.top/dy.html","date":"2026-03-22T09:21:45.106Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"dy-1.top","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 00:06:13 GMT","end":"Sat, 20 Jun 2026 00:06:12 GMT"},"fingerprint":{"sha1":"4D:D2:A2:82:21:5C:D7:96:36:4C:4D:4D:42:35:C0:57:29:0B:B5:CB","sha256":"96:54:A3:AC:7D:AB:FF:BC:90:5B:36:8F:A3:87:DA:E2:BF:12:16:DA:E8:22:FA:5A:9C:3E:86:E8:2D:4B:2B:59"}}},"request":{"raw":"GET /jt.png HTTP/1.1\r\nHost: dy-1.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dy-1.top/dy.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T02:47:04.217168Z","times_seen":13356183,"resource_available":true,"data":null}},"time_used":224,"timings":{"blocked":224,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"4fpe2vhb.w62693.top/dy/js/logo.js","fqdn":"4fpe2vhb.w62693.top","domain":"w62693.top","tld":"top"},"ip":{"addr":"123.108.77.206","port":443,"asn":59371,"as":"Dimension Network \u0026 Communication Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://4fpe2vhb.w62693.top/dy/","date":"2026-03-22T09:21:48.470Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.w62693.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 26 Feb 2026 07:01:57 GMT","end":"Wed, 27 May 2026 07:01:56 GMT"},"fingerprint":{"sha1":"E2:0D:2E:02:78:47:34:C1:F3:2E:F2:CC:F1:8C:97:B2:95:E0:F1:BE","sha256":"D0:88:8A:7E:2F:D1:72:51:97:49:AE:E6:AA:5A:12:23:33:22:16:E1:BD:9A:76:F2:D8:29:51:D3:59:DB:1C:C1"}}},"request":{"raw":"GET /dy/js/logo.js HTTP/1.1\r\nHost: 4fpe2vhb.w62693.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://4fpe2vhb.w62693.top/dy/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 22 Mar 2026 09:21:48 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 20 Jan 2026 15:21:22 GMT\r\nVary: Accept-Encoding, Accept-Encoding\r\nETag: W/\"696f9d72-befd\"\r\nExpires: Sun, 22 Mar 2026 21:21:48 GMT\r\nCache-Control: max-age=43200\r\nServer: cdn\r\nX-Cache-Status: MISS\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48893,"size_decoded":0,"mime_type":"application/javascript","magic":"data","md5":"b7ca41d950284c709ae513fb26109980","sha1":"fb93e31a39998ebb7db4cd41dade144e10913e99","sha256":"ecbde1e28c6cbacf76096e5e00b6c28e7014f67ba0322e58e62ad699c461d1ba","sha512":"aa4ae37a444278bc6c014b70d594eac54bd98dc6e2897d223d6202bc2b37e4bad7ab6b3df2843d6bc91f042456bdfbb9e41f9b28ab2a70ae776e41e75ecca34b","ssdeep":"1536:KpsCCppeHNM0hTyLmjLLC9981hy4XKULvHzPrBSX5:LCQxcTySjLGE1hFXKULvHzPrq5","tlshash":"8963cf0bc121b360c7f502f419dbe3c8f213da44c4c39ea5ca58d6b22e6946eb55eda7","first_seen":"2026-03-22T09:22:15.206557Z","last_seen":"2026-03-22T09:22:15.206557Z","times_seen":1,"resource_available":false,"data":null}},"time_used":567,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":288,"receive":279,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"4fpe2vhb.w62693.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"207.56.160.247:1622/static/css/common.3852c5ed.css","fqdn":"207.56.160.247","domain":"207.56.160.247","tld":""},"ip":{"addr":"207.56.160.247","port":1622,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://207.56.160.247:1622/index?key=c9f99843333da895d715b85b1dc9f597","date":"2026-03-22T09:21:49.619Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"207.56.160.247","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Sun, 07 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:62:39:6F:5A:9C:EA:19:7A:48:D3:1C:87:2C:1B:19:9B:6E:CA:1F","sha256":"49:9A:99:FC:9C:25:42:EE:FF:C7:FD:37:96:7F:1D:36:FE:05:FA:C8:EE:89:A4:99:92:13:70:55:58:1E:73:2D"}}},"request":{"raw":"GET /static/css/common.3852c5ed.css HTTP/1.1\r\nHost: 207.56.160.247:1622\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 22 Mar 2026 09:21:49 GMT\r\nContent-Type: text/css\r\nLast-Modified: Tue, 03 Mar 2026 03:48:28 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69a65a0c-3063\"\r\nExpires: Tue, 21 Apr 2026 09:21:49 GMT\r\nCache-Control: max-age=2592000\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Methods: GET, OPTIONS\r\nAccess-Control-Allow-Headers: Origin,Cookie,Set-Cookie,x-requested-with,content-type,Accept,x-v-token\r\nContent-Encoding: br\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12387,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (12387), with no line terminators","md5":"79fba90f3848b229074269cba0d61190","sha1":"a0ca36e0e5a4393d9b5ca5b00fcb5b65b71c44cf","sha256":"c34465307e5310629bdf96dfaf5bf6b5c18185ad0ca8b8f49c2d3bb86fa69286","sha512":"ebe2fd78f12d8329f77adad1b268366fe37cecb9e3d800a0510ff53c905115bb550a83b47219b6be8b40b90ad77cb3f0b1af595d1dd1d9c2f7069f42fa79a482","ssdeep":"384:3l/AR044MslJd3vbYxLxkxmxIx+xjhClwbh+:iENUxLxkxmxIx+xa","tlshash":"fb4272b6d584331c6013de12e7dab658467a872fa5723adfa231b833c387b69455f403","first_seen":"2024-05-24T13:05:42Z","last_seen":"2026-03-22T09:22:15.212573Z","times_seen":44,"resource_available":false,"data":null}},"time_used":255,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":255,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"207.56.160.247:1622/libs/wssBase.js","fqdn":"207.56.160.247","domain":"207.56.160.247","tld":""},"ip":{"addr":"207.56.160.247","port":1622,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://207.56.160.247:1622/index?key=c9f99843333da895d715b85b1dc9f597","date":"2026-03-22T09:21:49.629Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"207.56.160.247","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Sun, 07 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:62:39:6F:5A:9C:EA:19:7A:48:D3:1C:87:2C:1B:19:9B:6E:CA:1F","sha256":"49:9A:99:FC:9C:25:42:EE:FF:C7:FD:37:96:7F:1D:36:FE:05:FA:C8:EE:89:A4:99:92:13:70:55:58:1E:73:2D"}}},"request":{"raw":"GET /libs/wssBase.js HTTP/1.1\r\nHost: 207.56.160.247:1622\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://207.56.160.247:1622/index?key=c9f99843333da895d715b85b1dc9f597\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 22 Mar 2026 09:21:49 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nLast-Modified: Tue, 03 Mar 2026 03:48:28 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69a65a0c-144a3\"\r\nExpires: Tue, 21 Apr 2026 09:21:49 GMT\r\nCache-Control: max-age=2592000\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Methods: GET, OPTIONS\r\nAccess-Control-Allow-Headers: Origin,Cookie,Set-Cookie,x-requested-with,content-type,Accept,x-v-token\r\nContent-Encoding: br\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":83107,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (52774)","md5":"ecb5ba27bd6c70cb303af812ec97af7c","sha1":"8c60680281bf2a975d7d5a825f5c130fdbe77f4a","sha256":"844b0386cc004fe0caeaa5d688d88092bcb8edad710fe9e6f352c7c1a120eb24","sha512":"33f5d77512b29bd0493b1e438fc5584bbe13eae962d808b2b3c0111a3c70418b68e32e8bdd8973c862f5370958942ec419abc2be5370e515901156b1d9d3b55a","ssdeep":"1536:HUH1kVMHFByr/r2Vj6bh39ZLZdP6k/aS2uuqMX/8ITOznfGjcLEW:0HuVMXC2V6bh3btdP6k/aSUxpQLEW","tlshash":"9183e7c5f46170a103e7a2b481bf120763b6993a640d84e4f7a4d8fa5d7c98d932bf39","first_seen":"2023-05-18T18:44:13Z","last_seen":"2026-03-22T09:22:15.213214Z","times_seen":52,"resource_available":true,"data":null}},"time_used":770,"timings":{"blocked":242,"dns":0,"connect":0,"send":0,"wait":527,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"207.56.160.247:1622/static/emojis.js","fqdn":"207.56.160.247","domain":"207.56.160.247","tld":""},"ip":{"addr":"207.56.160.247","port":1622,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://207.56.160.247:1622/index?key=c9f99843333da895d715b85b1dc9f597","date":"2026-03-22T09:21:53.178Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"207.56.160.247","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Sun, 07 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:62:39:6F:5A:9C:EA:19:7A:48:D3:1C:87:2C:1B:19:9B:6E:CA:1F","sha256":"49:9A:99:FC:9C:25:42:EE:FF:C7:FD:37:96:7F:1D:36:FE:05:FA:C8:EE:89:A4:99:92:13:70:55:58:1E:73:2D"}}},"request":{"raw":"GET /static/emojis.js HTTP/1.1\r\nHost: 207.56.160.247:1622\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 22 Mar 2026 09:21:53 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nLast-Modified: Tue, 03 Mar 2026 03:48:29 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69a65a0d-392\"\r\nExpires: Tue, 21 Apr 2026 09:21:53 GMT\r\nCache-Control: max-age=2592000\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Methods: GET, OPTIONS\r\nAccess-Control-Allow-Headers: Origin,Cookie,Set-Cookie,x-requested-with,content-type,Accept,x-v-token\r\nContent-Encoding: br\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":914,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (914), with no line terminators","md5":"e3bb05347ffb23b2d13005726b09c1b6","sha1":"3254a3a88703edd1e40fbc94a1f3fbb0a45a5497","sha256":"580a6858fe6475b6197385335869eb20c98321cbb8f5cdd5798ee0f4218fa99c","sha512":"1b2c0c43ef814672e24ca8322f4cad861442b9bd1121e5d30ee612d80752f907f4cdfbd95da91fcc2543fcd90c281138c6402c9a946abf6b6cd723ca8e32eaa3","ssdeep":"","tlshash":"e311662701881e3e0bf4e1a96391cc4145ef443a3322c7aab7dd83c42dc0f64645342b","first_seen":"2025-06-09T18:33:55.809903Z","last_seen":"2026-03-22T09:22:15.213783Z","times_seen":14,"resource_available":true,"data":null}},"time_used":261,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":260,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dy-1.top/favicon.ico","fqdn":"dy-1.top","domain":"dy-1.top","tld":"top"},"ip":{"addr":"123.108.77.206","port":443,"asn":59371,"as":"Dimension Network \u0026 Communication Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dy-1.top/dy.html","date":"2026-03-22T09:21:45.466Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"dy-1.top","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 00:06:13 GMT","end":"Sat, 20 Jun 2026 00:06:12 GMT"},"fingerprint":{"sha1":"4D:D2:A2:82:21:5C:D7:96:36:4C:4D:4D:42:35:C0:57:29:0B:B5:CB","sha256":"96:54:A3:AC:7D:AB:FF:BC:90:5B:36:8F:A3:87:DA:E2:BF:12:16:DA:E8:22:FA:5A:9C:3E:86:E8:2D:4B:2B:59"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: dy-1.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dy-1.top/dy.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Sun, 22 Mar 2026 09:21:45 GMT\r\nContent-Type: text/html\r\nContent-Length: 146\r\nConnection: keep-alive\r\nServer: cdn\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-04-05T02:44:13.297507Z","times_seen":478947,"resource_available":true,"data":null}},"time_used":564,"timings":{"blocked":324,"dns":0,"connect":0,"send":0,"wait":239,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"207.56.160.247:1622/index?key=c9f99843333da895d715b85b1dc9f597","fqdn":"207.56.160.247","domain":"207.56.160.247","tld":""},"ip":{"addr":"207.56.160.247","port":1622,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://4fpe2vhb.w62693.top/dy/","date":"2026-03-22T09:21:48.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"207.56.160.247","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Sun, 07 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:62:39:6F:5A:9C:EA:19:7A:48:D3:1C:87:2C:1B:19:9B:6E:CA:1F","sha256":"49:9A:99:FC:9C:25:42:EE:FF:C7:FD:37:96:7F:1D:36:FE:05:FA:C8:EE:89:A4:99:92:13:70:55:58:1E:73:2D"}}},"request":{"raw":"GET /index?key=c9f99843333da895d715b85b1dc9f597 HTTP/1.1\r\nHost: 207.56.160.247:1622\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://4fpe2vhb.w62693.top/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 22 Mar 2026 09:21:49 GMT\r\nContent-Type: text/html; charset=utf-8\r\nLast-Modified: Tue, 03 Mar 2026 03:48:29 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69a65a0d-5300\"\r\nContent-Encoding: br\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21248,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (21248), with no line terminators","md5":"6c274c53a18f96c1432e8cb75abd26a1","sha1":"b3a41e7b60d74bd389935784ea9d2293960c263f","sha256":"741b8ae9a85de9decd2e2b8a5b2158329b839db5662a59253efb107f70ed341f","sha512":"e6d2d9fb6b5a4446b0ef67cfbfa082ca01c39506d9eb14d2617839731b3a7e5eaf22516ab27752f35380fa592276906dc2b486fd383881787ea7713f6dd32470","ssdeep":"384:IuLFP1Ll1L11Ll1Lp1LR1LpnCKIrERURU0MMfH6ZKZxLduBLLYNRzTKkS/awGt/+:uYee3G6sZfuBL0NRzTZSgt/NRclDfpaQ","tlshash":"52922f89fcdc20c56424a6e047a106caa76fdbbe29137c7271e8f1392d6eaf4ef44415","first_seen":"2026-02-08T13:51:52.687154Z","last_seen":"2026-03-22T09:22:15.214612Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1836,"timings":{"blocked":790,"dns":0,"connect":253,"send":0,"wait":255,"receive":0,"ssl":533},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"207.56.160.247:1622/static/css/app.3df8810f.css","fqdn":"207.56.160.247","domain":"207.56.160.247","tld":""},"ip":{"addr":"207.56.160.247","port":1622,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://207.56.160.247:1622/index?key=c9f99843333da895d715b85b1dc9f597","date":"2026-03-22T09:21:49.624Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"207.56.160.247","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 09 Mar 2026 00:00:00 GMT","end":"Sun, 07 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:62:39:6F:5A:9C:EA:19:7A:48:D3:1C:87:2C:1B:19:9B:6E:CA:1F","sha256":"49:9A:99:FC:9C:25:42:EE:FF:C7:FD:37:96:7F:1D:36:FE:05:FA:C8:EE:89:A4:99:92:13:70:55:58:1E:73:2D"}}},"request":{"raw":"GET /static/css/app.3df8810f.css HTTP/1.1\r\nHost: 207.56.160.247:1622\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 22 Mar 2026 09:21:49 GMT\r\nContent-Type: text/css\r\nLast-Modified: Tue, 03 Mar 2026 03:48:28 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69a65a0c-389b\"\r\nExpires: Tue, 21 Apr 2026 09:21:49 GMT\r\nCache-Control: max-age=2592000\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Methods: GET, OPTIONS\r\nAccess-Control-Allow-Headers: Origin,Cookie,Set-Cookie,x-requested-with,content-type,Accept,x-v-token\r\nContent-Encoding: br\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14491,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (14485), with no line terminators","md5":"b2386120229a7f871941076085ee41c9","sha1":"88721fe0d07f85cb301e41d54d85c07038ec8d83","sha256":"4613f52659e03d125b03c755796173dc8ed182fd0db4584b69090b7b9549c0ed","sha512":"67e5543704317e10b178b57fb44bc8cf6c2d46779b46cee0776952b394599807940184ce290ad4bf5c514b19920f71130f778bd74a1f939b51704f4b14eb4008","ssdeep":"192:SNZyJ8MHTHVe0w8L4ID/tRfYmC5DM+ltZ1iKyJ+v3c+VQhq:SjyJ8CV8+4ID/jfqVXiX+v39","tlshash":"4252e8734585166da633cc10a7cc1e641e2cc92396214dfef3053e6acbc269e7b6da4b","first_seen":"2025-02-10T23:25:53.035788Z","last_seen":"2026-03-22T09:22:15.215273Z","times_seen":24,"resource_available":false,"data":null}},"time_used":253,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":252,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}