{"report_id":"6705dd31-15b0-4799-8931-6ec755bcf6d6","version":6,"status":"done","tags":[],"date":"2026-06-06T07:10:30Z","url":{"schema":"http","addr":"chrome.xahuapu.net/help/744.html","fqdn":"chrome.xahuapu.net","domain":"xahuapu.net","tld":"net"},"ip":{"addr":"180.97.198.41","port":0,"asn":140292,"as":"CHINATELECOM Jiangsu province Suzhou 5G network","country":"China","country_code":"CN"},"final":{"url":{"schema":"https","addr":"chrome.xahuapu.net/help/744.html","fqdn":"chrome.xahuapu.net","domain":"xahuapu.net","tld":"net"},"title":"如何在Chrome中启用远程调试功能 - 详细步骤与实用技巧","dom":{"size":13222,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1579)","md5":"2d227f77933d2d72a367d36b16032bc2","sha1":"8e7e9fa6a445c130f756dda9e4c95e543c91b6c3","sha256":"9b0107b929672823daed82eacb6b7b8aeff334fea512805171e3950b9414fd3f","sha512":"10997d28bcec037fdbfbc3c0d34d3ca2ab3b0ceb43b4b25f6202cb653e55b8f00615d64895f71f69db229973b317ada78fb45088518fdb0a3fcdba501aa4b5f9","ssdeep":"192:+6Jj6q1SBqrYrtMeHUK80HEYtjy1CqVFfkgQO5DJ+/s7GXPtiy:9YrtMeHUK80HEYtj8zfki5DJ+/OKky","tlshash":"ae52a5b618d96c3f112711c1352ab2dcbcbf9d3bda628892f2bf1505abc1dd5481b1ca","dom_hash":"domhashbcbc1d80dbb52df94451bb3cca0edc15","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"chrome.xahuapu.net/help/744.html","fqdn":"chrome.xahuapu.net","domain":"xahuapu.net","tld":"net"},"ip":{"addr":"180.97.198.41","port":0,"asn":140292,"as":"CHINATELECOM Jiangsu province Suzhou 5G network","country":"China","country_code":"CN"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-11T07:10:30Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"hm.baidu.com","ip":{"addr":"111.45.3.198","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"domain_registered":"1999-10-11","domain_rank":54491,"first_seen":"2012-05-26T08:38:45Z","last_seen":"2026-06-01T08:33:37.168547Z","alert_count":0,"request_count":2,"received_data":30879,"sent_data":1303,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"zhanzhang.toutiao.com","ip":{"addr":"47.246.49.204","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"United States","country_code":"US"},"domain_registered":"2004-02-16","domain_rank":620575,"first_seen":"2020-11-05T15:52:52Z","last_seen":"2026-06-05T08:47:05.488925Z","alert_count":0,"request_count":1,"received_data":1006,"sent_data":661,"comment":"","tags":null,"fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"lf1-cdn-tos.bytegoofy.com","ip":{"addr":"163.181.253.202","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"domain_registered":"2021-01-11","domain_rank":402951,"first_seen":"2021-08-07T17:49:18Z","last_seen":"2026-06-05T08:47:05.791767Z","alert_count":0,"request_count":1,"received_data":1877,"sent_data":596,"comment":"","tags":null,"fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}]},{"fqdn":"chrome.xahuapu.net","ip":{"addr":"180.97.198.41","port":443,"asn":140292,"as":"CHINATELECOM Jiangsu province Suzhou 5G network","country":"China","country_code":"CN"},"domain_registered":"2020-05-16","domain_rank":0,"first_seen":"2025-10-01T08:26:23.916429Z","last_seen":"2025-11-19T19:10:48.16935Z","alert_count":40,"request_count":20,"received_data":736425,"sent_data":9310,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"chrome.xahuapu.net/api.php?op=count\u0026id=744\u0026modelid=1","fqdn":"chrome.xahuapu.net","domain":"xahuapu.net","tld":"net"},"ip":{"addr":"180.97.198.41","port":443,"asn":140292,"as":"CHINATELECOM Jiangsu province Suzhou 5G network","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"6fe991b7a089b50f1fd9b02efdc0311f","sha1":"fa1eb4ba31f508fa056221bcee0a6ef6fc7869f2","sha256":"dce1e88bfb2f4236151bf7f534891ef97413585260994f80f957efc3cbf13588","sha512":"e71ec87e62121cddfe0a52768509ace8c93621a81857a5279215465a120c25845788c108d4e6e2a9414d28ead6719db60013e9330ba74f3c375c69b2f6770a0a","ssdeep":"","tlshash":"71b00299c6ca4a176945221114ea6218b6f20b11d0cc9af55d40115ba3d6f0029a7473","size":103,"data":"","first_seen":"2026-06-06T07:10:33.97161Z","last_seen":"2026-06-06T07:10:33.97161Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chrome.xahuapu.net/statics/2023/js/qrcode.js","fqdn":"chrome.xahuapu.net","domain":"xahuapu.net","tld":"net"},"ip":{"addr":"180.97.198.41","port":443,"asn":140292,"as":"CHINATELECOM Jiangsu province Suzhou 5G network","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"bd06ea568ae119edd9b9e98f0878149f","sha1":"3cd11a83d472b96d2cef87e9454d0b2e20880c4e","sha256":"740badb6e3f33f267d321e006f964d1f7ecbc0fcd4ab73c831bfa0bfdde8eb33","sha512":"91496c9e2ee9d9f6dcaa056324b6acf427b007f85f4d4583ac59d9e4674b9dc02db5c2ac41a9f1d657d1ada3360256e0700f26bdd0d3b873ffa17ef94c8b9d3c","ssdeep":"768:zYyI+dC7vrfJCNhZms25E0fg/ePjVQ+pSZmYfcH:EHvrfJCNhZQfRPxQ+pSAYfcH","tlshash":"17f220091b6f0219d03bb6289eabcc0ae7694e2b141d995f7d7ca0d80f7643494f9df8","size":35769,"data":"","first_seen":"2025-10-01T08:26:34.96625Z","last_seen":"2026-06-06T07:10:34.006726Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chrome.xahuapu.net/statics/2023/js/jquery-3.4.1.min.js","fqdn":"chrome.xahuapu.net","domain":"xahuapu.net","tld":"net"},"ip":{"addr":"180.97.198.41","port":443,"asn":140292,"as":"CHINATELECOM Jiangsu province Suzhou 5G network","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"f832e36068ab203a3f89b1795480d0d7","sha1":"2115753ca5fb7032aec498db7bb5dca624dbe6be","sha256":"4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf","sha512":"b9dbc08c984ae3c7fd44822ec2e9a22cb8cf7da55fa3975dbbdc3f18fd7e7a7793e8d93604826574e3dd6a4f982d7af4f96c1af5e10d847b8394a34a82c398ba","ssdeep":"1536:yTExXUZinxD7oPEZxkMV4SYKFMbRHZ6H5HOHCWrcElzuu7BRCKKBEqBsojZlOPmw:ygZm0H5HO5+gCKWZyPmHQ47GKc","tlshash":"b28319dd72c6706257b761ba00bf540bf236599e6c4d4410f124e8eabc78a4a823bf7d","size":88144,"data":"","first_seen":"2023-03-07T01:24:01Z","last_seen":"2026-06-16T16:45:03.258252Z","times_seen":12359,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chrome.xahuapu.net/statics/2023/js/rem.js","fqdn":"chrome.xahuapu.net","domain":"xahuapu.net","tld":"net"},"ip":{"addr":"180.97.198.41","port":443,"asn":140292,"as":"CHINATELECOM Jiangsu province Suzhou 5G network","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"17dd895d42335f707065e4c66032e805","sha1":"79d6ad5821ef65ca081193a8228d12cf4cdf1f72","sha256":"d5b0f6fc68ebbb9f7f6c5880a82b28757df931df566967b94577cce69758175e","sha512":"e44cbdece04e333ea5e70a415820bd85184ea382efb23123b3187c5264eb5630321fc6c4e9d13ea0702b877401c7406a065c5424b7ef1300013c0c816e6e7a1d","ssdeep":"","tlshash":"4261142806e322261e2330748eaf7505392280670559ce457caee79e7fe4b354ff6be5","size":3391,"data":"","first_seen":"2024-08-19T13:16:06.916115Z","last_seen":"2026-06-06T07:10:33.961799Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chrome.xahuapu.net/help/744.html","fqdn":"chrome.xahuapu.net","domain":"xahuapu.net","tld":"net"},"ip":{"addr":"180.97.198.41","port":443,"asn":140292,"as":"CHINATELECOM Jiangsu province Suzhou 5G network","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":true,"md5":"520bfbe48305621bb1212f3fd9d77346","sha1":"2cb15c382629e37955d7ad95e2aa21ed8c4fda68","sha256":"2a244fe5e95343b5828a6e0d4698079588fd19e96bf2d7a856a109e1c77a48da","sha512":"817f8816de0cf80cfab5cb0d1d240da88b5a7944040ece32270265d169ee479bc4e851184070eb1f28d54b47812e629be4fb89bc098bab3ed8623451d43707e7","ssdeep":"","tlshash":"3ae07d1e34c2003903b3446923f75105252b370fc45dcb177d5fc9da1f24c61054660c","size":333,"data":"","first_seen":"2025-10-01T08:26:35.025295Z","last_seen":"2026-06-06T07:10:34.01691Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chrome.xahuapu.net/statics/2023/js/jquery.metadata.js","fqdn":"chrome.xahuapu.net","domain":"xahuapu.net","tld":"net"},"ip":{"addr":"180.97.198.41","port":443,"asn":140292,"as":"CHINATELECOM Jiangsu province Suzhou 5G network","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"90cec60a499620cd97176be2f405a5e1","sha1":"f87cc8f9523a0b97b41eccf8551901104dcea25a","sha256":"d878ec7c8af94db88b03ddd07ce7d3024b129aaa2b834e09000b7c734ac804c8","sha512":"15f3e895cf7d8d909bbc76c1ec6075a8086abd7fcd5d7b7e1a9aa5a8bc7aeda2a66859e92b518d3ff27dfe418e3e92d8ddf0966299f6a9f60cac8fe8db65d8c0","ssdeep":"96:u3CcNEKc8/ZkkHPVLyjPjYgShTtCgOvoLgyvhTgI8ZTGT+4zFUaVKYiCDIH:nCPGnYrAF4CaAB","tlshash":"05a1cb1a398a632344727239a6cad348e254b7271312a8627cac4da5bf30de166b4fd4","size":4956,"data":"","first_seen":"2024-08-19T13:16:06.918953Z","last_seen":"2026-06-06T07:10:33.966804Z","times_seen":29,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chrome.xahuapu.net/help/744.html","fqdn":"chrome.xahuapu.net","domain":"xahuapu.net","tld":"net"},"ip":{"addr":"180.97.198.41","port":443,"asn":140292,"as":"CHINATELECOM Jiangsu province Suzhou 5G network","country":"China","country_code":"CN"},"introduction_type":"Function","is_inline":false,"md5":"a4bc237b403b9001d9dfe918c242eeb3","sha1":"2ba8b3f3a3b6642c37dde2f46d1ab3fa7cb73bb6","sha256":"a3ea82c93aef29980774c2672184dfe8a6f65902a880c0860530f362ddb0b6a3","sha512":"d75ad64b3a3b0a4fb57ddbfdcf6d45bfc162165f94ee082bcf6a1a23595897c954f10397bf3d449f57b61ef413757f17b2534ad57b3bed9b632959c5cc1b3044","ssdeep":"","tlshash":"78f0dceca382889c39e5ac7c6856aad8646e0d361cae887aec04243431c8e3305e54df","size":488,"data":"","first_seen":"2026-06-06T07:10:34.018635Z","last_seen":"2026-06-06T07:10:34.018635Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chrome.xahuapu.net/help/744.html","fqdn":"chrome.xahuapu.net","domain":"xahuapu.net","tld":"net"},"ip":{"addr":"180.97.198.41","port":443,"asn":140292,"as":"CHINATELECOM Jiangsu province Suzhou 5G network","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":true,"md5":"4b80dcd0c4d0cacaf9e50f8afc01d5a5","sha1":"b51772b16ae628996bf9bff731d7ba48eaee7652","sha256":"12c24a63d2c9e7daddf3e42c629b68ad0fc0ad83d292f04f2c3d41d34e294b1a","sha512":"6a0b9e2d8f05578e7cb808b6937593466ea98f36393c71adfd6b456de29af0cc371ebf1a25a2f973529091ce027b4e0e74c7c37e088545940b5bb7a817ec42ca","ssdeep":"","tlshash":"be5000c03300f000cc00003c0030000c0000f0c30c03c000c00c0000fc000003030000","size":11,"data":"","first_seen":"2023-03-08T02:17:24Z","last_seen":"2026-06-16T15:00:37.853318Z","times_seen":2072,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chrome.xahuapu.net/statics/2023/js/bootstrap.min.js","fqdn":"chrome.xahuapu.net","domain":"xahuapu.net","tld":"net"},"ip":{"addr":"180.97.198.41","port":443,"asn":140292,"as":"CHINATELECOM Jiangsu province Suzhou 5G network","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"8611079d5f8a465fdfc5351a3ce4acf5","sha1":"cff3e6242446b202dc3b343f3913e252e1cee244","sha256":"34f2409f58b3fd380f8efcde331e18531e6c4bce3ac22ffaa01ef2a8ed2efd4b","sha512":"787c789db053908af68b49bd480366fdc7333c449dd0350471f97ce09a48baeb44ea80f13e15efb24311d3c5a6be67f1e70529563956762f361b960bbeaa8974","ssdeep":"768:N6TzQWPQ8EnwzbtrbQ+JxuOzWhnMqq2SB3IVRKjs/MV/vINJ5NW2aJcubJ4CNnKm:N9ubUasHVW8o0Xftye1LP/4","tlshash":"5f43b65a3254b9330ade84e68036474bf7195c99b547806cb9bc6cde1b7dc8232b3b78","size":60554,"data":"","first_seen":"2023-03-12T14:17:46Z","last_seen":"2026-06-16T10:59:18.232548Z","times_seen":2934,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chrome.xahuapu.net/statics/2023/js/complaint.js","fqdn":"chrome.xahuapu.net","domain":"xahuapu.net","tld":"net"},"ip":{"addr":"180.97.198.41","port":443,"asn":140292,"as":"CHINATELECOM Jiangsu province Suzhou 5G network","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"dc579923e14f876ced12f53887233b81","sha1":"14d7e020fdc117796cc4b984b9bc46d7f4399591","sha256":"3545464edb815899de517fc105e02b44c48a8af250d0a2f22d0eb0b5f69812c4","sha512":"673cb9b5ba9f99a52bc6b982a8e19b4616fbe50d57f57203e17afa2a7328b2c8ff41d5e6771474d296ed2a4cd97f5c538b73b51702a87dddf947112d947d7549","ssdeep":"","tlshash":"99717684f9ea6620413365f8fbfb424a1437a00ba90e8d64f69c0fd09fc7f58e094b49","size":3665,"data":"","first_seen":"2025-10-01T08:26:34.951407Z","last_seen":"2026-06-06T07:10:34.004488Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chrome.xahuapu.net/statics/2023/js/photo-browser.js","fqdn":"chrome.xahuapu.net","domain":"xahuapu.net","tld":"net"},"ip":{"addr":"180.97.198.41","port":443,"asn":140292,"as":"CHINATELECOM Jiangsu province Suzhou 5G network","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"3da583873ec37864484cbc3e471edce3","sha1":"907e4870d88b83e079437ed86eec96c97a7f783c","sha256":"0c2af1a1f78693ebe1247cf0ccce0a44fad05a498d38446210830c8a7eeefb00","sha512":"f3f1b7999ec15d442f0894d979b403d490314239d2c4049df45a818faec1398f36ca987c6f76fbebf55c72f50075cd8dec3c57b2614568a86aae17ef7a297c94","ssdeep":"1536:7+RnvOA0Vf+Am9GVdI8BmCYcAFUtt5FsFgju44gmiPE24XFU7Sb:Ond9GVdI8BmHcAFUj9xHm524XiSb","tlshash":"88e34f0e952122aa98f3733f9b9b8445fafb8123a51185557dec48451ff882843ecff9","size":149327,"data":"","first_seen":"2024-08-19T13:16:06.922911Z","last_seen":"2026-06-06T07:10:33.979946Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chrome.xahuapu.net/help/744.html","fqdn":"chrome.xahuapu.net","domain":"xahuapu.net","tld":"net"},"ip":{"addr":"180.97.198.41","port":443,"asn":140292,"as":"CHINATELECOM Jiangsu province Suzhou 5G network","country":"China","country_code":"CN"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-06-16T12:35:01.168069Z","times_seen":121597,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?488a80a26828a11a517706999719810f","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"111.45.3.198","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"a184898a7661b33949574e6ea6443bf7","sha1":"9b9ded9da71f5c521e2fcc79495dce93e95f24e3","sha256":"7925ab0e8b419b7edc57c59d9caec1129b0a01f259b7ad05eafd566748224ef2","sha512":"c7e5a5c5a84314f7484a92bcd0ac16517223037b4bb80b01fea9b6c34f9c28dd035c8836bdbc23696873321cb01101abcae851451592e5430640082749b0e83a","ssdeep":"384:UIJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:UI4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"78d2d9e9b282713293a324a5153f724af07b5a54bd4968a4f11894c07d38fbb027bfdd","size":29897,"data":"","first_seen":"2026-06-06T07:10:33.96824Z","last_seen":"2026-06-06T07:10:33.96824Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chrome.xahuapu.net/statics/2023/js/lazyload.js","fqdn":"chrome.xahuapu.net","domain":"xahuapu.net","tld":"net"},"ip":{"addr":"180.97.198.41","port":443,"asn":140292,"as":"CHINATELECOM Jiangsu province Suzhou 5G network","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"ef1269e20b885baeabc307694ae819f6","sha1":"86cd79dfb33579f8e57c3c2e2287c8337a6b4fe1","sha256":"eb2cde2535a25b66406361b16456aa0cae8785b3cfdcd6ad9e64679a6afce9db","sha512":"5672a1722c9f07ede45b36cd0c4cb11e860f568279dbc1a2e467d26821bdb8d4da0108318bbd9fde0acc25b6d822d02092b9720c0779de4c8c4e498dbbcf9a8b","ssdeep":"96:fYhJ9UjjudyM5DsJL4mm02ekyKbFdSynRtbeg4PmuuoEfUBUIzGt3wPOi6:Cqu4MaJUNNVSoRtbeg4Zq8zOwPOi6","tlshash":"d9c1018c395ab15a51b3b3b8df1b8109f735422b0115a6953eac86e56f7082862f1fdc","size":5860,"data":"","first_seen":"2025-10-01T08:26:35.001653Z","last_seen":"2026-06-06T07:10:33.992551Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chrome.xahuapu.net/statics/2023/js/common.js","fqdn":"chrome.xahuapu.net","domain":"xahuapu.net","tld":"net"},"ip":{"addr":"180.97.198.41","port":443,"asn":140292,"as":"CHINATELECOM Jiangsu province Suzhou 5G network","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"ab097273d0857fc0c523dc02777ea16c","sha1":"33ef4ce01cdc5893a50e00ac227722fef60dd58d","sha256":"65f22420adff0cfbc0149dfdff7a8fc00d6e4b89bf37749c9390d22808db8c13","sha512":"ca2a73ef9b5a31d44a5bc1e0f41a2587261218d235bb379c2c175505153b813a94d33e2602182e9d579b91f230bfb5cd06ba5066ff054cc886dd603d3c78ebd7","ssdeep":"192:RIRPMcIYvXmX1uJsMoIoSohhfkDApVbRpIYzXAdJ3KAtGKfxERxx/HpwrYj3pic8:mZMv7TW0VbRe0wvK5AQTwxcR2","tlshash":"4b12951eb8a20526647730794fbf660839b9400b444ecd04bc4ccbd46f99a69a5befed","size":9361,"data":"","first_seen":"2026-06-06T07:10:33.977291Z","last_seen":"2026-06-06T07:10:33.977291Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chrome.xahuapu.net/statics/2023/js/jquery.validate.min.js","fqdn":"chrome.xahuapu.net","domain":"xahuapu.net","tld":"net"},"ip":{"addr":"180.97.198.41","port":443,"asn":140292,"as":"CHINATELECOM Jiangsu province Suzhou 5G network","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"a7666030c4d4db781a070524502bdd2d","sha1":"cfbca8efeba3aa781dd75c38802724cedec3100a","sha256":"8dbd756df0daae80886284d6f7df1449fe585c8922f7dc19f5aaab5295459906","sha512":"9432275125b32b13edeebe28e9d68401360d04584f3474777cf77c0c1bac99efeaa5fd84fe6d2e0b7213a521dc486009f28778730422271e2fbca4571b6da638","ssdeep":"768:OBTCbMKp3RT/AHkfUb6bwRrpW++hob2J5DtpuiyOFqXg4OYNrQaxjlf2er:OBTYMKpx/gkfUebwRrpW++JciyOFbb6b","tlshash":"0203300a7be5105a99737279dc6bc601f0b2073b5159a96f38bc90d81fb2ca481f5fe8","size":40321,"data":"","first_seen":"2024-08-19T13:16:06.953064Z","last_seen":"2026-06-06T07:10:33.996879Z","times_seen":25,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lf1-cdn-tos.bytegoofy.com/goofy/ttzz/push.js?2a6d8c54b459a0cc9d94c9eb58dd465735aada885f945ee77a425cb946a8d9bafd5c4a3974f9cd3eeb674bde712b4782cc4f323247d55c2ed2efd47b7c83521adc648ee828d46e7d3689a9c59fd080f6","fqdn":"lf1-cdn-tos.bytegoofy.com","domain":"bytegoofy.com","tld":"com"},"ip":{"addr":"163.181.253.202","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"2eabec1543d0f7cf67a9581a046c0a80","sha1":"1457010948371965598eb8be176bca4782855a20","sha256":"76fe1175f0b9100429f6e06ee61f795e83c496c5700d0d897fb92137ccd31c54","sha512":"093331d877b8be12f7518d5123b3bf209032141c79015a10b12250d5b729dc2c9744c85a585bbb65e5f3a9de8bdd6e24685b42fa386550c9610b89d06bebe901","ssdeep":"","tlshash":"e9e0c0a23186e51f80e4b17e5c05f02cc2734b4f0931518c869e7084e239b714233af8","size":357,"data":"","first_seen":"2023-03-07T12:03:34Z","last_seen":"2026-06-13T11:24:29.906402Z","times_seen":1272,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chrome.xahuapu.net/help/744.html","fqdn":"chrome.xahuapu.net","domain":"xahuapu.net","tld":"net"},"ip":{"addr":"180.97.198.41","port":443,"asn":140292,"as":"CHINATELECOM Jiangsu province Suzhou 5G network","country":"China","country_code":"CN"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-06-16T12:35:01.168069Z","times_seen":121597,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"chrome.xahuapu.net/statics/2023/css/bootstrap.min.css","fqdn":"chrome.xahuapu.net","domain":"xahuapu.net","tld":"net"},"ip":{"addr":"180.97.198.41","port":443,"asn":140292,"as":"CHINATELECOM Jiangsu province Suzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://chrome.xahuapu.net/help/744.html","date":"2026-06-06T07:10:10.764Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chrome.xahuapu.net","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 25 May 2026 00:00:00 GMT","end":"Sat, 22 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:57:13:B1:CF:FC:EC:09:2D:2E:18:9C:9F:0B:46:5C:A1:59:53:23","sha256":"FB:34:8E:D3:47:6B:AE:0B:06:55:B2:DB:65:82:BF:BA:E8:14:AB:EF:EB:9E:F8:EE:ED:10:FA:E7:BE:EC:6C:32"}}},"request":{"raw":"GET /statics/2023/css/bootstrap.min.css HTTP/1.1\r\nHost: chrome.xahuapu.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://chrome.xahuapu.net/help/744.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 06 Jun 2026 07:10:10 GMT\r\ncontent-type: text/css\r\nexpires: Sat, 06 Jun 2026 19:06:53 GMT\r\nlast-modified: Wed, 08 May 2024 03:22:53 GMT\r\netag: \"663af00d-35e6c\"\r\ncache-control: max-age=43200\r\ncontent-encoding: br\r\nage: 197\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nohc-global-saved-time: Sat, 06 Jun 2026 07:06:53 GMT\r\nohc-cache-hit: suz4ct68 [2], czix100 [1]\r\nohc-file-size: 31895\r\nx-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":220780,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65335)","md5":"5b42276b3039eaf18cc199cb4c8db7b8","sha1":"719956aa52db4c8afdc5c0cfb3cbdead6258b8a6","sha256":"932ea15108928991bcf0c0a46415fc652de5ffc0158c35205357b90c65eeb386","sha512":"ef639578068f795f27dc17598fb84e91a3d2124feec290e4686c8fe16da34b3002f2d7e23b82cc1035a82f7b85a7999c66efbc11e85be06859585c2faecb3af5","ssdeep":"1536:u1tfA98f66e7K5wlP72N9S3I17sYciHKVOpz600I4V9:ytfA98fXpKVOpz600I4V9","tlshash":"5e2482e6f190317d9ca7c1499590befd866fa945db120aaaf003776807cabd30963dcc","first_seen":"2023-04-06T15:05:25Z","last_seen":"2026-06-16T17:27:36.119535Z","times_seen":6623,"resource_available":false,"data":null}},"time_used":246,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":246,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"chrome.xahuapu.net/statics/2023/js/rem.js","fqdn":"chrome.xahuapu.net","domain":"xahuapu.net","tld":"net"},"ip":{"addr":"180.97.198.41","port":443,"asn":140292,"as":"CHINATELECOM Jiangsu province Suzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://chrome.xahuapu.net/help/744.html","date":"2026-06-06T07:10:10.774Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chrome.xahuapu.net","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 25 May 2026 00:00:00 GMT","end":"Sat, 22 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:57:13:B1:CF:FC:EC:09:2D:2E:18:9C:9F:0B:46:5C:A1:59:53:23","sha256":"FB:34:8E:D3:47:6B:AE:0B:06:55:B2:DB:65:82:BF:BA:E8:14:AB:EF:EB:9E:F8:EE:ED:10:FA:E7:BE:EC:6C:32"}}},"request":{"raw":"GET /statics/2023/js/rem.js HTTP/1.1\r\nHost: chrome.xahuapu.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://chrome.xahuapu.net/help/744.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 06 Jun 2026 07:10:10 GMT\r\ncontent-type: application/javascript\r\nexpires: Sat, 06 Jun 2026 19:06:53 GMT\r\nlast-modified: Wed, 11 Sep 2024 02:37:34 GMT\r\netag: \"66e1026e-d3f\"\r\ncache-control: max-age=43200\r\ncontent-encoding: br\r\nage: 197\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nohc-global-saved-time: Sat, 06 Jun 2026 07:06:53 GMT\r\nohc-cache-hit: suz4ct82 [2], qdix98 [4]\r\nohc-file-size: 1245\r\nx-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3391,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"17dd895d42335f707065e4c66032e805","sha1":"79d6ad5821ef65ca081193a8228d12cf4cdf1f72","sha256":"d5b0f6fc68ebbb9f7f6c5880a82b28757df931df566967b94577cce69758175e","sha512":"e44cbdece04e333ea5e70a415820bd85184ea382efb23123b3187c5264eb5630321fc6c4e9d13ea0702b877401c7406a065c5424b7ef1300013c0c816e6e7a1d","ssdeep":"","tlshash":"4261142806e322261e2330748eaf7505392280670559ce457caee79e7fe4b354ff6be5","first_seen":"2024-08-19T13:16:06.916115Z","last_seen":"2026-06-06T07:10:33.961799Z","times_seen":5,"resource_available":true,"data":null}},"time_used":542,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":542,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"chrome.xahuapu.net/statics/2023/js/jquery.metadata.js","fqdn":"chrome.xahuapu.net","domain":"xahuapu.net","tld":"net"},"ip":{"addr":"180.97.198.41","port":443,"asn":140292,"as":"CHINATELECOM Jiangsu province Suzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://chrome.xahuapu.net/help/744.html","date":"2026-06-06T07:10:10.786Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chrome.xahuapu.net","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 25 May 2026 00:00:00 GMT","end":"Sat, 22 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:57:13:B1:CF:FC:EC:09:2D:2E:18:9C:9F:0B:46:5C:A1:59:53:23","sha256":"FB:34:8E:D3:47:6B:AE:0B:06:55:B2:DB:65:82:BF:BA:E8:14:AB:EF:EB:9E:F8:EE:ED:10:FA:E7:BE:EC:6C:32"}}},"request":{"raw":"GET /statics/2023/js/jquery.metadata.js HTTP/1.1\r\nHost: chrome.xahuapu.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://chrome.xahuapu.net/help/744.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 06 Jun 2026 07:10:11 GMT\r\ncontent-type: application/javascript\r\nexpires: Sat, 06 Jun 2026 19:06:53 GMT\r\nlast-modified: Wed, 11 Sep 2024 02:37:33 GMT\r\netag: \"66e1026d-135c\"\r\ncache-control: max-age=43200\r\ncontent-encoding: br\r\nage: 198\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nohc-global-saved-time: Sat, 06 Jun 2026 07:06:53 GMT\r\nohc-cache-hit: suz4ct75 [2], csix75 [4]\r\nohc-file-size: 1636\r\nx-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4956,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"90cec60a499620cd97176be2f405a5e1","sha1":"f87cc8f9523a0b97b41eccf8551901104dcea25a","sha256":"d878ec7c8af94db88b03ddd07ce7d3024b129aaa2b834e09000b7c734ac804c8","sha512":"15f3e895cf7d8d909bbc76c1ec6075a8086abd7fcd5d7b7e1a9aa5a8bc7aeda2a66859e92b518d3ff27dfe418e3e92d8ddf0966299f6a9f60cac8fe8db65d8c0","ssdeep":"96:u3CcNEKc8/ZkkHPVLyjPjYgShTtCgOvoLgyvhTgI8ZTGT+4zFUaVKYiCDIH:nCPGnYrAF4CaAB","tlshash":"05a1cb1a398a632344727239a6cad348e254b7271312a8627cac4da5bf30de166b4fd4","first_seen":"2024-08-19T13:16:06.918953Z","last_seen":"2026-06-06T07:10:33.966804Z","times_seen":29,"resource_available":true,"data":null}},"time_used":645,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":645,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?488a80a26828a11a517706999719810f","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"111.45.3.198","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://chrome.xahuapu.net/help/744.html","date":"2026-06-06T07:10:11.466Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.js?488a80a26828a11a517706999719810f HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://chrome.xahuapu.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\nContent-Length: 11291\r\nContent-Type: application/javascript\r\nDate: Sat, 06 Jun 2026 07:10:12 GMT\r\nEtag: 415157663c9471b035501272e1e7910c\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=D894C5CFAEC84AAC; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":29897,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (621)","md5":"a184898a7661b33949574e6ea6443bf7","sha1":"9b9ded9da71f5c521e2fcc79495dce93e95f24e3","sha256":"7925ab0e8b419b7edc57c59d9caec1129b0a01f259b7ad05eafd566748224ef2","sha512":"c7e5a5c5a84314f7484a92bcd0ac16517223037b4bb80b01fea9b6c34f9c28dd035c8836bdbc23696873321cb01101abcae851451592e5430640082749b0e83a","ssdeep":"384:UIJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:UI4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"78d2d9e9b282713293a324a5153f724af07b5a54bd4968a4f11894c07d38fbb027bfdd","first_seen":"2026-06-06T07:10:33.96824Z","last_seen":"2026-06-06T07:10:33.96824Z","times_seen":1,"resource_available":true,"data":null}},"time_used":2214,"timings":{"blocked":964,"dns":293,"connect":221,"send":0,"wait":284,"receive":1,"ssl":448},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chrome.xahuapu.net/api.php?op=count\u0026id=744\u0026modelid=1","fqdn":"chrome.xahuapu.net","domain":"xahuapu.net","tld":"net"},"ip":{"addr":"180.97.198.41","port":443,"asn":140292,"as":"CHINATELECOM Jiangsu province Suzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://chrome.xahuapu.net/help/744.html","date":"2026-06-06T07:10:10.793Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chrome.xahuapu.net","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 25 May 2026 00:00:00 GMT","end":"Sat, 22 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:57:13:B1:CF:FC:EC:09:2D:2E:18:9C:9F:0B:46:5C:A1:59:53:23","sha256":"FB:34:8E:D3:47:6B:AE:0B:06:55:B2:DB:65:82:BF:BA:E8:14:AB:EF:EB:9E:F8:EE:ED:10:FA:E7:BE:EC:6C:32"}}},"request":{"raw":"GET /api.php?op=count\u0026id=744\u0026modelid=1 HTTP/1.1\r\nHost: chrome.xahuapu.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://chrome.xahuapu.net/help/744.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 06 Jun 2026 07:10:11 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlast-modified: Sat, 06 Jun 2026 07:09:55 GMT\r\ncontent-encoding: gzip\r\nage: 16\r\naccept-ranges: bytes\r\nx-request-id: c5c989afc8bc07a600b73d770e3ccca7\r\nvary: Accept-Encoding\r\nohc-global-saved-time: Sat, 06 Jun 2026 07:09:55 GMT\r\nohc-cache-hit: suz4ct72 [4], csix115 [1]\r\nohc-file-size: 73\r\nx-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":103,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"6fe991b7a089b50f1fd9b02efdc0311f","sha1":"fa1eb4ba31f508fa056221bcee0a6ef6fc7869f2","sha256":"dce1e88bfb2f4236151bf7f534891ef97413585260994f80f957efc3cbf13588","sha512":"e71ec87e62121cddfe0a52768509ace8c93621a81857a5279215465a120c25845788c108d4e6e2a9414d28ead6719db60013e9330ba74f3c375c69b2f6770a0a","ssdeep":"","tlshash":"71b00299c6ca4a176945221114ea6218b6f20b11d0cc9af55d40115ba3d6f0029a7473","first_seen":"2026-06-06T07:10:33.97161Z","last_seen":"2026-06-06T07:10:33.97161Z","times_seen":1,"resource_available":true,"data":null}},"time_used":668,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":668,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"chrome.xahuapu.net/uploadfile/2025/0311/mark1741657556817003.png","fqdn":"chrome.xahuapu.net","domain":"xahuapu.net","tld":"net"},"ip":{"addr":"180.97.198.41","port":443,"asn":140292,"as":"CHINATELECOM Jiangsu province Suzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://chrome.xahuapu.net/help/744.html","date":"2026-06-06T07:10:10.792Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chrome.xahuapu.net","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 25 May 2026 00:00:00 GMT","end":"Sat, 22 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:57:13:B1:CF:FC:EC:09:2D:2E:18:9C:9F:0B:46:5C:A1:59:53:23","sha256":"FB:34:8E:D3:47:6B:AE:0B:06:55:B2:DB:65:82:BF:BA:E8:14:AB:EF:EB:9E:F8:EE:ED:10:FA:E7:BE:EC:6C:32"}}},"request":{"raw":"GET /uploadfile/2025/0311/mark1741657556817003.png HTTP/1.1\r\nHost: chrome.xahuapu.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://chrome.xahuapu.net/help/744.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 06 Jun 2026 07:10:11 GMT\r\ncontent-type: image/webp\r\ncontent-length: 11640\r\nexpires: Mon, 06 Jul 2026 07:09:54 GMT\r\nlast-modified: Tue, 11 Mar 2025 01:46:16 GMT\r\netag: \"67cf95e8-455b\"\r\ncache-control: max-age=2592000\r\nage: 17\r\naccept-ranges: bytes\r\nohc-global-saved-time: Sat, 06 Jun 2026 07:09:54 GMT\r\nohc-cache-hit: suz4ct64 [4], xiangyix121 [2]\r\nohc-file-size: 17755\r\nx-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11640,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 538x312, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"2d169577262e552f2cb583bf1ef42682","sha1":"29f3a953d81c6615e2ae6251d350fb5f919976ec","sha256":"fe7833ca8930b1c83cc58d47fc914ae6453c7197b30282fa8b59b68fc221038a","sha512":"194eb69d4eb2a936664889781233b014d2a20197cd5937a604e8aba333b3a2733a815a3b4ce79223b260e7084b391804480295d2653ad42b9122ac540397ceab","ssdeep":"192:Ol5EJ2UuXjm40lzT24XXGH4+AWKtX4Rayx2myuQ13hQgiZwzwn5LkMK1g3z:MmJ2pTmsHuWKtX4RayjyuQ/HiZwzyhKq","tlshash":"d732cfa992601dae6937748cb106220d80c3d23b528fc9adc741c42ada13776ecfab52","first_seen":"2026-06-06T07:10:33.974237Z","last_seen":"2026-06-06T07:10:33.974237Z","times_seen":1,"resource_available":false,"data":null}},"time_used":671,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":670,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"chrome.xahuapu.net/statics/2023/js/common.js","fqdn":"chrome.xahuapu.net","domain":"xahuapu.net","tld":"net"},"ip":{"addr":"180.97.198.41","port":443,"asn":140292,"as":"CHINATELECOM Jiangsu province Suzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://chrome.xahuapu.net/help/744.html","date":"2026-06-06T07:10:10.792Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chrome.xahuapu.net","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 25 May 2026 00:00:00 GMT","end":"Sat, 22 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:57:13:B1:CF:FC:EC:09:2D:2E:18:9C:9F:0B:46:5C:A1:59:53:23","sha256":"FB:34:8E:D3:47:6B:AE:0B:06:55:B2:DB:65:82:BF:BA:E8:14:AB:EF:EB:9E:F8:EE:ED:10:FA:E7:BE:EC:6C:32"}}},"request":{"raw":"GET /statics/2023/js/common.js HTTP/1.1\r\nHost: chrome.xahuapu.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://chrome.xahuapu.net/help/744.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 06 Jun 2026 07:10:11 GMT\r\ncontent-type: application/javascript\r\nexpires: Sat, 06 Jun 2026 19:06:53 GMT\r\nlast-modified: Tue, 19 May 2026 07:32:52 GMT\r\netag: \"6a0c1224-2491\"\r\ncache-control: max-age=43200\r\ncontent-encoding: br\r\nage: 198\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nohc-global-saved-time: Sat, 06 Jun 2026 07:06:53 GMT\r\nohc-cache-hit: suz4ct60 [2], xiangyix140 [2]\r\nohc-file-size: 2980\r\nx-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9361,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"ab097273d0857fc0c523dc02777ea16c","sha1":"33ef4ce01cdc5893a50e00ac227722fef60dd58d","sha256":"65f22420adff0cfbc0149dfdff7a8fc00d6e4b89bf37749c9390d22808db8c13","sha512":"ca2a73ef9b5a31d44a5bc1e0f41a2587261218d235bb379c2c175505153b813a94d33e2602182e9d579b91f230bfb5cd06ba5066ff054cc886dd603d3c78ebd7","ssdeep":"192:RIRPMcIYvXmX1uJsMoIoSohhfkDApVbRpIYzXAdJ3KAtGKfxERxx/HpwrYj3pic8:mZMv7TW0VbRe0wvK5AQTwxcR2","tlshash":"4b12951eb8a20526647730794fbf660839b9400b444ecd04bc4ccbd46f99a69a5befed","first_seen":"2026-06-06T07:10:33.977291Z","last_seen":"2026-06-06T07:10:33.977291Z","times_seen":1,"resource_available":true,"data":null}},"time_used":673,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":673,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"chrome.xahuapu.net/statics/2023/js/photo-browser.js","fqdn":"chrome.xahuapu.net","domain":"xahuapu.net","tld":"net"},"ip":{"addr":"180.97.198.41","port":443,"asn":140292,"as":"CHINATELECOM Jiangsu province Suzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://chrome.xahuapu.net/help/744.html","date":"2026-06-06T07:10:11.470Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chrome.xahuapu.net","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 25 May 2026 00:00:00 GMT","end":"Sat, 22 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:57:13:B1:CF:FC:EC:09:2D:2E:18:9C:9F:0B:46:5C:A1:59:53:23","sha256":"FB:34:8E:D3:47:6B:AE:0B:06:55:B2:DB:65:82:BF:BA:E8:14:AB:EF:EB:9E:F8:EE:ED:10:FA:E7:BE:EC:6C:32"}}},"request":{"raw":"GET /statics/2023/js/photo-browser.js HTTP/1.1\r\nHost: chrome.xahuapu.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://chrome.xahuapu.net/help/744.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 06 Jun 2026 07:10:11 GMT\r\ncontent-type: application/javascript\r\nexpires: Sat, 06 Jun 2026 19:06:54 GMT\r\nlast-modified: Wed, 11 Sep 2024 02:37:34 GMT\r\netag: \"66e1026e-2474f\"\r\ncache-control: max-age=43200\r\ncontent-encoding: br\r\nage: 197\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nohc-global-saved-time: Sat, 06 Jun 2026 07:06:54 GMT\r\nohc-cache-hit: suz4ct71 [2], xaix188 [2]\r\nohc-file-size: 149327\r\nx-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":149327,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"3da583873ec37864484cbc3e471edce3","sha1":"907e4870d88b83e079437ed86eec96c97a7f783c","sha256":"0c2af1a1f78693ebe1247cf0ccce0a44fad05a498d38446210830c8a7eeefb00","sha512":"f3f1b7999ec15d442f0894d979b403d490314239d2c4049df45a818faec1398f36ca987c6f76fbebf55c72f50075cd8dec3c57b2614568a86aae17ef7a297c94","ssdeep":"1536:7+RnvOA0Vf+Am9GVdI8BmCYcAFUtt5FsFgju44gmiPE24XFU7Sb:Ond9GVdI8BmHcAFUj9xHm524XiSb","tlshash":"88e34f0e952122aa98f3733f9b9b8445fafb8123a51185557dec48451ff882843ecff9","first_seen":"2024-08-19T13:16:06.922911Z","last_seen":"2026-06-06T07:10:33.979946Z","times_seen":5,"resource_available":true,"data":null}},"time_used":223,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":223,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zhanzhang.toutiao.com/s.gif?url=https%3A%2F%2Fchrome.xahuapu.net%2Fhelp%2F744.html\u0026token=2a6d8c54b459a0cc9d94c9eb58dd465735aada885f945ee77a425cb946a8d9bafd5c4a3974f9cd3eeb674bde712b4782cc4f323247d55c2ed2efd47b7c83521adc648ee828d46e7d3689a9c59fd080f6","fqdn":"zhanzhang.toutiao.com","domain":"toutiao.com","tld":"com"},"ip":{"addr":"47.246.49.204","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://chrome.xahuapu.net/help/744.html","date":"2026-06-06T07:10:12.227Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.toutiao.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 19 Jan 2026 00:00:00 GMT","end":"Mon, 18 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"62:2F:34:3E:4E:D9:67:3D:23:19:1B:4E:D5:E9:3F:E8:80:D4:3E:1F","sha256":"4F:DC:FA:38:D9:5F:06:C9:77:56:0F:7C:98:AC:9F:F3:80:63:E3:94:7D:3B:A9:85:D5:53:0F:38:14:E2:F6:51"}}},"request":{"raw":"GET /s.gif?url=https%3A%2F%2Fchrome.xahuapu.net%2Fhelp%2F744.html\u0026token=2a6d8c54b459a0cc9d94c9eb58dd465735aada885f945ee77a425cb946a8d9bafd5c4a3974f9cd3eeb674bde712b4782cc4f323247d55c2ed2efd47b7c83521adc648ee828d46e7d3689a9c59fd080f6 HTTP/1.1\r\nHost: zhanzhang.toutiao.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://chrome.xahuapu.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 0\r\ndate: Sat, 06 Jun 2026 07:10:13 GMT\r\nx-tt-logid: 20260606151013803D8680BD9F71D7367B\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-tt-trace-host: 012be64705e92d23785059d199aa7821671db1383d1a883713477b5118ef386f671cd9cbdef12fcf413291c2e1c8e2c2326887495c6d976d06752afde04e0a1383fe252a730a272d6af65f3c7cc305f194420c9dc4095f80751351e318694af41c\r\nx-tt-trace-tag: id=03;cdn-cache=miss;type=dyn\r\nx-tt-trace-id: 00-260606151013803D8680BD9F71D7367B-5360BBA668D441AF-00\r\nvia: cache30.l2fr1[945,944,200-0,M], cache37.l2fr1[947,0], ens-cache7.fr5[964,964,200-0,M], ens-cache3.fr5[967,0]\r\nali-swift-global-savetime: 1780729813\r\nx-cache: MISS TCP_MISS dirn:-2:-2\r\nx-swift-savetime: Sat, 06 Jun 2026 07:10:13 GMT\r\nx-swift-cachetime: 43200\r\nserver-timing: inner; dur=2, cdn-cache;desc=MISS,edge;dur=20,origin;dur=947\r\ntiming-allow-origin: *\r\neagleid: 2ff6319717807298126341909e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":1823,"timings":{"blocked":411,"dns":314,"connect":33,"send":0,"wait":1000,"receive":1,"ssl":62},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chrome.xahuapu.net/statics/2023/css/common.css","fqdn":"chrome.xahuapu.net","domain":"xahuapu.net","tld":"net"},"ip":{"addr":"180.97.198.41","port":443,"asn":140292,"as":"CHINATELECOM Jiangsu province Suzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://chrome.xahuapu.net/help/744.html","date":"2026-06-06T07:10:10.766Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chrome.xahuapu.net","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 25 May 2026 00:00:00 GMT","end":"Sat, 22 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:57:13:B1:CF:FC:EC:09:2D:2E:18:9C:9F:0B:46:5C:A1:59:53:23","sha256":"FB:34:8E:D3:47:6B:AE:0B:06:55:B2:DB:65:82:BF:BA:E8:14:AB:EF:EB:9E:F8:EE:ED:10:FA:E7:BE:EC:6C:32"}}},"request":{"raw":"GET /statics/2023/css/common.css HTTP/1.1\r\nHost: chrome.xahuapu.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://chrome.xahuapu.net/help/744.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 06 Jun 2026 07:10:10 GMT\r\ncontent-type: text/css\r\nexpires: Sat, 06 Jun 2026 19:06:53 GMT\r\nlast-modified: Tue, 19 May 2026 07:34:12 GMT\r\netag: \"6a0c1274-12746\"\r\ncache-control: max-age=43200\r\ncontent-encoding: br\r\nage: 197\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nohc-global-saved-time: Sat, 06 Jun 2026 07:06:53 GMT\r\nohc-cache-hit: suz4ct53 [2], xiangyix91 [1]\r\nohc-file-size: 75590\r\nx-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":75590,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"00af808c3b593b95b598813d6057e3c2","sha1":"f1ca95333a393d255f8c50a319e804f9251b6e34","sha256":"2ec989a4aa52ae8bae28e91a6f8ca172a2eaad3a6ec2bb3675690edb92bb21f9","sha512":"1bfd4c23e1eabecbc61c091ca0e9e11f33046308329f562c49f06cd4f77bffc8c77f1196128424061e21b5806e3715e18caa18cf5c361b10136d04d8cd078431","ssdeep":"1536:fEgfWd9YHspfNOcJHjzBoKyefnQxlhWNrWIrga4CtN5f+Qt/XJZgyTFnq9QyxNHb:fEKWd9YHspfNOcJHjzBoKyefnQxlhWNC","tlshash":"2a739437a650201cbd7b85a7279173da3135840be153cbaef453b918dbcb19e2be2748","first_seen":"2026-06-06T07:10:33.985265Z","last_seen":"2026-06-06T07:10:33.985265Z","times_seen":1,"resource_available":false,"data":null}},"time_used":502,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":502,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"chrome.xahuapu.net/statics/2023/css/complaint.css","fqdn":"chrome.xahuapu.net","domain":"xahuapu.net","tld":"net"},"ip":{"addr":"180.97.198.41","port":443,"asn":140292,"as":"CHINATELECOM Jiangsu province Suzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://chrome.xahuapu.net/help/744.html","date":"2026-06-06T07:10:10.768Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chrome.xahuapu.net","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 25 May 2026 00:00:00 GMT","end":"Sat, 22 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:57:13:B1:CF:FC:EC:09:2D:2E:18:9C:9F:0B:46:5C:A1:59:53:23","sha256":"FB:34:8E:D3:47:6B:AE:0B:06:55:B2:DB:65:82:BF:BA:E8:14:AB:EF:EB:9E:F8:EE:ED:10:FA:E7:BE:EC:6C:32"}}},"request":{"raw":"GET /statics/2023/css/complaint.css HTTP/1.1\r\nHost: chrome.xahuapu.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://chrome.xahuapu.net/help/744.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 06 Jun 2026 07:10:10 GMT\r\ncontent-type: text/css\r\nexpires: Sat, 06 Jun 2026 19:09:53 GMT\r\nlast-modified: Wed, 16 Oct 2024 06:35:00 GMT\r\netag: \"670f5e94-bd8\"\r\ncache-control: max-age=43200\r\ncontent-encoding: br\r\nage: 17\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nohc-global-saved-time: Sat, 06 Jun 2026 07:09:53 GMT\r\nohc-cache-hit: suz4ct52 [4], czix91 [2]\r\nohc-file-size: 3032\r\nx-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3032,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"4aba74f56bcef87250c55a7457641916","sha1":"1cea9d21ad16eac6668d05c305ada7ac9ebed405","sha256":"67b01bccf8b668bcbb2352579d7f8d4cbd10a2862a7b36b4dc6f267206038bef","sha512":"d86b67b0b0983119d2a9c3e0175a2e9636390d31e0edf8917bcd2cd75b414abf65363ba373c0ac3b5f37cd87e39808fc2b1ced9c18b02a38a69fcec558c3f780","ssdeep":"","tlshash":"a351ef6ad2217201b02be8ad3be45742122bd123799ef9f1f5cf2924cbcb19d24393c5","first_seen":"2025-10-01T08:26:34.985279Z","last_seen":"2026-06-06T07:10:33.98995Z","times_seen":4,"resource_available":false,"data":null}},"time_used":501,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":501,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"chrome.xahuapu.net/statics/2023/js/lazyload.js","fqdn":"chrome.xahuapu.net","domain":"xahuapu.net","tld":"net"},"ip":{"addr":"180.97.198.41","port":443,"asn":140292,"as":"CHINATELECOM Jiangsu province Suzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://chrome.xahuapu.net/help/744.html","date":"2026-06-06T07:10:10.775Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chrome.xahuapu.net","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 25 May 2026 00:00:00 GMT","end":"Sat, 22 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:57:13:B1:CF:FC:EC:09:2D:2E:18:9C:9F:0B:46:5C:A1:59:53:23","sha256":"FB:34:8E:D3:47:6B:AE:0B:06:55:B2:DB:65:82:BF:BA:E8:14:AB:EF:EB:9E:F8:EE:ED:10:FA:E7:BE:EC:6C:32"}}},"request":{"raw":"GET /statics/2023/js/lazyload.js HTTP/1.1\r\nHost: chrome.xahuapu.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://chrome.xahuapu.net/help/744.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 06 Jun 2026 07:10:10 GMT\r\ncontent-type: application/javascript\r\nexpires: Sat, 06 Jun 2026 19:06:53 GMT\r\nlast-modified: Wed, 11 Sep 2024 02:37:34 GMT\r\netag: \"66e1026e-16e4\"\r\ncache-control: max-age=43200\r\ncontent-encoding: br\r\nage: 197\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nohc-global-saved-time: Sat, 06 Jun 2026 07:06:53 GMT\r\nohc-cache-hit: suz4ct53 [2], xiangyix152 [4]\r\nohc-file-size: 1653\r\nx-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5860,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"ef1269e20b885baeabc307694ae819f6","sha1":"86cd79dfb33579f8e57c3c2e2287c8337a6b4fe1","sha256":"eb2cde2535a25b66406361b16456aa0cae8785b3cfdcd6ad9e64679a6afce9db","sha512":"5672a1722c9f07ede45b36cd0c4cb11e860f568279dbc1a2e467d26821bdb8d4da0108318bbd9fde0acc25b6d822d02092b9720c0779de4c8c4e498dbbcf9a8b","ssdeep":"96:fYhJ9UjjudyM5DsJL4mm02ekyKbFdSynRtbeg4PmuuoEfUBUIzGt3wPOi6:Cqu4MaJUNNVSoRtbeg4Zq8zOwPOi6","tlshash":"d9c1018c395ab15a51b3b3b8df1b8109f735422b0115a6953eac86e56f7082862f1fdc","first_seen":"2025-10-01T08:26:35.001653Z","last_seen":"2026-06-06T07:10:33.992551Z","times_seen":6,"resource_available":true,"data":null}},"time_used":547,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":547,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"chrome.xahuapu.net/statics/2023/js/bootstrap.min.js","fqdn":"chrome.xahuapu.net","domain":"xahuapu.net","tld":"net"},"ip":{"addr":"180.97.198.41","port":443,"asn":140292,"as":"CHINATELECOM Jiangsu province Suzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://chrome.xahuapu.net/help/744.html","date":"2026-06-06T07:10:10.777Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chrome.xahuapu.net","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 25 May 2026 00:00:00 GMT","end":"Sat, 22 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:57:13:B1:CF:FC:EC:09:2D:2E:18:9C:9F:0B:46:5C:A1:59:53:23","sha256":"FB:34:8E:D3:47:6B:AE:0B:06:55:B2:DB:65:82:BF:BA:E8:14:AB:EF:EB:9E:F8:EE:ED:10:FA:E7:BE:EC:6C:32"}}},"request":{"raw":"GET /statics/2023/js/bootstrap.min.js HTTP/1.1\r\nHost: chrome.xahuapu.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://chrome.xahuapu.net/help/744.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 06 Jun 2026 07:10:10 GMT\r\ncontent-type: application/javascript\r\nexpires: Sat, 06 Jun 2026 19:06:53 GMT\r\nlast-modified: Wed, 11 Sep 2024 02:37:32 GMT\r\netag: \"66e1026c-ec8a\"\r\ncache-control: max-age=43200\r\ncontent-encoding: br\r\nage: 197\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nohc-global-saved-time: Sat, 06 Jun 2026 07:06:53 GMT\r\nohc-cache-hit: suz4ct67 [2], fsix83 [1]\r\nohc-file-size: 16901\r\nx-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":60554,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (60268)","md5":"8611079d5f8a465fdfc5351a3ce4acf5","sha1":"cff3e6242446b202dc3b343f3913e252e1cee244","sha256":"34f2409f58b3fd380f8efcde331e18531e6c4bce3ac22ffaa01ef2a8ed2efd4b","sha512":"787c789db053908af68b49bd480366fdc7333c449dd0350471f97ce09a48baeb44ea80f13e15efb24311d3c5a6be67f1e70529563956762f361b960bbeaa8974","ssdeep":"768:N6TzQWPQ8EnwzbtrbQ+JxuOzWhnMqq2SB3IVRKjs/MV/vINJ5NW2aJcubJ4CNnKm:N9ubUasHVW8o0Xftye1LP/4","tlshash":"5f43b65a3254b9330ade84e68036474bf7195c99b547806cb9bc6cde1b7dc8232b3b78","first_seen":"2023-03-12T14:17:46Z","last_seen":"2026-06-16T10:59:18.232548Z","times_seen":2934,"resource_available":true,"data":null}},"time_used":534,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":534,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"chrome.xahuapu.net/statics/2023/js/jquery.validate.min.js","fqdn":"chrome.xahuapu.net","domain":"xahuapu.net","tld":"net"},"ip":{"addr":"180.97.198.41","port":443,"asn":140292,"as":"CHINATELECOM Jiangsu province Suzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://chrome.xahuapu.net/help/744.html","date":"2026-06-06T07:10:10.784Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chrome.xahuapu.net","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 25 May 2026 00:00:00 GMT","end":"Sat, 22 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:57:13:B1:CF:FC:EC:09:2D:2E:18:9C:9F:0B:46:5C:A1:59:53:23","sha256":"FB:34:8E:D3:47:6B:AE:0B:06:55:B2:DB:65:82:BF:BA:E8:14:AB:EF:EB:9E:F8:EE:ED:10:FA:E7:BE:EC:6C:32"}}},"request":{"raw":"GET /statics/2023/js/jquery.validate.min.js HTTP/1.1\r\nHost: chrome.xahuapu.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://chrome.xahuapu.net/help/744.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 06 Jun 2026 07:10:11 GMT\r\ncontent-type: application/javascript\r\nexpires: Sat, 06 Jun 2026 19:06:53 GMT\r\nlast-modified: Wed, 11 Sep 2024 02:37:33 GMT\r\netag: \"66e1026d-9d82\"\r\ncache-control: max-age=43200\r\ncontent-encoding: br\r\nage: 198\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nohc-global-saved-time: Sat, 06 Jun 2026 07:06:53 GMT\r\nohc-cache-hit: suz4ct64 [2], czix64 [4]\r\nohc-file-size: 9423\r\nx-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":40322,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (601), with CRLF line terminators","md5":"a7666030c4d4db781a070524502bdd2d","sha1":"cfbca8efeba3aa781dd75c38802724cedec3100a","sha256":"8dbd756df0daae80886284d6f7df1449fe585c8922f7dc19f5aaab5295459906","sha512":"9432275125b32b13edeebe28e9d68401360d04584f3474777cf77c0c1bac99efeaa5fd84fe6d2e0b7213a521dc486009f28778730422271e2fbca4571b6da638","ssdeep":"768:OBTCbMKp3RT/AHkfUb6bwRrpW++hob2J5DtpuiyOFqXg4OYNrQaxjlf2er:OBTYMKpx/gkfUebwRrpW++JciyOFbb6b","tlshash":"0203300a7be5105a99737279dc6bc601f0b2073b5159a96f38bc90d81fb2ca481f5fe8","first_seen":"2024-08-19T13:16:06.953064Z","last_seen":"2026-06-06T07:10:33.996879Z","times_seen":25,"resource_available":true,"data":null}},"time_used":644,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":644,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=D894C5CFAEC84AAC\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1711943799\u0026si=488a80a26828a11a517706999719810f\u0026v=1.3.2\u0026lv=1\u0026sn=12793\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fchrome.xahuapu.net%2Fhelp%2F744.html\u0026tt=%E5%A6%82%E4%BD%95%E5%9C%A8Chrome%E4%B8%AD%E5%90%AF%E7%94%A8%E8%BF%9C%E7%A8%8B%E8%B0%83%E8%AF%95%E5%8A%9F%E8%83%BD%20-%20%E8%AF%A6%E7%BB%86%E6%AD%A5%E9%AA%A4%E4%B8%8E%E5%AE%9E%E7%94%A8%E6%8A%80%E5%B7%A7","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"111.45.3.198","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://chrome.xahuapu.net/help/744.html","date":"2026-06-06T07:10:12.784Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=D894C5CFAEC84AAC\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1711943799\u0026si=488a80a26828a11a517706999719810f\u0026v=1.3.2\u0026lv=1\u0026sn=12793\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fchrome.xahuapu.net%2Fhelp%2F744.html\u0026tt=%E5%A6%82%E4%BD%95%E5%9C%A8Chrome%E4%B8%AD%E5%90%AF%E7%94%A8%E8%BF%9C%E7%A8%8B%E8%B0%83%E8%AF%95%E5%8A%9F%E8%83%BD%20-%20%E8%AF%A6%E7%BB%86%E6%AD%A5%E9%AA%A4%E4%B8%8E%E5%AE%9E%E7%94%A8%E6%8A%80%E5%B7%A7 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://chrome.xahuapu.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Sat, 06 Jun 2026 07:10:12 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=F6FE6A93AA87E036; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-06-16T17:29:55.112351Z","times_seen":368166,"resource_available":true,"data":null}},"time_used":284,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":284,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chrome.xahuapu.net/help/744.html","fqdn":"chrome.xahuapu.net","domain":"xahuapu.net","tld":"net"},"ip":{"addr":"180.97.198.41","port":443,"asn":140292,"as":"CHINATELECOM Jiangsu province Suzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-06T07:10:07.822Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chrome.xahuapu.net","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 25 May 2026 00:00:00 GMT","end":"Sat, 22 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:57:13:B1:CF:FC:EC:09:2D:2E:18:9C:9F:0B:46:5C:A1:59:53:23","sha256":"FB:34:8E:D3:47:6B:AE:0B:06:55:B2:DB:65:82:BF:BA:E8:14:AB:EF:EB:9E:F8:EE:ED:10:FA:E7:BE:EC:6C:32"}}},"request":{"raw":"GET /help/744.html HTTP/1.1\r\nHost: chrome.xahuapu.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 06 Jun 2026 07:10:10 GMT\r\ncontent-type: text/html\r\nlast-modified: Thu, 07 Aug 2025 01:06:37 GMT\r\netag: W/\"6893fc1d-3201\"\r\ncontent-encoding: gzip\r\nage: 18\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nohc-global-saved-time: Sat, 06 Jun 2026 07:09:52 GMT\r\nohc-cache-hit: suz4ct74 [2], wzix57 [4]\r\nohc-file-size: 4598\r\nx-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}],"data":{"size":12801,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1583)","md5":"316ce80b6f21c40575abfb1cd60b592c","sha1":"6b047c2b34b598fbd975eb2aabe2ad4b76d984f0","sha256":"fd1124c6cb1ce2404859f902a363545c370f1315ddcf8d2142c979634155af37","sha512":"17005e7487c4ac0a6c1b518f70e3bda93886f2f12c71d2b2fdc966253b35f2ca23d4a3131f2b05353813d211ba93f0fcff1da804a914fe2211c1ee7c5c18214c","ssdeep":"192:9ZDSW0s6qm7CTaNrtMeHEK80HEOtcy1VqSFf0ghO5DJ+/GXAOR:WNrtMeHEK80HEOtc8Pf0F5DJ+/KAOR","tlshash":"7842a4ba19c96c3f112751c1352ab2dcbcbf9d3bda224992f2bf0505abc0dd5441b1ca","first_seen":"2026-06-06T07:10:34.001096Z","last_seen":"2026-06-06T07:10:34.001096Z","times_seen":1,"resource_available":true,"data":null}},"time_used":5156,"timings":{"blocked":2469,"dns":1461,"connect":210,"send":0,"wait":217,"receive":0,"ssl":796},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"chrome.xahuapu.net/statics/2023/js/jquery-3.4.1.min.js","fqdn":"chrome.xahuapu.net","domain":"xahuapu.net","tld":"net"},"ip":{"addr":"180.97.198.41","port":443,"asn":140292,"as":"CHINATELECOM Jiangsu province Suzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://chrome.xahuapu.net/help/744.html","date":"2026-06-06T07:10:10.771Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chrome.xahuapu.net","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 25 May 2026 00:00:00 GMT","end":"Sat, 22 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:57:13:B1:CF:FC:EC:09:2D:2E:18:9C:9F:0B:46:5C:A1:59:53:23","sha256":"FB:34:8E:D3:47:6B:AE:0B:06:55:B2:DB:65:82:BF:BA:E8:14:AB:EF:EB:9E:F8:EE:ED:10:FA:E7:BE:EC:6C:32"}}},"request":{"raw":"GET /statics/2023/js/jquery-3.4.1.min.js HTTP/1.1\r\nHost: chrome.xahuapu.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://chrome.xahuapu.net/help/744.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 06 Jun 2026 07:10:10 GMT\r\ncontent-type: application/javascript\r\nexpires: Sat, 06 Jun 2026 19:06:53 GMT\r\nlast-modified: Wed, 11 Sep 2024 02:37:33 GMT\r\netag: \"66e1026d-15850\"\r\ncache-control: max-age=43200\r\ncontent-encoding: br\r\nage: 197\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nohc-global-saved-time: Sat, 06 Jun 2026 07:06:53 GMT\r\nohc-cache-hit: suz4ct64 [2], xiangyix124 [4]\r\nohc-file-size: 31767\r\nx-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":88144,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"f832e36068ab203a3f89b1795480d0d7","sha1":"2115753ca5fb7032aec498db7bb5dca624dbe6be","sha256":"4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf","sha512":"b9dbc08c984ae3c7fd44822ec2e9a22cb8cf7da55fa3975dbbdc3f18fd7e7a7793e8d93604826574e3dd6a4f982d7af4f96c1af5e10d847b8394a34a82c398ba","ssdeep":"1536:yTExXUZinxD7oPEZxkMV4SYKFMbRHZ6H5HOHCWrcElzuu7BRCKKBEqBsojZlOPmw:ygZm0H5HO5+gCKWZyPmHQ47GKc","tlshash":"b28319dd72c6706257b761ba00bf540bf236599e6c4d4410f124e8eabc78a4a823bf7d","first_seen":"2023-03-07T01:24:01Z","last_seen":"2026-06-16T16:45:03.258252Z","times_seen":12359,"resource_available":true,"data":null}},"time_used":429,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":429,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"chrome.xahuapu.net/statics/2023/js/complaint.js","fqdn":"chrome.xahuapu.net","domain":"xahuapu.net","tld":"net"},"ip":{"addr":"180.97.198.41","port":443,"asn":140292,"as":"CHINATELECOM Jiangsu province Suzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://chrome.xahuapu.net/help/744.html","date":"2026-06-06T07:10:10.781Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chrome.xahuapu.net","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 25 May 2026 00:00:00 GMT","end":"Sat, 22 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:57:13:B1:CF:FC:EC:09:2D:2E:18:9C:9F:0B:46:5C:A1:59:53:23","sha256":"FB:34:8E:D3:47:6B:AE:0B:06:55:B2:DB:65:82:BF:BA:E8:14:AB:EF:EB:9E:F8:EE:ED:10:FA:E7:BE:EC:6C:32"}}},"request":{"raw":"GET /statics/2023/js/complaint.js HTTP/1.1\r\nHost: chrome.xahuapu.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://chrome.xahuapu.net/help/744.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 06 Jun 2026 07:10:11 GMT\r\ncontent-type: application/javascript\r\nexpires: Sat, 06 Jun 2026 19:06:53 GMT\r\nlast-modified: Thu, 28 Nov 2024 01:14:13 GMT\r\netag: \"6747c3e5-e51\"\r\ncache-control: max-age=43200\r\ncontent-encoding: br\r\nage: 198\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nohc-global-saved-time: Sat, 06 Jun 2026 07:06:53 GMT\r\nohc-cache-hit: suz4ct59 [2], fsix59 [4]\r\nohc-file-size: 1415\r\nx-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3665,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1349)","md5":"dc579923e14f876ced12f53887233b81","sha1":"14d7e020fdc117796cc4b984b9bc46d7f4399591","sha256":"3545464edb815899de517fc105e02b44c48a8af250d0a2f22d0eb0b5f69812c4","sha512":"673cb9b5ba9f99a52bc6b982a8e19b4616fbe50d57f57203e17afa2a7328b2c8ff41d5e6771474d296ed2a4cd97f5c538b73b51702a87dddf947112d947d7549","ssdeep":"","tlshash":"99717684f9ea6620413365f8fbfb424a1437a00ba90e8d64f69c0fd09fc7f58e094b49","first_seen":"2025-10-01T08:26:34.951407Z","last_seen":"2026-06-06T07:10:34.004488Z","times_seen":4,"resource_available":true,"data":null}},"time_used":632,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":632,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"chrome.xahuapu.net/statics/2023/js/qrcode.js","fqdn":"chrome.xahuapu.net","domain":"xahuapu.net","tld":"net"},"ip":{"addr":"180.97.198.41","port":443,"asn":140292,"as":"CHINATELECOM Jiangsu province Suzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://chrome.xahuapu.net/help/744.html","date":"2026-06-06T07:10:10.787Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chrome.xahuapu.net","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 25 May 2026 00:00:00 GMT","end":"Sat, 22 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:57:13:B1:CF:FC:EC:09:2D:2E:18:9C:9F:0B:46:5C:A1:59:53:23","sha256":"FB:34:8E:D3:47:6B:AE:0B:06:55:B2:DB:65:82:BF:BA:E8:14:AB:EF:EB:9E:F8:EE:ED:10:FA:E7:BE:EC:6C:32"}}},"request":{"raw":"GET /statics/2023/js/qrcode.js HTTP/1.1\r\nHost: chrome.xahuapu.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://chrome.xahuapu.net/help/744.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 06 Jun 2026 07:10:11 GMT\r\ncontent-type: application/javascript\r\nexpires: Sat, 06 Jun 2026 19:06:53 GMT\r\nlast-modified: Thu, 09 Jan 2025 06:29:34 GMT\r\netag: \"677f6cce-8bb9\"\r\ncache-control: max-age=43200\r\ncontent-encoding: br\r\nage: 198\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nohc-global-saved-time: Sat, 06 Jun 2026 07:06:53 GMT\r\nohc-cache-hit: suz4ct65 [2], qdix65 [4]\r\nohc-file-size: 8560\r\nx-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":35769,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (3740), with CRLF line terminators","md5":"bd06ea568ae119edd9b9e98f0878149f","sha1":"3cd11a83d472b96d2cef87e9454d0b2e20880c4e","sha256":"740badb6e3f33f267d321e006f964d1f7ecbc0fcd4ab73c831bfa0bfdde8eb33","sha512":"91496c9e2ee9d9f6dcaa056324b6acf427b007f85f4d4583ac59d9e4674b9dc02db5c2ac41a9f1d657d1ada3360256e0700f26bdd0d3b873ffa17ef94c8b9d3c","ssdeep":"768:zYyI+dC7vrfJCNhZms25E0fg/ePjVQ+pSZmYfcH:EHvrfJCNhZQfRPxQ+pSAYfcH","tlshash":"17f220091b6f0219d03bb6289eabcc0ae7694e2b141d995f7d7ca0d80f7643494f9df8","first_seen":"2025-10-01T08:26:34.96625Z","last_seen":"2026-06-06T07:10:34.006726Z","times_seen":4,"resource_available":true,"data":null}},"time_used":662,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":662,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"chrome.xahuapu.net/statics/2023/img/header-logo.svg","fqdn":"chrome.xahuapu.net","domain":"xahuapu.net","tld":"net"},"ip":{"addr":"180.97.198.41","port":443,"asn":140292,"as":"CHINATELECOM Jiangsu province Suzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://chrome.xahuapu.net/help/744.html","date":"2026-06-06T07:10:10.790Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chrome.xahuapu.net","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 25 May 2026 00:00:00 GMT","end":"Sat, 22 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:57:13:B1:CF:FC:EC:09:2D:2E:18:9C:9F:0B:46:5C:A1:59:53:23","sha256":"FB:34:8E:D3:47:6B:AE:0B:06:55:B2:DB:65:82:BF:BA:E8:14:AB:EF:EB:9E:F8:EE:ED:10:FA:E7:BE:EC:6C:32"}}},"request":{"raw":"GET /statics/2023/img/header-logo.svg HTTP/1.1\r\nHost: chrome.xahuapu.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://chrome.xahuapu.net/help/744.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 06 Jun 2026 07:10:11 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Tue, 17 Jun 2025 08:41:28 GMT\r\netag: \"68512a38-34c\"\r\ncontent-encoding: br\r\nage: 331\r\naccept-ranges: bytes\r\nohc-global-saved-time: Sat, 06 Jun 2026 07:04:40 GMT\r\nohc-cache-hit: suz4ct74 [2], csix74 [4]\r\nohc-file-size: 364\r\nx-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":844,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"25516952f7f5f498d2d07a47b1759245","sha1":"3ae879a2784e2b8ebaf19644e94d5caaf7e16ce6","sha256":"094098ed1dcdd89bc828bad2d18f7347b53c101f31ddf760461c864f949ba331","sha512":"978064aeeb98752384010c139805bf963143bb97f3ea2c7081093b8860c75d045b1a1f75f480a374bd4dd66b48f5e73ed1ed355c3e4a4312ed3dd963d4b6dae1","ssdeep":"","tlshash":"a401ab8939e6450ca0748049d3c9b69219f8e5cf80a01efcf9ae106f0b9909b7487a29","first_seen":"2025-10-01T08:26:34.974462Z","last_seen":"2026-06-06T07:10:34.008843Z","times_seen":5,"resource_available":false,"data":null}},"time_used":640,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":640,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"chrome.xahuapu.net/statics/2023/img/icon-cloese-x.png","fqdn":"chrome.xahuapu.net","domain":"xahuapu.net","tld":"net"},"ip":{"addr":"180.97.198.41","port":443,"asn":140292,"as":"CHINATELECOM Jiangsu province Suzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://chrome.xahuapu.net/help/744.html","date":"2026-06-06T07:10:10.791Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chrome.xahuapu.net","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 25 May 2026 00:00:00 GMT","end":"Sat, 22 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:57:13:B1:CF:FC:EC:09:2D:2E:18:9C:9F:0B:46:5C:A1:59:53:23","sha256":"FB:34:8E:D3:47:6B:AE:0B:06:55:B2:DB:65:82:BF:BA:E8:14:AB:EF:EB:9E:F8:EE:ED:10:FA:E7:BE:EC:6C:32"}}},"request":{"raw":"GET /statics/2023/img/icon-cloese-x.png HTTP/1.1\r\nHost: chrome.xahuapu.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://chrome.xahuapu.net/help/744.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 06 Jun 2026 07:10:11 GMT\r\ncontent-type: image/png\r\ncontent-length: 296\r\nexpires: Mon, 06 Jul 2026 07:04:40 GMT\r\nlast-modified: Fri, 13 Sep 2024 08:53:07 GMT\r\netag: \"66e3fd73-128\"\r\ncache-control: max-age=2592000\r\nage: 331\r\naccept-ranges: bytes\r\nohc-global-saved-time: Sat, 06 Jun 2026 07:04:40 GMT\r\nohc-cache-hit: suz4ct76 [2], czix63 [4]\r\nohc-file-size: 296\r\nx-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":296,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 17 x 17, 8-bit/color RGBA, non-interlaced","md5":"e326e34a0a8876af980590df59e2ebf1","sha1":"20d11fdfbfee6e9a5cb74bbaa4c13f3980ef098f","sha256":"b976f98faf1c6b4b93266a010d9a96ca3ed2a7c0a68cc211064baa05bd15bc5b","sha512":"7b58d0d99fac44e8e9f80ff517a210e7fbc445d81f3390531359b0910ee97a6202aed67ef11079fa1f75e0ee172c694dbe2aa21006ac3d597584ce70a7ba074b","ssdeep":"","tlshash":"42e072f080224c3ce29e0037240c82a99e3c209a922780088880e0dd6c8662c010658f","first_seen":"2024-08-19T13:16:06.950268Z","last_seen":"2026-06-06T07:10:34.010686Z","times_seen":5,"resource_available":false,"data":null}},"time_used":653,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":653,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lf1-cdn-tos.bytegoofy.com/goofy/ttzz/push.js?2a6d8c54b459a0cc9d94c9eb58dd465735aada885f945ee77a425cb946a8d9bafd5c4a3974f9cd3eeb674bde712b4782cc4f323247d55c2ed2efd47b7c83521adc648ee828d46e7d3689a9c59fd080f6","fqdn":"lf1-cdn-tos.bytegoofy.com","domain":"bytegoofy.com","tld":"com"},"ip":{"addr":"163.181.253.202","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://chrome.xahuapu.net/help/744.html","date":"2026-06-06T07:10:11.468Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bytegoofy.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 19 Jan 2026 00:00:00 GMT","end":"Mon, 18 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"3E:44:54:E8:1E:67:87:C9:9C:01:D8:41:12:36:DD:65:49:E7:95:E9","sha256":"34:DC:66:D5:B6:92:CF:76:AC:9A:4B:47:FD:E1:99:C7:79:5D:45:7D:91:42:D1:22:91:D8:99:02:A1:92:DB:1F"}}},"request":{"raw":"GET /goofy/ttzz/push.js?2a6d8c54b459a0cc9d94c9eb58dd465735aada885f945ee77a425cb946a8d9bafd5c4a3974f9cd3eeb674bde712b4782cc4f323247d55c2ed2efd47b7c83521adc648ee828d46e7d3689a9c59fd080f6 HTTP/1.1\r\nHost: lf1-cdn-tos.bytegoofy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://chrome.xahuapu.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: application/javascript\r\ncontent-length: 250\r\ndate: Sat, 04 Apr 2026 12:31:30 GMT\r\nvary: Accept-Encoding\r\naccess-control-allow-methods: OPTIONS, HEAD, GET\r\naccess-control-allow-origin: *\r\naccess-control-request-methods: OPTIONS, HEAD, GET\r\ncache-control: max-age=31536000\r\ncontent-md5: LqvsFUPQ989nqVgaBGwKgA==\r\netag: W/\"2eabec1543d0f7cf67a9581a046c0a80\"\r\nlast-modified: Tue, 01 Mar 2022 02:59:26 GMT\r\nx-server: goofy\r\nx-tos-request-id: f61e5ed104a172c569d104a1-a94322b\r\nx-tos-response-time: Sat, 04 Apr 2026 12:31:30 GMT\r\nx-tos-storage-class: STANDARD\r\nserver-timing: cdn-cache;desc=HIT,edge;dur=2\r\nx-tt-trace-host: 013a79fc8ef90d4464e1b7eb6dbe0502d71f53ea2b162b9206d1b7197607d3c4ea2d1753cc1f8de27df63fc12c5991942f44cb8cb5a81df3b72c9bd1108a3ac94770b435f65aeaccb24a196120f6fca62e3242fc02fb62719dc0b2d815c075eff6\r\nx-tt-trace-tag: id=03;cdn-cache=hit;type=static\r\nx-tt-trace-id: 00-260404203129E6F31153768D05983F2A-1F9B0FBC6C3B0492-00\r\nx-tt-logid: 20260404203129E6F31153768D05983F2A\r\ncontent-encoding: br\r\nvia: ens-cache39.l2de4[0,0,200-0,H], ens-cache32.l2de4[2,0], ens-cache22.fr6[0,0,200-0,H], ens-cache1.fr6[2,0]\r\nage: 5423922\r\nali-swift-global-savetime: 1775305890\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Wed, 13 May 2026 09:26:53 GMT\r\nx-swift-cachetime: 28177477\r\nx-response-cache: edge_hit\r\nx-tt-supplier-id: 0_1\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: a3b5fd9517807298121354277e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":357,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (357), with no line terminators","md5":"2eabec1543d0f7cf67a9581a046c0a80","sha1":"1457010948371965598eb8be176bca4782855a20","sha256":"76fe1175f0b9100429f6e06ee61f795e83c496c5700d0d897fb92137ccd31c54","sha512":"093331d877b8be12f7518d5123b3bf209032141c79015a10b12250d5b729dc2c9744c85a585bbb65e5f3a9de8bdd6e24685b42fa386550c9610b89d06bebe901","ssdeep":"","tlshash":"e9e0c0a23186e51f80e4b17e5c05f02cc2734b4f0931518c869e7084e239b714233af8","first_seen":"2023-03-07T12:03:34Z","last_seen":"2026-06-13T11:24:29.906402Z","times_seen":1272,"resource_available":true,"data":null}},"time_used":1354,"timings":{"blocked":660,"dns":513,"connect":33,"send":0,"wait":35,"receive":1,"ssl":111},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chrome.xahuapu.net/static/images/favicons/favicon-16x16.png","fqdn":"chrome.xahuapu.net","domain":"xahuapu.net","tld":"net"},"ip":{"addr":"180.97.198.41","port":443,"asn":140292,"as":"CHINATELECOM Jiangsu province Suzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://chrome.xahuapu.net/help/744.html","date":"2026-06-06T07:10:11.912Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chrome.xahuapu.net","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 25 May 2026 00:00:00 GMT","end":"Sat, 22 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:57:13:B1:CF:FC:EC:09:2D:2E:18:9C:9F:0B:46:5C:A1:59:53:23","sha256":"FB:34:8E:D3:47:6B:AE:0B:06:55:B2:DB:65:82:BF:BA:E8:14:AB:EF:EB:9E:F8:EE:ED:10:FA:E7:BE:EC:6C:32"}}},"request":{"raw":"GET /static/images/favicons/favicon-16x16.png HTTP/1.1\r\nHost: chrome.xahuapu.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://chrome.xahuapu.net/help/744.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 06 Jun 2026 07:10:12 GMT\r\ncontent-type: image/png\r\ncontent-length: 640\r\nexpires: Mon, 06 Jul 2026 07:10:12 GMT\r\nlast-modified: Thu, 13 Jan 2022 09:22:51 GMT\r\netag: \"61dfef6b-280\"\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nohc-global-saved-time: Sat, 06 Jun 2026 07:10:12 GMT\r\nohc-cache-hit: suz4ct57 [4], qdix85 [4]\r\nohc-file-size: 640\r\nx-cache-status: MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":640,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"7186d9c4d8c6375a0078c536e02e769f","sha1":"1c7c90e3b17a113c153fd2a38a3a7c1ad8469778","sha256":"8cfe4dee651ae4d8d7a95478b55c1b5da0672fb197ee92bfab61aec035f58012","sha512":"cb4613402169bda4d763d80c31743745eea720151a954e5a3c70107ce4180300f74e2698726c0084628f94768dc77b85277ff80b78622f3872732aad7af8dd9f","ssdeep":"","tlshash":"daf068c8ab116bf1d47919f58817c36151642d2fc2f5e575078d88413ca6557002027c","first_seen":"2024-08-19T13:16:06.951204Z","last_seen":"2026-06-06T07:10:34.013593Z","times_seen":5,"resource_available":false,"data":null}},"time_used":277,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":277,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"chrome.xahuapu.net/statics/2023/img/icon-settings.png","fqdn":"chrome.xahuapu.net","domain":"xahuapu.net","tld":"net"},"ip":{"addr":"180.97.198.41","port":443,"asn":140292,"as":"CHINATELECOM Jiangsu province Suzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://chrome.xahuapu.net/help/744.html","date":"2026-06-06T07:10:10.789Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chrome.xahuapu.net","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 25 May 2026 00:00:00 GMT","end":"Sat, 22 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:57:13:B1:CF:FC:EC:09:2D:2E:18:9C:9F:0B:46:5C:A1:59:53:23","sha256":"FB:34:8E:D3:47:6B:AE:0B:06:55:B2:DB:65:82:BF:BA:E8:14:AB:EF:EB:9E:F8:EE:ED:10:FA:E7:BE:EC:6C:32"}}},"request":{"raw":"GET /statics/2023/img/icon-settings.png HTTP/1.1\r\nHost: chrome.xahuapu.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://chrome.xahuapu.net/help/744.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 06 Jun 2026 07:10:11 GMT\r\ncontent-type: image/png\r\ncontent-length: 140\r\nexpires: Mon, 06 Jul 2026 07:04:40 GMT\r\nlast-modified: Fri, 13 Sep 2024 08:53:15 GMT\r\netag: \"66e3fd7b-8c\"\r\ncache-control: max-age=2592000\r\nage: 331\r\naccept-ranges: bytes\r\nohc-global-saved-time: Sat, 06 Jun 2026 07:04:40 GMT\r\nohc-cache-hit: suz4ct53 [2], wzix80 [4]\r\nohc-file-size: 140\r\nx-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":140,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 21 x 18, 8-bit/color RGBA, non-interlaced","md5":"560febf13de7d01d17b9f751a6625ac9","sha1":"1cdca6118fb27cfcf1ef479a32bf3d864be90fe3","sha256":"427c1fecffe315a6b8bc707193d57fa0fdd05dc6fc151d3c29cc2eb159790ea3","sha512":"d687036deb3c99ab6aac37c85b35a5cec8b804defa87f6d06ea3dc8e908ba88da1eb7b12f8615d8fca031a84177dba4a94a6e1ef53d37c308d39dbb02d92e968","ssdeep":"","tlshash":"86c02bc74f020728cfc6c6fb42243410dd30035c0408381c1a0980327388b0e8c5764f","first_seen":"2024-08-19T13:16:06.919637Z","last_seen":"2026-06-06T07:10:34.015247Z","times_seen":5,"resource_available":false,"data":null}},"time_used":643,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":643,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"chrome.xahuapu.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}