{"report_id":"63eaef0b-81f1-4821-b545-3eaa5f8f4cca","version":6,"status":"done","tags":[],"date":"2026-04-05T10:13:49Z","url":{"schema":"http","addr":"h4e8z1.ltunzdbq.cc/","fqdn":"h4e8z1.ltunzdbq.cc","domain":"ltunzdbq.cc","tld":"cc"},"ip":{"addr":"154.207.77.151","port":0,"asn":63888,"as":"DATAWING LIMITED","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"title":"91视频网 - 热点爆料与2025最新精品吃瓜视频","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"h4e8z1.ltunzdbq.cc/","fqdn":"h4e8z1.ltunzdbq.cc","domain":"ltunzdbq.cc","tld":"cc"},"ip":{"addr":"154.207.77.151","port":0,"asn":63888,"as":"DATAWING LIMITED","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-10T10:13:49Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.ltunzdbq.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.ltunzdbq.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"h4e8z1.upkmldz.cc","ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2026-04-03","domain_rank":0,"first_seen":"2026-04-05T10:13:51.709081Z","last_seen":"2026-04-05T10:13:51.709081Z","alert_count":43,"request_count":43,"received_data":4573927,"sent_data":20045,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.26.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Clipboard.js:2.0","description":"","website":"https://clipboardjs.com/","common_platform_enumeration":"","icon":"Clipboard.js.svg","categories":["JavaScript libraries"]},{"name":"Parsley.js","description":"Javascript forms validation script.","website":"https://parsleyjs.org","common_platform_enumeration":"","icon":"","categories":["JavaScript libraries"]},{"name":"jQuery:2.2.4","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Typecho:1.1","description":"Typecho is a PHP Blogging Platform.","website":"https://typecho.org/","common_platform_enumeration":"","icon":"typecho.svg","categories":["Blogs"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.251.143.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-03-29T22:23:59.734728Z","alert_count":0,"request_count":1,"received_data":469047,"sent_data":401,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"h4e8z1.ltunzdbq.cc","ip":{"addr":"154.207.253.62","port":443,"asn":0,"as":"","country":"Seychelles","country_code":"SC"},"domain_registered":"2025-07-11","domain_rank":0,"first_seen":"2026-04-05T10:13:51.707121Z","last_seen":"2026-04-05T10:13:51.707121Z","alert_count":2,"request_count":1,"received_data":161053,"sent_data":487,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/plugins/ai/common/vant.min.js","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:21.833Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/plugins/ai/common/vant.min.js HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4e8z1.upkmldz.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.26.3\r\ndate: Sun, 05 Apr 2026 09:20:49 GMT\r\ncontent-encoding: gzip\r\nlast-modified: Wed, 14 Jan 2026 02:32:17 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\nexpires: Sun, 12 Apr 2026 09:20:49 GMT\r\netag: W/\"69670031-3b3ee\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: gf5uHWxmU-ZJz2fA9-cMa6B9JtT8TiUQEt6AO7jou-j5-_11wNRHFQ==\r\nage: 3152\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.26.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":242670,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (36859)","md5":"48c71ec4ea36fdd75033bbb278a861f3","sha1":"b47d16bde5c94e468ef249bd2126b846a39afe73","sha256":"0b18e273bc785dd0e5cc43218ee879bce10461fdf3b1274a1f2c8962aaecb49a","sha512":"bd3e587cf0fa0c2d777e1918b2067a2a2cce648996ea7e490098d609b20bacec6c2fb6dbe682ac1e212eafe2c1e33364a8cde40439ab6d24638b9b23b69489a1","ssdeep":"6144:XEB3BhYNbHp+fvbtgMAgMgQ8dOq11tUxLEm+Om0RbU:XEBIHpevogQ8dOw1sEam0R4","tlshash":"d23439a0f685f42547b790e6507a0610e1290b48f009d1e0f57ded8e2aede94b6bef7c","first_seen":"2024-08-02T14:48:31Z","last_seen":"2026-04-05T16:55:02.569411Z","times_seen":25956,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/themes/Mirages/css/7.10.0/webfonts/fa-brands-400.woff2","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:22.056Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/webfonts/fa-brands-400.woff2 HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4e8z1.upkmldz.cc/usr/themes/Mirages/css/7.10.0/fontawesome.min.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: font/woff2\r\ncontent-length: 118072\r\nserver: nginx/1.26.3\r\ndate: Sun, 05 Apr 2026 09:21:36 GMT\r\nlast-modified: Thu, 16 Oct 2025 03:57:50 GMT\r\netag: \"68f06d3e-1cd38\"\r\nexpires: Sun, 12 Apr 2026 09:21:36 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\naccept-ranges: bytes\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: 4wfYEHEMnvwfZ4kXHYiSr3xVYDClf6_nYG4J-demBskLef4iVYrzEQ==\r\nage: 3106\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.26.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":118072,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 118072, version 774.256","md5":"715d593456fa02fe72a008a72398f5be","sha1":"e948290773216dc1b50c2121314a8cf918c22b54","sha256":"c411f11975d26eb04cd2aa3c071181d4b18e489f1fb97060d4176a3531dfb36e","sha512":"1f63209c93a462c2690442c9cf1c3e5a67f2df7a67dfcda2cb81292a2dbb90641aa0ab81c25323a1f2d9f0fa09b3421d136ae5228c47e581c51912ba284de46e","ssdeep":"3072:3wqMZaMDlYfb+t0YI4WlLL7rE2ZjX+B+pdJpimtm:gpZNYfytUxH7rnZj+Szpiz","tlshash":"71b3137922e526408e9d0e3bbf7b6a6ec7f8719ddbd4c10aa7d18469001738ed8d842c","first_seen":"2024-07-20T13:53:50Z","last_seen":"2026-04-05T17:40:13.818341Z","times_seen":7060,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-05T10:13:20.955Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\nserver: nginx/1.22.1\r\ndate: Sun, 05 Apr 2026 10:05:16 GMT\r\nx-server: server-71\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: lNMcFP0m-m7DvfjiErkW87l2XTYFcCf6VyZdzfFR3DFs-I3YAeH69g==\r\nage: 485\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Clipboard.js:2.0","description":"","website":"https://clipboardjs.com/","common_platform_enumeration":"","icon":"Clipboard.js.svg","categories":["JavaScript libraries"]},{"name":"Parsley.js","description":"Javascript forms validation script.","website":"https://parsleyjs.org","common_platform_enumeration":"","icon":"","categories":["JavaScript libraries"]},{"name":"jQuery:2.2.4","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Typecho:1.1","description":"Typecho is a PHP Blogging Platform.","website":"https://typecho.org/","common_platform_enumeration":"","icon":"typecho.svg","categories":["Blogs"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":160280,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1724), with CRLF, LF line terminators","md5":"f7f2566d4bf1437ceb8d59770addc004","sha1":"cfb700a3a0b053936f0699a8c73d032df8b89675","sha256":"e59e5c19300ef41d123150e224989161813fa00ed45daa11a5f56f570b3fa850","sha512":"4d5398797aaa0701a7798636a05ca895ef65f931c58c1fd5744f364dc8d29d4051c52da5f293b9494d67f33b75d5fbe5cb9e0ffb8286fcb1845d869934a9ac01","ssdeep":"1536:87xXBXZLd1ECfTK0TBOJKE0RtERCGWGmquGdmmVh43jmBG48mmaQGlSElxeqGhDW:89RXZLfjOJKEa6wBUPPjACWDc3iDk","tlshash":"4df3c89168f244765293f4a899b27f09ff80c147c94ace04b79c86d4bfc1e6299f3398","first_seen":"2026-04-05T10:07:58.977931Z","last_seen":"2026-04-05T10:35:14.59321Z","times_seen":8,"resource_available":true,"data":null}},"time_used":871,"timings":{"blocked":431,"dns":68,"connect":9,"send":0,"wait":8,"receive":0,"ssl":352},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/plugins/ai/images/avatar.png","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:21.731Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/plugins/ai/images/avatar.png HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4e8z1.upkmldz.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 311\r\nserver: nginx/1.26.3\r\ndate: Sun, 05 Apr 2026 09:20:54 GMT\r\nlast-modified: Wed, 14 Jan 2026 02:32:17 GMT\r\netag: \"69670031-137\"\r\nexpires: Sun, 12 Apr 2026 09:20:54 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\naccept-ranges: bytes\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: _Ak4xn7uP_toAcSkoqsKT3nnHMu4xce5Yk3esDUW1OAEkyRimUKf8A==\r\nage: 3147\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.26.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":311,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 18 x 20, 8-bit colormap, non-interlaced","md5":"30c01d82427d0b622f89b4696cfa8fe1","sha1":"f0316536a6c8f645a3a4bbb4dd0473e3c8853a4f","sha256":"7ceba85b04db09cfa45db7b953297889da29ea113dcc0d037eafb86203b200ee","sha512":"e9cefe20bff8e7812e2b6eb2dfeee8a71950e5fe3859a50967ad54c861da3f25049aef2cf32a1518706670d6c7cc3054afa0ec934fb8e344465d5753f93ce97c","ssdeep":"","tlshash":"98e0cdf35389ecb985a7441a10e36510f10d6979433382dbd755543e51140c4497575a","first_seen":"2025-11-08T04:26:01.782802Z","last_seen":"2026-04-05T17:00:52.685619Z","times_seen":15645,"resource_available":false,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/plugins/ai/images/ai.png","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:21.726Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/plugins/ai/images/ai.png HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4e8z1.upkmldz.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 360\r\nserver: nginx/1.22.1\r\ndate: Sun, 05 Apr 2026 09:20:54 GMT\r\nlast-modified: Wed, 14 Jan 2026 02:32:17 GMT\r\netag: \"69670031-168\"\r\nexpires: Sun, 12 Apr 2026 09:20:54 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\naccept-ranges: bytes\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: huyQWutCpw006oyrI3I2jKYEpgTRs7gdvsJ6yxfMezm8xcIFl_lWBQ==\r\nage: 3147\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":360,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 22 x 19, 8-bit colormap, non-interlaced","md5":"bdfd73be05b313c5c343e02c19e69b35","sha1":"40a591d8ec0f5134270fad42812002458e1fa3b7","sha256":"ea22009d2eb53a8f88f109607d8ff75814059f83ad1e4c1aa54179f5b1385bc6","sha512":"e67420d8689d83569fef893f166ab041b5863fd33f1b8a34056044e25eca04836cdfde2000cc306d1efccaed4340889c643706420f9d927d309100d41cf40474","ssdeep":"","tlshash":"eae0c072728cff3a9cb10273089791f58a2a4f76516491065f15841c68e6644415278f","first_seen":"2025-11-08T04:26:01.793992Z","last_seen":"2026-04-05T17:00:52.651398Z","times_seen":17233,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/plugins/ArtPlayer/assets/verify.css?v=1775383223","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:21.783Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/plugins/ArtPlayer/assets/verify.css?v=1775383223 HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4e8z1.upkmldz.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nserver: nginx/1.22.1\r\ndate: Sun, 05 Apr 2026 10:05:19 GMT\r\ncontent-encoding: br\r\nlast-modified: Thu, 16 Oct 2025 04:41:25 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\nexpires: Sun, 12 Apr 2026 10:05:19 GMT\r\netag: W/\"68f07775-764f\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: 5Ingk0DG8ntnoDsktgki3L1_8iXAXomRLv9Uy4J_oJlNvMhGNNYefg==\r\nage: 482\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":30287,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (2297)","md5":"05de5317c7aaed673a9b7730ff8f4110","sha1":"b29dcc36975b80b71c36ea6bdbbe10ad4573e808","sha256":"dd7621c843cca10364c668483d3074170ea7236b38286eb56502c32b853b6ce6","sha512":"f919dd24b008b9717b05c2a9405f07561118430eac2bfb1411fd95c92f30d3aaeca4be32524784af14385cb2c99b918c8f7037a942bf7cdd17ff485cf1ac6ae0","ssdeep":"384:HP4DXgdwAFD/2bbMWyP4DfuDAJTB5rgqRH:HPeQdwAFD/2bbMZPemDAJTB5rgqRH","tlshash":"3ed28525780314026d55a1542b762b85b96498079f15ccfebfdf32ac8f8e94cbe627cc","first_seen":"2025-09-27T13:56:45.716791Z","last_seen":"2026-04-05T17:40:13.793563Z","times_seen":461,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/plugins/ArtPlayer/assets/artplayer.min.js","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:21.792Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/plugins/ArtPlayer/assets/artplayer.min.js HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4e8z1.upkmldz.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.26.3\r\ndate: Sun, 05 Apr 2026 09:20:49 GMT\r\ncontent-encoding: gzip\r\nlast-modified: Thu, 16 Oct 2025 03:57:50 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\nexpires: Sun, 12 Apr 2026 09:20:49 GMT\r\netag: W/\"68f06d3e-2691a\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: ISHF5R-s5K5KoqtK9oCGZRZAH16ot3jeBwdzMoWi3k9NVAovEqqMSg==\r\nage: 3152\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.26.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":157978,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65135)","md5":"bed8539beac60f5efaaa51980a11aa85","sha1":"74855576aff9603251dd9dbdc197aafaaa417a1c","sha256":"a358207ef8db53c4696e1cd4e89323ab98f78015f932a664e966ff3d36b243a7","sha512":"e711004d7f05517c3022a1efbebac3432fa9116febe6f97d245cb8b21ce15c4ee928fc09c88d3b145858407cc30ea2491a51faf8c47e5fa8175210b18669c0d1","ssdeep":"1536:KahwEc0LmS5YsgHEfda9wOqxrgSYqN3mTvkFn62eZ:Ka70HEfc9wive0","tlshash":"20f34ca1622164394257531abb95030455b6d830e4adf10cf30ee9fd12deecaa17bb7e","first_seen":"2025-09-01T16:55:12.43117Z","last_seen":"2026-04-05T17:40:13.799678Z","times_seen":536,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/plugins/Search/search.js","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:21.815Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/plugins/Search/search.js HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4e8z1.upkmldz.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.22.1\r\ndate: Sun, 05 Apr 2026 09:20:49 GMT\r\ncontent-encoding: gzip\r\nlast-modified: Fri, 12 Dec 2025 12:38:53 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\nexpires: Sun, 12 Apr 2026 09:20:49 GMT\r\netag: W/\"693c0cdd-56c0\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: 0PjLxZaSuRkKC4ZN52HKKJeqvqAsj-Dqv-oGNJ5MCejTUrW7X6sSLA==\r\nage: 3152\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22208,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"96da171f0f34e717b053bd3720434372","sha1":"a879322f41c21d6c923c8145efdb6c7b4005251e","sha256":"de11e596cb15be035cf5f88b9e9869d3a50b1323829d3ee50d329f2ac7d6b104","sha512":"7fab1d8bbf5a9f3541d6f758c12817d51517440fb5f7a3651ce42c6dcb0d6f524d24cf04bbd240a7eec582884419990f98bb29a22ca9ce3bfc5e8f50f15f9a01","ssdeep":"192:KZZCMHzlVtegOkZKUdjcRk78PS4WyoSrjv2UL5ByiCOEiSoHoF5o/EqvvuG8MWR1:KTCIRewdwRk9KtD2UD/jN/nuR1","tlshash":"c2a2021b21f700615ef3b0ad5fdba5517a21e407684bce587e4c8bc08fe1d28d792ada","first_seen":"2025-12-17T07:19:53.152567Z","last_seen":"2026-04-05T17:40:13.820513Z","times_seen":436,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/themes/Mirages/usr/css/copyright-footer.css?v=7.10.0","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:21.690Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/themes/Mirages/usr/css/copyright-footer.css?v=7.10.0 HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4e8z1.upkmldz.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nserver: nginx/1.22.1\r\ndate: Sun, 05 Apr 2026 09:20:51 GMT\r\ncontent-encoding: gzip\r\nlast-modified: Thu, 16 Oct 2025 04:41:25 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\nexpires: Sun, 12 Apr 2026 09:20:51 GMT\r\netag: W/\"68f07775-4a1\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: lsMj83uR92LJKRL3DPY02BcEguZSDvY6FW0T91e_H7KaeQCekfK5qQ==\r\nage: 3150\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":1185,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"71c000d1b34596de188402dcb0860e7f","sha1":"6739945b7bab642c4ca1bc816c1b76cfd957f0c1","sha256":"43776093bc66147a47d05bd9eb0ba82de617853f99fd4e3fd5a45d3ef68abaef","sha512":"c65b3a02670fe909472c312eac903d83b84c6c6e2af2a85265311f254c5023b978ef7d62249ef6d5eceafaa6565b6ea7d7a501b0591fbda5a7d3ec7bdd628824","ssdeep":"","tlshash":"1b216119e02f051530039b6be7a9c5009634a117ec0ffb3d323e57e1efa6619519279b","first_seen":"2025-10-27T00:48:30.143104Z","last_seen":"2026-04-05T17:40:13.826538Z","times_seen":453,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/themes/Mirages/images/logo.png?v=1","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:21.733Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/themes/Mirages/images/logo.png?v=1 HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4e8z1.upkmldz.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 6015\r\nserver: nginx/1.26.3\r\ndate: Sun, 05 Apr 2026 09:20:54 GMT\r\nlast-modified: Thu, 16 Oct 2025 03:57:50 GMT\r\netag: \"68f06d3e-177f\"\r\nexpires: Sun, 12 Apr 2026 09:20:54 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\naccept-ranges: bytes\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: 5wEww6Vadml58t9vo8S2lFPacJQbJVz2v684VIQPqCO-hNBNN_502A==\r\nage: 3147\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.26.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6015,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 400 x 400, 8-bit colormap, non-interlaced","md5":"9a5fcefd2df79489062bb748a8b62332","sha1":"e0374698e58cf62f4e64ff7958e4041204dadf7a","sha256":"d98c9b0b62933bac77dcbd62f7a8a335ebd3fd81c369905b71e012522e30f4d1","sha512":"8c67894aeb6f6f190f53ed5aa2deb123801c660363f7e70b1209492f3677468e6637d09680ae7f76a2a76ac061d906ccd8262bd81a80c3b7a6cd2acb212e9a6a","ssdeep":"96:3zR5v0wqsOjqMAAPcZrCBuJypYni6u0tX452p0wOq/rY/Di1HpLo8:9t4mMv3BuSYi6u+1NOUFm8","tlshash":"0dc17db66583bca3c6b7597d45e3b8711cb52eca925c08d18a95fffb8e7c1105404ba0","first_seen":"2025-06-07T03:54:38.239569Z","last_seen":"2026-04-05T17:40:13.784519Z","times_seen":484,"resource_available":false,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/plugins/ArtPlayer/assets/artplayer-plugin-danmuku.js","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:21.801Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/plugins/ArtPlayer/assets/artplayer-plugin-danmuku.js HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4e8z1.upkmldz.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.26.3\r\ndate: Sun, 05 Apr 2026 09:20:49 GMT\r\ncontent-encoding: gzip\r\nlast-modified: Thu, 16 Oct 2025 03:57:50 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\nexpires: Sun, 12 Apr 2026 09:20:49 GMT\r\netag: W/\"68f06d3e-9648\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: A0XI5eSx14J7aZEKKBMcEDhV93y8PAswDJDmjGvTILcIobTpQsKq_Q==\r\nage: 3152\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.26.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":38472,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (38061)","md5":"af6ebefd72beaf5df997dcfa1617f500","sha1":"cfe60f8d100c4b2d9fed7d389d312e19f3bbbd66","sha256":"601e4b7c791843c856be875a5c43eb12bef5b8b4462aacb480cee8c4b1bdd120","sha512":"bf6e2893e83560acf2dcd18e603a9128df3b4caa7f8a1400835845870f05e7866bfdc28f9f765661f61afe0b223c7dbb2be4e805141a2c28796f97970a78afd0","ssdeep":"768:BgvoR1RrUunRV/5BDwZXfiImOpNMypmFEIbYJoit0pA6yxPzs:qu1R9iXft/MypmaPfa","tlshash":"4d03e9c562111034810bd650e0846b0d6f267c36657685aef1bcabe81effe4db6eb738","first_seen":"2024-02-21T18:27:50Z","last_seen":"2026-04-05T17:40:13.800477Z","times_seen":680,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/plugins/ArtPlayer/assets/artplayer-plugin-authentication.min.js?v=1775383223","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:21.807Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/plugins/ArtPlayer/assets/artplayer-plugin-authentication.min.js?v=1775383223 HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4e8z1.upkmldz.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.22.1\r\ndate: Sun, 05 Apr 2026 10:05:19 GMT\r\ncontent-encoding: br\r\nlast-modified: Mon, 09 Mar 2026 07:49:26 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\nexpires: Sun, 12 Apr 2026 10:05:19 GMT\r\netag: W/\"69ae7b86-751d8\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: ihasyps1enbCggSM2wfSEc2tOkDU-TH32lJ3Jn9iLdADjdyq7mDwhg==\r\nage: 482\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":479704,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"3c8db868fb9d043d36b6c50cf6d2c8e0","sha1":"2050bb26e5b9444704519d977d85fb43c339fd97","sha256":"6ad880d5ebe9c47d5811f4fa487a281f5424ebaba041aa3b8aa635e275da4e2a","sha512":"3dc2edc7cb3192a54188e0a099a0195e128d296afd9e3d4701fd970f867c9fdaf87a3d1054d72a7f7ae1633c51c703ff356ca5d2cf4fa97aaba53f4bcc85756a","ssdeep":"12288:MWs6MHvovrEnTz0NxU5p6xqXBgwdJ1S+qVD7Pbx:MWs6cx0NC5p6xqXBgwz1S+KD7PF","tlshash":"1da4d61b75c478d7030b5eb7f617a1e6ea0a3e5d605c49bbf808be5c2853036dae2271","first_seen":"2026-03-15T14:35:29.8863Z","last_seen":"2026-04-05T17:40:13.81586Z","times_seen":99,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/plugins/ArtPlayer/assets/verify.js","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:21.810Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/plugins/ArtPlayer/assets/verify.js HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4e8z1.upkmldz.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.26.3\r\ndate: Sun, 05 Apr 2026 09:20:49 GMT\r\ncontent-encoding: gzip\r\nlast-modified: Thu, 16 Oct 2025 03:57:50 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\nexpires: Sun, 12 Apr 2026 09:20:49 GMT\r\netag: W/\"68f06d3e-f38\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: rLUsrqS3bEIku1CaxPUV-a_v87wdmU6k_6p9uCqzGrlDniGVJ-i8fw==\r\nage: 3152\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.26.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3896,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"e7bebbc293f5caea4a8c79f1b57898ea","sha1":"901a28cbc5326004e8f53aca0eaae3f3c82be72e","sha256":"9305a23ca2332d118c926a2fd7cdc7ac5105643656dcd34c289bad5b20fae114","sha512":"0ae1cde46938dab15890e75d2493963f475203c8a7e9ab4a796657d9b5ae80057af72902433fc02c6d6b46df88a90cb1a186a95c69355886aac6376c963c4750","ssdeep":"","tlshash":"5f81698e70366567593373b95f178d6ceb7204331602c2697e7ce2c8afb046496b2e8c","first_seen":"2025-09-25T05:47:52.443338Z","last_seen":"2026-04-05T17:40:13.810009Z","times_seen":468,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/plugins/ai/common/index-ai.js?v=17","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:21.839Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/plugins/ai/common/index-ai.js?v=17 HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4e8z1.upkmldz.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.26.3\r\ndate: Sun, 05 Apr 2026 09:20:49 GMT\r\ncontent-encoding: gzip\r\nlast-modified: Wed, 14 Jan 2026 07:06:15 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\nexpires: Sun, 12 Apr 2026 09:20:49 GMT\r\netag: W/\"69674067-aa5b\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: x9Ng0WXc9r0IWZdBsSiD4gmG5Cy7g_tVB0b7d2zvJWM1QqZFVbQ1Tw==\r\nage: 3152\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.26.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43611,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (306), with LF, NEL line terminators","md5":"ecbe9037a6eb06cbd544b1d5a6e49f74","sha1":"5953f67db24e590548a1ea349277910b4baf691b","sha256":"589838eeb670cfce45f05ef113d8d961c547b9e15ac5b88e0ddbf5ec6b0c5391","sha512":"90f3ccec23f11f455549c8455db480813fddd79d34a286f6aae2a63b3e17c669cb20c8049a5fe1b11b64732e88101c73d5d01a07b9664b5d40a2c87664e6d72f","ssdeep":"768:MVqz8cJwdr5pRWIp8YRJR/Q7pUtxwVJ2cZpeZlses:MVP5prRJR/Qetxwr2cZpeZl0","tlshash":"8a13c70a2afbb31185a770aa2beba0053730a017654ddf097f4d87d45fc152992e3bda","first_seen":"2026-04-05T09:22:07.745208Z","last_seen":"2026-04-05T10:15:12.540058Z","times_seen":11,"resource_available":false,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/themes/Mirages/css/7.10.0/webfonts/fa-solid-900.woff2","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:22.054Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4e8z1.upkmldz.cc/usr/themes/Mirages/css/7.10.0/fontawesome.min.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: font/woff2\r\ncontent-length: 157192\r\nserver: nginx/1.26.3\r\ndate: Sun, 05 Apr 2026 09:21:36 GMT\r\nlast-modified: Thu, 16 Oct 2025 03:57:50 GMT\r\netag: \"68f06d3e-26608\"\r\nexpires: Sun, 12 Apr 2026 09:21:36 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\naccept-ranges: bytes\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: y4iQ5ctvvfQ1M1ssw5lrjieBWcEejdHGlb8on2AJzXqZe2BNU2p22w==\r\nage: 3106\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.26.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":157192,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 157192, version 774.256","md5":"237f4a0afbdb652fb2330ee7e1567dd3","sha1":"69335cd6a6ac82253ea5545899cccde35af39131","sha256":"1f0189e087fcefbf654fad74a3a06668b782c01353a61d5c0b7f0bf23e33c020","sha512":"27e8e1f91507179c207f93a19485738ed5d372a977eb27d44a4ed163013097d38b117c7a5bf4336ecc9862ca514d78ffcd2b8a07e304bbfe1b2cce9c087baa38","ssdeep":"3072:Qeqp46DjdHdb7UT/IGFc27+78oGmfIXe0pGRDH9tQm1pbYqup:Q16n/IqpoG2IXZYTtxrbdO","tlshash":"5ce3125bf5e6dbe5525e6d64fb5478972b1030823ee11cf12ce2206eb889317399e08f","first_seen":"2024-07-18T18:39:32Z","last_seen":"2026-04-05T16:49:51.530303Z","times_seen":10068,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/themes/Mirages/js/7.10.0/image.0821.js?v=1000","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:21.693Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/themes/Mirages/js/7.10.0/image.0821.js?v=1000 HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4e8z1.upkmldz.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.22.1\r\ndate: Sun, 05 Apr 2026 09:20:48 GMT\r\ncontent-encoding: gzip\r\nlast-modified: Thu, 16 Oct 2025 04:41:25 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\nexpires: Sun, 12 Apr 2026 09:20:48 GMT\r\netag: W/\"68f07775-44cef\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: XPhYMim2Tf5knPyQ9C082I8aj4q1ik-zSzDT5f_RpWio7Q8oCicgqQ==\r\nage: 3153\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":281839,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3225)","md5":"1a63af57115591ecbc72b6d13cdb0798","sha1":"848a9b64f901a274d3168980bad7bf686d59fb31","sha256":"91ece2e8e252afdc022a55919c197e9dfaf26634fe8dd2a3e9efd88ad97c465a","sha512":"f0324941230b4b59920ae5a57adb66ffa109b5d2d9a1aee9823bc72f30766dfe30a9a7fbc00372c271f7ebfb871ffb0ee2865d481d0f12ec2260600800585627","ssdeep":"3072:avPEc86vFuSdDxBnHpaFfoONpIhgkuvFOy9jxhnHpa9/IuNpoBAEPtAu:avPELqpQk+p4EPV","tlshash":"1454104a9fe31194f513b43c6b3f7805a1e6b0275ad9dc0e791ca9e0cf294288579bec","first_seen":"2025-09-25T05:47:52.46339Z","last_seen":"2026-04-05T17:17:57.332584Z","times_seen":8493,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/themes/Mirages/static/jquery/2.2.4/jquery.min.js","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:21.705Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/themes/Mirages/static/jquery/2.2.4/jquery.min.js HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4e8z1.upkmldz.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.26.3\r\ndate: Sun, 05 Apr 2026 09:20:48 GMT\r\ncontent-encoding: gzip\r\nlast-modified: Thu, 16 Oct 2025 03:57:50 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\nexpires: Sun, 12 Apr 2026 09:20:48 GMT\r\netag: W/\"68f06d3e-14e4a\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: 6AysaMNGb9BYz3Md-0PkW6cJwh3Gui1NXPFQYytXiR-maeJGQTJNmw==\r\nage: 3153\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.26.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":85578,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32065)","md5":"2f6b11a7e914718e0290410e85366fe9","sha1":"69bb69e25ca7d5ef0935317584e6153f3fd9a88c","sha256":"05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e","sha512":"0d40bccaa59fedecf7243d63b33c42592541d0330fefc78ec81a4c6b9689922d5b211011ca4be23ae22621cce4c658f52a1552c92d7ac3615241eb640f8514db","ssdeep":"1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2","tlshash":"1e83c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-05T16:50:32.425922Z","times_seen":264778,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-21C9SS122B","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.143.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:21.820Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:36:32 GMT","end":"Mon, 08 Jun 2026 08:36:31 GMT"},"fingerprint":{"sha1":"F1:EC:3B:52:4B:66:50:1D:0B:50:65:93:DD:B9:FD:40:BF:2D:6E:7B","sha256":"46:A7:13:4E:73:FB:45:6B:0B:73:AF:6C:C5:72:C7:83:79:46:1B:0D:3F:B2:A1:0C:AD:70:4A:EA:1E:4A:D1:2B"}}},"request":{"raw":"GET /gtag/js?id=G-21C9SS122B HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sun, 05 Apr 2026 10:13:21 GMT\r\nexpires: Sun, 05 Apr 2026 10:13:21 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 155388\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":468443,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"db890dd263782491fec8cc1f9c342c23","sha1":"ba2c07a62101f94d0d5f2790250b86461d058066","sha256":"bcd8af57ef57697d7f42c0c7032b982a14a11be30d107be677fa29d80b0f1db9","sha512":"b564bf05411c155dd6508362241be1e00ca01cc54862d10aaf0e018cdeb7b5dc1be61446c0561430f6205f99bd28c0fa574edadbe595a7c0e0d76fbfa8fdc354","ssdeep":"6144:bw3eqQGzLr8DP9aGb/F8x/OW+/5EiWz1SoRSLrgqz+:+zH8IGbt8vci","tlshash":"5ba4f9ceb3d674225396f478903f01cba57b29e2b448c8a5b189cce41e7469a4277f7c","first_seen":"2026-04-05T07:52:05.987174Z","last_seen":"2026-04-05T17:43:09.36102Z","times_seen":46,"resource_available":false,"data":null}},"time_used":424,"timings":{"blocked":134,"dns":1,"connect":8,"send":0,"wait":20,"receive":28,"ssl":230},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/plugins/ai/js/index.js?v=5","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:21.847Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/plugins/ai/js/index.js?v=5 HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4e8z1.upkmldz.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.22.1\r\ndate: Sun, 05 Apr 2026 09:20:49 GMT\r\ncontent-encoding: gzip\r\nlast-modified: Wed, 14 Jan 2026 02:32:17 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\nexpires: Sun, 12 Apr 2026 09:20:49 GMT\r\netag: W/\"69670031-11629\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: -ry0lFilkquOhabTLhsvaFF-neUHXTNTX4RudUx9ArTUaAf5CD1WmQ==\r\nage: 3152\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":71209,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"36171ef7040fe036b7a3aaced0a8278b","sha1":"c912a30edbbb8e09134a25e933e308cec4b87fc1","sha256":"1fbb61a325691d045479165c12b41315f08d86f6310746dcf3141d656aee9805","sha512":"1a2d4690c0f813301c60c40da306b5cf6109f9cd4743d542590884f7a54682a8c6cd409f985ec0047aa0a17d48fb98889a1487c38b58afda50a341f73dc2eed9","ssdeep":"1536:Mu8ndfFX6rH9h5oML5D06VFllRjD7RQgl:fQgl","tlshash":"8b63736e22fa15194b5330392f9f300a3210a4475d49ee9cbe0d5bd45fdda38a1f2be6","first_seen":"2026-01-18T15:52:51.563125Z","last_seen":"2026-04-05T17:40:13.813721Z","times_seen":109,"resource_available":false,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/plugins/ai/js/user.js?v=5","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:21.848Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/plugins/ai/js/user.js?v=5 HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4e8z1.upkmldz.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.22.1\r\ndate: Sun, 05 Apr 2026 09:20:49 GMT\r\ncontent-encoding: gzip\r\nlast-modified: Fri, 27 Feb 2026 07:36:45 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\nexpires: Sun, 12 Apr 2026 09:20:49 GMT\r\netag: W/\"69a1498d-415f\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: Z6HXjBiWVbgKyRp2gUP6aWGAom1hIZlo0wrd2zbW11guJ5pg7v3_Eg==\r\nage: 3152\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16735,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"5dbc7caceccab6b50db9d7297811109c","sha1":"1ea56f4210e8ca19cb057dbeabadb35a295d0702","sha256":"b51373981526f70f3d5264e7f7deadf65e3defd298f7cf9771bc9cdf1ba0ed6f","sha512":"efb196e428c8fb18e053025fc458f5f55013184873fcc97655a60f4a90ec6abe19f05b804c9df8831b0548c3b1a1ef8f4fdb75d56420afe099b4f0b38367721c","ssdeep":"192:G4pcNs9Ub7MENyT7AZneMrO4bUDUrdVCr1JbTyifGyAp/FoWjxk0vwnHI3QUGMuW:G5iKQtCp/J6LUBn","tlshash":"e972630ab1f504634b5361a06b9b6104713195072a0add1c3e3e9bd82f5ed79c2e7bef","first_seen":"2026-03-07T02:36:21.017146Z","last_seen":"2026-04-05T17:40:13.809224Z","times_seen":101,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/themes/Mirages/css/7.10.0/fonts/fontawesome-webfont.woff2?v=4.7.0","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:22.047Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4e8z1.upkmldz.cc/usr/themes/Mirages/css/7.10.0/mirages.min.css?v=22\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: font/woff2\r\ncontent-length: 77160\r\nserver: nginx/1.22.1\r\ndate: Sun, 05 Apr 2026 09:21:36 GMT\r\nlast-modified: Thu, 16 Oct 2025 04:41:25 GMT\r\netag: \"68f07775-12d68\"\r\nexpires: Sun, 12 Apr 2026 09:21:36 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\naccept-ranges: bytes\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: l3hNnPaZ3GHiHHCXdd7LdMavMMQnt7ai1fJdAzeyaAKZ7AGetBR98w==\r\nage: 3106\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":77160,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 77160, version 4.459","md5":"af7ae505a9eed503f8b8e6982036873e","sha1":"d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c","sha256":"2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe","sha512":"838fefdbc14901f41edf995a78fdac55764cd4912ccb734b8bea4909194582904d8f2afdf2b6c428667912ce4d65681a1044d045d1bc6de2b14113f0315fc892","ssdeep":"1536:/MkbAPfd1vyBKwHz4kco36ZvIaBfRPlajyXUA2jVTc:L0nXnHdfRVEAS2","tlshash":"7d7302e63b6c4943e03d6460708abe9f104b3ab42fe057e5c876db7f2722992b71552c","first_seen":"2023-04-05T03:30:47Z","last_seen":"2026-04-05T17:47:40.435595Z","times_seen":413659,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/plugins/FootMenu/assets/foot_menu.css?t=20231029","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:21.664Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/plugins/FootMenu/assets/foot_menu.css?t=20231029 HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4e8z1.upkmldz.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nserver: nginx/1.26.3\r\ndate: Sun, 05 Apr 2026 09:20:51 GMT\r\ncontent-encoding: gzip\r\nlast-modified: Thu, 16 Oct 2025 03:57:50 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\nexpires: Sun, 12 Apr 2026 09:20:51 GMT\r\netag: W/\"68f06d3e-898\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: _7QYsEWjZ_pmEDVaNiKbaPqvJJGzl90GJCDYvzyPTiX8lDYnMmzTXg==\r\nage: 3150\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.26.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2200,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"64614812ac4674018c2ce1b8b8ccaab7","sha1":"c951c70177dbd690a4d57951cf47165bbf5429dc","sha256":"7bda87c3fb2390f334e74fcaf6d1d4d160916b0b3e73af7bfb0d3d3a9db4b097","sha512":"991ebef21f04d412d5454fdd5c244eceacecc2a5ca993ea13810696a761ebba051b8182513350ba839dc30c6fcf9d0e6e3f1d5ce5df7db0bb7b307f0ca61d88c","ssdeep":"","tlshash":"2b41a43976b2091479a74d64b35a89c4b3bc9603890dfd7efe1e53848f890e1b8d174c","first_seen":"2025-06-18T15:32:14.658498Z","last_seen":"2026-04-05T17:08:33.67237Z","times_seen":5004,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/themes/Mirages/js/7.10.0/peace.elite.min.js?v=11","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:21.695Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/themes/Mirages/js/7.10.0/peace.elite.min.js?v=11 HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4e8z1.upkmldz.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.26.3\r\ndate: Sun, 05 Apr 2026 09:20:48 GMT\r\ncontent-encoding: gzip\r\nlast-modified: Thu, 16 Oct 2025 03:57:50 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\nexpires: Sun, 12 Apr 2026 09:20:48 GMT\r\netag: W/\"68f06d3e-289f5\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: 95m_SBzzezedLwC-Uk58kmfuUxhrM-YH18Rr4XlmROnLOYTb4_YrWw==\r\nage: 3153\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.26.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":166389,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65521)","md5":"a3718817f52f2dc95220abce2a8103eb","sha1":"07d1e737953c330efc90cd838b20ebb91227857a","sha256":"d3b03dee20f7f718724551bd2ce04a2fa0a8a3a14e8ee5df0542de36f5ce9411","sha512":"7e9bd54f2b82516e6bcfde9c24eb4955a5bcfa882e9cb9c51b12cb7702d646342cabfa931b983efd8a920330195a6e35105bd1af7349052f424889d69e85f95f","ssdeep":"3072:7a+Q4YEe0FEDMdCvgOivn0q3NlFRe74zF2OCks:VQ4YKaDuEivn0q3NlFRe74zQOVs","tlshash":"20f38460b3c5789121879fb3772bb2e4ea2d6eac30540ccbf425fc58e6b9518e6d8570","first_seen":"2025-09-27T13:56:45.721902Z","last_seen":"2026-04-05T17:40:13.827296Z","times_seen":525,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/plugins/ArtPlayer/assets/vconsole.min.js","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:21.785Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/plugins/ArtPlayer/assets/vconsole.min.js HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4e8z1.upkmldz.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.22.1\r\ndate: Sun, 05 Apr 2026 09:20:48 GMT\r\ncontent-encoding: gzip\r\nlast-modified: Thu, 16 Oct 2025 04:41:25 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\nexpires: Sun, 12 Apr 2026 09:20:48 GMT\r\netag: W/\"68f07775-45ea0\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: Hz2faK--QHTuDR5hmmKEl4kgB1GWE21oDH9AdUMXWSNEC56kZUO_9w==\r\nage: 3153\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":286368,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (64795)","md5":"7af42a4b9930fbd3c0d1eb7c520037c1","sha1":"03493e11e3e4d93abd75c331b070a73ce9902180","sha256":"13d0e4e9e19c67ae744a77b60dfb1f6a82431189384d62ccb33396cb74c970b9","sha512":"a61b447e3347d047364df4aa767ab62cc63fc22df8adc345765dd5c47ec0d9ae8d5b9d32a1a4b5cce53c7cbdb98c65f42e40db0032d156ddf6163314fbf9233b","ssdeep":"3072:z11iHWXsqRBvkeoTZY3bN+/WwPKgLfERrSmBtVVRe+sE:TOWX7RZN+/WtKM9ew","tlshash":"855409ccb2c2706552a374f4516f240ef37bad44780b8098b63ad8d26d7ca4e61a7f6d","first_seen":"2025-09-25T05:47:52.391541Z","last_seen":"2026-04-05T17:40:13.802958Z","times_seen":533,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/plugins/ai/common/vue.prod.js","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:21.830Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/plugins/ai/common/vue.prod.js HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4e8z1.upkmldz.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.22.1\r\ndate: Sun, 05 Apr 2026 09:20:49 GMT\r\ncontent-encoding: gzip\r\nlast-modified: Wed, 14 Jan 2026 02:32:17 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\nexpires: Sun, 12 Apr 2026 09:20:49 GMT\r\netag: W/\"69670031-2f925\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: i1f_Nw_J886H_542EYjbPQd7SZrzGf10fpUMG38dN5k6H__51i0e2g==\r\nage: 3152\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":194853,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (28532)","md5":"9b14a30d9be6b89ccb5d9426baa70059","sha1":"e55a9116be9d0907b48698418b9e348d36bd3624","sha256":"97374c2e6815b02920dc02d8cca04507973d9a4d82aa5dafa20d04c2227ac9d2","sha512":"90840f4551f1ceeb2e764fed6a632d0eb39006fcbec40166664f0e7f0241347d8679fddf6e41658f939d0b00e893f1bf4ae97429f320c6dc60af0d87c4ef9dfc","ssdeep":"3072:c0RkBL/7KE2X44lDzvWUgT5Asswj2z+e7/72oIKc01DcUrIH:c0KuE2X44lDjWXT3j7e2KctH","tlshash":"2c1428b93181703217ea14e250bb0016f33a1525780984e8b5bde8df2d7695a61fffbe","first_seen":"2025-06-27T04:20:30.543622Z","last_seen":"2026-04-05T16:55:02.674497Z","times_seen":25947,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.ltunzdbq.cc/","fqdn":"h4e8z1.ltunzdbq.cc","domain":"ltunzdbq.cc","tld":"cc"},"ip":{"addr":"154.207.253.62","port":443,"asn":0,"as":"","country":"Seychelles","country_code":"SC"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-05T10:13:20.490Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ltunzdbq.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 05 Mar 2026 01:56:00 GMT","end":"Wed, 03 Jun 2026 02:53:49 GMT"},"fingerprint":{"sha1":"49:62:C5:14:5D:B7:77:E7:B7:6F:30:B5:37:2A:2A:33:3F:A2:F4:BD","sha256":"A0:F3:E0:9F:0D:5E:AC:59:2D:C9:54:6B:2F:78:4D:A7:2E:AA:E9:2E:D1:6A:F4:F5:38:0C:B0:0B:05:85:49:5A"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: h4e8z1.ltunzdbq.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ndate: Sun, 05 Apr 2026 10:13:20 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: https://h4e8z1.upkmldz.cc/\r\nserver: cloudflare\r\ncache-control: public, s-maxage=180, max-age=0, must-revalidate\r\nexpires: Sun, 05 Apr 2026 10:16:20 GMT\r\nx-server-redirect: yes\r\nx-redirect-by: backend3\r\nx-server: server-71\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7Gq21NY0NhqeffKOMkFmySKrj0WO5uk2w5B85ivhqoZ7UsYYFObMpUPKOZWSWUgfFv9un8UHsZMQ85Wj49gl%2F5V%2BzXgLookJwLWY7cZJ7V1jsa2yty1fHSRPo7lDEmTpCkwB5f4%3D\"}]}\r\ncf-ray: 9e77c7933909b518-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":160280,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T17:47:03.427672Z","times_seen":13386520,"resource_available":true,"data":null}},"time_used":482,"timings":{"blocked":24,"dns":1,"connect":1,"send":0,"wait":434,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.ltunzdbq.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.ltunzdbq.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/plugins/Search/search.css","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:21.677Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/plugins/Search/search.css HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4e8z1.upkmldz.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nserver: nginx/1.26.3\r\ndate: Sun, 05 Apr 2026 09:20:51 GMT\r\ncontent-encoding: gzip\r\nlast-modified: Fri, 12 Dec 2025 12:38:50 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\nexpires: Sun, 12 Apr 2026 09:20:51 GMT\r\netag: W/\"693c0cda-b91a\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: ICM5fNPGdIDW4JCsTn8wW9jCiATtva010oQ9xIzHB89HFoYJnMJJqA==\r\nage: 3150\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.26.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":47386,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, Unicode text, UTF-8 text","md5":"e6ba12d4c5d1d8b7208b465d770f8fb8","sha1":"ded3f788bbe3d98e4e609bdff0f2c225e222848b","sha256":"400eb254b381a3b8b095160bf6c3def41ac3d24e0e3774f86636acdf782c22ae","sha512":"419f587513d6760ceea45de8dc52bd11bd73cb53b10dd73e581434fd8dcb8c89d14e14a72d7aa87024b1c7565e528a067c4ee565ed79eee1d1eaae80b0228573","ssdeep":"768:DH8WoHEu6JzGi0mtUy3MRE6W6yr8RcST8Dqd:b83HEu6xGi0mtUy3IE6W6yr8RcST8md","tlshash":"5423ae1a9b520135f9bb44ac3a6b7f883729c413ed05cfbd7bd2a448cecbd547462688","first_seen":"2025-12-17T07:19:53.122009Z","last_seen":"2026-04-05T17:40:13.810745Z","times_seen":435,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/plugins/ai/common/index-ai.css?v=8","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:21.685Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/plugins/ai/common/index-ai.css?v=8 HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4e8z1.upkmldz.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nserver: nginx/1.26.3\r\ndate: Sun, 05 Apr 2026 09:20:51 GMT\r\ncontent-encoding: gzip\r\nlast-modified: Wed, 14 Jan 2026 07:06:15 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\nexpires: Sun, 12 Apr 2026 09:20:51 GMT\r\netag: W/\"69674067-2eb1\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: vV2oEU1yTSF7vrcvwslN9BYt8hUXu35gTps0ju_oTJ1vXiStL0Jecg==\r\nage: 3150\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.26.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":11953,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"ced69b29fc0608fd05c97d1ce949e0eb","sha1":"07f57f3151a68a9deb463b3917ccc4b934dd2d80","sha256":"e1880fe40522a527470003cd0d7c40bb82a501fa0bc426536cf706f0d7805c8f","sha512":"d1b67483026969ffaa06609ea1bb038d6bb6d8716eb00d0333a34c54d529d380fde57cc329bf1c22d18b5b3a5d32da2113f173704087de1e749c61225fac1a9d","ssdeep":"192:8nfAMTN/pMlr7B1buA+ZzUzVckgmIjyXPOE3:8f9AbuvQ+kgur3","tlshash":"5732a610e25f385b671b81b8bad8ebd4273c2404bf049fa8756579b1478e3d624b37e2","first_seen":"2026-01-18T15:52:51.533925Z","last_seen":"2026-04-05T17:40:13.825724Z","times_seen":110,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/themes/Mirages/images/logo.png","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:21.719Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/themes/Mirages/images/logo.png HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4e8z1.upkmldz.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 6015\r\nserver: nginx/1.22.1\r\ndate: Sun, 05 Apr 2026 09:20:54 GMT\r\nlast-modified: Thu, 16 Oct 2025 04:41:25 GMT\r\netag: \"68f07775-177f\"\r\nexpires: Sun, 12 Apr 2026 09:20:54 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\naccept-ranges: bytes\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: WG-YLdEVrpSXMuO6AdYeGsnzBK-P5GJMTHwJ647GdJsUUCHHnRjWBA==\r\nage: 3147\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":6015,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 400 x 400, 8-bit colormap, non-interlaced","md5":"9a5fcefd2df79489062bb748a8b62332","sha1":"e0374698e58cf62f4e64ff7958e4041204dadf7a","sha256":"d98c9b0b62933bac77dcbd62f7a8a335ebd3fd81c369905b71e012522e30f4d1","sha512":"8c67894aeb6f6f190f53ed5aa2deb123801c660363f7e70b1209492f3677468e6637d09680ae7f76a2a76ac061d906ccd8262bd81a80c3b7a6cd2acb212e9a6a","ssdeep":"96:3zR5v0wqsOjqMAAPcZrCBuJypYni6u0tX452p0wOq/rY/Di1HpLo8:9t4mMv3BuSYi6u+1NOUFm8","tlshash":"0dc17db66583bca3c6b7597d45e3b8711cb52eca925c08d18a95fffb8e7c1105404ba0","first_seen":"2025-06-07T03:54:38.239569Z","last_seen":"2026-04-05T17:40:13.784519Z","times_seen":484,"resource_available":false,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/themes/Mirages/js/layui/layui.js","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:21.811Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/themes/Mirages/js/layui/layui.js HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4e8z1.upkmldz.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.22.1\r\ndate: Sun, 05 Apr 2026 09:20:49 GMT\r\ncontent-encoding: gzip\r\nlast-modified: Thu, 16 Oct 2025 04:41:25 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\nexpires: Sun, 12 Apr 2026 09:20:49 GMT\r\netag: W/\"68f07775-471d6\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: BqeGEzxUKMg3gI3MCQff1vUCja1Dkv33sXO8RUhI8LRV13gN6FWJ7Q==\r\nage: 3152\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":291286,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"70ed0e8151d23de969de514bfd802a56","sha1":"569e6c1b0ac0b8efaa7dc0015b691334947a9665","sha256":"92c7997b3dce6ab2368b1bdb34ff4b67ac77957898a126c7eba452a8080bec95","sha512":"947eeb19fb055b07a191ec89625941abbdc8b2247b447dbec2e3958ebd3aabc34ac07a79c559e4752bd49bc44db77d500913aab4fae300077556e347d084b1a9","ssdeep":"3072:tVo+F//NOM0SF0Mz0pZN6TPKWjZIpYCrYtJ+8CZrcNBf4XcIiOb9:Xo+FdO3SF0Mz0Z6TfIpPS+8grcNBQcIZ","tlshash":"02543a9d758574b3237360a6406f990eb17b093daa0a8060f166d4fa2dbdc885237f7f","first_seen":"2023-03-07T12:09:26Z","last_seen":"2026-04-05T17:00:52.631562Z","times_seen":26604,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/themes/clipboard-2.0.js","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:21.822Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/themes/clipboard-2.0.js HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4e8z1.upkmldz.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.26.3\r\ndate: Sun, 05 Apr 2026 09:20:49 GMT\r\ncontent-encoding: gzip\r\nlast-modified: Thu, 16 Oct 2025 03:57:50 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\nexpires: Sun, 12 Apr 2026 09:20:49 GMT\r\netag: W/\"68f06d3e-234a\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: jpPB4EbQYyiWEjZiRDKTqOSkaUTa6dkC--5Y3CeJaJm8nYKWMDzfBg==\r\nage: 3152\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.26.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":9034,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (8941)","md5":"ad98572d415d2f2452845a6068a913c0","sha1":"6674f81dd01c76be986cf0a8172d1073e56d7ef4","sha256":"baff7541be9c20f7f977f6993ce39cfa937a7bde69db6e7beebb8f68372682a1","sha512":"3c88ac453f2615f771c7df6032ced6018e46a7e0ad8d86312af17ddf0f32580bd7e78f1404d0031eeed091abe0afac911be6aca1ca9fba4e5cae335de73f6ce9","ssdeep":"192:RJBFlYPHiG9JyHg4LyAahp1v/N/MosfkApXMdgmkpj:R9yKG9JKziVF/MF/XMmmkpj","tlshash":"d7126599b291b0b15ad731a8412f920ff3766869708b90d0d279d4f0acbcdde4463f2d","first_seen":"2023-03-07T12:41:35Z","last_seen":"2026-04-05T17:08:33.667537Z","times_seen":16218,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/plugins/ai/common/parsley.js","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:21.825Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/plugins/ai/common/parsley.js HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4e8z1.upkmldz.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.26.3\r\ndate: Sun, 05 Apr 2026 09:20:49 GMT\r\ncontent-encoding: gzip\r\nlast-modified: Wed, 14 Jan 2026 02:32:17 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\nexpires: Sun, 12 Apr 2026 09:20:49 GMT\r\netag: W/\"69670031-1730b\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: -H8a43kAYiKH_SpCgs-I-fot-dSg3tPxxK3BmItpXnWLz_7rqOOV9Q==\r\nage: 3152\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.26.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":94987,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (885)","md5":"a442261f7fdcdb3396b2982e7d5ff2d3","sha1":"f2a873ba1e0a2400f6c5f165eb9d4f4d36b4e2dd","sha256":"be43eddbeae875bbc9b68f4a6a95de3fad6798b733dd55f2cdc2bf81a5a33848","sha512":"16aff01ee308ec0adaa0e2be8ee139a1820b2af48f7ba182e595999efa4e3bf64f76dc80dbd9fe6b99152cfe1768bc83cbd0f52013d8cdd17270edf72237743e","ssdeep":"1536:qAj0W4ZuOjkI33R+a0WQ09uH60SkAZzvH6KomR7Gi21l:qAQTuOjkInuH9Sk2vAl","tlshash":"f49371497ae221018d2730bc1fafa0067274811b5409ad94f98d93d0af94d7993faff9","first_seen":"2023-03-12T07:21:41Z","last_seen":"2026-04-05T17:00:52.688349Z","times_seen":17994,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/themes/Mirages/css/7.10.0/mirages.min.css?v=22","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:21.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/mirages.min.css?v=22 HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4e8z1.upkmldz.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nserver: nginx/1.26.3\r\ndate: Sun, 05 Apr 2026 09:20:51 GMT\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 15 Nov 2025 08:35:37 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\nexpires: Sun, 12 Apr 2026 09:20:51 GMT\r\netag: W/\"69183b59-31516\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: -WMg0ItKpjdiMP4GMs7bm5BY6Wl7HxZJBBMvIySm9_da1BbzVL3i2Q==\r\nage: 3150\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.26.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":202006,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1228)","md5":"e82f103022978f318199affb22444a48","sha1":"cd065743c6460612e8de99ad35908ca3940ad138","sha256":"661c22567f2b9e14167e4322d317784293467d4ac8ca07a5ee0a78f27441a7a2","sha512":"8af3274c79e8277cdce67aa241e5d21c0612418b04ead01be5c3ae6526291fa3f12513f7a40a957ac8db81c35643fd1b2f495ae989520539fd59742868b79797","ssdeep":"6144:PwcGwP/8VBl4fvBl4f9YEG8PnXNsSd1XmF9taSgofFbwW:PwcAfK","tlshash":"cd14737c944511d46373ca5aafc4b6582738f226dd012ebdf12722d8dbc2b9b12e2b4d","first_seen":"2025-11-15T10:58:27.510435Z","last_seen":"2026-04-05T17:40:13.824873Z","times_seen":427,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/themes/Mirages/css/7.10.0/common.css?v=4","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:21.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/common.css?v=4 HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4e8z1.upkmldz.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nserver: nginx/1.22.1\r\ndate: Sun, 05 Apr 2026 09:20:51 GMT\r\ncontent-encoding: gzip\r\nlast-modified: Mon, 03 Nov 2025 10:23:45 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\nexpires: Sun, 12 Apr 2026 09:20:51 GMT\r\netag: W/\"690882b1-1d48\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: igWdHSGVMEe2j4mx9VD5xRb95VvJGZ90GdS4BkQYXbGGc3MVKsM8cg==\r\nage: 3150\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":7496,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"08a9019521f209319cefe9121d11fc8e","sha1":"b84cdc07a6ebdd5612d98234335833c9b00e62d5","sha256":"c353d58886a7824d37f706fa20976dbf62d1cb09c7fd5db91afa3b66b832555d","sha512":"7a64eeadb4518980887bfbc6b84a2a6b74c5ab59225cc0de802aafefc6f41ffb7d9e10d6c765417b00182b08a2753d6c8bc90e7ed968d0254338554fae447875","ssdeep":"192:E9Db2fjO9wqPhEhnFt7+maRfEjXl9rxw5k2iDYL2Y:Q+Rli","tlshash":"c4f1ed1842632444b427876c1fda07991b3c4013be07da7e7bdf77948f9b1aca162f8a","first_seen":"2025-11-04T09:03:45.864586Z","last_seen":"2026-04-05T17:40:13.802125Z","times_seen":450,"resource_available":false,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/plugins/ai/common/vant.css?v=4","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:21.680Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/plugins/ai/common/vant.css?v=4 HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4e8z1.upkmldz.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nserver: nginx/1.26.3\r\ndate: Sun, 05 Apr 2026 09:20:51 GMT\r\ncontent-encoding: gzip\r\nlast-modified: Wed, 14 Jan 2026 02:32:17 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\nexpires: Sun, 12 Apr 2026 09:20:51 GMT\r\netag: W/\"69670031-30a89\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: nvF0ooZoZHo_SZWphCtGMAxLU1vScJGExqFj8f6SF2sdqvqMGlPhlg==\r\nage: 3150\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.26.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":199305,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"ec97f98b8f11e72ca35d2a8939500e67","sha1":"fcdcaecbd29eb74c4d507c0f23d3758052aba3eb","sha256":"52fcb2a7486d329611d7fc1562e0dbcde9f4494728b88dc26932388fee77391f","sha512":"16ec7dfa0d84e113ac71cf66bc4aa1659d3a9089fe76c8e2834d0bd1ee25db5fb2ad0dfe35dbb9ba2340957396a603a09c8ebbacf49c90a65df12f522d9b851d","ssdeep":"1536:VjQbFNJ+jqkiHckCwsBlDOFIxuVoxJPBik/1Al5aIzb2VTVaxA:VuClDsIxuVSmRdJA","tlshash":"ec149495e69091bcbf27f275ab8b96dcf23cf560ed01daa4f10051580ec7bf50623a1a","first_seen":"2025-06-27T04:20:30.581604Z","last_seen":"2026-04-05T16:55:02.616914Z","times_seen":25895,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/plugins/ArtPlayer/assets/hls.min.js","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:21.788Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/plugins/ArtPlayer/assets/hls.min.js HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4e8z1.upkmldz.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.22.1\r\ndate: Sun, 05 Apr 2026 09:20:49 GMT\r\ncontent-encoding: gzip\r\nlast-modified: Thu, 16 Oct 2025 04:41:25 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\nexpires: Sun, 12 Apr 2026 09:20:49 GMT\r\netag: W/\"68f07775-65100\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: bQdCgbjJQiBIPvfJdUsFzHffBBdH36MjPfYBapLpj2cp-qgKGzf3JQ==\r\nage: 3152\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":413952,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"b0e74c4afba433e2362a2e0931c58657","sha1":"26895c91faa4debdbaaa9ba1cf5d6b4bd06c11a1","sha256":"484054e8cd03d3f6d1781fb7f402bdc318d8a4c527f933a95c624e27cc9a9470","sha512":"88598a7d73d15485b93c16778335d22f3fc862d0ba04cb08aa663f2b8da2bb290ea146530a10f047a29884f7308f91ee13884d26167134f0fe65d1cb26f46ff0","ssdeep":"6144:ZXJwan4Io6kf28+GqWS3zp8ph5GqHpjjOqJxSHjRnO9xaqpVFq:ZZoRuGqWS3z8jH0qJx8+VFq","tlshash":"9a943ced76a5a02642c2b165903f4607633a7d0a3409c1acfa2be9d75db8d4db03bf74","first_seen":"2024-10-18T10:42:34.916754Z","last_seen":"2026-04-05T17:40:13.808348Z","times_seen":663,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/plugins/ai/common/popup.js","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:21.842Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/plugins/ai/common/popup.js HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4e8z1.upkmldz.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.26.3\r\ndate: Sun, 05 Apr 2026 09:20:49 GMT\r\ncontent-encoding: gzip\r\nlast-modified: Wed, 14 Jan 2026 02:32:17 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\nexpires: Sun, 12 Apr 2026 09:20:49 GMT\r\netag: W/\"69670031-1a0d\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: 6Q1q9MrMmFtejDBiDpnHh6gAiEbGbqbNtyr9udEss-Ze6BVqxh5gYg==\r\nage: 3152\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.26.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6669,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"026709ed231cf8d920385fed59c17ca6","sha1":"19696886744402cb73a48a41e625b23f5acbb813","sha256":"3438d0b2d18590fa1f7f0c324a5ba9f42b699de78006ed372ad043bdf46a7e1e","sha512":"aa01a6f89fad627df9437b5bcf8c3feeb7bb9719d12f12ad8e00d031f3092d1de299ffa4cd98229ddbfd3c455a21934e0e391e1c06d979cfe65fbc0f08cf99e4","ssdeep":"96:P1spJ1L0gLrdAZLLCWICzj3nMjnjOSdFsCaxud:QTo3ZLLCvQj3nMjnjOSdFsCaxud","tlshash":"c4d12f9931f3213082abb27e6faba0143230a0477108dd197f4d5f900fc573a66e1bea","first_seen":"2025-11-08T04:26:01.83069Z","last_seen":"2026-04-05T17:00:52.688851Z","times_seen":17929,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/plugins/Search/search@3x.png","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:22.044Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/plugins/Search/search@3x.png HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4e8z1.upkmldz.cc/usr/plugins/Search/search.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 597\r\nserver: nginx/1.22.1\r\ndate: Sun, 05 Apr 2026 09:21:33 GMT\r\nlast-modified: Fri, 12 Dec 2025 12:38:53 GMT\r\netag: \"693c0cdd-255\"\r\nexpires: Sun, 12 Apr 2026 09:21:33 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\naccept-ranges: bytes\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: qdb8KBHEpZCbymu0HBBQTyJvloFh5qtdrQQ-K-Wrz6U-aFYz92cRIw==\r\nage: 3109\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":597,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 4-bit colormap, non-interlaced","md5":"06116c03b35faee409b7b174f3447067","sha1":"ae53a9cf893e0a24e6755a8048b9f819c7e94685","sha256":"1f972779beaaea226f13f81f45fe067159ed1013f8755cd667c8dc0bd33e43da","sha512":"665c8373e97d8bf57cdbc256f8dd557d5c0393834d0b6e8bee8bc9c2bb8e493f25a8f1e8139a908098dd12f11824c8a71dbe877742dcaaca00d49c6351dfcbad","ssdeep":"","tlshash":"b4f04109ce1abbdc7384656412f13062ca76356816270e38cfa296bcdc1328389cb887","first_seen":"2025-12-17T07:19:53.150128Z","last_seen":"2026-04-05T17:40:13.787768Z","times_seen":428,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/themes/Mirages/fonts/OpenSans/400.woff2","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:22.048Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/themes/Mirages/fonts/OpenSans/400.woff2 HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4e8z1.upkmldz.cc/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: font/woff2\r\ncontent-length: 16644\r\nserver: nginx/1.22.1\r\ndate: Sun, 05 Apr 2026 09:21:36 GMT\r\nlast-modified: Thu, 16 Oct 2025 04:41:25 GMT\r\netag: \"68f07775-4104\"\r\nexpires: Sun, 12 Apr 2026 09:21:36 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\naccept-ranges: bytes\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: 73BqZMJlknIVJ5mkBoizlwC3vwTvGRnAfc1UXFHg5sdqg5pxmiLotg==\r\nage: 3106\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16644,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16644, version 1.6554","md5":"6276351c3fd3053a0cab736572d6ced1","sha1":"326b281cbcf5070d140fadedc4b1354f1a5d916c","sha256":"43640ab0efbdbd50a1162047c1f62f338fb84de407411b98bfa6a1f8666ef0af","sha512":"c9885c9fa086350a150efae1c40c9ab22314db0baf47b457c3de4be5c7e609313b9fec4f9000b133a9f8b365c2d5d3703bbff579833a8b81195062e5f6bfe5e7","ssdeep":"384:JK4eVLUx4mqjtgI4cwDn/HnhbXOU7WYb+KFqEevY5:Y4edUqmBIkD/HhjHWYb+KFGvY5","tlshash":"bf72cf83f467d9f0f42836305db116e3b979ef357761ace0621445aa1232bd02e847dc","first_seen":"2023-05-08T23:10:23Z","last_seen":"2026-04-05T16:36:29.65138Z","times_seen":19847,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/plugins/tbxw/js/zzz.js","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:21.714Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/plugins/tbxw/js/zzz.js HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4e8z1.upkmldz.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.22.1\r\ndate: Sun, 05 Apr 2026 09:20:48 GMT\r\ncontent-encoding: gzip\r\nlast-modified: Thu, 16 Oct 2025 04:41:25 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\nexpires: Sun, 12 Apr 2026 09:20:48 GMT\r\netag: W/\"68f07775-c67b\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: i0-0BFZbVRBVJzbXv1VkBYvV5-0a_BPtZuGJT6ZVD_mcGFT3rwre7A==\r\nage: 3153\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":50811,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (48316)","md5":"78dab9fcf576de8cba46edd716dd2309","sha1":"7113abe41f95159f9bfccf70d01bdda1055af2ad","sha256":"7c66d6c8e2c470780513a282b66e2b5b7429ed863d6a0ecd6054b38dcda004b5","sha512":"dbb858875e532b475f827c930c154cac09e9a952b20053a0f7e1b34a050100a0a3a41f8aabeeab4af2dd90082363fe3ced3a5957f7250a4918d305b49655e040","ssdeep":"768:J1Z4iiyfiD78x6l42SWRV4HC0o10LEnM9OT81agZnEpn6ZFCsUleZ:vZYDc6lXJd1mZpZEdq","tlshash":"da331bc5a19c609153a774d50d7f704bb4637526170d89acf228e8eeecfcaea9039d38","first_seen":"2023-03-13T16:33:51Z","last_seen":"2026-04-05T17:00:52.62584Z","times_seen":26402,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/themes/Mirages/css/7.10.0/fontawesome.min.css","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:21.668Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/fontawesome.min.css HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4e8z1.upkmldz.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nserver: nginx/1.22.1\r\ndate: Sun, 05 Apr 2026 09:20:51 GMT\r\ncontent-encoding: gzip\r\nlast-modified: Thu, 16 Oct 2025 04:41:25 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\nexpires: Sun, 12 Apr 2026 09:20:51 GMT\r\netag: W/\"68f07775-18f6f\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: v2m5ks_39bfuzKxGWlFnQh1brcKO7KCSw57zk3m6kUJ5a0gP66zk1A==\r\nage: 3150\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":102255,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (62333)","md5":"35c423c7a0a87e2e4f3646e582e2dd67","sha1":"aa640d874aaf84764c2a4c94290624166fa81d2b","sha256":"98e7ef32e76852a8a836cd1ca9efd953628a0cc8739f7d847ea87ca525db73ae","sha512":"d81bb1c55dfe6108d57f19f8aa37dc01f770ce9ccc16d0519710a1dfbcd0da6c9c71d85ca1a940aec83c81b5124aa2c6fb9ac0409517e38db02734300b006d8b","ssdeep":"1536:E6MnM+M8MMMtMFM/QS8EfluzvQrp6mQzsWdCENdA9tVg9:/pfluzYQmQzsn8dA9ti9","tlshash":"b4a339f8e48905e8a372c84fcb55b36c663afb70d5425c81f10f9a4d8ec2b5815dab2d","first_seen":"2024-08-12T04:36:20Z","last_seen":"2026-04-05T17:01:27.897741Z","times_seen":19379,"resource_available":false,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/plugins/ai/css/index.css?v=24","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:21.687Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/plugins/ai/css/index.css?v=24 HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4e8z1.upkmldz.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nserver: nginx/1.22.1\r\ndate: Sun, 05 Apr 2026 09:20:51 GMT\r\ncontent-encoding: gzip\r\nlast-modified: Wed, 14 Jan 2026 09:04:03 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\nexpires: Sun, 12 Apr 2026 09:20:51 GMT\r\netag: W/\"69675c03-fdab\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: _HXbBUOyQuOjrWGsEFhfZYHFv-XyqS_Gi-ah9zwrehbm7S8TR9JY6w==\r\nage: 3150\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":64939,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"cd1ff982c7584b285ac7d2b4b1165a89","sha1":"d99cd4223e2f48e11372f128f1f627704ca2caf3","sha256":"ba45eb074397600c877d3abe699a5c64c201e30549361a9881800e70d95c7d14","sha512":"826689d6d5f68b16636c54adea8621599d5b177440cd4f1bdad3ce17525886bbd4d2d09709ca9094b1ef6d778d7e1e93affebf56d399f9b42d8e7dd18330d607","ssdeep":"768:WuO3/VjKqjwpEGQftXhudyF23LeBKQRQqQoUY5qllJxMxY4JSF4FpT:YdhudyF232KeBOY5qllJxMxY40+T","tlshash":"4253650426230904785795babf7b27c56358c087cd0ac96d7fcfa649cf8e22875b5bca","first_seen":"2026-01-18T15:52:51.531224Z","last_seen":"2026-04-05T17:40:13.792302Z","times_seen":110,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/plugins/ai/common/axios.min.js","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:21.838Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/plugins/ai/common/axios.min.js HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4e8z1.upkmldz.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.26.3\r\ndate: Sun, 05 Apr 2026 09:20:49 GMT\r\ncontent-encoding: gzip\r\nlast-modified: Wed, 14 Jan 2026 02:32:17 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\nexpires: Sun, 12 Apr 2026 09:20:49 GMT\r\netag: W/\"69670031-cc17\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: rzgxptEyBjc4spBIL5DQVRp2DBqZiNcAZtCufOWM9kcB21QKIvkzhQ==\r\nage: 3152\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.26.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":52247,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (52208)","md5":"99714d221df650b50da3b7bf97e2987d","sha1":"493b74178a63429fff2aab081b3a1ca73d362085","sha256":"8ad11c4cb079bba93156727270f510292eedcc0716c6f21725074a59ec8b9b96","sha512":"2520851e12838a54d14577bd6a4fc5276f1d729389c7341a09ddd783c33217a5c58ce0e1cbf60c08cf075b44c50dc90d1d651ec16fa47ef8629f8de12ad27103","ssdeep":"768:Wjp+L+sl7x97+om+oCICTUOD3cQ3F1C+SqImCjL/hQBf/MEVgnyzB/c2OiwBaGcj:Up+b0GUOLMPLJQf/CEB6iwOj","tlshash":"2c33b6cd76d6f06243a77174802f610bf23aad16a44d8460f224ece6bcb854e9337f69","first_seen":"2024-05-21T19:06:10Z","last_seen":"2026-04-05T16:55:02.749837Z","times_seen":26874,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/themes/Mirages/js/7.10.0/mirages.main.min.js?v=2","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:21.780Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/themes/Mirages/js/7.10.0/mirages.main.min.js?v=2 HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4e8z1.upkmldz.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.26.3\r\ndate: Sun, 05 Apr 2026 09:20:48 GMT\r\ncontent-encoding: gzip\r\nlast-modified: Thu, 16 Oct 2025 03:57:50 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\nexpires: Sun, 12 Apr 2026 09:20:48 GMT\r\netag: W/\"68f06d3e-4cb68\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: pzSIj4UTZD00ETxp0sQ98HEJ6ceeuR_rN8jlAjJGSbdpVOhWWqKM3w==\r\nage: 3153\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.26.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":314216,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (942)","md5":"467f79f8918ea5236cd42da189a3ddd9","sha1":"9cd460c1e262681514e331bd3cf1d17c9ce9d4d0","sha256":"7406dc82acf484c36bbe06dd2266cc0b2793fb5bc1622d5d0e7ab76e89ba98e1","sha512":"361dd264e39689a61ca1c9baf5bb3d6b42384d59f3619c20bfd43c4b1e7073ed7adfff7440896ddfe82e5145aca58e98e82d6c6560d3653024b2bd8820ec1413","ssdeep":"3072:/SbqwelyE+K3TAO4czuJ19WxZ/Y8f4Sqvw+Uki/uMSB+jonuLzAX:/Sz4TAauJXW3Y8f4Pw+UVuTxnuLsX","tlshash":"ae64a40baaf314725563b0bc4b6fa5043231806b5e59fd643e5c82dc4f1d83d26b6bae","first_seen":"2025-07-23T00:56:23.107725Z","last_seen":"2026-04-05T17:04:21.635059Z","times_seen":2799,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4e8z1.upkmldz.cc/usr/plugins/ArtPlayer/assets/artplayer-plugin-ads.js","fqdn":"h4e8z1.upkmldz.cc","domain":"upkmldz.cc","tld":"cc"},"ip":{"addr":"52.84.50.52","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4e8z1.upkmldz.cc/","date":"2026-04-05T10:13:21.796Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upkmldz.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 05 Apr 2026 00:00:00 GMT","end":"Mon, 19 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:E6:96:BA:9E:63:AF:C8:43:BA:9B:BC:C1:B7:C8:EE:49:EC:D5:44","sha256":"BF:E2:22:FE:86:51:6A:36:79:69:0F:45:99:BD:3B:6A:18:1D:92:16:C0:9A:0B:96:D5:66:C7:73:8C:72:F2:87"}}},"request":{"raw":"GET /usr/plugins/ArtPlayer/assets/artplayer-plugin-ads.js HTTP/1.1\r\nHost: h4e8z1.upkmldz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4e8z1.upkmldz.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.22.1\r\ndate: Sun, 05 Apr 2026 09:20:49 GMT\r\ncontent-encoding: gzip\r\nlast-modified: Thu, 16 Oct 2025 04:41:25 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\nexpires: Sun, 12 Apr 2026 09:20:49 GMT\r\netag: W/\"68f07775-35e1\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fd72662d19f1605cb71a8fd4814daf52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: Xclp75LabyXB6wmxr9mtdZY9XFdni_9q_Q62cyjR2eHlMJHc_ON3Yg==\r\nage: 3152\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":13793,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1245)","md5":"f3028d03f85cbd4e647eea126066dcfa","sha1":"92819e469a0d69b0de91a2d5604b865656013fef","sha256":"e5c49a3f854bec72b9ae79e60969e57c955633dd8a55cd23063c27ea790a1a37","sha512":"d1754b75094f72fc1eb3db5219806fe51404fa8c0dd3da79257bec7b3d81953d0623747a43abc09ea4079fa6b9a32423034db3b851a508338884c53f08260483","ssdeep":"192:9XxOu0WEXx7vYb/p+/iEEDWMZiDXbQ0QcEJkdS2B1MaQpIm1GrR0a/sa/sB1RWyD:JxOuYx70DWMCSa1MWHyqsqsBj5P/j","tlshash":"f552432715b610111177b0f89b4f12823435c12f8d55ff02be8c92e45f9ea2d9abaf89","first_seen":"2024-02-21T18:27:49Z","last_seen":"2026-04-05T17:40:13.789114Z","times_seen":680,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"h4e8z1.upkmldz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}