{"report_id":"54d7bc72-eb04-408a-b932-7c35665ff478","version":6,"status":"done","tags":[],"date":"2026-04-06T13:13:59Z","url":{"schema":"http","addr":"ccyrpyypweb3.com","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"172.67.150.134","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"ccyrpyypweb3.com/","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"title":"HFT","dom":{"size":50284,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (42012)","md5":"ea763adb82b1975c3c09f99872821da8","sha1":"4268a439f1c0b85304bb10a0cedc22061d806603","sha256":"d51ce620784522fc5c3a3a75cc126600440404e133fafcfe9c641dcdadab36cd","sha512":"922f02b6499d6802f3ca8b51c966774af401fec404108a767acfadc50649a95a56322141437e64f74f870e5c8788dc4e7f7e3aebcba63cc5db99adfd1bec64b1","ssdeep":"768:1O7mROMi7OmIB+npSlj9c8RIoebMWrhjUOuRDdPSTAyNHM2hCirJHq/:ozO9TmCxd1yhweI/","tlshash":"113396f9076897ac26830e59af27a870b34e91e9f9e95750643ec6f412d3dd8e14fc40","dom_hash":"domhash1f65f0213c24e4c8cc6c1feebc36b23d","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"ccyrpyypweb3.com","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"172.67.150.134","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-11T13:13:59Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":6,"urlquery":0,"analyzer":4}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-06T13:13:37Z","timestamp":1775481217,"ip_dst":{"addr":"45.32.96.10","port":443,"asn":20473,"as":"AS-VULTR","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":43952,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Suspicious Domain (vultrobjects .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-06T13:13:37.658404+0000\",\"flow_id\":186275709700279,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.23\",\"src_port\":43952,\"dest_ip\":\"45.32.96.10\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2049811,\"rev\":1,\"signature\":\"ET INFO Observed Suspicious Domain (vultrobjects .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_12_21\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_12_21\"]}},\"tls\":{\"sni\":\"exv.sgp1.vultrobjects.com\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":2,\"bytes_toserver\":927,\"bytes_toclient\":1588,\"start\":\"2026-04-06T13:13:37.313527+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-06T13:13:37Z","timestamp":1775481217,"ip_dst":{"addr":"45.32.96.10","port":443,"asn":20473,"as":"AS-VULTR","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":43972,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Suspicious Domain (vultrobjects .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-06T13:13:37.661575+0000\",\"flow_id\":2097132429494857,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.23\",\"src_port\":43972,\"dest_ip\":\"45.32.96.10\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2049811,\"rev\":1,\"signature\":\"ET INFO Observed Suspicious Domain (vultrobjects .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_12_21\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_12_21\"]}},\"tls\":{\"sni\":\"exv.sgp1.vultrobjects.com\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":789,\"bytes_toclient\":2631,\"start\":\"2026-04-06T13:13:37.313929+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-06T13:13:37Z","timestamp":1775481217,"ip_dst":{"addr":"45.32.96.10","port":443,"asn":20473,"as":"AS-VULTR","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":43962,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Suspicious Domain (vultrobjects .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-06T13:13:37.665000+0000\",\"flow_id\":1585661954083284,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.23\",\"src_port\":43962,\"dest_ip\":\"45.32.96.10\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2049811,\"rev\":1,\"signature\":\"ET INFO Observed Suspicious Domain (vultrobjects .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_12_21\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_12_21\"]}},\"tls\":{\"sni\":\"exv.sgp1.vultrobjects.com\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":927,\"bytes_toclient\":2630,\"start\":\"2026-04-06T13:13:37.313812+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-06T13:13:37Z","timestamp":1775481217,"ip_dst":{"addr":"45.32.96.10","port":443,"asn":20473,"as":"AS-VULTR","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":43988,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Suspicious Domain (vultrobjects .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-06T13:13:37.667458+0000\",\"flow_id\":2019230312680280,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.23\",\"src_port\":43988,\"dest_ip\":\"45.32.96.10\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2049811,\"rev\":1,\"signature\":\"ET INFO Observed Suspicious Domain (vultrobjects .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_12_21\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_12_21\"]}},\"tls\":{\"sni\":\"exv.sgp1.vultrobjects.com\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":789,\"bytes_toclient\":2631,\"start\":\"2026-04-06T13:13:37.314200+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-06T13:13:37Z","timestamp":1775481217,"ip_dst":{"addr":"45.32.96.10","port":443,"asn":20473,"as":"AS-VULTR","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":43974,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Suspicious Domain (vultrobjects .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-06T13:13:37.668455+0000\",\"flow_id\":1753006764837595,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.23\",\"src_port\":43974,\"dest_ip\":\"45.32.96.10\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2049811,\"rev\":1,\"signature\":\"ET INFO Observed Suspicious Domain (vultrobjects .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_12_21\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_12_21\"]}},\"tls\":{\"sni\":\"exv.sgp1.vultrobjects.com\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":2,\"bytes_toserver\":927,\"bytes_toclient\":1588,\"start\":\"2026-04-06T13:13:37.314075+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-06T13:13:37Z","timestamp":1775481217,"ip_dst":{"addr":"45.32.96.10","port":443,"asn":20473,"as":"AS-VULTR","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":43956,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Suspicious Domain (vultrobjects .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-06T13:13:37.680005+0000\",\"flow_id\":1518677644134767,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.23\",\"src_port\":43956,\"dest_ip\":\"45.32.96.10\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2049811,\"rev\":1,\"signature\":\"ET INFO Observed Suspicious Domain (vultrobjects .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_12_21\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_12_21\"]}},\"tls\":{\"sni\":\"exv.sgp1.vultrobjects.com\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":927,\"bytes_toclient\":2640,\"start\":\"2026-04-06T13:13:37.313711+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"ccyrpyypweb3.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-07-17","domain_rank":0,"first_seen":"2026-04-06T13:14:07.693076Z","last_seen":"2026-04-06T13:14:07.693076Z","alert_count":86,"request_count":43,"received_data":4214984,"sent_data":18676,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"16.163.174.166","ip":{"addr":"16.163.174.166","port":1559,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":13,"received_data":1742476,"sent_data":6814,"comment":"","tags":null,"fingerprints":[{"name":"UmiJs","description":"UmiJs is a scalable, enterprise-class frontend application framework that supports both configuration and conventional routing while maintaining functional completeness, such as dynamic routing, nested routing, and permission routing.","website":"https://umijs.org","common_platform_enumeration":"","icon":"UmiJs.png","categories":["JavaScript frameworks"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}]},{"fqdn":"exv.sgp1.vultrobjects.com","ip":{"addr":"45.32.96.10","port":443,"asn":20473,"as":"AS-VULTR","country":"Singapore","country_code":"SG"},"domain_registered":"2019-02-15","domain_rank":0,"first_seen":"2026-04-06T13:14:07.704878Z","last_seen":"2026-04-06T13:14:07.704878Z","alert_count":46,"request_count":23,"received_data":7843,"sent_data":10511,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"ccyrpyypweb3.com/charting_library/charting_library.min.js","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8573e89d9ec535663d75f21b1f08109c","sha1":"a8d9eea0b157ceeffc38d4254e6f6abc9d697d10","sha256":"cb0c6c9f1771d252eee7caa043bdd7cfffbd52c2cc4b18b7be7c4554ed069151","sha512":"55d728fa1e0682725f94b17387c6790792d3d34b43652a00097876118575bd6cefa20916d80674519005d72f20ecbb745e9645516c056e6f9bb6691d5efbcb33","ssdeep":"192:9fdWSo7ktFUnoBelr6lw2LfnzuIQPlaJ1i10K+Ei/ISJhvHIheu5Ph3Ffam:vWS2ktFUnoIlD2LfnqIJimK+5/ISJhvu","tlshash":"6e224f58ed2478720acb54f0427f180f8239e278d84944ed3cc4e6ec59fd44a6a6fbb8","size":10858,"data":"","first_seen":"2023-08-16T00:37:19Z","last_seen":"2026-04-06T20:00:07.008477Z","times_seen":421,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/assets/index-7649976b.js","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"5ff3361202329f639790ac50d978f0f4","sha1":"de4d5faa136e88cae62ec696e51e4bad1484ba20","sha256":"a1fcad407faa371ee0e555b8e4f96b96d04997dc5aeaaf554a9a43897876cd69","sha512":"7e7a84a942be759b6efb39658c45a76b6629010ed6aeeedf3d5f89c0919a2c1e7fb84c8b53f76d27f824a8c6ef55b3d9e42e92247a5c330874a7b5e78a263553","ssdeep":"","tlshash":"66f0e12f3a68c17316b78898d1130812f72c1f5562548074b18e1625c7689eac68d124","size":610,"data":"","first_seen":"2026-04-06T13:14:18.535459Z","last_seen":"2026-04-06T13:14:18.535459Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"3deaebd7d6172244520f35d8dc10a95b","sha1":"f3c64fa24386cac72e85ae603caddc0e32fe6618","sha256":"07e01fe624121c2b45bbbae8a98704ebda782931f89027d3527edacebbb8f2a2","sha512":"6d047d00a4685f9446abefeddde1e07fe495c1f0b2106d8380284ed72c89af14b05efdacf3fd5c8b0e9f4365085f1c229f29918833c3a0b1b7d65b9d8f4d4787","ssdeep":"","tlshash":"69c08cc4a0c33d101606a92410bf29e890244027715c1b06cde4dc492e630b48333ed8","size":148,"data":"","first_seen":"2025-07-01T04:19:47.002598Z","last_seen":"2026-04-06T13:14:18.570019Z","times_seen":29,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"948cdc2513034a6a40bc292f11ac12ef","sha1":"03a22487981331ac44ff16064efbd797c6a4237a","sha256":"f70d346b9d4679f5beea6d2f9d49756f2a883c217b1879fcf578aae1ac3f2f82","sha512":"9f5949b7178e666943b94e59015cb9a2d05e5fd579ecc495151762c248643f65eff2d2c55dda376ab203fffafd7205b694b56a5391864615215ee6d3ccf0f176","ssdeep":"","tlshash":"b8c08cc8a0c23e101a02b45065af34e4a0244426744c1b428cd9d84d2e630f48233ee8","size":150,"data":"","first_seen":"2026-04-06T13:14:18.571684Z","last_seen":"2026-04-06T13:14:18.571684Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"94cb806f13187b76d16e8079124171c5","sha1":"be4a8d1cf84b787988d13ce1525597114ffda19f","sha256":"8d842a1f950c7dae6582c415825541111a6556359dc37380452abbb9c426b1d1","sha512":"280cc32cda89db02b4cb60e620a1c175194998afeb2c4bea92194c0c4f335d00a8e35d4c1ca28c2f4201c4654493fc96a581e54175ed4ee4153af805d69c10df","ssdeep":"","tlshash":"62c08cc8a0c32d101603a92020af29e490384027b14c1b038de4d8492ea30b48233ee8","size":149,"data":"","first_seen":"2024-01-05T03:21:28Z","last_seen":"2026-04-06T13:51:48.601185Z","times_seen":178,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"7456b757a3fb2340d08cafd080df4575","sha1":"36eaa49c4c032b30773c8596835a1beb1e3d51c7","sha256":"190b5336e6e8c0c80cca6304c2990af6e1aaca63d8692f0133196306bebbba14","sha512":"69506522519670e7d93e03b0e69feb448caf97d757ad9456b5e90b094114ffbc75133a4f49b175499a6f331b51e35072243c85db4c9fa3f2f7671d651fcd0b10","ssdeep":"","tlshash":"dbc08cc4a0c22d00260aa41128bf34e4a024802ab0482b03ccd8d84c2f224b08233ea8","size":145,"data":"","first_seen":"2026-04-06T13:14:18.574343Z","last_seen":"2026-04-06T13:14:18.574343Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/assets/index-8339e9b8.js","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"288995d8185c44a667d1792a22837431","sha1":"18057e1bb4a4d009d9fe0ca50ba24530c437b5a7","sha256":"e67df046ea64077920881f21e04646cc582f14776ea1b22856e781cbfc7cd740","sha512":"8644e93083de9080ac21ac7007f4a29ab8a933264c6ed86c2a73914cafffc4fcbc24c08920065d57598b61c97bcd6e41e3a72a1f1cf67531e5ad9b9762bd8db6","ssdeep":"1536:+frxiG2tnp0Mkx0Cw58X0S1nssCoVyWYGxs238jS:QdUnp7ka58X0SvHoWpYS","tlshash":"c6a35c89a60b2eff6dfd4844ad1f441021692fd3988cc85373ee6e1667f9cd4a28971c","size":99335,"data":"","first_seen":"2026-04-06T13:14:18.526404Z","last_seen":"2026-04-06T13:14:18.526404Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"ad53bdca95253da3ed0339a52f219d8e","sha1":"1acba9622b6c70c03ce56310becd1d72226538e4","sha256":"3fecdc9cf7339d52588891d5d7b0c4b4ebfd82fe813b141fd5b81fdc70694f81","sha512":"d2bf6f0a88bbc044c6aab45f1f8795b3aafcf709a0a2b294f27062c0c34e1f34ec3964286f776c55a40a412cdf01c2ace59fdf7981fd69c6d8a63a6791ff8d3e","ssdeep":"","tlshash":"61c08cc4a0c22d001a02645014bf24e4a024802770481b02dcd8d8483e220b08233e98","size":137,"data":"","first_seen":"2023-05-08T20:49:31Z","last_seen":"2026-04-06T17:05:37.549365Z","times_seen":651,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"16.163.174.166:1559/chat/138.a938ecb1.async.js","fqdn":"16.163.174.166","domain":"16.163.174.166","tld":""},"ip":{"addr":"16.163.174.166","port":1559,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"32edd402fbbd35653ecf99d9e1540009","sha1":"842ed8be5bac8bb3510e066686c9402d3aa1a074","sha256":"fd52c75dc0a659fd599314696b11a540038c56b839d325b4f3a0ef5e92a7b792","sha512":"57d5f926e002eef35453d4deb0ef9e675848a67fac18198a26d57978e594bfbdc1702ef00437e1dc46e1eab395e2f807d099d26e87a66f71a1bdf4f0111d1306","ssdeep":"192:qFoJo/YEi2xy+kHia4a9x2ybl0e+YrP2CsBOyARHlu9fOJ/B3wgdBSqvsd2zP/N+:qAEiT+kHia4y2yg4P2CGRARHI9fOJJ3w","tlshash":"6542a6b430d2f451877700e5c03f5409f23d78b6b45c92a0a6a7dce939e162dc677aae","size":12070,"data":"","first_seen":"2025-12-03T22:48:55.737967Z","last_seen":"2026-04-06T13:14:18.523443Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"50ad3ea6ee3a43ced4a472f64ea9e253","sha1":"5068b62b8f4001016f877b4e001d06c4a072b738","sha256":"fd649f9d90b1b90daa199dbc0903741bdddb40906c59be0f81c85ed49566b02a","sha512":"27a192b3bb59b34f4a6588b8a9c1255ad9e4a3b921940fe7053db1524309c46c03fefa51a5bec857cff942da0090d7ca8b3fff6f9aab79e478f40c04566289c3","ssdeep":"","tlshash":"52c08cc8b0c36e646642646611af35e4d0248027b44c1b038ea4e8893ea30f08233eac","size":151,"data":"","first_seen":"2024-08-19T20:13:32.953341Z","last_seen":"2026-04-06T13:14:18.576962Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"abdab0389f8f64048d033ebb37ec15b5","sha1":"f04036ee9b7a9f28ed14fc42bbc89606e8ec81d5","sha256":"3938c72dbeeaa19c51abe43d1141d83cac3966cbfcfd0a2483327c6e29a75eee","sha512":"35a802310def46128ea14c0420f84d018446a2de6510b4427c8b6acad3409e3a3fbc162f33228bdce73da2d7d8b8fb76708fde868e11fb1815511fc76ce7b58b","ssdeep":"","tlshash":"1dc08cc8a0c72e509a22655455bf29e8a034412b704c9f538c98ec6e3e230f49233ebc","size":155,"data":"","first_seen":"2026-04-06T13:14:18.578724Z","last_seen":"2026-04-06T13:14:18.578724Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"16.163.174.166:1559/chat/widget.js","fqdn":"16.163.174.166","domain":"16.163.174.166","tld":""},"ip":{"addr":"16.163.174.166","port":1559,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"eec1de0a208074fc69b016d4d28c79e2","sha1":"becbc08a7d78caff1051fe2a7fa809a490cdbe68","sha256":"719258bb65bde45627683b44b67dc702b78af5f656ee298b7d5f76f6c0e0a2cb","sha512":"6a99a3bfc9cf0e4924945d8a4b8416f3a5072dcb1e9a65b3606a82b1ee8ef70d7215f5d7f75d9ccc389a36bc9ccd2404f2826ae400b8bba5702c9b01a5670399","ssdeep":"384:ZSbp6o2pbPMSZ2ftlxvfFhfFkf8PRRY2B+unylsIylszASMv2l:g96oEEh5H3N3Kk6I2l","tlshash":"5ea293b0a5082f355306904c01b367442539a4afed229c7c7bb9ecfad2ecd88252fb75","size":21928,"data":"","first_seen":"2026-04-06T13:14:18.545942Z","last_seen":"2026-04-06T13:14:18.545942Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"a4bdcb8203f55c2a0d42fe2daeba7f94","sha1":"28d4fb637c1f7d7cfc979d90f4f388d62eb58a51","sha256":"386fe5926fc7fa712f45c79142ec5390c9082ce14bd96a609004647fb1f4d823","sha512":"09dd6e53cd308472025baff2f600acd0b5be74b4d557bf48d7402cf6147449fa01db100adc90a5ea3930e80b42a5a2a1782265620c3f940cc93f60e873363d5e","ssdeep":"","tlshash":"c6c08cc8a1c33d001602661060bf35e4a0288026714c5b128cd4e8492f230b88237e98","size":145,"data":"","first_seen":"2023-06-06T19:23:28Z","last_seen":"2026-04-06T20:00:07.090482Z","times_seen":447,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"afd6dadb9533533d8514ac548303e331","sha1":"0b297795e161099658da59b3912482e86732e56d","sha256":"e378d3c8bb137aed4116bdd0c560231896d500f4edbb80088c14fd8fb220c3a9","sha512":"0df2fd8eb6e505ad35fff7e135feb15d50d1ae87d9990d9fa472fb834b7baf48ca73b3e8850042c74584e60de2daa8b9a4a981e5bef460ab48ad5f8ddb5d03e6","ssdeep":"","tlshash":"6cc08cc4a0c22d101602661014bf29e59024802671881b42cc94e8882e220f08233e98","size":140,"data":"","first_seen":"2023-06-06T09:30:31Z","last_seen":"2026-04-06T13:53:44.112975Z","times_seen":559,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"522cbf520646413c84bda1e8c219d09c","sha1":"21e36ef06849e87ce3ed22aff91ff3d8d5be4397","sha256":"0d2a1e190e142469ffbb2fb83ea83f3c308681601a3328cf81209f75ac05c6af","sha512":"ae92f8b5e2d04b1e33eba97f30855f4789f06359a39987e56666d22bca78429f7d6cc7180bc46806504794b44eefcdbc2cb9a1d3d4febb9438303558bd61e63c","ssdeep":"","tlshash":"f0e0d85674a7645115af343f876f99087067614f9541c8207d8de1084f10596b93af5c","size":418,"data":"","first_seen":"2026-04-06T13:14:18.582342Z","last_seen":"2026-04-06T13:14:18.582342Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"5ef777763fcb4cd204f9d7cbaf32887e","sha1":"361874a04da45748824d8bcdec1afe436f4240b1","sha256":"c0db56b48647a4b73f597454774fe03c02d956100dbd3663c7442b711a691054","sha512":"5f1cd679e2f8e1370c88edb72ec885fe5ad2794f549997ca60f8a8d14f1a31806cd003249991e1e35aecdc05ff2dde662502b002e6d66b17f4604375110320ec","ssdeep":"","tlshash":"2ce0abfb3179c17054909a1a1cec542bf2eb65734c9c0a1ae584aa151e4dd78217c090","size":408,"data":"","first_seen":"2025-03-02T13:24:55.299758Z","last_seen":"2026-04-06T13:14:18.58481Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/assets/filters-ab0efca0.js","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"244719c2dbf871d41e6b6cbf6c24c469","sha1":"938b7362416ecf59a5cfd8a7b5d5c1161fb28d93","sha256":"bf4a710d568e8eae6f2a68419abb1036c66b884cf6132e900d88ae7e2e2049a5","sha512":"9d0618017ccf695ed3b9c3c55dc005d24629bb7334e0c7953b4857ea8e00b998032f1dbf2f792bcc1c9d1b19610a89add71fe4d5286ff0aa62f54cf8e41c32cf","ssdeep":"","tlshash":"325133edf8d3a03356fd9de944188124728fbf1468af0a4df99be0456963888d07bb74","size":3103,"data":"","first_seen":"2026-04-06T13:14:18.521697Z","last_seen":"2026-04-06T13:14:18.521697Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"9d379fc52463f2b630c6894900da5180","sha1":"b33fecceae6c1ef97518c6ad7159534d78e7b2f7","sha256":"6c3288c6af4396096b1a8a927fbfaf05ac8cc29658fc97d13cf036ba6bb38ab3","sha512":"49b43b0c253e26c135bd5009d73c537cf2e78342ef6b116ce6efbd3627152ac804449ec5cbe637a544b5557b52a50213a19dfcf33158a4f6b0a8ff91d79372d5","ssdeep":"","tlshash":"61c012c5a0da29102951595424bf28e8a024c026b55c6b169de4dda829e64fcc627d98","size":190,"data":"","first_seen":"2024-07-11T15:08:28Z","last_seen":"2026-04-06T13:51:58.383814Z","times_seen":390,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"d5dc922a30367174bb415e8e6279b0c7","sha1":"f9b7c583fad8c4da457db75ce6cf93463f9f733d","sha256":"20ea3272a862cd040d2cc438dcf3d4c61f138332970545f533bf75fdd5667c53","sha512":"b9902d1ceed3a8eb9cd39551e75a8f71e800f2df0cefab567e660b85a6ec77b59ac9ccdf619f367245156116c89f0a5a87b4f29008f8ad87ecfc3c2bf5a307ae","ssdeep":"","tlshash":"02c08cc4b0c22e60a622a91010af24e89035402770495b668c98ec493f630f4823beac","size":150,"data":"","first_seen":"2026-04-06T13:14:18.587856Z","last_seen":"2026-04-06T13:14:18.587856Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"ced6204993ccd4d4792486f3b3c899b1","sha1":"c16ea5b8c59dcea2b9b03d844467f9db0d358cdc","sha256":"317f80fdd1cb3e7b69648541320cfeb07fd3ea3d1b70d3aab180edce7c3c4ac5","sha512":"dbf99b86ffabe8deeb56f836821b1f3c58fe9b502b89210ec5082f60b4cb4e30f060645fc970bf48f5c3f20073f0e79845925b0dfb4ac89df0319d4c26bdb795","ssdeep":"","tlshash":"b8c08cc4a0c22e509622651410af38e89034402ab08c5b52dc98e94e3f260f49237eac","size":149,"data":"","first_seen":"2024-01-05T03:21:28Z","last_seen":"2026-04-06T13:51:48.60456Z","times_seen":271,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"d8a0b36a3bb5359d82373fd74ab0a55b","sha1":"109fcd2e9501021577ad657d5701aa40e771b723","sha256":"26b23c11a596c1301030aaa5e72296226d0b2c601ff7b24694d413a401ac9826","sha512":"ebb5fb5d0b9ad70253bc33b31f5fab9fa0efb74a89eefd5b900d6b956970a52ef306b8e62a73b47775339624aef7daf7f4779743b84394f80591c0ea8182f9fe","ssdeep":"","tlshash":"d8c08cc4a0d22d001a02641060af34e49028442670481b028ca4d8482e620b48233e98","size":138,"data":"","first_seen":"2023-06-06T09:30:31Z","last_seen":"2026-04-06T20:00:07.101808Z","times_seen":915,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/assets/en-68e89e11.js","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"230237d91111c6c21919820246ad1ea1","sha1":"f17510349f7adb0755dcaf05c1ebbc36bce59756","sha256":"f07d7b1be38bebce6d461461b6be75d744a1a0f1b4183e7e63d16ef90195fce7","sha512":"2c0ca956abbcb3e09f5ae77915064565cd1c559220f196af96c0baa7c8f2c3b8910cfb03c7afaf8a3a39c53e00d1fda82e6ea1c0efed2d96176c74f6b5a3ce01","ssdeep":"768:+GtZcEw/o7rcdJbOfnAMCzrAaAMFVoP6+/sPG9w1mkO6fpk7aOtx++4z/l:iponcdJ0EzrdFVAsPWwCtx++4z/l","tlshash":"bf13d6897e1a989a04f3537774ce2e1160f60ac18255881f4bedc9fd93d2b67a363b34","size":42194,"data":"","first_seen":"2026-04-06T13:14:18.519676Z","last_seen":"2026-04-06T13:14:18.519676Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"fbefff54479ffa7aa995bc0e642ce10b","sha1":"7e380639191d2bd229595b3f2f7d42d3b8ee650a","sha256":"38331df42ce754d5a8118c5d3a3f0040f5ffc1c69395281a6393033f69cab685","sha512":"708603d50dcf4b2d98b41ec54b03edb79e4fb503dc852cd7e48d8258db782c4a74a4587fedc5ee91e3b5bc021916d87648c77274356186843ef8dfaab4de8010","ssdeep":"","tlshash":"9d11abfe291a70296303404f976b7801643660a9000a184277ccdb9ebb9ab7dd0cfb8c","size":1040,"data":"","first_seen":"2026-04-06T13:14:18.59198Z","last_seen":"2026-04-06T13:14:18.59198Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"cd7a34e714de94d5c29b8ac5acdde24b","sha1":"b722bccb435490630d97ef88cafeb02d92f70fd0","sha256":"312ebfdc50a0e168cff60c206811b02e944263a7d9060c2685509dacfacd7f71","sha512":"a724bc648a508c24e5bb1788e1f02b47030893bbb0b80a99e380d95480095983a35d8ec11193c53f0a67db47a289ab608fcbc9dbca846bfdd5d61a8832290f43","ssdeep":"","tlshash":"58e07d48ff28c7f316ce28ab516e770858d104d58c1b58024cebccc86935ed87291527","size":314,"data":"","first_seen":"2023-03-11T11:23:25Z","last_seen":"2026-04-07T01:21:23.068388Z","times_seen":30053,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/assets/vendor-ec6b12c6.js","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"8d46906265297fdf8a3458c0a76a106a","sha1":"994f407b176c91606b71768ff5abaa2956fe4436","sha256":"e891bf1d46678cf65ebbad83a20acd152c4148398a93b2c806460a049a2d3340","sha512":"5615a789ed8ba6f08cfa33adf4000912962bddeb85ab68fe902b634bbf7fc8b28202ff2556d04b7ccc05d1a7d01a771c029bbca5ced1c467f3f2f14d6187825f","ssdeep":"12288:RbMunAc76Zli7M+L12ZFp/fmRBpshkRRhTj9Sk9sAWpsTPTxBgG69aJ2f8:RbznQ+hLUp3mRBpsuVRtsAWUPTxBlJZ","tlshash":"e22539c97692f06147ab24e240bb0007f3396e59740e84a4f169d8eb7d7ad89d277f38","size":1004996,"data":"","first_seen":"2026-04-06T13:14:18.529092Z","last_seen":"2026-04-06T13:14:18.529092Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/assets/index-62945b3d.js","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"30a39a38923f5c20f0f027c7374d12ff","sha1":"772abb62c815378d5f9508b950a27020207ea36e","sha256":"2125e3aa8c46830cdce9cba77004f43b1a623e9e9d8623d9f9c249a33680a75d","sha512":"936d39279e92ae2afedb6daee53b3af888f4f2bd9e2be230abe7df04c578d9a13e149de653367e7f743acec2807800ae8011c0c4163b14f830a92e958fe2a61a","ssdeep":"384:MsDzbxQjxo1W0GFVLG6FfbrwXgx53jzgtpzr7oRNCQz:Mw5nSM6FfbZg/zr7oRNCq","tlshash":"5f52ca56f942eb3cf5b7e41140890011b62fbfda800949a2f5be6e467392eb8f79d704","size":14365,"data":"","first_seen":"2026-04-06T13:14:18.547122Z","last_seen":"2026-04-06T13:14:18.547122Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"f19a249a3e546a75d19b9d3f75497cdd","sha1":"4fcf8a4234dc76c37cb9415dd3c2d4820fb45a30","sha256":"8f0b9cbdf1999a03131eed312b7dc7ab85a5ddbf696e4805d240a61cdf5066b2","sha512":"7f999eee3d080218db37b9bd7ae6ca464771276ae0eb378b537d24635f5d700aede00359099b8e2197cc4f36e56162a46110fbdb85f213ed5ada51d9875a7402","ssdeep":"","tlshash":"c5c08cc9a2c22d001646641014bf28f4902480277048ab038dd4dc892e620f0823be9c","size":146,"data":"","first_seen":"2024-01-05T03:21:29Z","last_seen":"2026-04-06T13:51:48.605684Z","times_seen":301,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"7de71cd324bb8833f4a138cbcdafa759","sha1":"d7a8122c1483170fa571ec47c62f91c66d662ede","sha256":"62b9d7d992de0ba11591d4ed7c7ab166d886c09ddb4a6b79693795ce836c6003","sha512":"5d42f665549881c48abeb0ee42138dcd1b0f6140e49c3fc6efdfe3657cba54e63218787f0b0d2f12622873799b4ec3a21b9f4f62194f2cc9bda2758dd699a439","ssdeep":"","tlshash":"73c08cdab0d72d006602642110af78e8a0388027b08c9b439cd4d8883ea30b08233fa8","size":151,"data":"","first_seen":"2024-01-05T03:21:29Z","last_seen":"2026-04-06T13:51:48.606264Z","times_seen":258,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"9ee8091b8ce05301ac75646c155aa9ad","sha1":"bf35e56480c07a65f6f9294c6ac13d44b92049a6","sha256":"1da4405227575407db9d55ecd3b59c3aeb0d74f2a870fe826a54939f52743a62","sha512":"560026219101d848aa0388f6a7cc1ff78891f0215459fabe676585ab75e2a8b1f796887e73b31f06a3923a1c403cec518eb8efc42d1927d63bbdabc45bc4cc4c","ssdeep":"","tlshash":"f7c08cc4b1c26d102a66686024bf39e8902840a7b0c81f568de4dc493e220f49233eac","size":157,"data":"","first_seen":"2026-04-06T13:14:18.596184Z","last_seen":"2026-04-06T13:14:18.596184Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"5948bc3b90afab1829ab7ee61269f24e","sha1":"517e29a82521418181f702543be8ae74a3bf68b3","sha256":"14fc83a84c91770211dc352186f8e87ddc85e87c2dba0c80a159b45897b9ae2d","sha512":"05c079bbf0389ad341941c3e837aca91dc9aff681cee8da0b4560551ba13e6bbb76b01213af6514e6991e3369062870866a41e67e6d67a37038ddba3ddee7d5f","ssdeep":"","tlshash":"a5c08cc4a0c26d002606691010af24e49028802670485b028c94e8592e264b08233ea8","size":139,"data":"","first_seen":"2023-07-01T13:40:07Z","last_seen":"2026-04-06T18:33:03.811556Z","times_seen":679,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"528dd01eb509d1fc3c68b48e165c9d77","sha1":"8d702f33d869eb8c53cf75c17014f96385322395","sha256":"b508dff20bdbd9138e31aa48c45bc501805e509d2fd4709b39c4a60cd5c6b43a","sha512":"4c1edeec560f431005363ff5291acc80c1c42edf7c9a6d6e4fde2f7539b6a35a8e36f0bc228503263277bf5df4525dc579575faadca614c32e5dfa885a2d343b","ssdeep":"","tlshash":"78a012bb71b851710cd51ba7a40455e01c20123105052c101c8d5151c011c171d394c0","size":84,"data":"","first_seen":"2023-04-07T06:55:59Z","last_seen":"2026-04-07T01:21:23.070051Z","times_seen":33850,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/assets/currencyItem-445df43f.js","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"47dcba4297508c24957aa918cbaae656","sha1":"61d997791c8e0efbb8800df532314c46737ade84","sha256":"7698dbd564673335a80cbf4a0aa3eda8349cbdd7c8ddd3dbff741a082c1fc3d2","sha512":"003631c29c20e3af85e023d4b01e7ede1e886befd2b494ba04159822a7d36b30f221409c6e41bb92e77e771cacf2703ab1e32e0575df1b65385d219e47a8cb54","ssdeep":"","tlshash":"6c21dc9aae02c7b1cbbe9062c5bd0414131d7fea700181c1fbed148a7b8a5fcd728a31","size":1206,"data":"","first_seen":"2026-04-06T13:14:18.506987Z","last_seen":"2026-04-06T13:14:18.506987Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/assets/index-60d13c78.js","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"0dabeb618b982c14c7d79161a616fe23","sha1":"76023763dd55ccc58e02c67b4f087f502d726238","sha256":"1db6c61e09de63dde4333307e74ff487b7e764451074a11d1703efd1132f30bc","sha512":"83cf7a850ef55403ebfad0d85e18533c081215d9546f71b8c7ef336d5e533ee0da3d2ea679a2becfbf4c90c804a8504c9ca5dca760cacf1e0b67c9430bb247ec","ssdeep":"","tlshash":"1e01c9f5f809deba2ea2054402902401100d2badfa1415e2b89f3a662be6850d79e31e","size":832,"data":"","first_seen":"2026-04-06T13:14:18.504625Z","last_seen":"2026-04-06T13:14:18.504625Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"7746993e8adb9277ba5afa2584910974","sha1":"8e7e6d562fd56f594b40b6657156d483d7426e40","sha256":"833dc15f120cad89d5c0680edae217dbad02010e42af351959607df4170074ee","sha512":"10ee66e22fa45386057f1385e179955ad4fd4d53363c0aebe68aa9ba0547bf409a286e53ab6e678e5d0c3485d6cabcdd359f359c5258160b50a0a5a5496d6e6d","ssdeep":"","tlshash":"39c08cc5a0c22e101646641010bf28e49024402674481b028c98d8482e220b08233e9c","size":140,"data":"","first_seen":"2023-04-13T07:32:13Z","last_seen":"2026-04-06T17:44:35.077258Z","times_seen":2981,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"0f40806f855fc503ec7fe0e2cdc6da5f","sha1":"ad59d99993690064ee6565eea713ee4c5260f572","sha256":"954bc1931a5584c910a5391a0e2c05ba7190f3c672433a85c162ac948a74a44f","sha512":"7ea9c1cffaf640bc7083f2306a134368aa54ae775230a1f1990c43817594d950ecbf94412ea7ab6262bb8add4715ab6fffe7579f85b0a1c07f6acc4f8207cd9e","ssdeep":"","tlshash":"1fc08cc4a0c2ad001a12649010af24e49034402770481b029c94e8492e220b08237e98","size":137,"data":"","first_seen":"2023-04-13T00:16:19Z","last_seen":"2026-04-06T21:30:24.588998Z","times_seen":4489,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/assets/index-3a361772.js","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"19541ffaa8e90c4891215392a1fc97f3","sha1":"2c76b6979557449fcf14f99c9701518bef90861b","sha256":"5da69c87d5b7ca5f0cd23110d379031b6e1df2feb0c76ece494d33df120241ef","sha512":"d98144fcfd2359710fdeb69c9b731812aef8efdbd63b11f5c15f1a754f6b3afbda336c0966cb85a1283cd9cfe4e8f30d43456cd900f9c3d1ecd5640ebc577ab3","ssdeep":"96:K50V1G7w5NNWUwbqCwT4deqD9b3cwDx4W0St9BfkmC3hrxE337NEalUjA:3I7w5uqCwT4EWbcwt4QtH8myhrS37NE4","tlshash":"5fb1969abc028979adbbd44544580011619c3bf7616d88b5f3fdad1ab7b4eb4d344332","size":5334,"data":"","first_seen":"2026-04-06T13:14:18.549687Z","last_seen":"2026-04-06T13:14:18.549687Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"c0e88513b499aae066f13f6f0edfedab","sha1":"12fd9320e7be26e9257e2a1a39a698a5e2706292","sha256":"3ffd5a1fea533c35c122aeb0a36f3d4a37022e0a14c83167faeaa819b3ee8cfd","sha512":"36b57e74aa71e21ec5489637f206796e8b9097db32c59e4ffbbdd7eb11ce35c2f754178f996bd6e11abc560cdddd3af7cde3fc1847c1a455120b5c26ee4fb838","ssdeep":"","tlshash":"17c08cc8b0c6ad001602e45111bf25e4a024802770481b128d98e8483e220f48233e9c","size":139,"data":"","first_seen":"2023-08-29T11:10:58Z","last_seen":"2026-04-06T13:53:44.135286Z","times_seen":563,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"f2d562f0482af28097a1e8bff743e202","sha1":"ab1f7442f13da01242f874f07b84041f32ff8cb8","sha256":"8ea8193c70220762139c7844d4be3c37d53d805256513bc224b53d16ad35730a","sha512":"2cf8993becc7c96e42b0499e72862eefa57d365830253e8b580c35ee9f854d4adb0b5b6817b56dfb125acdbc496ae99e8e78d7f73220c4093e8f2d2e521205f0","ssdeep":"","tlshash":"21c08cc5a0c23d002616641011af38e49028402674481b029c94e8482e230b48233e98","size":137,"data":"","first_seen":"2023-06-05T11:50:57Z","last_seen":"2026-04-06T13:51:48.609568Z","times_seen":419,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"16.163.174.166:1559/chat/umi.aa7d66f7.js","fqdn":"16.163.174.166","domain":"16.163.174.166","tld":""},"ip":{"addr":"16.163.174.166","port":1559,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"3c4f0bd8bdf00c5c9d58ca30043f094d","sha1":"ef37ec7d7dcdf98cefd0bb4de75b407d91f11d58","sha256":"92b6db5f16c3384581b9ede12c60f3586234fb94a8f55e6a4caeb8b177d31989","sha512":"6a644e321a8f9fac2c4de2db4af8830ce0ceeaf3a98148481b0f19afbb437d84d21b96e37880808d11f1303f6fb700479d6f81f0fcedee318ca9ac0b824c9775","ssdeep":"12288:UIIpMAjs7lKw64MPpOd8EcSByxFXQ+ZK///1OQsF:UIoMWsJk4MW8LXQ+Un1xsF","tlshash":"a45539dc72e670954a9221a0cc3f580fb9366e55900cd835e7bee9dabdb85088077b3d","size":1307952,"data":"","first_seen":"2026-04-06T13:14:18.602259Z","last_seen":"2026-04-06T13:14:18.602259Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"16.163.174.166:1559/chat/layouts__index.92b841f4.async.js","fqdn":"16.163.174.166","domain":"16.163.174.166","tld":""},"ip":{"addr":"16.163.174.166","port":1559,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"c0a20842e578a321e0ffa1a4e1476c2e","sha1":"457d61a9bec2d8e08f60d82ade34b883eceb90a1","sha256":"16862b50bc64aa8bccf598c493e10dc4472d5ffe58a39771dc13fb7a1c8bd6e7","sha512":"250ff44fc9a7915fe38e20de44c5be6031c2ad38b0c3cc0e27aaf178501c4e3551f89c02564c62d01a1bc4e61f370a9a61bd10b03e5ef818a713ce44bd733aea","ssdeep":"768:qO7OLsi4fmxY+DAOAilRInRkl0dhJO3RDdCwT5+NEZHypwOtfPDIpoBOB5oBOBwE:KTtAs+vIdT+6+xNQo05o0wYb","tlshash":"b733e9fe53788bac78834e79ff22a475a31f91a839914a90657eca7012d35ccf54bd80","size":52015,"data":"","first_seen":"2026-04-06T13:14:18.555129Z","last_seen":"2026-04-06T13:14:18.555129Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"16.163.174.166:1559/chat/p__app.e018e278.async.js","fqdn":"16.163.174.166","domain":"16.163.174.166","tld":""},"ip":{"addr":"16.163.174.166","port":1559,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"bf32f2fb10690f661beb5dc2611ca13a","sha1":"21e0f3179b6c7a5ff3f218c738ce5de07c3bfccd","sha256":"92cd33a151ba992f57445574e4d6c166c1f91f77994261b3e638eb53734cc089","sha512":"372a665110fbaab028688d8a0ba22dbafcba6136db8ea292b2ded95e81a97dbacb8e8c7a7b33f37816bc5bb15bfad485b42df05d3b26ce5766543d0e83075b88","ssdeep":"3072:1lOtjiaLnBCC4oE2uRg0BKTj5v19rZdsgd+:1lOtjiaLP4T26Jw1Z+","tlshash":"c5a30a8cb3957c687d3fa4644f6f448d722e2ed4540a4960f13be8973658dc8e22bb8d","size":107364,"data":"","first_seen":"2026-04-06T13:14:18.527809Z","last_seen":"2026-04-06T13:14:18.527809Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"83678961efc93c088d42dd78bc6ea6dd","sha1":"8007d82eec4894fa2867c628e925f1fcfa443fa3","sha256":"d6045334796ceaf006da578968c4ce319e6d4127c9c36ea88297daf6c6713026","sha512":"cd5e028a3850ceca98e01b30d338a9874404eba5a4d8fce81855dc9f8a6189c9c202e6caf3fe736b10295b4c81a1361a68fda5abeeca58d358c8fdb9c02a282d","ssdeep":"","tlshash":"13c08cc4a0c23e106602681124af24e4a0244027704c6b02cde4d8492ea34b8a233e98","size":147,"data":"","first_seen":"2023-07-28T08:36:26Z","last_seen":"2026-04-06T20:00:07.106841Z","times_seen":424,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"d98acc1019303c876db914a972334937","sha1":"73807338e5295d0e4a62fbf19a5258d5cc93e72c","sha256":"864aa8328e7915cfbea7a8773cd622fbf24494c9b6019a076bef6e3f795e7d9d","sha512":"77d7c9975e811e66a77b15f141c84b12ae3aa0f991d15d2864c3c3ce082e0da5f4154d93424ae8580ebd93a1c7231752fbf22ef82ce7a01d997287d2d854d1af","ssdeep":"","tlshash":"e6c08cc8a0c32d001a13642210ff34e4d03440a6b44d1f028dd4e8493e624b09333edc","size":150,"data":"","first_seen":"2024-01-05T03:21:28Z","last_seen":"2026-04-06T13:51:48.612178Z","times_seen":290,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"ccyrpyypweb3.com/api/common/getAllSetting","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:37.390Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"POST /api/common/getAllSetting HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://ccyrpyypweb3.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:38 GMT\r\ncontent-type: application/json\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://ccyrpyypweb3.com\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UncJs8vFuFv6kwALsFA3BjRskPkw%2FbadjffybqOeEM5gJVMxM6%2BKgRhaJb2EE33UN4VF3NhFmn7oemp%2FohHTcawr0T6aNHYlR5mT%2Fa83lAeTN1DmI3aNugdT4ExMuaAntuVV\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9e810d08ae2eb4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11826,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"547a542c5282b8114c70b47d57b29248","sha1":"7f4030ea874685475d7f0007e5d1c632687d81ca","sha256":"af4f6b884ec566b0ec242061bff27de5ef3569d6fdad153d10454a76a64395f2","sha512":"497b670e8e43f27329e603954a5681755f53a45119061bb4907579f78429b2079a80e1e1a38631c173a0086befc8c5dac44c7fafb01917531a0915e89354a30d","ssdeep":"192:N+nPjcOSp/tVQD+Rbfc2MjH3bZAiBOciT/7aqx5Lit2sTtPAMNOe4sNBQTX8H9cM:fRagu22AMbfp0Fol","tlshash":"8732c75e31d8ccbe87ca45c250ab755ab5ac286bd851a802ddeeff5cc4f5a394c0b00e","first_seen":"2026-04-06T13:14:18.498658Z","last_seen":"2026-04-06T13:14:18.498658Z","times_seen":1,"resource_available":false,"data":null}},"time_used":626,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":624,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"16.163.174.166:1559/chat/static/robot.6654b3dc.png","fqdn":"16.163.174.166","domain":"16.163.174.166","tld":""},"ip":{"addr":"16.163.174.166","port":1559,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://16.163.174.166:1559/chat/index?channelId=01d1ee45fe184fb39829fa3a71336928\u0026autostart=0","date":"2026-04-06T13:13:38.476Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"16.163.174.166","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 11 Mar 2026 00:00:00 GMT","end":"Tue, 09 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C1:FE:83:28:7F:7B:34:DB:9B:19:22:87:1B:65:97:5F:42:FC:CB:2B","sha256":"0C:3A:87:DF:70:48:43:F9:44:A9:DE:87:D1:CD:4E:B3:BF:7A:08:6E:2F:DA:75:E5:70:BA:AB:9B:A1:E9:3D:2F"}}},"request":{"raw":"GET /chat/static/robot.6654b3dc.png HTTP/1.1\r\nHost: 16.163.174.166:1559\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://16.163.174.166:1559/chat/index?channelId=01d1ee45fe184fb39829fa3a71336928\u0026autostart=0\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nalt-svc: h3=\":1559\"; ma=2592000\r\ncontent-encoding: br\r\ncontent-type: image/png\r\ndate: Mon, 06 Apr 2026 13:13:38 GMT\r\netag: W/\"69b3b6a4-dfe3\"\r\nlast-modified: Fri, 13 Mar 2026 07:03:00 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-frame-options: ALLOWALL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":57315,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x1024, components 3","md5":"6add20d4caaed4e2bcccdcfad65d19fc","sha1":"8e320a1cd98638409a3b9d03807df45a5f9acc1b","sha256":"d7233cd4089bde7822ec6c3dec368a1dfd52669df749a7a7a48bda19e08cd4e6","sha512":"688c8e858ad8302321d5c67d813b4e5284e2acc2e5f81d2ba36f10244b6fddbc5ea4affff75c94671b61f3d74a1078d196d7bfeedc4c8e7e633b3dd4ee8e2b8a","ssdeep":"1536:6tdZZwH2+MYT6ws0R0qx3aTrtWe6U8dn72dI:6LZZqPFfs0Zq0e6Nn72dI","tlshash":"6b437d13cc188746e55986e4bd0b8d9d6e4a1b1ce4863afe756f9ecb3f602311c4e06e","first_seen":"2025-12-03T22:48:55.742713Z","last_seen":"2026-04-06T13:14:18.501773Z","times_seen":5,"resource_available":false,"data":null}},"time_used":321,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":321,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/assets/index-60d13c78.js","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:35.478Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"GET /assets/index-60d13c78.js HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:35 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Mon, 06 Apr 2026 13:11:00 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aC%2FkCArzRNnn2Yhg0G0549Vgs9cp6mY3%2Bjswk876BoukptChDrJAlgm3OJCJ6PAcTiJMFSM%2BRh2JiPUJjR%2FcjqkkC5F8Vx7T9lnhM%2FJGK8j%2Fu%2Bm4vzo5Kn7WnAQ8sK%2Bhvk4E\"}]}\r\netag: W/\"69d3b0e4-340\"\r\ncontent-encoding: br\r\ncf-ray: 9e810cfcaf3fb4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":832,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (831)","md5":"0dabeb618b982c14c7d79161a616fe23","sha1":"76023763dd55ccc58e02c67b4f087f502d726238","sha256":"1db6c61e09de63dde4333307e74ff487b7e764451074a11d1703efd1132f30bc","sha512":"83cf7a850ef55403ebfad0d85e18533c081215d9546f71b8c7ef336d5e533ee0da3d2ea679a2becfbf4c90c804a8504c9ca5dca760cacf1e0b67c9430bb247ec","ssdeep":"","tlshash":"1e01c9f5f809deba2ea2054402902401100d2badfa1415e2b89f3a662be6850d79e31e","first_seen":"2026-04-06T13:14:18.504625Z","last_seen":"2026-04-06T13:14:18.504625Z","times_seen":1,"resource_available":true,"data":null}},"time_used":319,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":319,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/assets/currencyItem-445df43f.js","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:36.421Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"GET /assets/currencyItem-445df43f.js HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:36 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Mon, 06 Apr 2026 13:11:00 GMT\r\nserver: cloudflare\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CV1Di6hNZsQ2K1aGs3mJXVxoidmwLDNOsrJeTD6spMtmnl%2FdMk9DPIFU%2FUiB8mqpoXxYBzGwAORlqGalNG5kn2Ej7pYKcvvGl3vhNwe%2BkTWOwLFclDRyDp3fcPwejnEEbzin\"}]}\r\netag: W/\"69d3b0e4-4b6\"\r\ncontent-encoding: br\r\ncf-ray: 9e810d029de5b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1206,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1205)","md5":"47dcba4297508c24957aa918cbaae656","sha1":"61d997791c8e0efbb8800df532314c46737ade84","sha256":"7698dbd564673335a80cbf4a0aa3eda8349cbdd7c8ddd3dbff741a082c1fc3d2","sha512":"003631c29c20e3af85e023d4b01e7ede1e886befd2b494ba04159822a7d36b30f221409c6e41bb92e77e771cacf2703ab1e32e0575df1b65385d219e47a8cb54","ssdeep":"","tlshash":"6c21dc9aae02c7b1cbbe9062c5bd0414131d7fea700181c1fbed148a7b8a5fcd728a31","first_seen":"2026-04-06T13:14:18.506987Z","last_seen":"2026-04-06T13:14:18.506987Z","times_seen":1,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exv.sgp1.vultrobjects.com/exvd8d76a55e20745e68bb5691b80aca433.png?2.0.1775480600067","fqdn":"exv.sgp1.vultrobjects.com","domain":"exv.sgp1.vultrobjects.com","tld":"sgp1.vultrobjects.com"},"ip":{"addr":"45.32.96.10","port":443,"asn":20473,"as":"AS-VULTR","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:37.340Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sgp1.vultrobjects.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 05:28:08 GMT","end":"Fri, 22 May 2026 05:28:07 GMT"},"fingerprint":{"sha1":"18:5F:88:67:27:3B:5E:12:4C:4C:03:EA:B5:AC:9C:D8:EA:51:96:E4","sha256":"88:71:78:C9:F7:3D:5F:06:21:DE:06:E2:F3:C2:C4:4A:D8:2C:77:2E:AA:8B:11:2B:87:37:4E:2F:84:27:F0:B9"}}},"request":{"raw":"GET /exvd8d76a55e20745e68bb5691b80aca433.png?2.0.1775480600067 HTTP/1.1\r\nHost: exv.sgp1.vultrobjects.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-length: 232\r\nbucket: exv\r\nx-amz-request-id: tx0000086795f7dfaf569e6-0069d3b181-539107255-sgp1\r\naccept-ranges: bytes\r\ncontent-type: application/xml\r\nserver: Ceph Object Gateway (tentacle)\r\ndate: Mon, 06 Apr 2026 13:13:37 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T01:11:48.314333Z","times_seen":13443173,"resource_available":true,"data":null}},"time_used":699,"timings":{"blocked":362,"dns":0,"connect":0,"send":0,"wait":337,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exv.sgp1.vultrobjects.com/exv0a1e94911cf94ad2bc3bc2193e35d8b1.png?2.0.1775480600067","fqdn":"exv.sgp1.vultrobjects.com","domain":"exv.sgp1.vultrobjects.com","tld":"sgp1.vultrobjects.com"},"ip":{"addr":"45.32.96.10","port":443,"asn":20473,"as":"AS-VULTR","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:37.342Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sgp1.vultrobjects.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 05:28:08 GMT","end":"Fri, 22 May 2026 05:28:07 GMT"},"fingerprint":{"sha1":"18:5F:88:67:27:3B:5E:12:4C:4C:03:EA:B5:AC:9C:D8:EA:51:96:E4","sha256":"88:71:78:C9:F7:3D:5F:06:21:DE:06:E2:F3:C2:C4:4A:D8:2C:77:2E:AA:8B:11:2B:87:37:4E:2F:84:27:F0:B9"}}},"request":{"raw":"GET /exv0a1e94911cf94ad2bc3bc2193e35d8b1.png?2.0.1775480600067 HTTP/1.1\r\nHost: exv.sgp1.vultrobjects.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-length: 232\r\nbucket: exv\r\nx-amz-request-id: tx00000a620c7ffcbd445f2-0069d3b181-539107255-sgp1\r\naccept-ranges: bytes\r\ncontent-type: application/xml\r\nserver: Ceph Object Gateway (tentacle)\r\ndate: Mon, 06 Apr 2026 13:13:37 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T01:11:48.314333Z","times_seen":13443173,"resource_available":true,"data":null}},"time_used":701,"timings":{"blocked":363,"dns":0,"connect":0,"send":0,"wait":338,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"16.163.174.166:1559/chat/layouts__index.24c2a0dd.chunk.css","fqdn":"16.163.174.166","domain":"16.163.174.166","tld":""},"ip":{"addr":"16.163.174.166","port":1559,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://16.163.174.166:1559/chat/index?channelId=01d1ee45fe184fb39829fa3a71336928\u0026autostart=0","date":"2026-04-06T13:13:37.656Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"16.163.174.166","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 11 Mar 2026 00:00:00 GMT","end":"Tue, 09 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C1:FE:83:28:7F:7B:34:DB:9B:19:22:87:1B:65:97:5F:42:FC:CB:2B","sha256":"0C:3A:87:DF:70:48:43:F9:44:A9:DE:87:D1:CD:4E:B3:BF:7A:08:6E:2F:DA:75:E5:70:BA:AB:9B:A1:E9:3D:2F"}}},"request":{"raw":"GET /chat/layouts__index.24c2a0dd.chunk.css HTTP/1.1\r\nHost: 16.163.174.166:1559\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://16.163.174.166:1559/chat/index?channelId=01d1ee45fe184fb39829fa3a71336928\u0026autostart=0\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nalt-svc: h3=\":1559\"; ma=2592000\r\ncontent-encoding: br\r\ncontent-type: text/css\r\ndate: Mon, 06 Apr 2026 13:13:37 GMT\r\netag: W/\"69b3b6a4-2ae8\"\r\nlast-modified: Fri, 13 Mar 2026 07:03:00 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-frame-options: ALLOWALL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10984,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (10983)","md5":"a7b1c8442e5799e7b909e9178386e084","sha1":"7bbf4c7c6dfa6cb186b070eddf422540a3a71c8b","sha256":"0f11d32500c02f905f37667534631aef0114142b3546ac7bf28e06e01186f51b","sha512":"441832148fd36c59753c8dad0d172c7064f072e06743979634579ce40f87dd9fdca127979a12e4dbff71c68be7dfa6ca81f2188f3d7522c7232730e81cf123ec","ssdeep":"192:1LH1ioZLYdi7YuOFiu+L2ejWrkQMXMC2cG:7FYdJYzEkNXMCI","tlshash":"7b3211206e40303ef467949d74d065caba18c413d277aaeeb9a5f178e3ce1e71e61f09","first_seen":"2026-03-01T01:55:36.697411Z","last_seen":"2026-04-06T13:14:18.510667Z","times_seen":2,"resource_available":false,"data":null}},"time_used":320,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":320,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/assets/index-266a2414.css","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:35.472Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"GET /assets/index-266a2414.css HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:36 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Mon, 06 Apr 2026 13:11:00 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AZA%2BYF2CI%2BUBlLdLLD9ncoq2IBdXCDG3NagyC6FaMBTr8UV1PgM9Zx7lTijlT1IgcQp7MYW0g7DBWxyulAb1%2B9xJ%2BxkelYaAwRfQmyxkNkJtWhuE44zNhk8m36KXprnb1kPa\"}]}\r\netag: W/\"69d3b0e4-9ef\"\r\ncontent-encoding: br\r\ncf-ray: 9e810cfcaf34b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2543,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2542)","md5":"f8e52bdf7f75e3decd74dd5f89bc9f4d","sha1":"1f709029338ce20742dd854830cae6fcaf1e68db","sha256":"266a2414fe33f05d09a55af00e4e5f4b907f3cfbc9c704f4d323d614369c6b99","sha512":"edb3e7488c5a164b3a008a74cdc0de568749d49bbd620b1381808b9561e2fb918231b72f48d2e90910f7b58d8edc6e3e3d527a9fc07df49659fa841dbcb6b812","ssdeep":"","tlshash":"af51ff4dff9921354c7bd98fae685e8890007e92e14add86f107870649cf6a3273039e","first_seen":"2026-04-06T13:14:18.515949Z","last_seen":"2026-04-06T13:14:18.515949Z","times_seen":1,"resource_available":false,"data":null}},"time_used":618,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":618,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/assets/en-68e89e11.js","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:36.290Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"GET /assets/en-68e89e11.js HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:36 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Mon, 06 Apr 2026 13:11:00 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pThcMXLuqu7Vy%2FjMUoEpS9XuEmvQ2SSai0UqHaMfJoKQslZ4JHQgeTKAim7Yb1RrRkCJ1RYOkdRXlhN3DkBWQqsgzF7zlVVhNEe%2BT5zzFd66nu7sVnHIUuaMB2lB7ZVJ90Ea\"}]}\r\netag: W/\"69d3b0e4-a4d4\"\r\ncontent-encoding: br\r\ncf-ray: 9e810d01dd1fb4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":42196,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (42173)","md5":"230237d91111c6c21919820246ad1ea1","sha1":"f17510349f7adb0755dcaf05c1ebbc36bce59756","sha256":"f07d7b1be38bebce6d461461b6be75d744a1a0f1b4183e7e63d16ef90195fce7","sha512":"2c0ca956abbcb3e09f5ae77915064565cd1c559220f196af96c0baa7c8f2c3b8910cfb03c7afaf8a3a39c53e00d1fda82e6ea1c0efed2d96176c74f6b5a3ce01","ssdeep":"768:+GtZcEw/o7rcdJbOfnAMCzrAaAMFVoP6+/sPG9w1mkO6fpk7aOtx++4z/l:iponcdJ0EzrdFVAsPWwCtx++4z/l","tlshash":"bf13d6897e1a989a04f3537774ce2e1160f60ac18255881f4bedc9fd93d2b67a363b34","first_seen":"2026-04-06T13:14:18.519676Z","last_seen":"2026-04-06T13:14:18.519676Z","times_seen":1,"resource_available":true,"data":null}},"time_used":928,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":619,"receive":309,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/assets/filters-ab0efca0.js","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:36.420Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"GET /assets/filters-ab0efca0.js HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:36 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Mon, 06 Apr 2026 13:11:00 GMT\r\nserver: cloudflare\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0dTMqb1ue9p0pZDMkAxBWbZ5fSt3hmnse1S6CfiGt1ArLLJqTCrP0qMBmjnJ9yYQRpEYK%2BAdhsn4wX8TLYy8HLoowueItAd%2BKSa82%2F1hOKMncSMxKSXlVwvsokQKE%2B8Igkc7\"}]}\r\netag: W/\"69d3b0e4-c1f\"\r\ncontent-encoding: br\r\ncf-ray: 9e810d029de4b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3103,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3102)","md5":"244719c2dbf871d41e6b6cbf6c24c469","sha1":"938b7362416ecf59a5cfd8a7b5d5c1161fb28d93","sha256":"bf4a710d568e8eae6f2a68419abb1036c66b884cf6132e900d88ae7e2e2049a5","sha512":"9d0618017ccf695ed3b9c3c55dc005d24629bb7334e0c7953b4857ea8e00b998032f1dbf2f792bcc1c9d1b19610a89add71fe4d5286ff0aa62f54cf8e41c32cf","ssdeep":"","tlshash":"325133edf8d3a03356fd9de944188124728fbf1468af0a4df99be0456963888d07bb74","first_seen":"2026-04-06T13:14:18.521697Z","last_seen":"2026-04-06T13:14:18.521697Z","times_seen":1,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"16.163.174.166:1559/chat/138.a938ecb1.async.js","fqdn":"16.163.174.166","domain":"16.163.174.166","tld":""},"ip":{"addr":"16.163.174.166","port":1559,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://16.163.174.166:1559/chat/index?channelId=01d1ee45fe184fb39829fa3a71336928\u0026autostart=0","date":"2026-04-06T13:13:37.645Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"16.163.174.166","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 11 Mar 2026 00:00:00 GMT","end":"Tue, 09 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C1:FE:83:28:7F:7B:34:DB:9B:19:22:87:1B:65:97:5F:42:FC:CB:2B","sha256":"0C:3A:87:DF:70:48:43:F9:44:A9:DE:87:D1:CD:4E:B3:BF:7A:08:6E:2F:DA:75:E5:70:BA:AB:9B:A1:E9:3D:2F"}}},"request":{"raw":"GET /chat/138.a938ecb1.async.js HTTP/1.1\r\nHost: 16.163.174.166:1559\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://16.163.174.166:1559/chat/index?channelId=01d1ee45fe184fb39829fa3a71336928\u0026autostart=0\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nalt-svc: h3=\":1559\"; ma=2592000\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf8\r\ndate: Mon, 06 Apr 2026 13:13:37 GMT\r\netag: W/\"69b3b6a4-2f26\"\r\nlast-modified: Fri, 13 Mar 2026 07:03:00 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-frame-options: ALLOWALL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12070,"size_decoded":0,"mime_type":"application/javascript; charset=utf8","magic":"JavaScript source, ASCII text, with very long lines (10261)","md5":"32edd402fbbd35653ecf99d9e1540009","sha1":"842ed8be5bac8bb3510e066686c9402d3aa1a074","sha256":"fd52c75dc0a659fd599314696b11a540038c56b839d325b4f3a0ef5e92a7b792","sha512":"57d5f926e002eef35453d4deb0ef9e675848a67fac18198a26d57978e594bfbdc1702ef00437e1dc46e1eab395e2f807d099d26e87a66f71a1bdf4f0111d1306","ssdeep":"192:qFoJo/YEi2xy+kHia4a9x2ybl0e+YrP2CsBOyARHlu9fOJ/B3wgdBSqvsd2zP/N+:qAEiT+kHia4y2yg4P2CGRARHI9fOJJ3w","tlshash":"6542a6b430d2f451877700e5c03f5409f23d78b6b45c92a0a6a7dce939e162dc677aae","first_seen":"2025-12-03T22:48:55.737967Z","last_seen":"2026-04-06T13:14:18.523443Z","times_seen":3,"resource_available":true,"data":null}},"time_used":319,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":319,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/resource/images/light/zaixian.png?2.0.1775480600067","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:37.296Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"GET /resource/images/light/zaixian.png?2.0.1775480600067 HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:37 GMT\r\ncontent-type: image/png\r\ncontent-length: 6267\r\naccept-ranges: bytes\r\netag: \"69d3b0e4-187b\"\r\nlast-modified: Mon, 06 Apr 2026 13:11:00 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pCp2rwJMql79nQUkJ9ZZLQNLubigsSIjSZazACev9qC8v0T01H0cjXatkWhXdVK8W5xAep0M%2F3s6gr1iiGL4WWKpiaAM85d8HF0iuxDLwgO6Px33QQAarxBBpoFJluPWxa76\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e810d081d83b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6267,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 191x188, components 3","md5":"7670f71716321ea2be5b889704168d44","sha1":"645139d5fc752b1d24d7390e1c1fdba269e4f0d1","sha256":"efde91ba4e150a9ddc20faed9efa2ae115111905c2aa63bf3ebd9527cb23d500","sha512":"d9f86b5adf742c5e68cc7cdce0168dd6888660fbcf4f7e1a86538eca0c902eecf04d6f4a73bff5ca1627e36ef086da76d0e32d34a2dd72fc1afb7199187e8ccf","ssdeep":"96:IGd2us14PX4ezQ7WkBAPXYK3JxPR0ePr2R3MRiowxh8Uk2hyFDkyeu0wdHD:Im2X4PXwAP9ZXv3wIUkXiZu0wdHD","tlshash":"7ed19e7b73fdd8ba04d1253e90d25b32d432f2148cc2e6292f885a3a3583b7599c3472","first_seen":"2026-04-06T13:14:18.525Z","last_seen":"2026-04-06T13:14:18.525Z","times_seen":1,"resource_available":false,"data":null}},"time_used":662,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":661,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exv.sgp1.vultrobjects.com/exv3ef3e8a6a36e4937b81ca1198b8a0cce.png?2.0.1775480600067","fqdn":"exv.sgp1.vultrobjects.com","domain":"exv.sgp1.vultrobjects.com","tld":"sgp1.vultrobjects.com"},"ip":{"addr":"45.32.96.10","port":443,"asn":20473,"as":"AS-VULTR","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:37.316Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sgp1.vultrobjects.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 05:28:08 GMT","end":"Fri, 22 May 2026 05:28:07 GMT"},"fingerprint":{"sha1":"18:5F:88:67:27:3B:5E:12:4C:4C:03:EA:B5:AC:9C:D8:EA:51:96:E4","sha256":"88:71:78:C9:F7:3D:5F:06:21:DE:06:E2:F3:C2:C4:4A:D8:2C:77:2E:AA:8B:11:2B:87:37:4E:2F:84:27:F0:B9"}}},"request":{"raw":"GET /exv3ef3e8a6a36e4937b81ca1198b8a0cce.png?2.0.1775480600067 HTTP/1.1\r\nHost: exv.sgp1.vultrobjects.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-length: 232\r\nbucket: exv\r\nx-amz-request-id: tx00000f80634d65ed8da0c-0069d3b181-539125359-sgp1\r\naccept-ranges: bytes\r\ncontent-type: application/xml\r\nserver: Ceph Object Gateway (tentacle)\r\ndate: Mon, 06 Apr 2026 13:13:37 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T01:11:48.314333Z","times_seen":13443173,"resource_available":true,"data":null}},"time_used":556,"timings":{"blocked":385,"dns":0,"connect":0,"send":0,"wait":171,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/assets/index-8339e9b8.js","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:31.728Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"GET /assets/index-8339e9b8.js HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:32 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Mon, 06 Apr 2026 13:11:00 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TIoSSP%2Fo5%2BlE6i82kGnvSsGwJdyL%2BAQe1i2K5SCeWS9eA6WQCCntPDbq2VeoHJEXaNKkCERr%2FeDvmFxB7M9aD3frD17v8VMIx2eQxZp4H0ocqBz5fSAu2XMpwZYuS30xwTr%2B\"}]}\r\netag: W/\"69d3b0e4-18407\"\r\ncontent-encoding: br\r\ncf-ray: 9e810ce53c1fb4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":99335,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65508), with no line terminators","md5":"288995d8185c44a667d1792a22837431","sha1":"18057e1bb4a4d009d9fe0ca50ba24530c437b5a7","sha256":"e67df046ea64077920881f21e04646cc582f14776ea1b22856e781cbfc7cd740","sha512":"8644e93083de9080ac21ac7007f4a29ab8a933264c6ed86c2a73914cafffc4fcbc24c08920065d57598b61c97bcd6e41e3a72a1f1cf67531e5ad9b9762bd8db6","ssdeep":"1536:+frxiG2tnp0Mkx0Cw58X0S1nssCoVyWYGxs238jS:QdUnp7ka58X0SvHoWpYS","tlshash":"c6a35c89a60b2eff6dfd4844ad1f441021692fd3988cc85373ee6e1667f9cd4a28971c","first_seen":"2026-04-06T13:14:18.526404Z","last_seen":"2026-04-06T13:14:18.526404Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1190,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":593,"receive":597,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exv.sgp1.vultrobjects.com/exv1f31583de61040e883e7acb6718898d4.png?2.0.1775480600067","fqdn":"exv.sgp1.vultrobjects.com","domain":"exv.sgp1.vultrobjects.com","tld":"sgp1.vultrobjects.com"},"ip":{"addr":"45.32.96.10","port":443,"asn":20473,"as":"AS-VULTR","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:37.320Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sgp1.vultrobjects.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 05:28:08 GMT","end":"Fri, 22 May 2026 05:28:07 GMT"},"fingerprint":{"sha1":"18:5F:88:67:27:3B:5E:12:4C:4C:03:EA:B5:AC:9C:D8:EA:51:96:E4","sha256":"88:71:78:C9:F7:3D:5F:06:21:DE:06:E2:F3:C2:C4:4A:D8:2C:77:2E:AA:8B:11:2B:87:37:4E:2F:84:27:F0:B9"}}},"request":{"raw":"GET /exv1f31583de61040e883e7acb6718898d4.png?2.0.1775480600067 HTTP/1.1\r\nHost: exv.sgp1.vultrobjects.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-length: 232\r\nbucket: exv\r\nx-amz-request-id: tx0000065982a3bbb9a5826-0069d3b181-539125359-sgp1\r\naccept-ranges: bytes\r\ncontent-type: application/xml\r\nserver: Ceph Object Gateway (tentacle)\r\ndate: Mon, 06 Apr 2026 13:13:37 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T01:11:48.314333Z","times_seen":13443173,"resource_available":true,"data":null}},"time_used":718,"timings":{"blocked":381,"dns":0,"connect":0,"send":0,"wait":337,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"16.163.174.166:1559/chat/p__app.e018e278.async.js","fqdn":"16.163.174.166","domain":"16.163.174.166","tld":""},"ip":{"addr":"16.163.174.166","port":1559,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://16.163.174.166:1559/chat/index?channelId=01d1ee45fe184fb39829fa3a71336928\u0026autostart=0","date":"2026-04-06T13:13:38.137Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"16.163.174.166","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 11 Mar 2026 00:00:00 GMT","end":"Tue, 09 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C1:FE:83:28:7F:7B:34:DB:9B:19:22:87:1B:65:97:5F:42:FC:CB:2B","sha256":"0C:3A:87:DF:70:48:43:F9:44:A9:DE:87:D1:CD:4E:B3:BF:7A:08:6E:2F:DA:75:E5:70:BA:AB:9B:A1:E9:3D:2F"}}},"request":{"raw":"GET /chat/p__app.e018e278.async.js HTTP/1.1\r\nHost: 16.163.174.166:1559\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://16.163.174.166:1559/chat/index?channelId=01d1ee45fe184fb39829fa3a71336928\u0026autostart=0\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nalt-svc: h3=\":1559\"; ma=2592000\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf8\r\ndate: Mon, 06 Apr 2026 13:13:38 GMT\r\netag: W/\"69b3b6a4-1a364\"\r\nlast-modified: Fri, 13 Mar 2026 07:03:00 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-frame-options: ALLOWALL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":107364,"size_decoded":0,"mime_type":"application/javascript; charset=utf8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"bf32f2fb10690f661beb5dc2611ca13a","sha1":"21e0f3179b6c7a5ff3f218c738ce5de07c3bfccd","sha256":"92cd33a151ba992f57445574e4d6c166c1f91f77994261b3e638eb53734cc089","sha512":"372a665110fbaab028688d8a0ba22dbafcba6136db8ea292b2ded95e81a97dbacb8e8c7a7b33f37816bc5bb15bfad485b42df05d3b26ce5766543d0e83075b88","ssdeep":"3072:1lOtjiaLnBCC4oE2uRg0BKTj5v19rZdsgd+:1lOtjiaLP4T26Jw1Z+","tlshash":"c5a30a8cb3957c687d3fa4644f6f448d722e2ed4540a4960f13be8973658dc8e22bb8d","first_seen":"2026-04-06T13:14:18.527809Z","last_seen":"2026-04-06T13:14:18.527809Z","times_seen":1,"resource_available":true,"data":null}},"time_used":318,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":318,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/assets/vendor-ec6b12c6.js","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:32.930Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"GET /assets/vendor-ec6b12c6.js HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:33 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Mon, 06 Apr 2026 13:11:00 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7k%2FP%2BIOJydESwANQWTVnnnkpyRmaPjTBrpxorRMeu%2Fe20G004aLPtC%2BgyIUdDnb6b6EttQgS0nRkB8IWWFgHL8oQmndYkIUQmX7k7JuBR8taixI4BAY9ndQwNEoxd1ggvfV7\"}]}\r\netag: W/\"69d3b0e4-f55e2\"\r\ncontent-encoding: br\r\ncf-ray: 9e810cecccb5b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1005026,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65506), with no line terminators","md5":"8d46906265297fdf8a3458c0a76a106a","sha1":"994f407b176c91606b71768ff5abaa2956fe4436","sha256":"e891bf1d46678cf65ebbad83a20acd152c4148398a93b2c806460a049a2d3340","sha512":"5615a789ed8ba6f08cfa33adf4000912962bddeb85ab68fe902b634bbf7fc8b28202ff2556d04b7ccc05d1a7d01a771c029bbca5ced1c467f3f2f14d6187825f","ssdeep":"12288:RbMunAc76Zli7M+L12ZFp/fmRBpshkRRhTj9Sk9sAWpsTPTxBgG69aJ2f8:RbznQ+hLUp3mRBpsuVRtsAWUPTxBlJZ","tlshash":"e22539c97692f06147ab24e240bb0007f3396e59740e84a4f169d8eb7d7ad89d277f38","first_seen":"2026-04-06T13:14:18.529092Z","last_seen":"2026-04-06T13:14:18.529092Z","times_seen":1,"resource_available":true,"data":null}},"time_used":2291,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":587,"receive":1704,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/api/common/getCoinList","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:35.406Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"POST /api/common/getCoinList HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlang: en-US\r\nOrigin: https://ccyrpyypweb3.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:36 GMT\r\ncontent-type: application/json\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://ccyrpyypweb3.com\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ol9UR0cW%2F19dDtmMNg0Uri1iEKNb%2F%2F9obRTiMsqjp67COUsEmu7orsxdCUq%2BB2FaHPFV7T8dWVyuqppYQj%2F4jtkdsAEBzCxeyAMpuZz%2BtRDDN0Rgw0zaqbQymWKx4yVCkV94\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9e810cfc4ecfb4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13922,"size_decoded":0,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (13906), with no line terminators","md5":"bf3992a9a51d78cbfee9fd7eb83518f4","sha1":"f8c0947862af898b04cd6f1dbeba595879e40f18","sha256":"207133c2491bab71187ae63d155bc55632cf2046dee93b65fe86a828eb685e5a","sha512":"05855fea3672e2a019b75e27cad50bca0c8f1e5f0551ceb5034eef9a42b7479c3355fa0d2d2ee8a06eaf6feecd2ff45860473f5c941b5ae6ba3486d1a53fb897","ssdeep":"192:VXZnXHUXHiXDsWXWsXM00XCUX0Ry/AOEQ3ZQ4QyqbN4/FCKjHD1LYYwYr2YwoYhC:xC7/F","tlshash":"f952459952286aedc979d0c02eef7906519d356fecc24d0bc7cecd8889e5bb06906f07","first_seen":"2026-04-06T13:14:18.530527Z","last_seen":"2026-04-06T13:14:18.530527Z","times_seen":1,"resource_available":false,"data":null}},"time_used":871,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":605,"receive":266,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"16.163.174.166:1559/chat/index?channelId=01d1ee45fe184fb39829fa3a71336928\u0026autostart=0","fqdn":"16.163.174.166","domain":"16.163.174.166","tld":""},"ip":{"addr":"16.163.174.166","port":1559,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:35.422Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"16.163.174.166","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 11 Mar 2026 00:00:00 GMT","end":"Tue, 09 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C1:FE:83:28:7F:7B:34:DB:9B:19:22:87:1B:65:97:5F:42:FC:CB:2B","sha256":"0C:3A:87:DF:70:48:43:F9:44:A9:DE:87:D1:CD:4E:B3:BF:7A:08:6E:2F:DA:75:E5:70:BA:AB:9B:A1:E9:3D:2F"}}},"request":{"raw":"GET /chat/index?channelId=01d1ee45fe184fb39829fa3a71336928\u0026autostart=0 HTTP/1.1\r\nHost: 16.163.174.166:1559\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nalt-svc: h3=\":1559\"; ma=2592000\r\ncontent-type: text/html; charset=utf8\r\ndate: Mon, 06 Apr 2026 13:13:35 GMT\r\netag: \"69b3b6a5-18f\"\r\nlast-modified: Fri, 13 Mar 2026 07:03:01 GMT\r\nvia: 1.1 Caddy\r\nx-frame-options: ALLOWALL\r\ncontent-length: 399\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"UmiJs","description":"UmiJs is a scalable, enterprise-class frontend application framework that supports both configuration and conventional routing while maintaining functional completeness, such as dynamic routing, nested routing, and permission routing.","website":"https://umijs.org","common_platform_enumeration":"","icon":"UmiJs.png","categories":["JavaScript frameworks"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":399,"size_decoded":0,"mime_type":"text/html; charset=utf8","magic":"HTML document, ASCII text","md5":"d5cd4fe625e7ba98f03897444e3bf740","sha1":"e05d8e1cb6a4a7167a812c8705b712d5e048bb6c","sha256":"7fa6ca20c277da6c2fe1fd682c4121bf3be25e527c73e9f7ecc7ffb3d80e7392","sha512":"dfb0f24c4ed618b88b4659335836259fa660b22e93755fb6add15bd6ac24536559368ea178b225d7c04f4e909f484f3c6ae35b953ca0bced617051942e9e0073","ssdeep":"","tlshash":"16e068435c15c01e82604a996ee8f00ec75baed8af829c6189d1b6bf4de4fc8ccd7568","first_seen":"2026-04-06T13:14:18.532256Z","last_seen":"2026-04-06T13:14:18.532256Z","times_seen":1,"resource_available":false,"data":null}},"time_used":319,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":318,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exv.sgp1.vultrobjects.com/exv9c6eff146bba434aad95fdfb9ecc94cf.png?2.0.1775480600067","fqdn":"exv.sgp1.vultrobjects.com","domain":"exv.sgp1.vultrobjects.com","tld":"sgp1.vultrobjects.com"},"ip":{"addr":"45.32.96.10","port":443,"asn":20473,"as":"AS-VULTR","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:37.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sgp1.vultrobjects.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 05:28:08 GMT","end":"Fri, 22 May 2026 05:28:07 GMT"},"fingerprint":{"sha1":"18:5F:88:67:27:3B:5E:12:4C:4C:03:EA:B5:AC:9C:D8:EA:51:96:E4","sha256":"88:71:78:C9:F7:3D:5F:06:21:DE:06:E2:F3:C2:C4:4A:D8:2C:77:2E:AA:8B:11:2B:87:37:4E:2F:84:27:F0:B9"}}},"request":{"raw":"GET /exv9c6eff146bba434aad95fdfb9ecc94cf.png?2.0.1775480600067 HTTP/1.1\r\nHost: exv.sgp1.vultrobjects.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-length: 232\r\nbucket: exv\r\nx-amz-request-id: tx0000067feae1262b37bc3-0069d3b181-539107255-sgp1\r\naccept-ranges: bytes\r\ncontent-type: application/xml\r\nserver: Ceph Object Gateway (tentacle)\r\ndate: Mon, 06 Apr 2026 13:13:37 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T01:11:48.314333Z","times_seen":13443173,"resource_available":true,"data":null}},"time_used":1149,"timings":{"blocked":408,"dns":9,"connect":173,"send":0,"wait":333,"receive":0,"ssl":212},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exv.sgp1.vultrobjects.com/exv28db298aeac14bcea4a6a3df349f9c69.png?2.0.1775480600067","fqdn":"exv.sgp1.vultrobjects.com","domain":"exv.sgp1.vultrobjects.com","tld":"sgp1.vultrobjects.com"},"ip":{"addr":"45.32.96.10","port":443,"asn":20473,"as":"AS-VULTR","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:37.343Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sgp1.vultrobjects.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 05:28:08 GMT","end":"Fri, 22 May 2026 05:28:07 GMT"},"fingerprint":{"sha1":"18:5F:88:67:27:3B:5E:12:4C:4C:03:EA:B5:AC:9C:D8:EA:51:96:E4","sha256":"88:71:78:C9:F7:3D:5F:06:21:DE:06:E2:F3:C2:C4:4A:D8:2C:77:2E:AA:8B:11:2B:87:37:4E:2F:84:27:F0:B9"}}},"request":{"raw":"GET /exv28db298aeac14bcea4a6a3df349f9c69.png?2.0.1775480600067 HTTP/1.1\r\nHost: exv.sgp1.vultrobjects.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-length: 232\r\nbucket: exv\r\nx-amz-request-id: tx00000915afffc154e537b-0069d3b181-539125359-sgp1\r\naccept-ranges: bytes\r\ncontent-type: application/xml\r\nserver: Ceph Object Gateway (tentacle)\r\ndate: Mon, 06 Apr 2026 13:13:37 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T01:11:48.314333Z","times_seen":13443173,"resource_available":true,"data":null}},"time_used":700,"timings":{"blocked":367,"dns":0,"connect":0,"send":0,"wait":333,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exv.sgp1.vultrobjects.com/exv0beb4101f68c469fa1d290b5b5fddcc1.png?2.0.1775480600067","fqdn":"exv.sgp1.vultrobjects.com","domain":"exv.sgp1.vultrobjects.com","tld":"sgp1.vultrobjects.com"},"ip":{"addr":"45.32.96.10","port":443,"asn":20473,"as":"AS-VULTR","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:37.349Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sgp1.vultrobjects.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 05:28:08 GMT","end":"Fri, 22 May 2026 05:28:07 GMT"},"fingerprint":{"sha1":"18:5F:88:67:27:3B:5E:12:4C:4C:03:EA:B5:AC:9C:D8:EA:51:96:E4","sha256":"88:71:78:C9:F7:3D:5F:06:21:DE:06:E2:F3:C2:C4:4A:D8:2C:77:2E:AA:8B:11:2B:87:37:4E:2F:84:27:F0:B9"}}},"request":{"raw":"GET /exv0beb4101f68c469fa1d290b5b5fddcc1.png?2.0.1775480600067 HTTP/1.1\r\nHost: exv.sgp1.vultrobjects.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-length: 232\r\nbucket: exv\r\nx-amz-request-id: tx00000c5164054db5d3092-0069d3b181-539107255-sgp1\r\naccept-ranges: bytes\r\ncontent-type: application/xml\r\nserver: Ceph Object Gateway (tentacle)\r\ndate: Mon, 06 Apr 2026 13:13:37 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T01:11:48.314333Z","times_seen":13443173,"resource_available":true,"data":null}},"time_used":695,"timings":{"blocked":364,"dns":0,"connect":0,"send":0,"wait":331,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/assets/index-bc011be9.css","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:35.471Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"GET /assets/index-bc011be9.css HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:36 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Mon, 06 Apr 2026 13:11:00 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=71Ld6bt5OLCqQVCWQbfNV63JsULv%2FlwAgVmjfIyElVE4YYj4b8u0vv0KD8bgSLqnGtz2tJs3JI7eFHKUlsF8tHOcXEJ7dU2GWXB%2Brjebo7QS%2B9a4UCuVk2eG7jIP8lsIGovv\"}]}\r\netag: W/\"69d3b0e4-18d\"\r\ncontent-encoding: br\r\ncf-ray: 9e810cfcaf31b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":397,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (396)","md5":"5353ff252ee4a5e7a3d0176de6a6c712","sha1":"c83942b5dfdb4aa8be53f26b39e53b0b257595e0","sha256":"bc011be90fd6cd33a399912151a5f69ba0d8e394563c71c4c1bea7a4ec032516","sha512":"9a17506817918ef0c9a5d0caebaed8f603641dc1015a726bdf247645a7e0a988b543756d7254abafa18dd4cd9d27c9a198300632156faf59f05c1e27f0a5e30a","ssdeep":"","tlshash":"5ae092c890d6927fb62b607d267c931ad425ac88d8007bb8e67fabb146c7ac53172215","first_seen":"2024-01-05T03:21:29Z","last_seen":"2026-04-06T13:53:44.089035Z","times_seen":363,"resource_available":false,"data":null}},"time_used":593,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":593,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/assets/index-8f084698.css","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:35.474Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"GET /assets/index-8f084698.css HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:36 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Mon, 06 Apr 2026 13:11:00 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=p7NPM8mvTUZtk0bOXHPfruaquOTVVZmd7t4enrgGDWf07kZGfkaON9i8H8Han4Wd1uOT5ZQ1npVybXIeHm2V7Sp77il1zN9AeEsQns3n0UKSCuqO7sdyrZbLIFijju3uEK3k\"}]}\r\netag: W/\"69d3b0e4-28b8\"\r\ncontent-encoding: br\r\ncf-ray: 9e810cfcaf38b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10424,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (10423)","md5":"d081d3b4227c63b88bdd3cb7b31343a6","sha1":"ae9e3de9b7601085219272b457f0c6bdbfb7d461","sha256":"8f0846984c5c1deafe3103c588f8caef0f4f3e1bab6b906e8810d745f6f65068","sha512":"06d3c6ae060cd8487ec52d71b6f7a33351728a151dd6afb87ba7f37f23d0f2b34ceeb990c187506dc9dcc73cdb9f442ad501f9ab6209ac99bd6d3bd947dd4025","ssdeep":"192:tYS6s0EYnW9MfTpB5BxP8jZe59Sp3LVHMy54:tL4W9MflnCm","tlshash":"8a22532df3d96238ac3be195abc84ecce609b911f953cd95f62786261ccb5e3193014d","first_seen":"2026-04-06T13:14:18.534072Z","last_seen":"2026-04-06T13:14:18.534072Z","times_seen":1,"resource_available":false,"data":null}},"time_used":611,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":610,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/assets/index-7649976b.js","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:36.414Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"GET /assets/index-7649976b.js HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:36 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Mon, 06 Apr 2026 13:11:00 GMT\r\nserver: cloudflare\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vjWI2CbhWczTuHUNd9br%2FK%2BDYP2CpavDia6186RqOjNX%2B3LvzPaggdP6s2xqOCnEeH1rwhy2PdiifZE3mXqWCEAuucUrESBtdolk68ZBz5Sh2Kpi6ydHFHiiY9fKIbgIcXNG\"}]}\r\netag: W/\"69d3b0e4-262\"\r\ncontent-encoding: br\r\ncf-ray: 9e810d029de2b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":610,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (609)","md5":"5ff3361202329f639790ac50d978f0f4","sha1":"de4d5faa136e88cae62ec696e51e4bad1484ba20","sha256":"a1fcad407faa371ee0e555b8e4f96b96d04997dc5aeaaf554a9a43897876cd69","sha512":"7e7a84a942be759b6efb39658c45a76b6629010ed6aeeedf3d5f89c0919a2c1e7fb84c8b53f76d27f824a8c6ef55b3d9e42e92247a5c330874a7b5e78a263553","ssdeep":"","tlshash":"66f0e12f3a68c17316b78898d1130812f72c1f5562548074b18e1625c7689eac68d124","first_seen":"2026-04-06T13:14:18.535459Z","last_seen":"2026-04-06T13:14:18.535459Z","times_seen":1,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/platform/dev/logo_3.png?2.0.1775480600067?2.0.1775480600067","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:37.262Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"GET /platform/dev/logo_3.png?2.0.1775480600067?2.0.1775480600067 HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:37 GMT\r\ncontent-type: image/png\r\ncontent-length: 77146\r\naccept-ranges: bytes\r\netag: \"69d3b0e4-12d5a\"\r\nlast-modified: Mon, 06 Apr 2026 13:11:00 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=spxiUODC0IgtveKjRHo%2FI%2Frmb9iMawgvVDssrI%2BJDEmghhPfTsdPo6m0I6N5AIJfyJqLUpf1eZPKvF8RdpGnzngR30dywWtkwzwwaOSj84GYAyvMk7MYNv8Dn6cA0BtcAGe8\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e810d07ed44b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":77146,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1202x1280, components 3","md5":"4a913e5e548fb153e6c8801d10b34c43","sha1":"5ccb4b4b524a3bc13cc05128d0b0a8485590118d","sha256":"453169cc8ecb42d44713981c7f1a0a8fa3dce6b8424abeec2f35c3546fe1d806","sha512":"359cc18beff422f52a744f6f0d488879effa9a14975e37e4e77570f729fd7bc73ae376809c003d04ee90320819b0514b697919535f728407fd8059fbab759ddf","ssdeep":"1536:HKFvzDYQzBbcCO3HjE1N0n+RMXUqVJljiQ77F75ruk5bQNLKQ:HGQ0ByGN0njflOoNCKQMQ","tlshash":"4673022cd9516cdfc9a11634376f926137f61f1278af506b8e4e0aa84cc7a68cbd18c3","first_seen":"2026-04-06T13:14:18.536434Z","last_seen":"2026-04-06T13:14:18.536434Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1213,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":623,"receive":590,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/resource/svg/light/mengbanzu12.svg?2.0.1775480600067","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:37.287Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"GET /resource/svg/light/mengbanzu12.svg?2.0.1775480600067 HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:37 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Mon, 06 Apr 2026 13:11:00 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BFrCs87ZeHFHvamsNx3Wa11CzW4YOz3N0GL2C7EOOP%2FOPrQkk57zxZWyLcbnGyI4e8GFHoZnnIsFYKLpTepogKxZFz4zbpByx03mzEkrARKdYjuxlkRl669%2BmHsk9qhXAwVm\"}]}\r\netag: W/\"69d3b0e4-322\"\r\ncontent-encoding: br\r\ncf-ray: 9e810d080d73b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":802,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"184d38c97adf35302491834eaf17aee3","sha1":"a21f6508e3eb8b4bf52a510ac9dd219783f561bc","sha256":"5cdcdf5fb66c61d69b6c308a4569e093ff7b0e178fbb1c7d94a599473339bf99","sha512":"a88827fe8f336cb9f4de9cbaade38ff0026d003f03cc096dc443724052a51c417432d1b96b7006e21c49498791fac31678492626f5643eb09d5b94b32afdb9f0","ssdeep":"","tlshash":"d201f6764321c19dd2538b80c7d93f44927eb65bb2d00448b3a32aa74e34f7f55bc595","first_seen":"2024-07-24T17:37:44Z","last_seen":"2026-04-06T13:51:48.59313Z","times_seen":224,"resource_available":false,"data":null}},"time_used":321,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":319,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/api/notice/list?key=ACTIVITY_NOTICE\u0026modelKey=HOME_ACTIVITY","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:37.386Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"POST /api/notice/list?key=ACTIVITY_NOTICE\u0026modelKey=HOME_ACTIVITY HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://ccyrpyypweb3.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:37 GMT\r\ncontent-type: application/json\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://ccyrpyypweb3.com\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Rc3jhu2Lv19EcM%2FzqQE%2B7acvcvW7gee%2BAKX%2FpsI9Zyw4%2FMpT9%2FUS7mMQnJPeMRSmYkqrzmBqWs6JL0NgqSq4ubOTKfTbrP%2FZ5uzFjbG8z5IRwNP83nEqCqUuJDY%2B8xqx3mLb\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9e810d08ae20b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":562,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"19a679148ed5de8e82051a799bb8abf5","sha1":"39fdd0d4a18036813349a9b8ca021dcad2053e0e","sha256":"158ff0e9d64d5d4d7893327b73c9abec7f2c657b46219c21a4602ed476c63b82","sha512":"264d2e5f62ba3bc238a16479524643610a4629f3ea58675cce51a1041b78a6f2b1cc95ac096e56bd83adb10b27fffca756c59029e8bb6d83a98f7b4906141db7","ssdeep":"","tlshash":"eff08b4e14789ea90d0844c355cdbccd926e368bd670cc709eabcf2880f51770a06604","first_seen":"2026-04-06T13:14:18.538425Z","last_seen":"2026-04-06T13:14:18.538425Z","times_seen":1,"resource_available":false,"data":null}},"time_used":326,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":325,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/platform/dev/logo_144.png?2.0.1775480600067","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:36.544Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"GET /platform/dev/logo_144.png?2.0.1775480600067 HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:37 GMT\r\ncontent-type: image/png\r\ncontent-length: 30723\r\naccept-ranges: bytes\r\netag: \"69d3b0e4-7803\"\r\nlast-modified: Mon, 06 Apr 2026 13:11:00 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FapH818xbuaz%2Farl09%2BKHnoGLfPXZF2YeoSwBYqAwTOufAIFMFNJms4f7EzVL4Gge4S0qWkzQLm5YOZSZ0H1cm3byDPXtlhVCDvFqZapmYn3QraLqI8AUgLSKZTMyQlvmL6l\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e810d036eedb4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":30723,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 144 x 154, 8-bit/color RGBA, non-interlaced","md5":"fea111c0f5b9f3d3a25f06bc517aa606","sha1":"9f1df4a26fd7442e7de95992dcabad9f3e154f56","sha256":"e4343389d1c8854b605c5b8448ba98a5c95f02df940e020d7dc7ba2b09b4f221","sha512":"a614cb0f5910f8339e985e4714834d56eddc55e68b0d8b0e8444f04a4674f3ec7ec7250018cd5faf64ff82fe413177ee77c49de5eb014c238d49649400ed5d33","ssdeep":"768:wNanOpGdQKI+zGBgzw1zSJUuXNrjqqyNsQNpsDsjr1:wUOp8QKcBgzWOJUYrjqlNDGuJ","tlshash":"69d2f2f31c3ca9a4645cd8fdf5375771b6322921ddb7791e34809a63d58907882a2c37","first_seen":"2026-04-06T13:14:18.539455Z","last_seen":"2026-04-06T13:14:18.539455Z","times_seen":1,"resource_available":false,"data":null}},"time_used":916,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":621,"receive":295,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exv.sgp1.vultrobjects.com/exvc703fbd02a544285afd1a95ca592838b.png?2.0.1775480600067","fqdn":"exv.sgp1.vultrobjects.com","domain":"exv.sgp1.vultrobjects.com","tld":"sgp1.vultrobjects.com"},"ip":{"addr":"45.32.96.10","port":443,"asn":20473,"as":"AS-VULTR","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:37.282Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sgp1.vultrobjects.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 05:28:08 GMT","end":"Fri, 22 May 2026 05:28:07 GMT"},"fingerprint":{"sha1":"18:5F:88:67:27:3B:5E:12:4C:4C:03:EA:B5:AC:9C:D8:EA:51:96:E4","sha256":"88:71:78:C9:F7:3D:5F:06:21:DE:06:E2:F3:C2:C4:4A:D8:2C:77:2E:AA:8B:11:2B:87:37:4E:2F:84:27:F0:B9"}}},"request":{"raw":"GET /exvc703fbd02a544285afd1a95ca592838b.png?2.0.1775480600067 HTTP/1.1\r\nHost: exv.sgp1.vultrobjects.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-length: 232\r\nbucket: exv\r\nx-amz-request-id: tx00000be441800d7fa43a4-0069d3b181-539107255-sgp1\r\naccept-ranges: bytes\r\ncontent-type: application/xml\r\nserver: Ceph Object Gateway (tentacle)\r\ndate: Mon, 06 Apr 2026 13:13:37 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T01:11:48.314333Z","times_seen":13443173,"resource_available":true,"data":null}},"time_used":1196,"timings":{"blocked":431,"dns":35,"connect":173,"send":0,"wait":331,"receive":0,"ssl":208},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exv.sgp1.vultrobjects.com/exv5f82cf97f03742c088b34a99e5b4f553.png?2.0.1775480600067","fqdn":"exv.sgp1.vultrobjects.com","domain":"exv.sgp1.vultrobjects.com","tld":"sgp1.vultrobjects.com"},"ip":{"addr":"45.32.96.10","port":443,"asn":20473,"as":"AS-VULTR","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:37.346Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sgp1.vultrobjects.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 05:28:08 GMT","end":"Fri, 22 May 2026 05:28:07 GMT"},"fingerprint":{"sha1":"18:5F:88:67:27:3B:5E:12:4C:4C:03:EA:B5:AC:9C:D8:EA:51:96:E4","sha256":"88:71:78:C9:F7:3D:5F:06:21:DE:06:E2:F3:C2:C4:4A:D8:2C:77:2E:AA:8B:11:2B:87:37:4E:2F:84:27:F0:B9"}}},"request":{"raw":"GET /exv5f82cf97f03742c088b34a99e5b4f553.png?2.0.1775480600067 HTTP/1.1\r\nHost: exv.sgp1.vultrobjects.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-length: 232\r\nbucket: exv\r\nx-amz-request-id: tx000009fbce517d5d7f054-0069d3b181-539125359-sgp1\r\naccept-ranges: bytes\r\ncontent-type: application/xml\r\nserver: Ceph Object Gateway (tentacle)\r\ndate: Mon, 06 Apr 2026 13:13:37 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T01:11:48.314333Z","times_seen":13443173,"resource_available":true,"data":null}},"time_used":698,"timings":{"blocked":366,"dns":0,"connect":0,"send":0,"wait":332,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/api/notice/list?key=ROLL_NOTICE","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:37.388Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"POST /api/notice/list?key=ROLL_NOTICE HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://ccyrpyypweb3.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:37 GMT\r\ncontent-type: application/json\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://ccyrpyypweb3.com\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=POEoN%2Fl4bSYVcH2ir82m2FG%2FuxYHQFy03x%2BTJep%2B9CUrVW3%2FMvMUluqaLBptT5wuW3laUzVlOnoqfPBP0KTQ8lxrHqwaA2N%2FdWCG%2BmZjflunnI4HcgtE7oWlmq9iyrbQajIm\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9e810d08ae2bb4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1787,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7327bf1304ac08395d18061c98544157","sha1":"50a75517245701ef77ce3b9589c17b224f890bbe","sha256":"39fb0dd738be42d0a80ec6b7c25f2328110afa4dd6fe835bf5f5c0601322f221","sha512":"e4f9125ced3f715901889262833ee66f45ad4feb577eab04ecba04f823119a527e5b1bcca0271140e827bd110a143102182de03bad4a8721fb6f6b4e9b5e8621","ssdeep":"","tlshash":"a231852637042e220b4511dbe1de39c4963e565b3380de3c04ae4b6cc2eb03e0b7b756","first_seen":"2026-04-06T13:14:18.541129Z","last_seen":"2026-04-06T13:14:18.541129Z","times_seen":1,"resource_available":false,"data":null}},"time_used":327,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":327,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"16.163.174.166:1559/chat/361.7b800287.chunk.css","fqdn":"16.163.174.166","domain":"16.163.174.166","tld":""},"ip":{"addr":"16.163.174.166","port":1559,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://16.163.174.166:1559/chat/index?channelId=01d1ee45fe184fb39829fa3a71336928\u0026autostart=0","date":"2026-04-06T13:13:37.647Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"16.163.174.166","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 11 Mar 2026 00:00:00 GMT","end":"Tue, 09 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C1:FE:83:28:7F:7B:34:DB:9B:19:22:87:1B:65:97:5F:42:FC:CB:2B","sha256":"0C:3A:87:DF:70:48:43:F9:44:A9:DE:87:D1:CD:4E:B3:BF:7A:08:6E:2F:DA:75:E5:70:BA:AB:9B:A1:E9:3D:2F"}}},"request":{"raw":"GET /chat/361.7b800287.chunk.css HTTP/1.1\r\nHost: 16.163.174.166:1559\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://16.163.174.166:1559/chat/index?channelId=01d1ee45fe184fb39829fa3a71336928\u0026autostart=0\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nalt-svc: h3=\":1559\"; ma=2592000\r\ncontent-encoding: br\r\ncontent-type: text/css\r\ndate: Mon, 06 Apr 2026 13:13:37 GMT\r\netag: W/\"69b3b6a4-c368\"\r\nlast-modified: Fri, 13 Mar 2026 07:03:00 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-frame-options: ALLOWALL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":50024,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (50023)","md5":"cf9ea15384a4d8e365a5a26e06e5826c","sha1":"4ee767f2847da1e0fe55e5075e9a69fc8aadde7c","sha256":"419ee89c776104805646f60475d39255b52faf79aadd99fad2cd5c156a531b8f","sha512":"e2e0f663505ae8a4e67d5939de8b2b350854a86771fd233a1b550e45e1e59620f2d451ae991055d342d2845110e9fd337b76a1a79ea6e0e4cf73f1c1bc6ef2ff","ssdeep":"768:POXCKUoQUkA4HpQk96Lqg4u9h1N5ob/R/A3+7zDCDj+z0WvFl9N/bb:PECKUoQUkA4Hpp0Lq7Q14b/R/A3+Xb","tlshash":"8e23e57efb047179a82bd63667d8e6cc4020b501db134beef467a12186c7bf71a61788","first_seen":"2025-12-03T22:48:55.745398Z","last_seen":"2026-04-06T13:14:18.542479Z","times_seen":5,"resource_available":false,"data":null}},"time_used":323,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":323,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-06T13:13:30.929Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:31 GMT\r\ncontent-type: text/html\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qMQG1srxL4KOLl2kEvbwL14L5pJ55eNyFhDYnxrLdgNXvUVz7G6jrjHd%2BmrRnBewhdib8q9vNrU1xo8FReT8l7HNbDRMrT2EXtK1t34MfzbRs00FVSNnojth9xWiMfuOxulC\"}]}\r\nlast-modified: Mon, 06 Apr 2026 13:11:00 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9e810ce07d987127-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5798,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1080)","md5":"77342168cd821e240bb4bbe7af446df0","sha1":"82356c4c3344ee904582c28f37cc64781631cd17","sha256":"95fb14c04a73636262b4b2f6bc3bd015b49b3317a4624368308798672add1278","sha512":"68c199f6060876026453d7c7e35f19e71cea1f0197b93697e782008b7ff7f985ddf3ce247d9b4fc04e85912e3f23aa0dcefb30d5c950cd84440fc2afaaad7272","ssdeep":"96:Tr82B15yKuc6e1qsNR+ist/Mar6jCZydHRH/I72mUsGqAiowGpuB1niHWiHFVH/w:TFLL6ehNQBZCxfe2nfj3bpuB1ni2ilVo","tlshash":"dac151a7adf0d81a2365122bdbebf0086e61518385198814b5cd91e98fd0fd688dbbb4","first_seen":"2026-04-06T13:14:18.543729Z","last_seen":"2026-04-06T13:14:18.543729Z","times_seen":1,"resource_available":true,"data":null}},"time_used":673,"timings":{"blocked":28,"dns":0,"connect":1,"send":0,"wait":616,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/assets/index-d7a988e6.css","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:31.730Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"GET /assets/index-d7a988e6.css HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:32 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Mon, 06 Apr 2026 13:11:00 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SI14Xq42iFSHY8Yd7Ttyda845XDsDv%2BACstMU9%2BWtKH8AA7Z3eio29QRgPygOtKIUmGgpV6Hvqtk5GdcHhXGJm%2BSYQHwxn2OqD5wgGOgaN%2FlhUIpdCXxNKMcZBWHtl234j%2FT\"}]}\r\netag: W/\"69d3b0e4-4ad05\"\r\ncontent-encoding: br\r\ncf-ray: 9e810ce54c29b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":306437,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65018), with no line terminators","md5":"dc695fd0eb41d9a21bc82e61c312be87","sha1":"bd46c6c7cc98a6671e52347dd6d195fa54260eaf","sha256":"d7a988e6e4c076c87f1e6880636ea8361da87820868021d406acda966844da10","sha512":"e4d42123d74ef1dd8f8e13bea7d506ad949a4b4a131ccef83ed63d12803bc1c89375056a667831d546ed24222c900fef3e5efd6839bcf8123dff1589b4d13a84","ssdeep":"6144:ndvxsaTJ03EkZ8w71ZACkFDS3vyf58rBeV05T2:dv1+3dZ8w71ZACkFDS3vyf58rBeV05T2","tlshash":"ff54d6a9a590117c6f27aa759bce5ad8f23ce6719c118de8f20160094fc3ff92363617","first_seen":"2026-04-06T13:14:18.544874Z","last_seen":"2026-04-06T13:14:18.544874Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1752,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":608,"receive":1144,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"16.163.174.166:1559/chat/widget.js","fqdn":"16.163.174.166","domain":"16.163.174.166","tld":""},"ip":{"addr":"16.163.174.166","port":1559,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:31.732Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"16.163.174.166","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 11 Mar 2026 00:00:00 GMT","end":"Tue, 09 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C1:FE:83:28:7F:7B:34:DB:9B:19:22:87:1B:65:97:5F:42:FC:CB:2B","sha256":"0C:3A:87:DF:70:48:43:F9:44:A9:DE:87:D1:CD:4E:B3:BF:7A:08:6E:2F:DA:75:E5:70:BA:AB:9B:A1:E9:3D:2F"}}},"request":{"raw":"GET /chat/widget.js HTTP/1.1\r\nHost: 16.163.174.166:1559\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nalt-svc: h3=\":1559\"; ma=2592000\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf8\r\ndate: Mon, 06 Apr 2026 13:13:32 GMT\r\netag: W/\"69b3b6a6-55b6\"\r\nlast-modified: Fri, 13 Mar 2026 07:03:02 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-frame-options: ALLOWALL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21942,"size_decoded":0,"mime_type":"application/javascript; charset=utf8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (21604)","md5":"eec1de0a208074fc69b016d4d28c79e2","sha1":"becbc08a7d78caff1051fe2a7fa809a490cdbe68","sha256":"719258bb65bde45627683b44b67dc702b78af5f656ee298b7d5f76f6c0e0a2cb","sha512":"6a99a3bfc9cf0e4924945d8a4b8416f3a5072dcb1e9a65b3606a82b1ee8ef70d7215f5d7f75d9ccc389a36bc9ccd2404f2826ae400b8bba5702c9b01a5670399","ssdeep":"384:ZSbp6o2pbPMSZ2ftlxvfFhfFkf8PRRY2B+unylsIylszASMv2l:g96oEEh5H3N3Kk6I2l","tlshash":"5ea293b0a5082f355306904c01b367442539a4afed229c7c7bb9ecfad2ecd88252fb75","first_seen":"2026-04-06T13:14:18.545942Z","last_seen":"2026-04-06T13:14:18.545942Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1580,"timings":{"blocked":628,"dns":0,"connect":312,"send":0,"wait":318,"receive":0,"ssl":318},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/assets/index-62945b3d.js","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:35.475Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"GET /assets/index-62945b3d.js HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:36 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Mon, 06 Apr 2026 13:11:00 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uc3sw1f6WbFp3Y8c3tR%2FW%2BdCEKxo59yUL4XQhGHpX3TpJKHM8ikwFFcVEU6U9ZaJH1WbD14bceF1GZ0VyDZzl26FWX65E5%2BZNswmOnDdHGz1lHVUBwoSA6NmsWXYKBwy7lk8\"}]}\r\netag: W/\"69d3b0e4-381d\"\r\ncontent-encoding: br\r\ncf-ray: 9e810cfcaf3bb4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14365,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (14364)","md5":"30a39a38923f5c20f0f027c7374d12ff","sha1":"772abb62c815378d5f9508b950a27020207ea36e","sha256":"2125e3aa8c46830cdce9cba77004f43b1a623e9e9d8623d9f9c249a33680a75d","sha512":"936d39279e92ae2afedb6daee53b3af888f4f2bd9e2be230abe7df04c578d9a13e149de653367e7f743acec2807800ae8011c0c4163b14f830a92e958fe2a61a","ssdeep":"384:MsDzbxQjxo1W0GFVLG6FfbrwXgx53jzgtpzr7oRNCQz:Mw5nSM6FfbZg/zr7oRNCq","tlshash":"5f52ca56f942eb3cf5b7e41140890011b62fbfda800949a2f5be6e467392eb8f79d704","first_seen":"2026-04-06T13:14:18.547122Z","last_seen":"2026-04-06T13:14:18.547122Z","times_seen":1,"resource_available":true,"data":null}},"time_used":940,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":650,"receive":290,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"16.163.174.166:1559/chat/umi.aa7d66f7.js","fqdn":"16.163.174.166","domain":"16.163.174.166","tld":""},"ip":{"addr":"16.163.174.166","port":1559,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://16.163.174.166:1559/chat/index?channelId=01d1ee45fe184fb39829fa3a71336928\u0026autostart=0","date":"2026-04-06T13:13:35.792Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"16.163.174.166","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 11 Mar 2026 00:00:00 GMT","end":"Tue, 09 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C1:FE:83:28:7F:7B:34:DB:9B:19:22:87:1B:65:97:5F:42:FC:CB:2B","sha256":"0C:3A:87:DF:70:48:43:F9:44:A9:DE:87:D1:CD:4E:B3:BF:7A:08:6E:2F:DA:75:E5:70:BA:AB:9B:A1:E9:3D:2F"}}},"request":{"raw":"GET /chat/umi.aa7d66f7.js HTTP/1.1\r\nHost: 16.163.174.166:1559\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://16.163.174.166:1559/chat/index?channelId=01d1ee45fe184fb39829fa3a71336928\u0026autostart=0\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nalt-svc: h3=\":1559\"; ma=2592000\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf8\r\ndate: Mon, 06 Apr 2026 13:13:35 GMT\r\netag: W/\"69b3b6a4-13f530\"\r\nlast-modified: Fri, 13 Mar 2026 07:03:00 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-frame-options: ALLOWALL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1307952,"size_decoded":0,"mime_type":"application/javascript; charset=utf8","magic":"JavaScript source, ASCII text, with very long lines (33130)","md5":"ca7db1ca989184e3b8f19f0a18a4a381","sha1":"8f50b0f52abd3f1630bfbc5d8f3d1031ec60b1a6","sha256":"f7eec9d8eaa9a55d93c8b479c288fa5cce813d56c557302f10c84dd0a53ae525","sha512":"ad3292dc017912bd77e64031974d5ce28abf3e85b061f1ad5b61637fe25bf8d56e7b8c966af6532d4e1860e8bf961fc4b11a9c1e5c48d54f98f02cd63d930510","ssdeep":"12288:UIIpMAjs7lKw64MPpOd8EcSByxFXQ+ZK///H:UIoMWsJk4MW8LXQ+UnH","tlshash":"4b254ccc72e670554a9320a0cc7b180fbd356e55900dd936e7bee9dbbaa440881b3b7d","first_seen":"2026-04-06T13:14:18.548602Z","last_seen":"2026-04-06T13:14:18.548602Z","times_seen":1,"resource_available":false,"data":null}},"time_used":319,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":319,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/assets/index-3a361772.js","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:36.418Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"GET /assets/index-3a361772.js HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:36 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Mon, 06 Apr 2026 13:11:00 GMT\r\nserver: cloudflare\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6%2FJcOQMU%2BUBhjOb4wQB5NogMuEtcY9D%2BCwNsxLFr3XaaETc6EW4iH9cY234aIYlUK3vzjNTwG7Koj9CsJByyX%2BM3uUQK2pZnZOR%2F%2FsCb7TrGBU9%2BZhQ4A0qKWUOyYxXQnzoE\"}]}\r\netag: W/\"69d3b0e4-14d6\"\r\ncontent-encoding: br\r\ncf-ray: 9e810d029de3b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5334,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (5329)","md5":"19541ffaa8e90c4891215392a1fc97f3","sha1":"2c76b6979557449fcf14f99c9701518bef90861b","sha256":"5da69c87d5b7ca5f0cd23110d379031b6e1df2feb0c76ece494d33df120241ef","sha512":"d98144fcfd2359710fdeb69c9b731812aef8efdbd63b11f5c15f1a754f6b3afbda336c0966cb85a1283cd9cfe4e8f30d43456cd900f9c3d1ecd5640ebc577ab3","ssdeep":"96:K50V1G7w5NNWUwbqCwT4deqD9b3cwDx4W0St9BfkmC3hrxE337NEalUjA:3I7w5uqCwT4EWbcwt4QtH8myhrS37NE4","tlshash":"5fb1969abc028979adbbd44544580011619c3bf7616d88b5f3fdad1ab7b4eb4d344332","first_seen":"2026-04-06T13:14:18.549687Z","last_seen":"2026-04-06T13:14:18.549687Z","times_seen":1,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exv.sgp1.vultrobjects.com/exv14542d4733f34fb8a18e6c77b96e64bf.png?2.0.1775480600067","fqdn":"exv.sgp1.vultrobjects.com","domain":"exv.sgp1.vultrobjects.com","tld":"sgp1.vultrobjects.com"},"ip":{"addr":"45.32.96.10","port":443,"asn":20473,"as":"AS-VULTR","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:37.327Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sgp1.vultrobjects.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 05:28:08 GMT","end":"Fri, 22 May 2026 05:28:07 GMT"},"fingerprint":{"sha1":"18:5F:88:67:27:3B:5E:12:4C:4C:03:EA:B5:AC:9C:D8:EA:51:96:E4","sha256":"88:71:78:C9:F7:3D:5F:06:21:DE:06:E2:F3:C2:C4:4A:D8:2C:77:2E:AA:8B:11:2B:87:37:4E:2F:84:27:F0:B9"}}},"request":{"raw":"GET /exv14542d4733f34fb8a18e6c77b96e64bf.png?2.0.1775480600067 HTTP/1.1\r\nHost: exv.sgp1.vultrobjects.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-length: 232\r\nbucket: exv\r\nx-amz-request-id: tx00000987d4d7a32e07cde-0069d3b181-539107255-sgp1\r\naccept-ranges: bytes\r\ncontent-type: application/xml\r\nserver: Ceph Object Gateway (tentacle)\r\ndate: Mon, 06 Apr 2026 13:13:37 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T01:11:48.314333Z","times_seen":13443173,"resource_available":true,"data":null}},"time_used":711,"timings":{"blocked":374,"dns":0,"connect":0,"send":0,"wait":337,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/assets/filters-ab0efca0.js","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:35.479Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"GET /assets/filters-ab0efca0.js HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:36 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Mon, 06 Apr 2026 13:11:00 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=666KDZmXx3PzAPsI6nJBWsvt1scdOg%2F0HNQbo6tvD9TeA3ogHiiramkKYIkrtRLrTczcX0EKFOIgaCoazv8npDyOcNrneugt6%2BOAh7dnqePt7y2Oz4XEVKg4zQnAIEWULQzm\"}]}\r\netag: W/\"69d3b0e4-c1f\"\r\ncontent-encoding: br\r\ncf-ray: 9e810cfcaf40b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3103,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3102)","md5":"244719c2dbf871d41e6b6cbf6c24c469","sha1":"938b7362416ecf59a5cfd8a7b5d5c1161fb28d93","sha256":"bf4a710d568e8eae6f2a68419abb1036c66b884cf6132e900d88ae7e2e2049a5","sha512":"9d0618017ccf695ed3b9c3c55dc005d24629bb7334e0c7953b4857ea8e00b998032f1dbf2f792bcc1c9d1b19610a89add71fe4d5286ff0aa62f54cf8e41c32cf","ssdeep":"","tlshash":"325133edf8d3a03356fd9de944188124728fbf1468af0a4df99be0456963888d07bb74","first_seen":"2026-04-06T13:14:18.521697Z","last_seen":"2026-04-06T13:14:18.521697Z","times_seen":1,"resource_available":true,"data":null}},"time_used":596,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":596,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exv.sgp1.vultrobjects.com/exv6e0e76b32b90483dbdb546f87f96b5bb.png?2.0.1775480600067","fqdn":"exv.sgp1.vultrobjects.com","domain":"exv.sgp1.vultrobjects.com","tld":"sgp1.vultrobjects.com"},"ip":{"addr":"45.32.96.10","port":443,"asn":20473,"as":"AS-VULTR","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:37.329Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sgp1.vultrobjects.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 05:28:08 GMT","end":"Fri, 22 May 2026 05:28:07 GMT"},"fingerprint":{"sha1":"18:5F:88:67:27:3B:5E:12:4C:4C:03:EA:B5:AC:9C:D8:EA:51:96:E4","sha256":"88:71:78:C9:F7:3D:5F:06:21:DE:06:E2:F3:C2:C4:4A:D8:2C:77:2E:AA:8B:11:2B:87:37:4E:2F:84:27:F0:B9"}}},"request":{"raw":"GET /exv6e0e76b32b90483dbdb546f87f96b5bb.png?2.0.1775480600067 HTTP/1.1\r\nHost: exv.sgp1.vultrobjects.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-length: 232\r\nbucket: exv\r\nx-amz-request-id: tx00000cea7872e769d4367-0069d3b181-539125359-sgp1\r\naccept-ranges: bytes\r\ncontent-type: application/xml\r\nserver: Ceph Object Gateway (tentacle)\r\ndate: Mon, 06 Apr 2026 13:13:37 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T01:11:48.314333Z","times_seen":13443173,"resource_available":true,"data":null}},"time_used":710,"timings":{"blocked":373,"dns":0,"connect":0,"send":0,"wait":337,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"16.163.174.166:1559/api/chat/visitor/channelInfo","fqdn":"16.163.174.166","domain":"16.163.174.166","tld":""},"ip":{"addr":"16.163.174.166","port":1559,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://16.163.174.166:1559/chat/index?channelId=01d1ee45fe184fb39829fa3a71336928\u0026autostart=0","date":"2026-04-06T13:13:38.162Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"16.163.174.166","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 11 Mar 2026 00:00:00 GMT","end":"Tue, 09 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C1:FE:83:28:7F:7B:34:DB:9B:19:22:87:1B:65:97:5F:42:FC:CB:2B","sha256":"0C:3A:87:DF:70:48:43:F9:44:A9:DE:87:D1:CD:4E:B3:BF:7A:08:6E:2F:DA:75:E5:70:BA:AB:9B:A1:E9:3D:2F"}}},"request":{"raw":"POST /api/chat/visitor/channelInfo HTTP/1.1\r\nHost: 16.163.174.166:1559\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://16.163.174.166:1559/chat/index?channelId=01d1ee45fe184fb39829fa3a71336928\u0026autostart=0\r\nContent-Type: application/json;charset=UTF-8\r\nContent-Length: 41\r\nOrigin: https://16.163.174.166:1559\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":41,"data":"{\"id\":\"01d1ee45fe184fb39829fa3a71336928\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nalt-svc: h3=\":1559\"; ma=2592000\r\ncontent-encoding: br\r\ncontent-type: application/json\r\ndate: Mon, 06 Apr 2026 13:13:38 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3817,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"910f4f9fd89f9de824e651d643d0bdf2","sha1":"75dd9557b5e1f1019d858b319c15fa447927eb51","sha256":"37e832bad8ecae542b523f179f0656841ee47b9cfd0272e2a9c89bf68aa031be","sha512":"47d95d5bc04fd323f22bdc9141144b7f0a92e925ed954a51fb9ee992e5d78c4ef585132517f31e69cce883e8335c321e427abf582cbe65b21325bc0f029bcb35","ssdeep":"","tlshash":"a7715194982c0d3322212463509f3d079a3d93e7ec441f68e52dabaa43ee6fc9707e55","first_seen":"2026-04-06T13:14:18.550963Z","last_seen":"2026-04-06T13:14:18.550963Z","times_seen":1,"resource_available":false,"data":null}},"time_used":325,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":325,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"ccyrpyypweb3.com/ws/0525559a-8d1b-4e41-842a-f2228a6877e4","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:35.379Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"GET /ws/0525559a-8d1b-4e41-842a-f2228a6877e4 HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://ccyrpyypweb3.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: m//57GrWQMc2/jRt9dZ6Tw==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 \r\nDate: Mon, 06 Apr 2026 13:13:36 GMT\r\nConnection: upgrade\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Origin: https://ccyrpyypweb3.com\r\nSec-Websocket-Accept: 9dXXqpcWGGjebfeWeEdDALFQx6A=\r\nSec-Websocket-Extensions: permessage-deflate\r\nUpgrade: websocket\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nX-Content-Type-Options: nosniff\r\nX-Xss-Protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=T6rO%2F8ypKeJ6I%2FEkWvA3P3nuS8vwJdZfUUKvgZ1AC1WQgUAeH95txDi21nsZ6o3FCUgFTNT7PxBdZFg1%2FlGWsZe42sTmd2AA%2BbBUGFLUXlgv3gbyuYJXBkXTlHn5WDMywwZP\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 9e810cfc5e4b56cb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=590\u0026min_rtt=544\u0026rtt_var=187\u0026sent=5\u0026recv=8\u0026lost=0\u0026retrans=0\u0026sent_bytes=3126\u0026recv_bytes=1199\u0026delivery_rate=6241379\u0026cwnd=53\u0026unsent_bytes=0\u0026cid=1496ad08235cf2a3\u0026ts=905\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T01:11:48.314333Z","times_seen":13443173,"resource_available":true,"data":null}},"time_used":950,"timings":{"blocked":0,"dns":20,"connect":20,"send":0,"wait":891,"receive":2,"ssl":37},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/assets/currencyItem-15550dda.css","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:35.473Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"GET /assets/currencyItem-15550dda.css HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:36 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Mon, 06 Apr 2026 13:11:00 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FWK0jcLmjmXHubQlTRLXyKtxdup6F9Wkr1UkXBCGcDsPKrBqeLczT%2Fs0AQhz9p62%2FbSWoNWMb18NEZTmHprkGEM3FrHbznLLg%2BcVj3yLdgNql4gQgYUJl5WiB678ExLzvjSM\"}]}\r\netag: W/\"69d3b0e4-6d6\"\r\ncontent-encoding: br\r\ncf-ray: 9e810cfcaf36b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1750,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1749)","md5":"0a88af6b4dca3c130c74addeb274fb10","sha1":"fb0c4b8a0f7b7c4bac8e193999f99b4070ffcfad","sha256":"15550dda13edd7fe55a2d29edacb7ba57f23f39ef10d087669c0f75facae0763","sha512":"5d046b442f0f471b2063fcd34fb68b1d95b79647ec7e50cf5290ebd866febcd12e9b890a1784512959c4f4a433d3f31d57540254b4e0abbb6f55dc7773677619","ssdeep":"","tlshash":"ed31c05457110375da3bc8866ea8010dc0d47fd1901765cae8afaa2b2ccfa931b7096b","first_seen":"2024-08-19T15:53:11.157884Z","last_seen":"2026-04-06T13:52:41.996879Z","times_seen":257,"resource_available":false,"data":null}},"time_used":605,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":605,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exv.sgp1.vultrobjects.com/exv04adb373e8aa4e9eb12d2fe5fbde5c5f.png?2.0.1775480600067","fqdn":"exv.sgp1.vultrobjects.com","domain":"exv.sgp1.vultrobjects.com","tld":"sgp1.vultrobjects.com"},"ip":{"addr":"45.32.96.10","port":443,"asn":20473,"as":"AS-VULTR","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:37.276Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sgp1.vultrobjects.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 05:28:08 GMT","end":"Fri, 22 May 2026 05:28:07 GMT"},"fingerprint":{"sha1":"18:5F:88:67:27:3B:5E:12:4C:4C:03:EA:B5:AC:9C:D8:EA:51:96:E4","sha256":"88:71:78:C9:F7:3D:5F:06:21:DE:06:E2:F3:C2:C4:4A:D8:2C:77:2E:AA:8B:11:2B:87:37:4E:2F:84:27:F0:B9"}}},"request":{"raw":"GET /exv04adb373e8aa4e9eb12d2fe5fbde5c5f.png?2.0.1775480600067 HTTP/1.1\r\nHost: exv.sgp1.vultrobjects.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-length: 232\r\nbucket: exv\r\nx-amz-request-id: tx000000a5ce2e606f594c3-0069d3b181-539125359-sgp1\r\naccept-ranges: bytes\r\ncontent-type: application/xml\r\nserver: Ceph Object Gateway (tentacle)\r\ndate: Mon, 06 Apr 2026 13:13:37 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T01:11:48.314333Z","times_seen":13443173,"resource_available":true,"data":null}},"time_used":1021,"timings":{"blocked":424,"dns":38,"connect":171,"send":0,"wait":172,"receive":0,"ssl":212},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/resource/images/light/tibi.png?2.0.1775480600067","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:37.294Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"GET /resource/images/light/tibi.png?2.0.1775480600067 HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:37 GMT\r\ncontent-type: image/png\r\ncontent-length: 8188\r\naccept-ranges: bytes\r\netag: \"69d3b0e4-1ffc\"\r\nlast-modified: Mon, 06 Apr 2026 13:11:00 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3ogdyVeBm85gB0NFbWai0bU4Kg3Vrbn6sU36CxUB4QEmRQ7pEYlrBeBA4OpRQedGC9C1ww7MjYYDLFe63Fddhz5EQEWsJ%2B5kA%2BptilDe9RI2YS8E0JeM8vZSn5StQOKxTjuh\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e810d081d80b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8188,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 245x225, components 3","md5":"4cd48a48cb07a9b2d0967a2078d3f4c8","sha1":"5bbd617e6e434cd198b1b73836e2e512de8afa7b","sha256":"0e56e17c22ab9e15351d0c286afcb091a121088929d990a6ee9fb2c16cef8c3b","sha512":"8527f5b430ab00c257c78665d02fa8a3760506e6df2b448171f9dbad8184fc15cda6c92c46470fa773a5ee8b534195de3fcb84e0477cba697278d91b1be5973c","ssdeep":"192:Ij7D5xi0SvRPbC4HkhY1GjH68PJW7tXtZjsN4n1XmfH:Ij7VxMvRTCfe+NoptWN4Nc","tlshash":"79f1af76c56bde025e6ee2a6c1ea6c1ccfc1f02cfb064b28f5c5756c6449293dc1c821","first_seen":"2026-04-06T13:14:18.553165Z","last_seen":"2026-04-06T13:14:18.553165Z","times_seen":1,"resource_available":false,"data":null}},"time_used":600,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":598,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exv.sgp1.vultrobjects.com/exvf6d244d250004d72bef8b4457fd920db.png?2.0.1775480600067","fqdn":"exv.sgp1.vultrobjects.com","domain":"exv.sgp1.vultrobjects.com","tld":"sgp1.vultrobjects.com"},"ip":{"addr":"45.32.96.10","port":443,"asn":20473,"as":"AS-VULTR","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:37.318Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sgp1.vultrobjects.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 05:28:08 GMT","end":"Fri, 22 May 2026 05:28:07 GMT"},"fingerprint":{"sha1":"18:5F:88:67:27:3B:5E:12:4C:4C:03:EA:B5:AC:9C:D8:EA:51:96:E4","sha256":"88:71:78:C9:F7:3D:5F:06:21:DE:06:E2:F3:C2:C4:4A:D8:2C:77:2E:AA:8B:11:2B:87:37:4E:2F:84:27:F0:B9"}}},"request":{"raw":"GET /exvf6d244d250004d72bef8b4457fd920db.png?2.0.1775480600067 HTTP/1.1\r\nHost: exv.sgp1.vultrobjects.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-length: 232\r\nbucket: exv\r\nx-amz-request-id: tx0000027f4003768a522d2-0069d3b181-539107255-sgp1\r\naccept-ranges: bytes\r\ncontent-type: application/xml\r\nserver: Ceph Object Gateway (tentacle)\r\ndate: Mon, 06 Apr 2026 13:13:37 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T01:11:48.314333Z","times_seen":13443173,"resource_available":true,"data":null}},"time_used":556,"timings":{"blocked":384,"dns":0,"connect":0,"send":0,"wait":172,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exv.sgp1.vultrobjects.com/exv5aae53c7a7894663b7ad31a2c80849e0.png?2.0.1775480600067","fqdn":"exv.sgp1.vultrobjects.com","domain":"exv.sgp1.vultrobjects.com","tld":"sgp1.vultrobjects.com"},"ip":{"addr":"45.32.96.10","port":443,"asn":20473,"as":"AS-VULTR","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:37.347Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sgp1.vultrobjects.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 05:28:08 GMT","end":"Fri, 22 May 2026 05:28:07 GMT"},"fingerprint":{"sha1":"18:5F:88:67:27:3B:5E:12:4C:4C:03:EA:B5:AC:9C:D8:EA:51:96:E4","sha256":"88:71:78:C9:F7:3D:5F:06:21:DE:06:E2:F3:C2:C4:4A:D8:2C:77:2E:AA:8B:11:2B:87:37:4E:2F:84:27:F0:B9"}}},"request":{"raw":"GET /exv5aae53c7a7894663b7ad31a2c80849e0.png?2.0.1775480600067 HTTP/1.1\r\nHost: exv.sgp1.vultrobjects.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-length: 232\r\nbucket: exv\r\nx-amz-request-id: tx00000b01d3ebd5f91dd1d-0069d3b181-539107255-sgp1\r\naccept-ranges: bytes\r\ncontent-type: application/xml\r\nserver: Ceph Object Gateway (tentacle)\r\ndate: Mon, 06 Apr 2026 13:13:37 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T01:11:48.314333Z","times_seen":13443173,"resource_available":true,"data":null}},"time_used":696,"timings":{"blocked":355,"dns":0,"connect":0,"send":0,"wait":341,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exv.sgp1.vultrobjects.com/exv3238d8ed36074ad9be1a276b555ae245.png?2.0.1775480600067","fqdn":"exv.sgp1.vultrobjects.com","domain":"exv.sgp1.vultrobjects.com","tld":"sgp1.vultrobjects.com"},"ip":{"addr":"45.32.96.10","port":443,"asn":20473,"as":"AS-VULTR","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:37.351Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sgp1.vultrobjects.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 05:28:08 GMT","end":"Fri, 22 May 2026 05:28:07 GMT"},"fingerprint":{"sha1":"18:5F:88:67:27:3B:5E:12:4C:4C:03:EA:B5:AC:9C:D8:EA:51:96:E4","sha256":"88:71:78:C9:F7:3D:5F:06:21:DE:06:E2:F3:C2:C4:4A:D8:2C:77:2E:AA:8B:11:2B:87:37:4E:2F:84:27:F0:B9"}}},"request":{"raw":"GET /exv3238d8ed36074ad9be1a276b555ae245.png?2.0.1775480600067 HTTP/1.1\r\nHost: exv.sgp1.vultrobjects.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-length: 232\r\nbucket: exv\r\nx-amz-request-id: tx000004398a2b52562f340-0069d3b181-539125359-sgp1\r\naccept-ranges: bytes\r\ncontent-type: application/xml\r\nserver: Ceph Object Gateway (tentacle)\r\ndate: Mon, 06 Apr 2026 13:13:37 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T01:11:48.314333Z","times_seen":13443173,"resource_available":true,"data":null}},"time_used":692,"timings":{"blocked":353,"dns":0,"connect":0,"send":0,"wait":339,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exv.sgp1.vultrobjects.com/exvd1356aa863aa45ebb5c8fcfe0024a7dd.png?2.0.1775480600067","fqdn":"exv.sgp1.vultrobjects.com","domain":"exv.sgp1.vultrobjects.com","tld":"sgp1.vultrobjects.com"},"ip":{"addr":"45.32.96.10","port":443,"asn":20473,"as":"AS-VULTR","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:37.285Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sgp1.vultrobjects.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 05:28:08 GMT","end":"Fri, 22 May 2026 05:28:07 GMT"},"fingerprint":{"sha1":"18:5F:88:67:27:3B:5E:12:4C:4C:03:EA:B5:AC:9C:D8:EA:51:96:E4","sha256":"88:71:78:C9:F7:3D:5F:06:21:DE:06:E2:F3:C2:C4:4A:D8:2C:77:2E:AA:8B:11:2B:87:37:4E:2F:84:27:F0:B9"}}},"request":{"raw":"GET /exvd1356aa863aa45ebb5c8fcfe0024a7dd.png?2.0.1775480600067 HTTP/1.1\r\nHost: exv.sgp1.vultrobjects.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-length: 232\r\nbucket: exv\r\nx-amz-request-id: tx00000f88468e517f7523e-0069d3b181-539125359-sgp1\r\naccept-ranges: bytes\r\ncontent-type: application/xml\r\nserver: Ceph Object Gateway (tentacle)\r\ndate: Mon, 06 Apr 2026 13:13:37 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T01:11:48.314333Z","times_seen":13443173,"resource_available":true,"data":null}},"time_used":1165,"timings":{"blocked":428,"dns":5,"connect":173,"send":0,"wait":333,"receive":0,"ssl":210},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exv.sgp1.vultrobjects.com/exv720c3a568ce64d778315abacc9a3c733.png?2.0.1775480600067","fqdn":"exv.sgp1.vultrobjects.com","domain":"exv.sgp1.vultrobjects.com","tld":"sgp1.vultrobjects.com"},"ip":{"addr":"45.32.96.10","port":443,"asn":20473,"as":"AS-VULTR","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:37.345Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sgp1.vultrobjects.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 05:28:08 GMT","end":"Fri, 22 May 2026 05:28:07 GMT"},"fingerprint":{"sha1":"18:5F:88:67:27:3B:5E:12:4C:4C:03:EA:B5:AC:9C:D8:EA:51:96:E4","sha256":"88:71:78:C9:F7:3D:5F:06:21:DE:06:E2:F3:C2:C4:4A:D8:2C:77:2E:AA:8B:11:2B:87:37:4E:2F:84:27:F0:B9"}}},"request":{"raw":"GET /exv720c3a568ce64d778315abacc9a3c733.png?2.0.1775480600067 HTTP/1.1\r\nHost: exv.sgp1.vultrobjects.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-length: 232\r\nbucket: exv\r\nx-amz-request-id: tx00000f2796a83389ddf5d-0069d3b181-539125359-sgp1\r\naccept-ranges: bytes\r\ncontent-type: application/xml\r\nserver: Ceph Object Gateway (tentacle)\r\ndate: Mon, 06 Apr 2026 13:13:37 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T01:11:48.314333Z","times_seen":13443173,"resource_available":true,"data":null}},"time_used":698,"timings":{"blocked":357,"dns":0,"connect":0,"send":0,"wait":341,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/assets/index-62945b3d.js","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:36.089Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"GET /assets/index-62945b3d.js HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:36 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Mon, 06 Apr 2026 13:11:00 GMT\r\nserver: cloudflare\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HENwyqUhzQlpLkGRMi6vk4rDVDQF7XUIq%2FCSCtaBEKoqrrZpXhWRPvqEFbCS4kf3jouthtidmdi%2BvWihUucEJ9RCGblHHR9ak7MxDNmP6zxL%2BZlgrpRWMz5QOBVYkxFSelLX\"}]}\r\netag: W/\"69d3b0e4-381d\"\r\ncontent-encoding: br\r\ncf-ray: 9e810d008bb3b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14365,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (14364)","md5":"30a39a38923f5c20f0f027c7374d12ff","sha1":"772abb62c815378d5f9508b950a27020207ea36e","sha256":"2125e3aa8c46830cdce9cba77004f43b1a623e9e9d8623d9f9c249a33680a75d","sha512":"936d39279e92ae2afedb6daee53b3af888f4f2bd9e2be230abe7df04c578d9a13e149de653367e7f743acec2807800ae8011c0c4163b14f830a92e958fe2a61a","ssdeep":"384:MsDzbxQjxo1W0GFVLG6FfbrwXgx53jzgtpzr7oRNCQz:Mw5nSM6FfbZg/zr7oRNCq","tlshash":"5f52ca56f942eb3cf5b7e41140890011b62fbfda800949a2f5be6e467392eb8f79d704","first_seen":"2026-04-06T13:14:18.547122Z","last_seen":"2026-04-06T13:14:18.547122Z","times_seen":1,"resource_available":true,"data":null}},"time_used":315,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":25,"receive":290,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/assets/currencyItem-445df43f.js","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:35.480Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"GET /assets/currencyItem-445df43f.js HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:36 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Mon, 06 Apr 2026 13:11:00 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PXf2czfX09Eq%2FWweObYWsr0MfluUmFiQFp6nuvyyLdGgpXKJgHRCipqTB3ewlCnNZ4q%2B7pquZjgoAkUyRucLcFzkUXNuKRz5qBw6608pNX0w%2Bgaaw63WIwXAgT%2F4v1rFOJlG\"}]}\r\netag: W/\"69d3b0e4-4b6\"\r\ncontent-encoding: br\r\ncf-ray: 9e810cfcbf44b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1206,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1205)","md5":"47dcba4297508c24957aa918cbaae656","sha1":"61d997791c8e0efbb8800df532314c46737ade84","sha256":"7698dbd564673335a80cbf4a0aa3eda8349cbdd7c8ddd3dbff741a082c1fc3d2","sha512":"003631c29c20e3af85e023d4b01e7ede1e886befd2b494ba04159822a7d36b30f221409c6e41bb92e77e771cacf2703ab1e32e0575df1b65385d219e47a8cb54","ssdeep":"","tlshash":"6c21dc9aae02c7b1cbbe9062c5bd0414131d7fea700181c1fbed148a7b8a5fcd728a31","first_seen":"2026-04-06T13:14:18.506987Z","last_seen":"2026-04-06T13:14:18.506987Z","times_seen":1,"resource_available":true,"data":null}},"time_used":641,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":641,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exv.sgp1.vultrobjects.com/exve528cffad8e44436b776665ee72fe8a3.png?2.0.1775480600067","fqdn":"exv.sgp1.vultrobjects.com","domain":"exv.sgp1.vultrobjects.com","tld":"sgp1.vultrobjects.com"},"ip":{"addr":"45.32.96.10","port":443,"asn":20473,"as":"AS-VULTR","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:37.310Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sgp1.vultrobjects.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 05:28:08 GMT","end":"Fri, 22 May 2026 05:28:07 GMT"},"fingerprint":{"sha1":"18:5F:88:67:27:3B:5E:12:4C:4C:03:EA:B5:AC:9C:D8:EA:51:96:E4","sha256":"88:71:78:C9:F7:3D:5F:06:21:DE:06:E2:F3:C2:C4:4A:D8:2C:77:2E:AA:8B:11:2B:87:37:4E:2F:84:27:F0:B9"}}},"request":{"raw":"GET /exve528cffad8e44436b776665ee72fe8a3.png?2.0.1775480600067 HTTP/1.1\r\nHost: exv.sgp1.vultrobjects.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-length: 232\r\nbucket: exv\r\nx-amz-request-id: tx00000a06c66d5d7f7abf4-0069d3b181-539125359-sgp1\r\naccept-ranges: bytes\r\ncontent-type: application/xml\r\nserver: Ceph Object Gateway (tentacle)\r\ndate: Mon, 06 Apr 2026 13:13:37 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T01:11:48.314333Z","times_seen":13443173,"resource_available":true,"data":null}},"time_used":1140,"timings":{"blocked":407,"dns":0,"connect":184,"send":0,"wait":329,"receive":0,"ssl":217},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exv.sgp1.vultrobjects.com/exv53b569b6d23c488aaa623e8b0532ada1.png?2.0.1775480600067","fqdn":"exv.sgp1.vultrobjects.com","domain":"exv.sgp1.vultrobjects.com","tld":"sgp1.vultrobjects.com"},"ip":{"addr":"45.32.96.10","port":443,"asn":20473,"as":"AS-VULTR","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:37.313Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sgp1.vultrobjects.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 05:28:08 GMT","end":"Fri, 22 May 2026 05:28:07 GMT"},"fingerprint":{"sha1":"18:5F:88:67:27:3B:5E:12:4C:4C:03:EA:B5:AC:9C:D8:EA:51:96:E4","sha256":"88:71:78:C9:F7:3D:5F:06:21:DE:06:E2:F3:C2:C4:4A:D8:2C:77:2E:AA:8B:11:2B:87:37:4E:2F:84:27:F0:B9"}}},"request":{"raw":"GET /exv53b569b6d23c488aaa623e8b0532ada1.png?2.0.1775480600067 HTTP/1.1\r\nHost: exv.sgp1.vultrobjects.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-length: 232\r\nbucket: exv\r\nx-amz-request-id: tx00000172f0b3bc6594cc6-0069d3b181-539107255-sgp1\r\naccept-ranges: bytes\r\ncontent-type: application/xml\r\nserver: Ceph Object Gateway (tentacle)\r\ndate: Mon, 06 Apr 2026 13:13:37 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T01:11:48.314333Z","times_seen":13443173,"resource_available":true,"data":null}},"time_used":559,"timings":{"blocked":388,"dns":0,"connect":0,"send":0,"wait":171,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exv.sgp1.vultrobjects.com/exv0cecd114601e4a70b79b07d47ab8406d.png?2.0.1775480600067","fqdn":"exv.sgp1.vultrobjects.com","domain":"exv.sgp1.vultrobjects.com","tld":"sgp1.vultrobjects.com"},"ip":{"addr":"45.32.96.10","port":443,"asn":20473,"as":"AS-VULTR","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:37.344Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sgp1.vultrobjects.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 05:28:08 GMT","end":"Fri, 22 May 2026 05:28:07 GMT"},"fingerprint":{"sha1":"18:5F:88:67:27:3B:5E:12:4C:4C:03:EA:B5:AC:9C:D8:EA:51:96:E4","sha256":"88:71:78:C9:F7:3D:5F:06:21:DE:06:E2:F3:C2:C4:4A:D8:2C:77:2E:AA:8B:11:2B:87:37:4E:2F:84:27:F0:B9"}}},"request":{"raw":"GET /exv0cecd114601e4a70b79b07d47ab8406d.png?2.0.1775480600067 HTTP/1.1\r\nHost: exv.sgp1.vultrobjects.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-length: 232\r\nbucket: exv\r\nx-amz-request-id: tx00000545ca4ddcb269f4d-0069d3b181-539107255-sgp1\r\naccept-ranges: bytes\r\ncontent-type: application/xml\r\nserver: Ceph Object Gateway (tentacle)\r\ndate: Mon, 06 Apr 2026 13:13:37 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T01:11:48.314333Z","times_seen":13443173,"resource_available":true,"data":null}},"time_used":701,"timings":{"blocked":368,"dns":0,"connect":0,"send":0,"wait":333,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/resource/fonts/DINOT-Medium.otf","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:37.357Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"GET /resource/fonts/DINOT-Medium.otf HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ccyrpyypweb3.com/assets/index-d7a988e6.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:37 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 73096\r\naccept-ranges: bytes\r\netag: \"69d3b0e4-11d88\"\r\nlast-modified: Mon, 06 Apr 2026 13:11:00 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ACrd78Pkih%2BetA9KaAIlTc9YwS8wI8aAdI0ECIfO22dxU2wPXOwmieDIkqhSSR%2Fu3Fq6D4e%2FJXiVQXEnzJZGaPjg4zT93hathKcW3L1pcQ52hblc2a9MTk7NwiC5EKXIcSM4\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e810d087de6b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":73096,"size_decoded":0,"mime_type":"application/octet-stream","magic":"OpenType font data","md5":"ab876400560626fbe045633dc44f0748","sha1":"85bbfb1729e86f40ddc9af7197b5f54ed6136226","sha256":"5888b24f6b65ff7c989b4a258dbeb5d997320d61417371210da0258be21d854d","sha512":"82e96ade51b0570c1f691ba45d1a3c0802015dad7598954675c4abe2fa8a9fc705adbe6eb5e677aa5cc03b6704e594cfe99279c678855ebbbcbade6d5028dbd6","ssdeep":"1536:TlK/cP2D2oV7otQjBG1+acfZZHHDEdom1hvd5JItkB7k3Z:TKQQtG1yZSdomrvpIqcZ","tlshash":"0b636f031d4fb9548de4513a52de4ea34bb39ecc1ca493c30ae12d938fece6657152ae","first_seen":"2023-08-16T00:37:20Z","last_seen":"2026-04-06T20:00:07.044826Z","times_seen":594,"resource_available":false,"data":null}},"time_used":896,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":325,"receive":571,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"16.163.174.166:1559/chat/layouts__index.92b841f4.async.js","fqdn":"16.163.174.166","domain":"16.163.174.166","tld":""},"ip":{"addr":"16.163.174.166","port":1559,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://16.163.174.166:1559/chat/index?channelId=01d1ee45fe184fb39829fa3a71336928\u0026autostart=0","date":"2026-04-06T13:13:37.659Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"16.163.174.166","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 11 Mar 2026 00:00:00 GMT","end":"Tue, 09 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C1:FE:83:28:7F:7B:34:DB:9B:19:22:87:1B:65:97:5F:42:FC:CB:2B","sha256":"0C:3A:87:DF:70:48:43:F9:44:A9:DE:87:D1:CD:4E:B3:BF:7A:08:6E:2F:DA:75:E5:70:BA:AB:9B:A1:E9:3D:2F"}}},"request":{"raw":"GET /chat/layouts__index.92b841f4.async.js HTTP/1.1\r\nHost: 16.163.174.166:1559\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://16.163.174.166:1559/chat/index?channelId=01d1ee45fe184fb39829fa3a71336928\u0026autostart=0\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nalt-svc: h3=\":1559\"; ma=2592000\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf8\r\ndate: Mon, 06 Apr 2026 13:13:37 GMT\r\netag: W/\"69b3b6a4-cb2f\"\r\nlast-modified: Fri, 13 Mar 2026 07:03:00 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-frame-options: ALLOWALL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":52015,"size_decoded":0,"mime_type":"application/javascript; charset=utf8","magic":"JavaScript source, ASCII text, with very long lines (52014)","md5":"c0a20842e578a321e0ffa1a4e1476c2e","sha1":"457d61a9bec2d8e08f60d82ade34b883eceb90a1","sha256":"16862b50bc64aa8bccf598c493e10dc4472d5ffe58a39771dc13fb7a1c8bd6e7","sha512":"250ff44fc9a7915fe38e20de44c5be6031c2ad38b0c3cc0e27aaf178501c4e3551f89c02564c62d01a1bc4e61f370a9a61bd10b03e5ef818a713ce44bd733aea","ssdeep":"768:qO7OLsi4fmxY+DAOAilRInRkl0dhJO3RDdCwT5+NEZHypwOtfPDIpoBOB5oBOBwE:KTtAs+vIdT+6+xNQo05o0wYb","tlshash":"b733e9fe53788bac78834e79ff22a475a31f91a839914a90657eca7012d35ccf54bd80","first_seen":"2026-04-06T13:14:18.555129Z","last_seen":"2026-04-06T13:14:18.555129Z","times_seen":1,"resource_available":true,"data":null}},"time_used":319,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":319,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exv.sgp1.vultrobjects.com/exv1a84eb85546b40b4bda3609a3320b5ab.png?2.0.1775480600067","fqdn":"exv.sgp1.vultrobjects.com","domain":"exv.sgp1.vultrobjects.com","tld":"sgp1.vultrobjects.com"},"ip":{"addr":"45.32.96.10","port":443,"asn":20473,"as":"AS-VULTR","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:37.732Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sgp1.vultrobjects.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 05:28:08 GMT","end":"Fri, 22 May 2026 05:28:07 GMT"},"fingerprint":{"sha1":"18:5F:88:67:27:3B:5E:12:4C:4C:03:EA:B5:AC:9C:D8:EA:51:96:E4","sha256":"88:71:78:C9:F7:3D:5F:06:21:DE:06:E2:F3:C2:C4:4A:D8:2C:77:2E:AA:8B:11:2B:87:37:4E:2F:84:27:F0:B9"}}},"request":{"raw":"GET /exv1a84eb85546b40b4bda3609a3320b5ab.png?2.0.1775480600067 HTTP/1.1\r\nHost: exv.sgp1.vultrobjects.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-length: 232\r\nbucket: exv\r\nx-amz-request-id: tx00000588e10764b7ec72f-0069d3b181-539107255-sgp1\r\naccept-ranges: bytes\r\ncontent-type: application/xml\r\nserver: Ceph Object Gateway (tentacle)\r\ndate: Mon, 06 Apr 2026 13:13:37 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T01:11:48.314333Z","times_seen":13443173,"resource_available":true,"data":null}},"time_used":313,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":313,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/platform/dev/config.js?1775481215386","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:35.394Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"GET /platform/dev/config.js?1775481215386 HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:36 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Mon, 06 Apr 2026 13:11:00 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ipwBnmlFHeMGUKvK0%2FjazBSAqTRok%2BEBkr2Y8qf0NZcAOVPCn3cZ5haffg3Ynzg6aSEkREK467FWzoXmiaEQj%2BabXtD8ub8wtjgq3AAPeruvq5Yf79MMGax3JvQSsZGAvyJy\"}]}\r\netag: W/\"69d3b0e4-17e\"\r\ncontent-encoding: br\r\ncf-ray: 9e810cfc3eb2b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":382,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"e5b2d14d21bf45992ec083408f892f36","sha1":"ea0676026f6951a8f24bd9d0ecae136eb148fa49","sha256":"600378e8acb9d09724ad658249830e95de4a79579f9d12eaa2d4668d2755ba1c","sha512":"93f487b83bcb716539d3dff7e7f3ed3012bb69ea2fb62e778d327ed589bc4a7113dd7b77c0e71278020613d2cc326c52e19ccbc874bc4ce055bf432cae3c1d7e","ssdeep":"","tlshash":"fee0f8fb3238c1b050809e1a2cec502bf3db25738c9c0a2ef484aa082e4de6c217c090","first_seen":"2025-06-03T16:32:00.298116Z","last_seen":"2026-04-06T13:14:18.556283Z","times_seen":6,"resource_available":false,"data":null}},"time_used":636,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":636,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"16.163.174.166:1559/chat/static/new-msg.37a9fd9b.mp3","fqdn":"16.163.174.166","domain":"16.163.174.166","tld":""},"ip":{"addr":"16.163.174.166","port":1559,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://16.163.174.166:1559/chat/index?channelId=01d1ee45fe184fb39829fa3a71336928\u0026autostart=0","date":"2026-04-06T13:13:38.445Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"16.163.174.166","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 11 Mar 2026 00:00:00 GMT","end":"Tue, 09 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C1:FE:83:28:7F:7B:34:DB:9B:19:22:87:1B:65:97:5F:42:FC:CB:2B","sha256":"0C:3A:87:DF:70:48:43:F9:44:A9:DE:87:D1:CD:4E:B3:BF:7A:08:6E:2F:DA:75:E5:70:BA:AB:9B:A1:E9:3D:2F"}}},"request":{"raw":"GET /chat/static/new-msg.37a9fd9b.mp3 HTTP/1.1\r\nHost: 16.163.174.166:1559\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://16.163.174.166:1559/chat/index?channelId=01d1ee45fe184fb39829fa3a71336928\u0026autostart=0\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nalt-svc: h3=\":1559\"; ma=2592000\r\ncontent-range: bytes 0-88859/88860\r\ncontent-type: audio/mpeg\r\ndate: Mon, 06 Apr 2026 13:13:38 GMT\r\netag: \"69b3b6a4-15b1c\"\r\nlast-modified: Fri, 13 Mar 2026 07:03:00 GMT\r\nvia: 1.1 Caddy\r\nx-frame-options: ALLOWALL\r\ncontent-length: 88860\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":null,"data":{"size":88860,"size_decoded":0,"mime_type":"audio/mpeg","magic":"Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 320 kbps, 44.1 kHz, Stereo","md5":"9dc3f81cca1f16a596bafe8ca88ff9a9","sha1":"3c275868badc45723330617e4cafa492c548b13c","sha256":"b41817848525013ae4e71a48b5aeacdf057e46c52a13e12aed04edc975c4f305","sha512":"962e8bbf682ab04160084f101878e6e7ccd88e0fb4a270a88ae2be4c22e67c86ae23228032b0ea3a07d64f6cd1c5ae4e7deeb8c2db746c055c649de67ab68f48","ssdeep":"1536:1Uo2Ky0jDoeMCi7jzX+aMZdPzOCbkrRULKci+mTvKs6vjahXa/gX54:KlZ0jDoqqT+9ZIlz+uys6v6aop4","tlshash":"0b9312bb01e46f3fe58fa9bf0e272fe997b96490855855c8a088933e1cf350317265b4","first_seen":"2025-12-03T22:48:55.742032Z","last_seen":"2026-04-06T13:14:18.557956Z","times_seen":5,"resource_available":false,"data":null}},"time_used":336,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":319,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/resource/fonts/Arial.ttf","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:33.524Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"GET /resource/fonts/Arial.ttf HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ccyrpyypweb3.com/assets/index-d7a988e6.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:34 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 1047012\r\naccept-ranges: bytes\r\netag: \"69d3b0e4-ff9e4\"\r\nlast-modified: Mon, 06 Apr 2026 13:11:00 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ys19ryrhp7bmAETsa6iQVDWPr8C%2BhprNkG5auviiPrH7b2XIjR5FcgpzVEC9NLUPYfKer%2F6Sua43waPQPlYY9IHKcCFCdqcmDTh5jA5lMQR4WgJFKQfduidyu6IFJoCwBkNd\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e810cf088d1b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1047012,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, digitally signed, 25 tables, 1st \"DSIG\", 58 names, Unicode, � 2017 The Monotype Corporation. All Rights Reserved. ","md5":"ffe66dbfc4b07f36ef38dd621ad2c7cc","sha1":"e032b102cfc37c3226d17e1b462edea5fbf8fe1c","sha256":"c1216a01b3cc4e94df72577a6f618154058a1d8999ed58fa31ab7e54c7e4be4b","sha512":"3c7952b71c8117938c5284efca0e0b3e8c20d7b84c74a4890f76a72af3b26295786b0f7c33d9b6c980527b4c4c8dad628d1f5e7e5f202d11076367f082349bb3","ssdeep":"24576:NoQIQRjo/Y7wjgTmKJ4WxA7EAD4OBfDamXKE6AMra:NHIQJo/Y7wjgTm0PxAwJHE6hG","tlshash":"f125be0bf3929f0fe3902b38c9a5d761939b76189b2743b73d8c5858ecc85a45e487d2","first_seen":"2023-07-29T15:16:45Z","last_seen":"2026-04-06T13:54:01.043069Z","times_seen":856,"resource_available":false,"data":null}},"time_used":2353,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":604,"receive":1749,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/assets/index-0438b282.css","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:35.465Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"GET /assets/index-0438b282.css HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:36 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Mon, 06 Apr 2026 13:11:00 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EmOkyputIAsvyX9aPCbsxJarBvBuSQToTGyqeEpdO%2BLLeSJEPWNfLs4OGVzqY3Caq1ndqvBzThupBUNx0vM%2B2RJ9GgFKVbWK1u51nRPFo82GK9scoP9GPHwSq6LoVPHwACvC\"}]}\r\netag: W/\"69d3b0e4-3d\"\r\ncontent-encoding: br\r\ncf-ray: 9e810cfcaf2eb4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":61,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"02954d07281388592dca042e4d2ff064","sha1":"40195899cef8df4ac4eb2c071d65cc7863a70734","sha256":"0438b28256556a67bdf8d73f2e9c61babf852cf67e603b8e4544323d3a20ae13","sha512":"ecc94f0834a811531edd8f0ec856ae43f882b245ed73f61f7898c6380748fd194a6705f0ba5591a1b8e81928bf12778ed38301215de7136c76d884ea44708850","ssdeep":"","tlshash":"66a0023e12196514b2225701ff0aed0dde38f963da919214a7061ca135cba1e2a5820a","first_seen":"2025-10-19T06:46:59.279903Z","last_seen":"2026-04-06T13:14:18.559783Z","times_seen":2,"resource_available":false,"data":null}},"time_used":588,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":588,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exv.sgp1.vultrobjects.com/exv697425e8aa3e402881ddf3907f90a4b2.png?2.0.1775480600067","fqdn":"exv.sgp1.vultrobjects.com","domain":"exv.sgp1.vultrobjects.com","tld":"sgp1.vultrobjects.com"},"ip":{"addr":"45.32.96.10","port":443,"asn":20473,"as":"AS-VULTR","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:37.279Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sgp1.vultrobjects.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 05:28:08 GMT","end":"Fri, 22 May 2026 05:28:07 GMT"},"fingerprint":{"sha1":"18:5F:88:67:27:3B:5E:12:4C:4C:03:EA:B5:AC:9C:D8:EA:51:96:E4","sha256":"88:71:78:C9:F7:3D:5F:06:21:DE:06:E2:F3:C2:C4:4A:D8:2C:77:2E:AA:8B:11:2B:87:37:4E:2F:84:27:F0:B9"}}},"request":{"raw":"GET /exv697425e8aa3e402881ddf3907f90a4b2.png?2.0.1775480600067 HTTP/1.1\r\nHost: exv.sgp1.vultrobjects.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-length: 232\r\nbucket: exv\r\nx-amz-request-id: tx000005248397fbe4e79ff-0069d3b181-539125359-sgp1\r\naccept-ranges: bytes\r\ncontent-type: application/xml\r\nserver: Ceph Object Gateway (tentacle)\r\ndate: Mon, 06 Apr 2026 13:13:37 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T01:11:48.314333Z","times_seen":13443173,"resource_available":true,"data":null}},"time_used":1198,"timings":{"blocked":433,"dns":34,"connect":173,"send":0,"wait":332,"receive":0,"ssl":210},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exv.sgp1.vultrobjects.com/exv3c3ba605479d493cb1b47891cb8bc9ba.png?2.0.1775480600067","fqdn":"exv.sgp1.vultrobjects.com","domain":"exv.sgp1.vultrobjects.com","tld":"sgp1.vultrobjects.com"},"ip":{"addr":"45.32.96.10","port":443,"asn":20473,"as":"AS-VULTR","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:37.343Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sgp1.vultrobjects.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 05:28:08 GMT","end":"Fri, 22 May 2026 05:28:07 GMT"},"fingerprint":{"sha1":"18:5F:88:67:27:3B:5E:12:4C:4C:03:EA:B5:AC:9C:D8:EA:51:96:E4","sha256":"88:71:78:C9:F7:3D:5F:06:21:DE:06:E2:F3:C2:C4:4A:D8:2C:77:2E:AA:8B:11:2B:87:37:4E:2F:84:27:F0:B9"}}},"request":{"raw":"GET /exv3c3ba605479d493cb1b47891cb8bc9ba.png?2.0.1775480600067 HTTP/1.1\r\nHost: exv.sgp1.vultrobjects.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-length: 232\r\nbucket: exv\r\nx-amz-request-id: tx00000b4815000d95469a1-0069d3b181-539107255-sgp1\r\naccept-ranges: bytes\r\ncontent-type: application/xml\r\nserver: Ceph Object Gateway (tentacle)\r\ndate: Mon, 06 Apr 2026 13:13:37 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T01:11:48.314333Z","times_seen":13443173,"resource_available":true,"data":null}},"time_used":700,"timings":{"blocked":359,"dns":0,"connect":0,"send":0,"wait":341,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"exv.sgp1.vultrobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/api/common/type/defi_activity_type","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:37.392Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"POST /api/common/type/defi_activity_type HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://ccyrpyypweb3.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:37 GMT\r\ncontent-type: application/json\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://ccyrpyypweb3.com\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YewW6HP7%2F26BOQq2N%2FZdm8OfGSx7KrLcTG5DQGKgnFCmlfG9LgXO8rP6kE%2BbYUXoxQ9vnmeBXGP2AtB7qZqSz7EW8EFrlEoN2RttLdyfEDeJDhn2W8LHRORb5IH6k3%2FU1VRj\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9e810d08ae33b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":649,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"65a19574bc643ea8b71aa8bea6688c63","sha1":"4feaffca809cba829c0c6d707b7198c6efdec2e8","sha256":"c81a45b9728e559aade86dacc887c583b35d1bbe0a40417a9f42636497d67613","sha512":"8e9c3bca9240efcbc93e3a71b689117a32df044a957de5bd9358c5497126a4e21f3b85ad8c4bc71a83326ccb594a1c2938a858a8a2dd865fb569276be0e63731","ssdeep":"","tlshash":"0cf02854393dddbf098b25e345ec7c043a9d193b94a0fca05dab4f3c5ae4171048e208","first_seen":"2026-04-06T13:14:18.561315Z","last_seen":"2026-04-06T13:14:18.561315Z","times_seen":1,"resource_available":false,"data":null}},"time_used":605,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":605,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"16.163.174.166:1559/chat/p__app.b56ca30e.chunk.css","fqdn":"16.163.174.166","domain":"16.163.174.166","tld":""},"ip":{"addr":"16.163.174.166","port":1559,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://16.163.174.166:1559/chat/index?channelId=01d1ee45fe184fb39829fa3a71336928\u0026autostart=0","date":"2026-04-06T13:13:38.136Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"16.163.174.166","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 11 Mar 2026 00:00:00 GMT","end":"Tue, 09 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C1:FE:83:28:7F:7B:34:DB:9B:19:22:87:1B:65:97:5F:42:FC:CB:2B","sha256":"0C:3A:87:DF:70:48:43:F9:44:A9:DE:87:D1:CD:4E:B3:BF:7A:08:6E:2F:DA:75:E5:70:BA:AB:9B:A1:E9:3D:2F"}}},"request":{"raw":"GET /chat/p__app.b56ca30e.chunk.css HTTP/1.1\r\nHost: 16.163.174.166:1559\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://16.163.174.166:1559/chat/index?channelId=01d1ee45fe184fb39829fa3a71336928\u0026autostart=0\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nalt-svc: h3=\":1559\"; ma=2592000\r\ncontent-encoding: br\r\ncontent-type: text/css\r\ndate: Mon, 06 Apr 2026 13:13:38 GMT\r\netag: W/\"69b3b6a4-6632\"\r\nlast-modified: Fri, 13 Mar 2026 07:03:00 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-frame-options: ALLOWALL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":26162,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (26161)","md5":"b593887c4e747f1bddc50eade1c72991","sha1":"957fd78d3cec92fde92b2031a9122fc8a505f4d8","sha256":"40ba9b65b65353b087e262ca192c714a98d46ee88362fc726b90b100a22cbe0a","sha512":"bc7175244d34bd2bafdb1321d39ec8925775117d68f2959671209666dca3223ba74ea2d404ae01111610e6c9d0c3584007796e6faf732d1ab63eabc8022547c6","ssdeep":"384:dM+n/inbpac7l1wtYpT1N7/Dz+HVrL+4IblsPQefHF4rcaqSgkGcUBhVjGl7I:95YpT1N78VrL+bbuYYZaYcY0I","tlshash":"57c240b94a12213ef0a6953f7595228c4a21e062d50b1bbdb61bb736c3c6be33d70f45","first_seen":"2026-03-01T01:55:36.664577Z","last_seen":"2026-04-06T13:14:18.562376Z","times_seen":2,"resource_available":false,"data":null}},"time_used":319,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":319,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"16.163.174.166:1559/chat/static/robot.6654b3dc.png","fqdn":"16.163.174.166","domain":"16.163.174.166","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://16.163.174.166:1559/chat/index?channelId=01d1ee45fe184fb39829fa3a71336928\u0026autostart=0","date":"2026-04-06T13:13:38.432Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"16.163.174.166","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 11 Mar 2026 00:00:00 GMT","end":"Tue, 09 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C1:FE:83:28:7F:7B:34:DB:9B:19:22:87:1B:65:97:5F:42:FC:CB:2B","sha256":"0C:3A:87:DF:70:48:43:F9:44:A9:DE:87:D1:CD:4E:B3:BF:7A:08:6E:2F:DA:75:E5:70:BA:AB:9B:A1:E9:3D:2F"}}},"request":{"raw":"GET /chat/static/robot.6654b3dc.png HTTP/1.1\r\nHost: 16.163.174.166:1559\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://16.163.174.166:1559/chat/index?channelId=01d1ee45fe184fb39829fa3a71336928\u0026autostart=0\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T01:11:48.314333Z","times_seen":13443173,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/charting_library/charting_library.min.js","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:31.726Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"GET /charting_library/charting_library.min.js HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:32 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Mon, 06 Apr 2026 13:11:00 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qbxw8wOijQzjzZo0c8%2FvdX16e0110C07k4%2BtipoK8GwVhIWAsqwZxxluWxCnMjpqPDYh79kOCTHhzCtcxP5Y3oknjoKWZ621ZIW%2FyXBoNOlXI1Ilo%2BQTJy6HZuE%2FRlE5ksio\"}]}\r\netag: W/\"69d3b0e4-2a6a\"\r\ncontent-encoding: br\r\ncf-ray: 9e810ce53c18b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10858,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (10857)","md5":"8573e89d9ec535663d75f21b1f08109c","sha1":"a8d9eea0b157ceeffc38d4254e6f6abc9d697d10","sha256":"cb0c6c9f1771d252eee7caa043bdd7cfffbd52c2cc4b18b7be7c4554ed069151","sha512":"55d728fa1e0682725f94b17387c6790792d3d34b43652a00097876118575bd6cefa20916d80674519005d72f20ecbb745e9645516c056e6f9bb6691d5efbcb33","ssdeep":"192:9fdWSo7ktFUnoBelr6lw2LfnzuIQPlaJ1i10K+Ei/ISJhvHIheu5Ph3Ffam:vWS2ktFUnoIlD2LfnqIJimK+5/ISJhvu","tlshash":"6e224f58ed2478720acb54f0427f180f8239e278d84944ed3cc4e6ec59fd44a6a6fbb8","first_seen":"2023-08-16T00:37:19Z","last_seen":"2026-04-06T20:00:07.008477Z","times_seen":421,"resource_available":true,"data":null}},"time_used":640,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":637,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/assets/vendor-ec6b12c6.js","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:35.364Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"GET /assets/vendor-ec6b12c6.js HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:35 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Mon, 06 Apr 2026 13:11:00 GMT\r\nserver: cloudflare\r\nage: 1\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LuJhs3rZXa80l4ABlt3ioAth8tTTzIukoOUY%2BmD0qg1tP1xzEXsDXQ3BLc4EmOr085lOM%2FbYBslsmgpVR0HCGlD4Q9ZrxM7a2Y8FMe%2B5QFr2zrpIKItSTuIRdGIw76X9Sw77\"}]}\r\netag: W/\"69d3b0e4-f55e2\"\r\ncontent-encoding: br\r\ncf-ray: 9e810cfc0e7cb4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1005026,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65506), with no line terminators","md5":"8d46906265297fdf8a3458c0a76a106a","sha1":"994f407b176c91606b71768ff5abaa2956fe4436","sha256":"e891bf1d46678cf65ebbad83a20acd152c4148398a93b2c806460a049a2d3340","sha512":"5615a789ed8ba6f08cfa33adf4000912962bddeb85ab68fe902b634bbf7fc8b28202ff2556d04b7ccc05d1a7d01a771c029bbca5ced1c467f3f2f14d6187825f","ssdeep":"12288:RbMunAc76Zli7M+L12ZFp/fmRBpshkRRhTj9Sk9sAWpsTPTxBgG69aJ2f8:RbznQ+hLUp3mRBpsuVRtsAWUPTxBlJZ","tlshash":"e22539c97692f06147ab24e240bb0007f3396e59740e84a4f169d8eb7d7ad89d277f38","first_seen":"2026-04-06T13:14:18.529092Z","last_seen":"2026-04-06T13:14:18.529092Z","times_seen":1,"resource_available":true,"data":null}},"time_used":67,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":56,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/assets/index-3a361772.js","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:35.477Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"GET /assets/index-3a361772.js HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:36 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Mon, 06 Apr 2026 13:11:00 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vfo3D9uTCWfIebm3xRt9yUpa3P8f1qA5slj8EJ5XoNqP7CRwvROig%2BrtKxus1YNSb5ET88qrAwyooKmXoAVDFwyt7qn3U9vjcwlC0E7elsi67vyOr6evkjKqcOuTD3aWT8gX\"}]}\r\netag: W/\"69d3b0e4-14d6\"\r\ncontent-encoding: br\r\ncf-ray: 9e810cfcaf3eb4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5334,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (5329)","md5":"19541ffaa8e90c4891215392a1fc97f3","sha1":"2c76b6979557449fcf14f99c9701518bef90861b","sha256":"5da69c87d5b7ca5f0cd23110d379031b6e1df2feb0c76ece494d33df120241ef","sha512":"d98144fcfd2359710fdeb69c9b731812aef8efdbd63b11f5c15f1a754f6b3afbda336c0966cb85a1283cd9cfe4e8f30d43456cd900f9c3d1ecd5640ebc577ab3","ssdeep":"96:K50V1G7w5NNWUwbqCwT4deqD9b3cwDx4W0St9BfkmC3hrxE337NEalUjA:3I7w5uqCwT4EWbcwt4QtH8myhrS37NE4","tlshash":"5fb1969abc028979adbbd44544580011619c3bf7616d88b5f3fdad1ab7b4eb4d344332","first_seen":"2026-04-06T13:14:18.549687Z","last_seen":"2026-04-06T13:14:18.549687Z","times_seen":1,"resource_available":true,"data":null}},"time_used":617,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":617,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/platform/dev/favicon.ico?2.0.1775480600067","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:36.545Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"GET /platform/dev/favicon.ico?2.0.1775480600067 HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:36 GMT\r\ncontent-type: image/x-icon\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Mon, 06 Apr 2026 13:11:00 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MIsADwPa3uqTtsm9gtJ2T%2Bdy4bYDLMmlJpeR5EeBtfEkxKv0ydYX7V%2FvT87f9q09eLwQtvJ1%2FcuN7MfypVUaiCj0Mm8K7nALxFJXa6nph764D7H87EDv8444acR3BXHxVOS3\"}]}\r\netag: W/\"69d3b0e4-3e03e\"\r\ncontent-encoding: br\r\ncf-ray: 9e810d036eeeb4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":254014,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, -16x256, 32 bits/pixel","md5":"2c4bb30325737c47daca46c5c964cb0d","sha1":"c7e6259812ff8333efcdc1719cb98310ae7d917d","sha256":"521c51ff531e6cbf819a0c963094d4af53955e2b85a23560518f83e3f0e35ce0","sha512":"e669fc5a0c58d631e386f4c005487e4477010e66efd8d9230d83923f2490bd2cc95985386bd11eaf253727e2144ec4619242db6a1d99d3d809f9280ffd420940","ssdeep":"1536:Ocphq3xpLIcmsYqa0UfYLHsySk6TJxZsKXWDc9tqVKEXu0ggYu8hkiZixx9OnR0B:A+5q3ehcOse77L0tO0l3cm0Ei0R","tlshash":"9c445304d6cd875bf3b37ebd8ff1c872423ac7c49914ee420c5a96c4b866d6692311ea","first_seen":"2026-04-06T13:14:18.564411Z","last_seen":"2026-04-06T13:14:18.564411Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1452,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":323,"receive":1129,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/resource/images/light/chongbi.png?2.0.1775480600067","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:37.292Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"GET /resource/images/light/chongbi.png?2.0.1775480600067 HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:37 GMT\r\ncontent-type: image/png\r\ncontent-length: 8374\r\naccept-ranges: bytes\r\netag: \"69d3b0e4-20b6\"\r\nlast-modified: Mon, 06 Apr 2026 13:11:00 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bOVWdPkyZrznxAvw5nwiIaj9I4zR92XADQP0jk8zA0ImNorqy7IAkSuifhDIbz8ChRqSNbUFfJXa%2FufqG8QtGIsmxGRs%2F4VUzLWkmgOwuwD3xr6GHuK6llkd693neciH1ycs\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e810d081d7fb4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8374,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 238x245, components 3","md5":"6650aedc4ef28f02e0a556f35910640f","sha1":"4be2dcb9827165a3402d40a6839c3dbaa90978e0","sha256":"12d5077940a6a4cf67acae072e9cd28818f2d015fb4ff5a81e9c94a8256db87c","sha512":"66bfb2fc4b8ee5a4e8c44df2baae4a3d21596507e071107e9d4ed764e43f3176c602a0af7ee1bdfce98dc22d21b3ae94cc8fa175fe16bb3f526eeb1e3c0ed596","ssdeep":"192:InaPE+3Tlo3XDqi9l3ySbHda2nc2Tr736DNcau:IGSXDJcepxDUcau","tlshash":"3502900a3283811bda9d5ae991ff25e4f1383d1cb056987cd78334f3f7818e1e415109","first_seen":"2026-04-06T13:14:18.565922Z","last_seen":"2026-04-06T13:14:18.565922Z","times_seen":1,"resource_available":false,"data":null}},"time_used":621,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":619,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/assets/vendor-f8fc287f.css","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:31.729Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"GET /assets/vendor-f8fc287f.css HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:32 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Mon, 06 Apr 2026 13:11:00 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6%2BMWNqNrbLVdALykdH0do8QFgo4ETjeTzCBAIjaxX7%2FkSJV9OxM%2FFoxGEOes%2Bsu9kbEoot4dGRlKSw2YipY9AKSEW6uN21o4cFSP2embjx0%2FdNBj5IShdLWBX51Jm8XAxqJd\"}]}\r\netag: W/\"69d3b0e4-16c33\"\r\ncontent-encoding: br\r\ncf-ray: 9e810ce54c22b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":93235,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65018), with no line terminators","md5":"48afbb3fea406755fb800b9aaa52188c","sha1":"d67991bf8171c060cc3eb1d1ac51b4f42d6b546c","sha256":"f8fc287f65de178db85815d736b2cf5f6ebedd867b64a046fb61a383d883bfa4","sha512":"aa0dcef9a115ac710b1d3f23e330a8aa6627896f2af57a346b93f75294235cc5c1d777ba5f41ce5ddafbdd8cd27ff84922334a77debb81d1437029a249960579","ssdeep":"1536:BtIyNBi3MFYaQj7FCwsBlDOFIxuVox8D/Lb:BnNIClDsIxuVS83b","tlshash":"9393d4a5a5c461fc6f2ae2659b8766e8f13cf671cc01daa0f105511d0fcbbf60613a3a","first_seen":"2026-02-27T19:52:43.563869Z","last_seen":"2026-04-06T13:14:18.567421Z","times_seen":10,"resource_available":false,"data":null}},"time_used":1234,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":623,"receive":611,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/api/common/getAllSetting","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:35.402Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"POST /api/common/getAllSetting HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlang: en-US\r\nOrigin: https://ccyrpyypweb3.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:35 GMT\r\ncontent-type: application/json\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://ccyrpyypweb3.com\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=o3kNn3xtXKScsdOoVLezYEcSJ5Ry85Djeeinzj1RNiN4GZWcPJiQfM9NICPt%2Fuow528vIkORk4JaEVissh9Uob3Mj45%2BGaKvbVC3JgPhJSlneMwI8tLYXWzeKPHNqDhy3Z0r\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9e810cfc4ec5b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11826,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"547a542c5282b8114c70b47d57b29248","sha1":"7f4030ea874685475d7f0007e5d1c632687d81ca","sha256":"af4f6b884ec566b0ec242061bff27de5ef3569d6fdad153d10454a76a64395f2","sha512":"497b670e8e43f27329e603954a5681755f53a45119061bb4907579f78429b2079a80e1e1a38631c173a0086befc8c5dac44c7fafb01917531a0915e89354a30d","ssdeep":"192:N+nPjcOSp/tVQD+Rbfc2MjH3bZAiBOciT/7aqx5Lit2sTtPAMNOe4sNBQTX8H9cM:fRagu22AMbfp0Fol","tlshash":"8732c75e31d8ccbe87ca45c250ab755ab5ac286bd851a802ddeeff5cc4f5a394c0b00e","first_seen":"2026-04-06T13:14:18.498658Z","last_seen":"2026-04-06T13:14:18.498658Z","times_seen":1,"resource_available":false,"data":null}},"time_used":359,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":350,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/assets/index-7649976b.js","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:35.476Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"GET /assets/index-7649976b.js HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:36 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Mon, 06 Apr 2026 13:11:00 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=u7HJ7h2tyf9q0gKgYL%2BoasFxKLA7pbSDe1R%2FnN0PvDDclmF5MkkuAYssR6hwR4UvTI6jhFdKEVJWVet6J2TnhDJCAhU%2FKGGgrI3XAPurmeYjz72l7IszHLvKGn9hYrt%2Fbws3\"}]}\r\netag: W/\"69d3b0e4-262\"\r\ncontent-encoding: br\r\ncf-ray: 9e810cfcaf3cb4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":610,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (609)","md5":"5ff3361202329f639790ac50d978f0f4","sha1":"de4d5faa136e88cae62ec696e51e4bad1484ba20","sha256":"a1fcad407faa371ee0e555b8e4f96b96d04997dc5aeaaf554a9a43897876cd69","sha512":"7e7a84a942be759b6efb39658c45a76b6629010ed6aeeedf3d5f89c0919a2c1e7fb84c8b53f76d27f824a8c6ef55b3d9e42e92247a5c330874a7b5e78a263553","ssdeep":"","tlshash":"66f0e12f3a68c17316b78898d1130812f72c1f5562548074b18e1625c7689eac68d124","first_seen":"2026-04-06T13:14:18.535459Z","last_seen":"2026-04-06T13:14:18.535459Z","times_seen":1,"resource_available":true,"data":null}},"time_used":602,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":602,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/assets/index-60d13c78.js","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:36.422Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"GET /assets/index-60d13c78.js HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:36 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Mon, 06 Apr 2026 13:11:00 GMT\r\nserver: cloudflare\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=p7dy1MNUG8KWkRMz0OC7nuPhazrSak3JwxEGYhYBoH6zHlhr2wnQlEXow5PExwPBwG9pQHLl45%2FGYu7mS826xwJnQnfZVI0%2B%2ByrxdTW3Q%2BOI7R9HHaQls%2FdumXQdTtXDVHWL\"}]}\r\netag: W/\"69d3b0e4-340\"\r\ncontent-encoding: br\r\ncf-ray: 9e810d029dedb4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":832,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (831)","md5":"0dabeb618b982c14c7d79161a616fe23","sha1":"76023763dd55ccc58e02c67b4f087f502d726238","sha256":"1db6c61e09de63dde4333307e74ff487b7e764451074a11d1703efd1132f30bc","sha512":"83cf7a850ef55403ebfad0d85e18533c081215d9546f71b8c7ef336d5e533ee0da3d2ea679a2becfbf4c90c804a8504c9ca5dca760cacf1e0b67c9430bb247ec","ssdeep":"","tlshash":"1e01c9f5f809deba2ea2054402902401100d2badfa1415e2b89f3a662be6850d79e31e","first_seen":"2026-04-06T13:14:18.504625Z","last_seen":"2026-04-06T13:14:18.504625Z","times_seen":1,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ccyrpyypweb3.com/resource/images/light/zhaneixin.png?2.0.1775480600067","fqdn":"ccyrpyypweb3.com","domain":"ccyrpyypweb3.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ccyrpyypweb3.com/","date":"2026-04-06T13:13:37.295Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccyrpyypweb3.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 00:31:24 GMT","end":"Wed, 17 Jun 2026 01:28:57 GMT"},"fingerprint":{"sha1":"70:A3:1A:95:19:E8:A8:C5:74:FC:A6:16:14:29:16:42:E4:2A:C4:E8","sha256":"4F:20:21:3F:0A:2B:FC:EC:0A:F8:C1:1B:D7:CE:AE:C9:C1:1E:E0:58:C2:34:CF:E4:D1:81:E4:23:51:D5:52:C2"}}},"request":{"raw":"GET /resource/images/light/zhaneixin.png?2.0.1775480600067 HTTP/1.1\r\nHost: ccyrpyypweb3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 13:13:37 GMT\r\ncontent-type: image/png\r\ncontent-length: 3844\r\naccept-ranges: bytes\r\netag: \"69d3b0e4-f04\"\r\nlast-modified: Mon, 06 Apr 2026 13:11:00 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wZdWlB2AEE9bsBXh6p0mEMsf%2FiU52DKMS7Y%2FjhxxWhhJjhanrcNIITe7lZJGjE3I04c3DEE%2FN72ywpVFmEYyLZq%2Bju8scT7cY3lg0Vx1O8vkFRUMSICtdudoZ2wVbgZpVgtC\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e810d081d82b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3844,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 144x135, components 3","md5":"4cb9feaa160450ea643905b53c91f417","sha1":"3dc697d4e1fa1aab613afddbcdc32b447e246a46","sha256":"287dc76405b128321b1c2de6e5dbfbb1c800dee718a1bf8f733f8aa968f07c92","sha512":"e11d27ac5ca5407f65a130fc5a145aee39f4eaca53f156962a31a69f611978773293589add0d7b83a0b67dfdf25ed007c059e3c0eafd918f9c75202e1a6b75b1","ssdeep":"","tlshash":"04815cfec521209b7b911f3823e8ed01e1d4f542973179ceb80ac2adad65ff55940a15","first_seen":"2026-04-06T13:14:18.56873Z","last_seen":"2026-04-06T13:14:18.56873Z","times_seen":1,"resource_available":false,"data":null}},"time_used":584,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":583,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"ccyrpyypweb3.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}