{"report_id":"6f4aa1fd-8f15-4c05-8435-7cd3a17d918c","version":6,"status":"done","tags":[],"date":"2026-02-13T05:49:11Z","url":{"schema":"http","addr":"wnsr113.com/","fqdn":"wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":0,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"www.wnsr113.com/","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"title":"澳门威尼斯人赌场-澳门威尼斯人赌场攻略","dom":{"size":178707,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (60474)","md5":"42b9d8d70d3c7390a6fdf8248d5f6a9f","sha1":"c1317d11b6f7a25113dd7d9b175bc453bbf39375","sha256":"370d70195fba8ad3cbf6e2615349943eef95ea503e6abef26870e5f4acac9e83","sha512":"da0dc408d14d5b8ab8a6188d6569e0be182ad4dcdcff4c1486afdf6cf8c22bcabbb4fb50b3eef49676ae41cfffffe760824078162ecbcf3c2668b82aac9a6486","ssdeep":"3072:Fd3WRH6KDzjQZJSfWTIEBQV1V0Uwwr/IFhvQXtFyEUChJ:/3WwKHMXo4LBQV1GUww8U/f","tlshash":"d904023119873e1b3e9f98e8a0322f6e5f91cd0f8061814965ec5ad09bebf70ec5e464","dom_hash":"domhash0a81821507b78bcd0c49c699afa5d4f7","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"wnsr113.com/","fqdn":"wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":0,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-20T05:49:11Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-13T05:48:49Z","timestamp":1770961729,"ip_dst":{"addr":"172.66.47.54","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":33378,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Cloudflare Page Developer Domain (pages .dev in TLS SNI)","source":"{\"timestamp\":\"2026-02-13T05:48:49.179142+0000\",\"flow_id\":1826244710735937,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.20\",\"src_port\":33378,\"dest_ip\":\"172.66.47.54\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2057746,\"rev\":1,\"signature\":\"ET INFO Observed Cloudflare Page Developer Domain (pages .dev in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_11_20\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_11_20\"]}},\"tls\":{\"sni\":\"huobosports.pages.dev\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":789,\"bytes_toclient\":1654,\"start\":\"2026-02-13T05:48:49.172097+0000\"}}"}],"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.wnsr113.com","ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":89,"received_data":3560118,"sent_data":40846,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"jQuery:1.11.3","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"sadasd.dgxmwl56.com","ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"domain_registered":"2024-06-12","domain_rank":0,"first_seen":"2025-11-15T10:21:33.688972Z","last_seen":"2026-02-07T07:11:44.353028Z","alert_count":41,"request_count":41,"received_data":1716194,"sent_data":18626,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}]},{"fqdn":"wnsr113.com","ip":{"addr":"107.163.230.2","port":80,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":2,"received_data":88807,"sent_data":876,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"bannner-08.cfd","ip":{"addr":"107.163.157.112","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"domain_registered":"2025-08-25","domain_rank":0,"first_seen":"2025-08-30T13:44:24.909376Z","last_seen":"2026-02-13T05:46:53.111281Z","alert_count":0,"request_count":2,"received_data":5921,"sent_data":976,"comment":"","tags":null,"fingerprints":null},{"fqdn":"hm.baidu.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"1999-10-11","domain_rank":54491,"first_seen":"2012-05-26T08:38:45Z","last_seen":"2026-02-09T02:29:32.887209Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":438,"comment":"","tags":null,"fingerprints":null},{"fqdn":"huobosports.pages.dev","ip":{"addr":"172.66.47.54","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2020-09-02","domain_rank":0,"first_seen":"2025-03-14T09:30:56.718713Z","last_seen":"2026-01-31T16:31:00.688492Z","alert_count":0,"request_count":3,"received_data":2377,"sent_data":1412,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"sadasd.king-pco.com","ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"domain_registered":"2017-03-06","domain_rank":0,"first_seen":"2025-07-05T07:52:29.678614Z","last_seen":"2026-02-06T08:07:19.271523Z","alert_count":0,"request_count":1,"received_data":448,"sent_data":428,"comment":"","tags":null,"fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"bannner-08.cfd/sttcs/?channel=88801\u0026ref=","fqdn":"bannner-08.cfd","domain":"bannner-08.cfd","tld":"cfd"},"ip":{"addr":"107.163.157.112","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"f8a0217b023797d073bf9533e6f41a49","sha1":"47bf94b066d75bd507a419bfdcc3f20024505289","sha256":"ec56ce07963597ed490565d7c8b7591501400707cac121cb26869003bc8044f8","sha512":"958f8c5a6b2d6cd41c955d6163121cfd11ea7afb11ba1489c976e740c083c59fb494df808870cfbd657460beb63ec7708434c6362993290043f8463b3a207ae3","ssdeep":"","tlshash":"7601d6296f9b6a784143820737bdd3643e7311e26474e08579dcdec80aa0fea581ae54","size":822,"data":"","first_seen":"2025-07-08T21:23:31.882606Z","last_seen":"2026-04-03T12:21:21.200334Z","times_seen":824,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bannner-08.cfd/sttcs/?channel=88801\u0026ref=","fqdn":"bannner-08.cfd","domain":"bannner-08.cfd","tld":"cfd"},"ip":{"addr":"107.163.157.112","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"546fe7216a0419ea5d996bb9930d9f32","sha1":"5d39a4617d43fb7f00c6089529921b4fcaabc6b3","sha256":"b6bb5cff87917dd9430b81fcb4c3e1491aa1f80e0e39937db882e5583a0e8458","sha512":"d99a35d69b5ead21e48bd054c65f3e66d1d36c2860780ac5cfaee9692a8873fb556c698754b13b25106646f5fa1bc228b63b4eb21aae1f6f88e45adbec16bb54","ssdeep":"","tlshash":"19e0c21b5c131474669a086916bf9948b692154f606ac001b98de8515f50ed6082db88","size":300,"data":"","first_seen":"2025-09-26T12:56:18.106378Z","last_seen":"2026-02-18T20:47:40.212521Z","times_seen":118,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bannner-08.cfd/sttcs/?channel=88801\u0026ref=","fqdn":"bannner-08.cfd","domain":"bannner-08.cfd","tld":"cfd"},"ip":{"addr":"107.163.157.112","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"4f4de168c8fdfea90fd17362b62dd2b8","sha1":"c2ac76a35804ae96c911a23daade6b79fc58d605","sha256":"32719944cd4bbe7730d3c322827971f3bde910e448d0c1be775e73290fcd06e8","sha512":"8b069030ec7630b52f8a320e645d343d4371fd557d142cc94d97d820ff9817ab6346f8cebe08ea55bc0065ee57e3b327f4c1606630819bad4979ef469bb69a96","ssdeep":"","tlshash":"3a61ac6a9d94e9517f0f9eafb937b049e437784e2990404fb014f95039a0735feca23a","size":3387,"data":"","first_seen":"2026-02-04T19:29:57.412342Z","last_seen":"2026-02-18T20:47:40.213968Z","times_seen":26,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/js/chunk-vendors.8940929e.js","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"85de9f46a34713e60bff58e0dd38e3f2","sha1":"3128363a5522a58d120a54bbb97ec508a0312d38","sha256":"0414818b8792692d4daef5946748f6f95e9e0a15aa1f062731d9f8bda1bc025d","sha512":"2e8f14ec9bead8332333e075dc15bd24d7d3e6cfcf2307d41ede93839b6dba946b50db66ec30bb5074bd87c547b2ecb40b9ea5412875945644e9f442de6457b4","ssdeep":"3072:PHqbuXPX0TXSjWbmkHqbuXPsFEXQT5VXbGpLsev6ns106vHqbuXPlG9ft3DN1umc:cSDXCNvms1jG9t3DNkms2z88CTCxJI2I","tlshash":"3ce4c884b774b02287ad3ee4052b504fe279fa2d684740bcf268d4f57cb9985663af34","size":664871,"data":"","first_seen":"2025-12-22T21:05:20.395283Z","last_seen":"2026-03-31T02:34:08.002573Z","times_seen":289,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"d4603e5e9906dda7a5cabdbe1401a3fd","sha1":"4fb82262f5fd1f9d8dede3f4e5601ce762e27ab5","sha256":"c12ed8beefde6ba2cd9fec28e711ec6fa591d8a107d04eb644f2d3d4876d1854","sha512":"48fbcb75bd637d33052cf9d44e78c0f06a012e797bf155e132e1b394622d92d2bdbf4e4a4ed0ec2a2a469787591f2546ac2949c62074fc427fd0bfd5b712261e","ssdeep":"","tlshash":"729004d530c310544d53335404573cc730344470144c4f54c040d4511c55034511547c","size":39,"data":"","first_seen":"2023-05-08T13:41:20Z","last_seen":"2026-04-03T12:21:21.198937Z","times_seen":1803,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"194f3b80a149b1c8a522613263e8d248","sha1":"6ff25fdde8e924c2e3de45aca28f63a7b83eb66c","sha256":"7840849edaec44e044bbab5bbccd6d1ebb5115e7988b3a8781b75f0a7672cfef","sha512":"fc608b56771cfd50f6b3efb35511b871fbc91d4fa4dc18909971e7604c1d70cf33a5b4a0c3006abac71b1d0dbda40540f25a4f0030feaeb9f512ccad6f2e14eb","ssdeep":"48:1p7V6XUmFfLfgmADzaKtNK6lnX9jU3GtdCB3Ql8qOxSnv7yV:1p7VGNNLfgHauN11lkA8V","tlshash":"fbd140ea88144fda68627fd0fd9358c9a0b485ea4b9512870ecbd7b8f16e7f45f03058","size":6448,"data":"","first_seen":"2025-09-10T06:16:12.71827Z","last_seen":"2026-03-08T16:25:31.193278Z","times_seen":60,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/sttcs/stjs-remote.js","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"16d81df56206c6937872ac86e5f14b81","sha1":"84ebf609d73b6a91ed13378ce1b3c5b38235b9fd","sha256":"73d3b3522af8af36383f325a6dc13f533e8a165cdf1e9078f3ae585563fabfde","sha512":"5340fe6296f9322e3a54751e5ba93a03526e72a7af830ac8b2e8c14fc0dcb44ad0e4951ed871460427450685c589695eae632186ba252c2beee8c953b3662ffe","ssdeep":"48:I40W40c0406ThLx40cL040U40W40c0406ThLx40cL040EQlR0406T340c040D04V:WGZKcW31FobyiCQ2asotAI","tlshash":"47b3080dc012ebd5b5ce15ac38e49e9d5e0d8e0fbfa4c66c2e49b792579aff0a080c51","size":111738,"data":"","first_seen":"2025-09-10T06:16:12.689327Z","last_seen":"2026-03-08T16:25:31.15287Z","times_seen":60,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bannner-08.cfd/51la.js","fqdn":"bannner-08.cfd","domain":"bannner-08.cfd","tld":"cfd"},"ip":{"addr":"107.163.157.112","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"652eef04b809d40d63f8e7fca2f1c09a","sha1":"d8e319c771caab69482ba9be40202e5a025b9491","sha256":"3a4713bb53234d93050f7530c0ac137bb703bef2aef2374c9d55b1b3b661bee8","sha512":"0b421d627ff674c18f3355fdaadb415bfabf55967413b0adbe65122e228130030b6b3e55160b23bb8d4da98d82576e4eee3c443a181df376eed3c6a764b06e14","ssdeep":"","tlshash":"c811b17e79573ca21207f0170bfbc02d32d1518c166b40c0f46ca188bf58ad5901b75c","size":950,"data":"","first_seen":"2025-07-08T21:23:31.868219Z","last_seen":"2026-04-03T12:21:21.169438Z","times_seen":826,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/js/app.d6b608d8.js","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"4f96e274f0f48987ec7aa5e66092c423","sha1":"39d517836b5a15980a71d359923a8433be6e9245","sha256":"d8e0e626d79e1f67222468121f89b1ac6252394418a307cb63fd67d40f00edc5","sha512":"8641c27657de53be3a8d3555af8a418b90718a6df8d2bed8adaefd9c4f33565ec9809f5133e46a8344357901164cef8598e0a616f1d4f0997383e2d0f599bad0","ssdeep":"1536:q6cagyxlDtE+34vELKm2AnI0I2ehI4FUHdiTM:KetbiU7IM","tlshash":"cf633cc06108b892527b61e5443f2407b1a23a3be205d5d4f2b9f8ededb85e9732d93d","size":70802,"data":"","first_seen":"2026-02-01T11:45:29.523436Z","last_seen":"2026-02-18T20:47:40.194938Z","times_seen":28,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/js/app.d6b608d8.js","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"4f96e274f0f48987ec7aa5e66092c423","sha1":"39d517836b5a15980a71d359923a8433be6e9245","sha256":"d8e0e626d79e1f67222468121f89b1ac6252394418a307cb63fd67d40f00edc5","sha512":"8641c27657de53be3a8d3555af8a418b90718a6df8d2bed8adaefd9c4f33565ec9809f5133e46a8344357901164cef8598e0a616f1d4f0997383e2d0f599bad0","ssdeep":"1536:q6cagyxlDtE+34vELKm2AnI0I2ehI4FUHdiTM:KetbiU7IM","tlshash":"cf633cc06108b892527b61e5443f2407b1a23a3be205d5d4f2b9f8ededb85e9732d93d","size":70802,"data":"","first_seen":"2026-02-01T11:45:29.523436Z","last_seen":"2026-02-18T20:47:40.194938Z","times_seen":28,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"21528513ea0bb89338f89d9478395344","sha1":"848e5b6a016d87987a2f3b92fed7644e46a6ac95","sha256":"7efe722526c13d18cdbd419515c538ecbc1d78c07b460ada1b4e89737c9f4d08","sha512":"0add38a0a4b3992ad2815f6e1de1fe1ba426f0381b8212f98c5b40cf60152b6d22806ecb41ffc77bb413c7944244e1bd7829370a134c3da806362a6ca7bb7af0","ssdeep":"","tlshash":"8b710ca4437a8daec4375910dd35be0d9cf899b25f9fe02aad3b78c8cd756e04b80254","size":3605,"data":"","first_seen":"2025-09-10T06:16:12.721325Z","last_seen":"2026-03-08T16:25:31.191889Z","times_seen":60,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"78ac2aa5ccc29c90a345c90aab40b442","sha1":"cac604932faa4add2955602b41de8a8bff362ebd","sha256":"53db339b0b80637f13dfc63813d7366c899cebe0db896602886ece619163d82e","sha512":"5c76abfa8f4091277643f4dad57c37d9eb71d33c9691f0e85bc82ac5f303d4e3da4937cbc2354e4d5c5d0022746d7c06f975f209067df2cefa55bd3827d892a7","ssdeep":"","tlshash":"31b01242d0575c0e0170c236ec485418474d4a7d9fa708010dc6ab5c0c99f1405e549c","size":103,"data":"","first_seen":"2023-03-07T01:06:53Z","last_seen":"2026-04-04T00:38:10.548473Z","times_seen":11003,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"8ea3877ae0db4dd2c39f03c0b95939cb","sha1":"d1c3c9141d0521cc4401c29f81cf3f268065cb32","sha256":"acac378766e6365effed4521f0301e1bda13ab580b2a1fec957b82d4819083c4","sha512":"763be8bac55a4565239c21cf6bf367d2684c1db2bb7e7cb85d05317e6a8a0c19bfd8802afbe95290b1d9aec8b8661d6973caeab46e3c1a81c7adccce3d86af6f","ssdeep":"","tlshash":"00c02b250f313222a470c2f93c56feac0912806087a5890c31ef7836c3a720500210d1","size":133,"data":"","first_seen":"2023-03-08T12:37:01Z","last_seen":"2026-04-03T19:43:44.081691Z","times_seen":3291,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"d180e5edc020160081c750b37a9650ca","sha1":"5541a8db0b73b588ef8d8096deac227d49d13f83","sha256":"0b985295d52ecb47d69f5559a5c6c83f5ba9ed9d2846fd10b72e213ddf66b120","sha512":"f4e197dcd0828c46e126690e42808159483c5f49701afff670f84f8eb36463c7c670bcf48a00fdc230438a3355721dcc4a3a54835bd97215aa5dacb296614940","ssdeep":"","tlshash":"4eb01271c999e468c125f104e0c48bce26340189b7779f084538aa62508fe942c3c5c0","size":97,"data":"","first_seen":"2023-03-08T12:37:01Z","last_seen":"2026-04-03T19:43:44.072326Z","times_seen":3291,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"5726b5192c762b411d14e5417c2803aa","sha1":"1110c7b92dd0e2bfaf637b24ef7b9edbe319270c","sha256":"0f5a5b05ada46e779c54bbbe01387c14efc18d2b00bfbe2a3b3c726a05c1157a","sha512":"5a3d75313bdeb32c825f2302debd66bc3a33994f516b3ad04d6360e5d09aad74aafb9d478f589cb355a572a22cc113afc94f7fe4e99e8aee8e86d9aed36f8d42","ssdeep":"","tlshash":"11c022b30c09208c0920906030340c0c4006ae04f72289f425f53c6a310c3ec36d26e8","size":191,"data":"","first_seen":"2025-09-10T06:16:12.728372Z","last_seen":"2026-03-08T16:25:31.197152Z","times_seen":60,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"0a3a0b592b9c285e050805307cee87c2","sha1":"125a168e24b2bd38aadb84cbb5f87f316b073c41","sha256":"aac32651b10f567c461b9b4f255d6fb1fa6859b5368d8bd9a51af920ab21cf23","sha512":"4097f05a9ce819914160aeba71fa11524f6b291a39b7c948509d756318b600934f1d195980df66bc7731e327979135bfcbe0e9ff3758d779a72481ed623cd3a5","ssdeep":"","tlshash":"a34000000000000000000000003000000000c000000000000000000000c0000cc00000","size":6,"data":"","first_seen":"2023-03-07T01:02:09Z","last_seen":"2026-04-04T02:12:52.188916Z","times_seen":226273,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"https","addr":"www.wnsr113.com/ywly/dzspmy/202411/W020241111291030728012.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.764Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /ywly/dzspmy/202411/W020241111291030728012.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1061,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced","md5":"b88afd1274c90b2676eaa9a63a143d64","sha1":"7dae04b2449a791eb4fde8d51e1274c31572000d","sha256":"91026c521496b35dd0d90858a9434f657f9abcae0458ee5ebf94bc9e9700bfae","sha512":"e82f9996eae2157a5b48866a1ad4e60b72e5367c2480755ccba388d96e47e9eb7dfeaf762ae146b1724a3cd427d6de252f423d36e2430c90620d2cfa0c55a468","ssdeep":"","tlshash":"2011e9f37350581ef6094591c478825fcaffd43280721a5fe031dd306e0e414b675172","first_seen":"2026-02-13T05:49:21.870738Z","last_seen":"2026-02-13T05:49:21.870738Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1887,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1887,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/ywly/cbgccs/202411/W020241111294032984786.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.771Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /ywly/cbgccs/202411/W020241111294032984786.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1184,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 35 x 36, 8-bit/color RGBA, non-interlaced","md5":"015481b318dade4754420ee3f33f6bad","sha1":"e428d9bc6a3bb60b4e31621eb3b7c089e32b2960","sha256":"646814a6dd1ef79028cbb81f146aac63d27d7770f3302513e8b3ebb40a5c59ac","sha512":"38d6273e7b626399d74d64a97b03e823c839db6ed5c668ffb8e596cea2f046a7ef1fca0b4a227933f76de1919231adde6b2a39c466eeb421e71b8eb8aa433ef5","ssdeep":"","tlshash":"e121b7481d2c1076cc3e3fd50d0da9b074af6450d1bf341adb02c9285c0f56e482a6a6","first_seen":"2026-02-13T05:49:21.871891Z","last_seen":"2026-02-13T05:49:21.871891Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1885,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1885,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/synr/202411/W020241119248243647953.jpg","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.800Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /synr/202411/W020241119248243647953.jpg HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15969,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 398x243, components 3","md5":"d03997a162cb9f166e140a8b3504bd84","sha1":"27842701dbb8936946d31d75a4d3301e0c7535d1","sha256":"9f8ede2d0f2d34e7808712ee966bbfede12096e33c413af3df85f258df72ba5b","sha512":"edd438abb63dc98ccb18cebdc1e6fdf572efcfd77044ace2439f5ed4b0b32585ba5c53821410c7151a215e920f1ca96bfc1b26631d95f1900e3c1cf04a937fee","ssdeep":"384:Yk9+OgU646gQVKO8YTQmJq25ZxZwSCoLZwUY+zni:YrTU64LMKrYkiB5fPZhi","tlshash":"3d62c009abce26d87311cbf7cd89228f79c59aa1d79092722ee460cddd00cfd76495c9","first_seen":"2026-02-13T05:49:21.872796Z","last_seen":"2026-02-13T05:49:21.872796Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1847,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1847,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/images/pop_home.jpg","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.803Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /images/pop_home.jpg HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14061,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 394x276, components 3","md5":"24d53b9d9b548523dbe1244214f7eb18","sha1":"9ff0c7f387e22f01b7b11dfdce3adfdea325c75a","sha256":"412e542fd1f5f7fd5425aadbc83c9754e3659fec14caf1e5f8723f65e6df91ba","sha512":"e2d126e2d1752a30729ab9afd99dc9427e48cc4f1e1ebaf4a42d81bccdd93032f3c0897f67a2661a6cd213ac940494ba54ae1f6a9ccf1b2523871ee0b263e905","ssdeep":"192:LslJlaa9n0OvZMkYxrI4qhTAjQhSMWeEe8lMG6c94Pl2DYHlX2aT+dF:olzB0OVVhT6QhS2l44Pl2DYHF2u+z","tlshash":"de52cf2e081784c7eb5aa341b623226c86c793016375b0fa24f378139a61cbf6ae5c21","first_seen":"2026-02-13T05:49:21.873823Z","last_seen":"2026-02-13T05:49:21.873823Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1841,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1841,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/images/jquery.media.js","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.720Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /images/jquery.media.js HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:48 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16120,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"660316017bbecf7fbf5e715d8a18cb4b","sha1":"bf85a386cc0038b42098a5e014326f1f593bc0a8","sha256":"bfe14a5af850c317e1029fed47f5a41ccd44ea1005c7c71d187c3af38eed156a","sha512":"48107895b6eea2de0dff57cfb02f905259a5603b847d029412b00c582659810b71efecf614185f52544020f20c1d713946a192920fbb918606eacb1b46850ff0","ssdeep":"384:uvMoybpxYjOGhjzqLXwT7kMNoI5WwmVsGyvmOoqe:uvglxYjjzCwT77AsPW","tlshash":"cf72d809f36ed02b15a332d7466e9198af7d9053f600ee50f4ece09d2bc8d2da562e25","first_seen":"2023-03-07T16:39:54Z","last_seen":"2026-03-06T01:38:06.753464Z","times_seen":15,"resource_available":true,"data":null}},"time_used":251,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":251,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/images/index.css","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.730Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /images/index.css HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:48 GMT\r\ncontent-type: text/css; charset=utf-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11521,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"e9a0145a9e43dff14dfbffe86ff0d6c0","sha1":"1da386252ffabaab7c2df1457e13b112313842d1","sha256":"30ed62ebd743204148d327d50ef80c04f329d49b0a26d6e3ce64c238c0f69283","sha512":"bc99c9ef2f444b1b93bc8eed56ec605481620d81f4c0ace42a3a4b89b6c1ae25ab343047fd6657f5d6b10c43e6f0944ea10a6ba7376c48dc6b545e75c37ba318","ssdeep":"192:djbXuWs3/XTR0Mxab58LoUCCgTqulPHfu1gVZu:dgTyhwgVZu","tlshash":"d33285354bb0202df43ff311fac08bdd3225c057f5ab4aaeeb597425c38629522366ca","first_seen":"2026-02-13T05:49:21.876114Z","last_seen":"2026-02-13T05:49:21.876114Z","times_seen":1,"resource_available":false,"data":null}},"time_used":246,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":246,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/ywly/jyfzp/202411/W020241111287676436919.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.759Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /ywly/jyfzp/202411/W020241111287676436919.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":699,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 36 x 33, 8-bit/color RGBA, non-interlaced","md5":"88c07a8981e1299ac1a8d9b07462f8eb","sha1":"77d074785165ffa0450eaf81da17c1b401591e6e","sha256":"71409e287178f1fa0c6aa568421fbd1d7733f87123b03b856f170d2ff95d3dd1","sha512":"849a9752d182de0aebdd07a9f3c6caa7c06613b1641b4e9f5b4313b948e0c066993db687d265037b7392c946a254e38f128c840860c7677ee1e7a622336fb35b","ssdeep":"","tlshash":"aa01e44809aa1240c8b08273c2b2cb13fc8286385f41d2bc00beeb8ec228330ec0b203","first_seen":"2026-02-13T05:49:21.877713Z","last_seen":"2026-02-13T05:49:21.877713Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1892,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1892,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/ywly/xxyw/202411/W020241111293185052360.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.769Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /ywly/xxyw/202411/W020241111293185052360.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1971,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced","md5":"9e0609732529e20dca9d23195b8b5b92","sha1":"6a99ee28437eb768e50077869eef9e40731f3d13","sha256":"e9fe4fc3c040ce2375ff8510cdccf2121bf7a0211f54a868c93384d34ea3ab16","sha512":"60dcc1a615493374000c9c19481b9376bb31dc514b6d6cc6376e3ad2d3adfc58dbba3bf2dd716ebe151004af4f9b51968359e05c4750d67468c93043f31c28db","ssdeep":"","tlshash":"af412c82394a2015f969a67777f8ecf1e53b433641bf4188e0a0545163587c1e47d7e3","first_seen":"2026-02-13T05:49:21.878922Z","last_seen":"2026-02-13T05:49:21.878922Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1883,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1883,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/investors/202411/W020241119217996181430.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.780Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /investors/202411/W020241119217996181430.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":55955,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 480 x 261, 8-bit colormap, non-interlaced","md5":"ff5826c41af448fccc9ed994c0c01849","sha1":"4f033bb3c0ac43342b9aa62b061e20cc44af4b20","sha256":"44ca246d0c6532aa52bbcdc3ef8ad9d7fe56d69c9195dce25f8b4f929dac0c38","sha512":"6f2e1402a884b0ca6b26131a86afabc3f1304ba2658acb3870bda332e9f8f8ff07f0900c8525c528dcfba13e8b2b1b6795562a216ec6de9fb3b1e119111a94ab","ssdeep":"1536:VvhqQhWepyfGQZIBKX1fAD2TYTaZczjEoKIHNpvhq:VhefGEj17dcMpEn5q","tlshash":"8d43f1709e16825c1472fb7605d7580fc1966f14ab9662390f36f07ab9220ccaaddfc7","first_seen":"2026-02-13T05:49:21.880531Z","last_seen":"2026-02-13T05:49:21.880531Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1874,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1874,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/images/nav_arr_d_w.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.782Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /images/nav_arr_d_w.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":124,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 9 x 5, 8-bit/color RGBA, non-interlaced","md5":"d39ccd2a203e03c5cd8ea50df72553f1","sha1":"09fcff47ba1239b7b5d0c3f96a2a26d915339f51","sha256":"dc4c24a2fc563f69f7c7f764f0e27096fab4db2988b1aee724811351dc01fd32","sha512":"04a6cf53208879f3ae56bcde6b185475068b9ba0eccc4fbd08de214e842a33a523fc6e8030fdbe9e204f2457281c81ecf95ed7076be072e9a05d53af3c51f09d","ssdeep":"","tlshash":"91b02bd596431d3bd284033f491d0018c422055c02c1c1cd5842a033400f1e010c0354","first_seen":"2026-02-13T05:49:21.881473Z","last_seen":"2026-02-13T05:49:21.881473Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1871,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1871,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/js/app.d6b608d8.js","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:50.278Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/js/app.d6b608d8.js HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bannner-08.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: application/javascript\r\ncontent-length: 28003\r\ndate: Thu, 12 Feb 2026 14:45:43 GMT\r\nx-oss-request-id: 698DE797D1E56736350BFF6A\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Normal\r\nx-oss-storage-class: Standard\r\ncontent-md5: T5bidPD0iYfseqXmYJLEIw==\r\nx-oss-server-time: 22\r\nvia: ens-cache4.l2de4[0,0,304-0,H], ens-cache21.l2de4[1,0], ens-cache12.nl3[0,0,200-0,H], ens-cache1.nl3[3,0]\r\nvary: Accept-Encoding\r\nlast-modified: Sat, 31 Jan 2026 10:57:12 GMT\r\nx-oss-hash-crc64ecma: 7938614471151842741\r\ncontent-encoding: gzip\r\nage: 54187\r\nali-swift-global-savetime: 1770907543\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 13 Feb 2026 05:46:26 GMT\r\nx-swift-cachetime: 32357\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617303238053e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":70802,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65082), with no line terminators","md5":"4f96e274f0f48987ec7aa5e66092c423","sha1":"39d517836b5a15980a71d359923a8433be6e9245","sha256":"d8e0e626d79e1f67222468121f89b1ac6252394418a307cb63fd67d40f00edc5","sha512":"8641c27657de53be3a8d3555af8a418b90718a6df8d2bed8adaefd9c4f33565ec9809f5133e46a8344357901164cef8598e0a616f1d4f0997383e2d0f599bad0","ssdeep":"1536:q6cagyxlDtE+34vELKm2AnI0I2ehI4FUHdiTM:KetbiU7IM","tlshash":"cf633cc06108b892527b61e5443f2407b1a23a3be205d5d4f2b9f8ededb85e9732d93d","first_seen":"2026-02-01T11:45:29.523436Z","last_seen":"2026-02-18T20:47:40.194938Z","times_seen":28,"resource_available":true,"data":null}},"time_used":78,"timings":{"blocked":35,"dns":0,"connect":0,"send":0,"wait":32,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"wnsr113.com/","fqdn":"wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":80,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-13T05:48:47.290Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 MOVED PERMANENTLY\r\nServer: nginx\r\nDate: Fri, 13 Feb 2026 05:48:47 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: http://www.wnsr113.com/\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"MOVED PERMANENTLY","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":88594,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":588,"timings":{"blocked":178,"dns":0,"connect":177,"send":0,"wait":232,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/ywly/dlgj/202411/W020241112125684814890.jpg","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.744Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /ywly/dlgj/202411/W020241112125684814890.jpg HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":39446,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x261, components 3","md5":"dbd135f89260a83c419bab23de119c26","sha1":"e9b55c88eb4476ba1f1b7fc0849abd81ec130cca","sha256":"5b98fdff8a11af7df8b976bc87c9a5c91b6e03b6d264697ef62147a94b37b104","sha512":"3e32af98c74d3971b4e5f8983c28503206ff2a11a3606c19685bcb31780be9b857ad601be86caf9e5214fd9f0b3e5319ea264f073542a95aa7a772cae45aa2ae","ssdeep":"768:zG0pQ8mP1lxYPURJsAzQwn+eZlAMo7HVzXLOduuq9Ok3jIjWhf462v2CbL:zG78mP1LY8zZBo71bCcPOk3jQOgrn","tlshash":"9e03f148934086ea8f05aa36242f504c454aeb59ff6a7af50b603d7c9259ffb70e4a13","first_seen":"2026-02-13T05:49:21.892608Z","last_seen":"2026-02-13T05:49:21.892608Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1899,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1899,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/ywly/jyfzp/202411/W020241111287676219770.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.756Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /ywly/jyfzp/202411/W020241111287676219770.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":972,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 36 x 33, 8-bit/color RGBA, non-interlaced","md5":"400f94147fb5ded4d2ffdef0649c26f6","sha1":"3f55782a2ca93588fd895a0ce87b3331f5324756","sha256":"f0ec230c23b866bdc36c3eae813013f21c3873bf050e424da0ec314733f60ece","sha512":"90afd1b6f8728adb959ef259dd6f660f983d95943bb46eec10590fdbf6b5f79eb833611c750fc4a832e6392f783b53ce81378fed98e8619022f50943f1878f17","ssdeep":"","tlshash":"581194e408e459bd8b6b842ba8a19968cc60826cb091ca1cc6067d958dc9b4601c151c","first_seen":"2026-02-13T05:49:21.893872Z","last_seen":"2026-02-13T05:49:21.893872Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1896,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1896,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/ywly/dzspmy/202411/W020241111291030963220.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.765Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /ywly/dzspmy/202411/W020241111291030963220.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1056,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced","md5":"7a2a93b83f1c7749dc3c7e4a5abb9bbd","sha1":"50a993400643c7f7396eb433c55a8e1aa1f070f1","sha256":"290f22346b70c199e22f914c27331b4875bc90179af472deeb7a01c6e9480151","sha512":"a41b5886f5c20564fa796607be95951e0dc6cff94a857b29302b38ef80a4d58cc2b52cf33912e7456a9499ea6795c1777b2e6bea1ec65daafed4c7b862e60e22","ssdeep":"","tlshash":"be11d5da004d2025974f05d3ce002aa722a07ffefa769812df8396ace068313c0d417b","first_seen":"2026-02-13T05:49:21.895014Z","last_seen":"2026-02-13T05:49:21.895014Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1715,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1715,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/ywly/gtbj/202411/W020241111291987176331.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.766Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /ywly/gtbj/202411/W020241111291987176331.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":684,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 40 x 31, 8-bit/color RGBA, non-interlaced","md5":"8742babc02f15c7240581cc2b1a16694","sha1":"1423c431ecab511cc939b57bfda6b71a8b2497f0","sha256":"4c9072353ce1a279f12039eafc51f60379e00de2f694f3ba06a39bd423efc413","sha512":"696ddeceae3fa7f2af5eb1c3b624aa552e0527912b1736b999f5e5f38be298d5569fc940059b21d1dc2b8ba7717a4c87218a646b0cf3fa394c5d46c4b340e3a1","ssdeep":"","tlshash":"6c0188c744bd98e1d3f5501b30a434e5bd58e0260769c07a5d5097a35eab5462a4edc4","first_seen":"2026-02-13T05:49:21.896156Z","last_seen":"2026-02-13T05:49:21.896156Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1889,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1889,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/synr/lbt/202411/W020241224548588223314_ORIGIN.jpg","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.783Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /synr/lbt/202411/W020241224548588223314_ORIGIN.jpg HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":109061,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1916x443, components 3","md5":"37e0a6862d1d6dd1c90c12cb53885359","sha1":"3cfdee0cd9d663afc1a0d60acbd6b22b9e3a51b0","sha256":"b0553b2c4d74f9c2d5b227ed2528e36c7f4bf1a3f8aa64fc21c1f09be74d2434","sha512":"6252fed1d79411cfc20ffb6f5965300d333bcdd3d4e5316c229114e2c556d49acc5c940663d2f479c36192dd19f1d491aa1c433e89c960024e7bece9112c27bb","ssdeep":"3072:nwQnyGwcruxENPvh3GQ4YbI2bVgIm4SPh:nHnyZxxabbVRqh","tlshash":"a7b3027b32a6351b2e69eb7ae1a4f41c15364685e517361424ec2efcb35cf4c4e2930b","first_seen":"2026-02-13T05:49:21.897185Z","last_seen":"2026-02-13T05:49:21.897185Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1871,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1871,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bannner-08.cfd/51la.js","fqdn":"bannner-08.cfd","domain":"bannner-08.cfd","tld":"cfd"},"ip":{"addr":"107.163.157.112","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:49.838Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bannner-08.cfd","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Dec 2025 11:45:20 GMT","end":"Sun, 22 Mar 2026 11:45:19 GMT"},"fingerprint":{"sha1":"36:67:E7:21:4B:66:64:BE:48:50:A5:40:48:CE:03:F3:1F:46:4E:F6","sha256":"4B:83:B3:34:79:FE:08:01:CD:EB:DE:4D:C7:93:46:3C:92:E5:3C:5D:E2:21:57:A8:B3:9F:66:7C:15:11:9D:58"}}},"request":{"raw":"GET /51la.js HTTP/1.1\r\nHost: bannner-08.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: uuWAF\r\nContent-Type: text/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nvary: accept-encoding\r\nlast-modified: Sat, 05 Jul 2025 06:55:44 GMT\r\nm-processed-time: 0.548539 ms\r\ncontent-encoding: gzip\r\ndate: Fri, 13 Feb 2026 05:48:49 GMT\r\nX-Waf-Cache: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":950,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (950), with no line terminators","md5":"652eef04b809d40d63f8e7fca2f1c09a","sha1":"d8e319c771caab69482ba9be40202e5a025b9491","sha256":"3a4713bb53234d93050f7530c0ac137bb703bef2aef2374c9d55b1b3b661bee8","sha512":"0b421d627ff674c18f3355fdaadb415bfabf55967413b0adbe65122e228130030b6b3e55160b23bb8d4da98d82576e4eee3c443a181df376eed3c6a764b06e14","ssdeep":"","tlshash":"c811b17e79573ca21207f0170bfbc02d32d1518c166b40c0f46ca188bf58ad5901b75c","first_seen":"2025-07-08T21:23:31.868219Z","last_seen":"2026-04-03T12:21:21.169438Z","times_seen":826,"resource_available":true,"data":null}},"time_used":261,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":261,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?2c98bbe6d6dfca08f0de8d9c287172ab","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:50.115Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /hm.js?2c98bbe6d6dfca08f0de8d9c287172ab HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bannner-08.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":14616,"timings":{"blocked":0,"dns":1,"connect":254,"send":0,"wait":0,"receive":0,"ssl":14359},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/img/bg1.5fb6b351.png","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:50.630Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/img/bg1.5fb6b351.png HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sadasd.dgxmwl56.com/v2/css/app.d9301c2d.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: image/png\r\ncontent-length: 623346\r\ndate: Thu, 12 Feb 2026 18:59:46 GMT\r\nx-oss-request-id: 698E23222131AD35333EC3D6\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Multipart\r\nx-oss-storage-class: Standard\r\nx-oss-server-time: 25\r\nvia: ens-cache37.l2de4[0,0,304-0,H], ens-cache18.l2de4[2,0], ens-cache3.nl3[0,0,200-0,H], ens-cache1.nl3[2,0]\r\netag: \"E440E665FD3D70661363679F9C7A498E-1\"\r\nlast-modified: Mon, 09 Feb 2026 08:37:03 GMT\r\nx-oss-hash-crc64ecma: 6642424538532111473\r\nage: 38944\r\nali-swift-global-savetime: 1770922786\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Thu, 12 Feb 2026 22:09:36 GMT\r\nx-swift-cachetime: 75010\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617306408403e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":623346,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 829, 8-bit/color RGBA, non-interlaced","md5":"5fb6b351acac7b41dbec8e85e730d60c","sha1":"7074e1039cff45f906956f022e58d0c7a94deaf5","sha256":"b635c506dcb1dbae7c6571a94aaf4e21fca2a06e0875588f8f66de73c208f40d","sha512":"3ee4d9042aeb626b5e856863f61a5e94e6208df7727ea9b89d0c6c7ff3c127918e6a9ecc5fc8b41e39cfb1020cabb2851021c0f4b46b33c0fe43c4f8b9d17a1a","ssdeep":"12288:+Cg191sV0CxMvvHJVsDij1gQ69xivVGM3M4SmWECH8WnQi+wGe:+Ckfs/xMn8iRgd+VGMc4SmWExi1L","tlshash":"e5d42390190e26cbe71ef2f52a0b1a21b3e609b904bcc2141d5cafb7872176c97de75d","first_seen":"2025-09-03T16:33:36.560054Z","last_seen":"2026-03-31T02:34:07.971805Z","times_seen":838,"resource_available":false,"data":null}},"time_used":91,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":28,"receive":62,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/ywly/trzpt/202411/W020241111295083227853.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.777Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /ywly/trzpt/202411/W020241111295083227853.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1161,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced","md5":"0a81b2b267fb031930f60020b4eaf655","sha1":"1b129fe68c477c5247ee28201b43fdc98220f6fd","sha256":"7615541d94bfd075face95801dcd31cdb341cdd69e76301b62761e6446a68946","sha512":"c930e58b23da99d4495b87850dfc60a8c6371abd6ccad68f6e96c78ef8c7462cf2477cc105b7a98d5ebcd69fd10467fadef0967b25a325921a1dce31daf24aba","ssdeep":"","tlshash":"d62106803330153cde1418b77ab3524c09dc7f826b8e5a0a30f2fc2916b99188b383ca","first_seen":"2026-02-13T05:49:21.899191Z","last_seen":"2026-02-13T05:49:21.899191Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1536,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1536,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/synr/lbt/202411/W020241111317823458934.jpg","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.786Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /synr/lbt/202411/W020241111317823458934.jpg HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":106769,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x450, components 3","md5":"440a91a079f68bd8c86029264e084b96","sha1":"74a2bc9de48ccecb03a473de1dd1c7832c785cc2","sha256":"c095fef11f1c4686230655d365ec8f19b03e742b4891318feebf42c3b46c1c17","sha512":"c7b4f9bd45b9067f1a7eec2762e560fc5ab2e4deb5a9e3292e3356c9f10be8c4ec496a3f3fb354ad22a58a56072eb7f52c83aceeb2a7f240ed2b40939be1ed69","ssdeep":"3072:sBBPIPkkXvL2zsMunCMVNYmQ95cx0mSQ4WxdzfO2+Wk:sLPIPxXT2z8n3VNN/lxdCok","tlshash":"fea30222e701f2ed563fc5a75f5cc9ab203720a02c0701f502a59d897b8dcb829ad66b","first_seen":"2026-02-13T05:49:21.900037Z","last_seen":"2026-02-13T05:49:21.900037Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1871,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1871,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/otf/galaxy.png.otf","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:51.274Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/otf/galaxy.png.otf HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bannner-08.cfd/\r\nOrigin: https://bannner-08.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: font/otf\r\ncontent-length: 3936\r\ndate: Fri, 13 Feb 2026 05:46:40 GMT\r\nx-oss-request-id: 698EBAC0C0CBF53231B51953\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Multipart\r\nx-oss-storage-class: Standard\r\nx-oss-server-time: 16\r\nvia: ens-cache7.l2de4[2502,2502,304-0,H], ens-cache6.l2de4[2505,0], ens-cache3.nl3[0,0,200-0,H], ens-cache1.nl3[1,0]\r\netag: \"CCB23ABA2E4F6E87D58529D36EA1F8D9-1\"\r\nlast-modified: Mon, 09 Feb 2026 08:36:51 GMT\r\nx-oss-hash-crc64ecma: 10899675424917328619\r\nage: 131\r\nali-swift-global-savetime: 1770961600\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 13 Feb 2026 05:46:40 GMT\r\nx-swift-cachetime: 3600\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617312841115e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":3936,"size_decoded":0,"mime_type":"font/otf","magic":"data","md5":"7ebc4aafbfaa9081fdd761e98d7c3c71","sha1":"0303d265bdd24326c6efc8eb0174324dc4bdbb41","sha256":"1be0111c90f853371c32acd60c2ae5262f7c02a2a19232162d26aa8d27b2e182","sha512":"da1594ee7c519df5c52b4516738bb578597f12a733ac5e52fee06d6a33e37727c12e0f542ad815adc08eb39d7a5aae58058bbed92b18e5b09544110938603d90","ssdeep":"","tlshash":"49817d11bf3882893a6cfd019d8ff9b8f40aab579f7c52e257167642c989146538c613","first_seen":"2025-09-03T16:33:36.541591Z","last_seen":"2026-03-12T08:11:54.068428Z","times_seen":863,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/otf/o3.png.otf","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:51.445Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/otf/o3.png.otf HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bannner-08.cfd/\r\nOrigin: https://bannner-08.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: font/otf\r\ncontent-length: 6272\r\ndate: Fri, 13 Feb 2026 05:48:51 GMT\r\nx-oss-request-id: 698EBB43F357BB3130E0487C\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Multipart\r\nx-oss-storage-class: Standard\r\nx-oss-server-time: 6\r\nvia: ens-cache13.l2de4[632,632,304-0,H], ens-cache13.l2de4[633,0], ens-cache4.nl3[640,661,200-0,H], ens-cache1.nl3[663,0]\r\netag: \"8E0EFC506F5C56FCB390EAF765E3900A-1\"\r\nlast-modified: Mon, 09 Feb 2026 08:37:09 GMT\r\nx-oss-hash-crc64ecma: 4590402592081478128\r\nage: 0\r\nali-swift-global-savetime: 1770961732\r\nx-cache: HIT TCP_REFRESH_HIT dirn:0:1375375451\r\nx-swift-savetime: Fri, 13 Feb 2026 05:48:52 GMT\r\nx-swift-cachetime: 3600\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617314551317e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":6272,"size_decoded":0,"mime_type":"font/otf","magic":"data","md5":"f81df81d8cc99461a0aa98c1be47d52a","sha1":"5960ec0ccce538716e5a94cd9fea4f5017238568","sha256":"4efa1f49e42d2d4b9e2385449a3700fc2eac33bd7641dde8da6630d4257cd2a0","sha512":"43830883229ff0b08228b02cc091b7777612f4d10c0d95611c11148e7734f48b2cb174c29f450ef68dc28fd7be3ab7bd6b1410fd3dd76b701fcef11d99d55ba9","ssdeep":"192:k4x3T3Nw532n95nUwKm7Ec9sS8/hvqUj8:k4tbUUEdRSUY","tlshash":"2dd1a0a8ef2b7e09307860e034eb4ae7b1784878d841f5273d7211283939ae019fd5c9","first_seen":"2025-09-03T16:33:36.513085Z","last_seen":"2026-03-12T08:11:54.082575Z","times_seen":844,"resource_available":false,"data":null}},"time_used":690,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":690,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/images/swiper-4.3.5.min.css","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.726Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /images/swiper-4.3.5.min.css HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:48 GMT\r\ncontent-type: text/css; charset=utf-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19780,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (19518)","md5":"443d872565ba1714cee6df95a2b018fb","sha1":"e253d7295653f7d4a11aa06dcaaafe2d2bdf990c","sha256":"e692aecb3680c697acffec30e5afdfdb34f17cc48dbec82388ef54c8d2bb2a40","sha512":"15c6be1216c0851fbbfc0249ff445c72d2a428484778a4764446b2999beac7be0c36a1cb6ccb075ef0964ea2070934679729556a22f069aca4bb6ddc0ef074d2","ssdeep":"192:nnaNv/lSSyJDCPzfi5o/mXDN3eBxwdJ5c:nna1/lSRCLfi5o/mXOGJ5c","tlshash":"4e92612c17003057e6334f1a87d99778c724c9939e4358ef6250ee48c7bb96a32af766","first_seen":"2026-02-13T05:49:21.902047Z","last_seen":"2026-02-13T05:49:21.902047Z","times_seen":1,"resource_available":false,"data":null}},"time_used":249,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":249,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/ywly/qclghjl/202411/W020241111292677252605.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.768Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /ywly/qclghjl/202411/W020241111292677252605.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1239,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 45 x 29, 8-bit/color RGBA, non-interlaced","md5":"5790bf3cb08e94c11cc67aa9f5b951ca","sha1":"7b87771e320aa548f365b19157c76a4380018a48","sha256":"02f40d614618879f55c4996739dc706cc94f38abeb7a17acd7826edf24ac9938","sha512":"9205ba78fd7b7989f9d1f1fd6f29094165af1f02c9a25fd8ad8d1a3189083366337ed43dc8a72d34f1df760c42caba4a47f41f75bbc0113ad153947ecd57211e","ssdeep":"","tlshash":"2c211af2e57a6b160d3e117297a84114574c08c61c11d75db41f26fb2e929f0c0b6f37","first_seen":"2026-02-13T05:49:21.902939Z","last_seen":"2026-02-13T05:49:21.902939Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1886,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1886,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/synr/lbt/202411/W020241111315094066279.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.784Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /synr/lbt/202411/W020241111315094066279.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":899528,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1916 x 443, 8-bit/color RGB, non-interlaced","md5":"2e9c43e446560906de8e9dee00aaa082","sha1":"c10f5b61d408755fa21e6d27964a5ab7c982e75b","sha256":"3c9a533f6009abf9ddc10b8b305dda97b30160496e0f73f6ca05dd9a6506b2df","sha512":"5238fd6b7ff6be486898e81b77f9b9c70f437333e97f09c95f2945488c28080901974f9389ed698a6de4d5371e663a7f9250be59de28fb17442431cdfa2d373c","ssdeep":"24576:jxpIdg9ETo2hTUASqPb7rkAbq0HK7lmQI1XP:jXUgmXtDSmX/b5u7UXP","tlshash":"b5152350ec579ccf203b0ff47865613c57f50076a74eb9d3326e83da6e52292f0a16aa","first_seen":"2026-02-13T05:49:21.903823Z","last_seen":"2026-02-13T05:49:21.903823Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1864,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1864,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/images/footer_backTop.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.803Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /images/footer_backTop.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":450,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced","md5":"8e8423680ef54b50c6dc2be545773ec0","sha1":"6c2dc6b9698579db4fda823c03e8197e539660aa","sha256":"5c7433317cba64232aed4f5465578bbfa97505220d07fb0ae70af1bbd57034eb","sha512":"da1df6ad30ae0c6e8cb22ee79535359923a3ddc89e4e0b1feab0b4b39c5534d4be9c07275ab548da244c9915ac6c1fa6b6976feae987690288aff3a2a0d4f95f","ssdeep":"","tlshash":"4cf05ccfc2629d50ea72bc031d37a5f7e66b251da25453435599e8261642107a46631c","first_seen":"2026-02-13T05:49:21.905083Z","last_seen":"2026-02-13T05:49:21.905083Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1843,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1843,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/images/footer_red_01.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:49.136Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /images/footer_red_01.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/images/common.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":83,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 10 x 2, 1-bit colormap, non-interlaced","md5":"fb60de557c6e3be49e8f9d2382b31d31","sha1":"aa6f457382b0485bb698d6d91d24e21d0b002514","sha256":"9d4c5fe1100e8fe84bc5b8f873827deb6dfa88879ad07fc0674d10f7d3e5cadd","sha512":"4874d73231d8abc28acbe0d7aa472c0bc6a4b2134315e9c0f53496fd360fb11d4d257e279fc38546a43d744ff9a72e699d2d1ae9ea4c765b7304ebd01fd4b5ac","ssdeep":"","tlshash":"1fa012c10a062ca0c6690132c10cd150f5111504151082934088542d10b190cc864253","first_seen":"2026-02-13T05:49:21.92206Z","last_seen":"2026-02-13T05:49:21.92206Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1287,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1287,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"huobosports.pages.dev/?referer=www.wnsr113.com/?referer=zhizhuchi-7/?referer=","fqdn":"huobosports.pages.dev","domain":"huobosports.pages.dev","tld":"pages.dev"},"ip":{"addr":"172.66.47.54","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:49.168Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"huobosports.pages.dev","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Thu, 25 Dec 2025 16:32:24 GMT","end":"Wed, 25 Mar 2026 16:39:40 GMT"},"fingerprint":{"sha1":"B8:86:9D:93:B3:37:81:48:90:44:AC:19:F5:42:BB:1A:99:0F:F3:CC","sha256":"CC:CA:9B:5E:BE:CC:E1:4F:C0:58:80:B4:E0:50:2C:7A:3A:23:17:A0:E0:D1:2B:24:F0:02:72:74:04:BF:72:9C"}}},"request":{"raw":"GET /?referer=www.wnsr113.com/?referer=zhizhuchi-7/?referer= HTTP/1.1\r\nHost: huobosports.pages.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 13 Feb 2026 05:48:49 GMT\r\ncontent-type: text/html; charset=utf-8\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlink: \u003chttps://fonts.googleapis.com\u003e; rel=\"preconnect\"\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PISaLBfrDV32gEtcWKRcQvcT9UqdMvJ4pNUnm2dTPQoRBka0rLQ8KxlF1vn1840Z%2B3lmdO2HJH%2FfuUzG5xz5GWtWuhHD%2BXLZlkuDdGFjVVNrqRsh0w%3D%3D\"}]}\r\netag: W/\"d7102b655fd98e2d9294cc9eda6fc315\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9cd209f779b8b28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":79,"timings":{"blocked":35,"dns":6,"connect":1,"send":0,"wait":8,"receive":0,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/otf/yongliv2.jpg.otf","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:51.190Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/otf/yongliv2.jpg.otf HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bannner-08.cfd/\r\nOrigin: https://bannner-08.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: font/otf\r\ncontent-length: 18768\r\ndate: Fri, 13 Feb 2026 05:46:36 GMT\r\nx-oss-request-id: 698EBABCC697F43130B62E30\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Multipart\r\nx-oss-storage-class: Standard\r\nx-oss-server-time: 7\r\nvia: ens-cache37.l2de4[889,891,304-0,H], ens-cache37.l2de4[895,0], ens-cache12.nl3[0,0,200-0,H], ens-cache1.nl3[1,0]\r\netag: \"DCCBCF1886C414EFF3D07F1FD91D3B4E-1\"\r\nlast-modified: Mon, 09 Feb 2026 08:37:12 GMT\r\nx-oss-hash-crc64ecma: 144771093701938812\r\nage: 135\r\nali-swift-global-savetime: 1770961596\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 13 Feb 2026 05:46:36 GMT\r\nx-swift-cachetime: 3600\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617312001029e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":18768,"size_decoded":0,"mime_type":"font/otf","magic":"data","md5":"47f5ecd7bea6fb60c2eb965130ab6a9e","sha1":"79df686e71cbd14002b3ed129cd9072bab9d5804","sha256":"e27e5dff537f04897daa950b2d177d28fbf018067e76dc512ec5f4a6aa1ef9e1","sha512":"ac5056436af720955dbad9c1950a014b6448b867dddcc658179a3374a678b26468c65df0f1f35aae5796b706a5f8a3e44dc5988d7ab3efcd6bf0897cdde92102","ssdeep":"384:h8zr075Lg9XvF4+/yKNfkhB1DI8gnIOp9NjEs+oJlMhHc23JsTwg:ivv9XvV/yKahB1DIEOpcs+oJ2F2L","tlshash":"7782d0a47e8d0d5f0f260b66ecb6567f361241fcc92dbcea21412961aec730c16b419a","first_seen":"2025-09-03T16:33:36.511403Z","last_seen":"2026-03-12T08:11:54.062846Z","times_seen":870,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":28,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/otf/jinsha.png.otf","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:51.227Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/otf/jinsha.png.otf HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bannner-08.cfd/\r\nOrigin: https://bannner-08.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: font/otf\r\ncontent-length: 3632\r\ndate: Fri, 13 Feb 2026 05:46:37 GMT\r\nx-oss-request-id: 698EBABDA7D90C343956DF3B\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Multipart\r\nx-oss-storage-class: Standard\r\nx-oss-server-time: 22\r\nvia: ens-cache12.l2de4[629,629,304-0,H], ens-cache11.l2de4[630,0], ens-cache7.nl3[0,0,200-0,H], ens-cache1.nl3[1,0]\r\netag: \"D4B02D0458B40CD885826364FD8F35F3-1\"\r\nlast-modified: Mon, 09 Feb 2026 08:37:02 GMT\r\nx-oss-hash-crc64ecma: 11667451016884255353\r\nage: 134\r\nali-swift-global-savetime: 1770961597\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 13 Feb 2026 05:46:37 GMT\r\nx-swift-cachetime: 3600\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617312371075e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":3632,"size_decoded":0,"mime_type":"font/otf","magic":"data","md5":"6d762b9475a91c7b730a190e9797fa09","sha1":"82814eb6e9289e742b2278afa9be573f576a321d","sha256":"a3786238c0d414f23d5c98beb46d06c1c19de0cb08bf8efbd5b13be63d47d014","sha512":"2c38cc93c45e1d28b1fbfebd770740e137818a3f4c3f58d7b6f50a137d60fa836fdc6184dde0338e231f672e6b3861a7d032f85c142a686072eebebcddcc6ede","ssdeep":"","tlshash":"b1716d54deb5a1baf7b07a8323f14ade284bbc61de0fe4537c9a3290103e7325649742","first_seen":"2025-09-03T16:33:36.484439Z","last_seen":"2026-03-12T08:11:54.079114Z","times_seen":868,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/ywly/dlgj/202411/W020241111286160074854.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.745Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /ywly/dlgj/202411/W020241111286160074854.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1733,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 44 x 40, 8-bit/color RGBA, non-interlaced","md5":"3798e8dac4f343976ed15e15991336bb","sha1":"f913599528f8872b94df29192200e8a48f0f7e73","sha256":"b8d7680c583020828539fde8bc451775771feef24acfe55ca25fc986d2efd5cd","sha512":"dc41a02007b5e659bfa2bcccb01ce73ee673f40ef18266306b9e08c2057d06143837e1494cea399dc48e4c1247985b81a7be0157f7883acc661cbfed7ff61c50","ssdeep":"","tlshash":"87314ad9ca5a43309d79e92890465d1043b8832d58f2fb83245fe11039a02ae0a8dfd4","first_seen":"2026-02-13T05:49:21.925864Z","last_seen":"2026-02-13T05:49:21.925864Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1901,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1901,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/ywly/cbgccs/202411/W020241111294033238784.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.771Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /ywly/cbgccs/202411/W020241111294033238784.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":976,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 35 x 36, 8-bit/color RGBA, non-interlaced","md5":"c1fa2ff0365dedbe49fe6d7fcb55eefb","sha1":"74800aed695ca8f02b18ed6efb56e88255ff998c","sha256":"7057720707f0da2f2d6d0258550c3590f0b7a86f8b6be44f1cce93238d70c1f3","sha512":"1d474d4411070e1bb086dd18e212ad679943a11bbe5ce929f08fbcc994fe4c4a6aed78feb526e6bcf74d57605945d1610d4797d1ad85c3abf61853cb8e6ab5cf","ssdeep":"","tlshash":"1311c8f22b4248def5be25bb619279ccd4791864802252db9703e32c3ec624defd460a","first_seen":"2026-02-13T05:49:21.926771Z","last_seen":"2026-02-13T05:49:21.926771Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1882,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1882,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/icon071301.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.977Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /icon071301.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:53 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 0\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":4723,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4723,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/otf/lecaiwang.png.otf","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:51.342Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/otf/lecaiwang.png.otf HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bannner-08.cfd/\r\nOrigin: https://bannner-08.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: font/otf\r\ncontent-length: 10368\r\ndate: Fri, 13 Feb 2026 05:46:43 GMT\r\nx-oss-request-id: 698EBAC3408B2B3531A133DE\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Multipart\r\nx-oss-storage-class: Standard\r\netag: \"7E600AAB82B2EA51FAF3576C0FE11DA9-1\"\r\nlast-modified: Mon, 09 Feb 2026 08:37:03 GMT\r\nx-oss-hash-crc64ecma: 11669669320036622189\r\nx-oss-server-time: 7\r\nvia: ens-cache13.l2de4[628,628,200-0,H], ens-cache24.l2de4[630,0], ens-cache5.nl3[0,0,200-0,H], ens-cache1.nl3[1,0]\r\nage: 128\r\nali-swift-global-savetime: 1770961603\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 13 Feb 2026 05:46:43 GMT\r\nx-swift-cachetime: 3600\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617313521189e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":10368,"size_decoded":0,"mime_type":"font/otf","magic":"data","md5":"592ba33607eb06725cb184f0c71394b0","sha1":"b7c83ce8abe029b97033be7e7e7a224c4ace5dd7","sha256":"b9d1fc75e25b0444b0c5f0a3eebfad0fa01b1b82beb4b303cd64fd5dc0cf20bd","sha512":"6db10daa24ce9739658c1e647398d2a8741c9b71c5e29e5cb877d7eb128dc1479a55aa71ae8c6a3fa04fcf560f75424be6982818dfa1d25de0d45bf019ae5f98","ssdeep":"192:JPXKB/+uZrv0Uw/EXQOwWn7eDAPeqYK939UZxmhvHm5wKcl7:JPXW/+Kv0UgCQOwW71IyUZxKvG6Ht","tlshash":"cc22b0ca261cdb89d3bd0402f5ec560aca39b6c3641dcdc84cc7e49e610b4f95a9415f","first_seen":"2025-09-03T16:33:36.507713Z","last_seen":"2026-03-08T09:42:45.644545Z","times_seen":801,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com//images/favicon.ico","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:51.426Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET //images/favicon.ico HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:51 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 0\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":178,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/gywm/202411/W020241111105486265241.jpg","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.742Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /gywm/202411/W020241111105486265241.jpg HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":84887,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1333x725, components 3","md5":"ec6cb48c520d314909fccaca0cf1afc5","sha1":"03dbef6bc8ebbcf2d267d5138440849952738c7a","sha256":"547fe1311b48ab032dfd5270f7fa5369755c471bdd7cced3e7dc4ae478457837","sha512":"19b7c607ac623936a7c8ad79232368766198b1f4efd913cb018fa9dc6df2cb3649e63756f39961576992a66006687d9e23ebefff99ea9817d3c8cfe5d2aef69c","ssdeep":"1536:PTDoyTpdHzyVPZuZZFsoXLloGcHaF4wiCtyhasIerSbu0:PoyTLzyRZiaeLlsm8CCaKrSq0","tlshash":"cc838d038d089bc2a22456e5be130dec2f5d276cba913afe19038ed77c152779c6d46e","first_seen":"2026-02-13T05:49:21.928576Z","last_seen":"2026-02-13T05:49:21.928576Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1900,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1900,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/synr/202411/W020241119247836550513.jpg","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.789Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /synr/202411/W020241119247836550513.jpg HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":34411,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 350x277, components 3","md5":"5a5c96c1dbd4432317aeb9c4742dd3aa","sha1":"52b21b6a03a9e6a977d68adcf9fc6a8f0bf9c8f0","sha256":"815d025eceef58bd80c97a69ba7b44ed7adc5f14bfb3ce904373f1b41717179e","sha512":"3c2eb66cd16fba18766df7f57d749286a5ea5fdd271f6fb1ae2f6b06221c8d426457c885f8913be5199359387a89efbecbe406b647739069928f51a6b601a7bf","ssdeep":"768:teGeEfm3SW9BrC/uhXmsBCWoAh67fn0wVSco99/Gla0IrHEUEcvk:teGeSm3Sj/2Xbzosmf0wVScs9/Ggdlk","tlshash":"bdf2f12a7dc1243b482f8696685858f1840a8e3c5304f5f1319b25abc4cedf4f3ae96f","first_seen":"2026-02-13T05:49:21.929693Z","last_seen":"2026-02-13T05:49:21.929693Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1865,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1865,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/synr/202411/W020241119247837319546.jpg","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.793Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /synr/202411/W020241119247837319546.jpg HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":26018,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 350x276, components 3","md5":"b64928fd81e1bbb36bf4f42aa2ee026c","sha1":"55721563189915107c2f49d712395175df52dddd","sha256":"3bebca0c639d5ad55a27be3b8b55bcb7fdb7887040487a13845edcbb31529c45","sha512":"8432da30377700c06db97086a0a7e6d9a175368bb9988a4b8dc66fa0327f6429870c25c8d3210971221ac0e29b464fe232b1d36d9d3d4befc086dce204a90a47","ssdeep":"768:8Z4PFGMpIeopagOr+5tJDGpoSzVQBCK/YnDch9tEX:8ZEaeoph5OBiB1ph9tEX","tlshash":"ddc2d08a8e57bfd25fb4d8aa76dd2360acd28c411e5bf0a8c3408e26a558df00549fe0","first_seen":"2026-02-13T05:49:21.930761Z","last_seen":"2026-02-13T05:49:21.930761Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1515,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1515,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/synr/202411/W020241119248244075398.jpg","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.801Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /synr/202411/W020241119248244075398.jpg HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12086,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 398x243, components 3","md5":"cf8aa00b0f762ccdc26cb47f25f22cdc","sha1":"04a07b6128ba03a98f7a27b6e9402cc31268d4dd","sha256":"c36e5653cf6d9d4b1a7e0f140a2b027e9aa1ba9a5a8a42623334cde550d95c18","sha512":"d9ae8dacfd00faa678b03f1676f55ff7e7da446cc6a69200e3188eabab920146fe2d9c3c708753c57639b2aef6affdf686568ff1d479925986963e7e46ab1270","ssdeep":"192:LcsSzL3vd68KNP2gVvCeUDAeP7nhxjuMN1gxPz70zFMhU1PLn79bumdF9ZAh:Yz16HVqdcsnaMbmb70NVL7wmdtAh","tlshash":"5142cf4a8f88b2212f85d6bacc436e38e0494510d7d21f3c11aeecb3d534efb68e6605","first_seen":"2026-02-13T05:49:21.932025Z","last_seen":"2026-02-13T05:49:21.932025Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1848,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1848,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/otf/title_header_2.png.otf","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:50.682Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/otf/title_header_2.png.otf HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bannner-08.cfd/\r\nOrigin: https://bannner-08.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: font/otf\r\ncontent-length: 5952\r\ndate: Fri, 13 Feb 2026 05:46:29 GMT\r\nx-oss-request-id: 698EBAB5E8040634384B9A65\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Multipart\r\nx-oss-storage-class: Standard\r\nx-oss-server-time: 32\r\nvia: ens-cache16.l2de4[848,848,304-0,H], ens-cache39.l2de4[849,0], ens-cache1.nl3[0,0,200-0,H], ens-cache1.nl3[1,0]\r\netag: \"3C3BE02A795AD5A24D08684F0C03585B-1\"\r\nlast-modified: Mon, 09 Feb 2026 08:37:11 GMT\r\nx-oss-hash-crc64ecma: 11387363650588875629\r\nage: 141\r\nali-swift-global-savetime: 1770961589\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 13 Feb 2026 05:46:29 GMT\r\nx-swift-cachetime: 3600\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617306928450e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":5952,"size_decoded":0,"mime_type":"font/otf","magic":"data","md5":"f797a693cb2d2c2973a02cf52984265d","sha1":"c80c4020e380fa30717e0e30511e33332659030c","sha256":"9416326679c40636493616e5e076c44bf25732bbb334e2b1ef82f652a43cb70a","sha512":"eab92353d54994891839a6c4771ca7f1b6f60464bf444b690f1f29a38aba4f0b34aceeffef85336675f354a6c8fec529248d36221e076d8106896457f4410a5e","ssdeep":"96:jq/ZImtdXy/HyvIs0sRw6ZqXAd+XziOfWZLglqIk3O8fbV4O4yfuflT3Tj3jG:j+ZIa9uSdYyqXAdkiOf0usdbVClBj2","tlshash":"45c19db221697ae413519005e00ce8532c3bfbb99b5bb6fbd21c4ca5b09d1278ac324c","first_seen":"2025-09-03T16:33:36.476554Z","last_seen":"2026-03-12T08:11:54.059651Z","times_seen":889,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/images/swiper.min.css","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.733Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /images/swiper.min.css HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:48 GMT\r\ncontent-type: text/css; charset=utf-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13677,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (13425)","md5":"24f21657c5465ed6e144fb4401350e07","sha1":"1a7b8f26e33feabc257ecc8e954cc3f0e1f7ac60","sha256":"906ba97c9e3365be3f9b418f3d56349e0ec5c128d99b5134c0c586d5a4586f09","sha512":"b824260286b1e9a253c42d375651f4b8212d13488b8bcdd35b5421e957b3119e58d7bad3ac813ef22af3e07e1e84cec56df6e6f2b6f7d0e931564bb0857c6b46","ssdeep":"384:tXUbeQS7Rgx9BU0m/XCcif65W/1mXA82FHpx:tEb67gbhm/XDif65W/1mXA82Fn","tlshash":"ec52236417003837f3774f6e4aa1e6b59f60cc838a934d9db2c0dd44d6fa8b9121eb95","first_seen":"2023-04-05T23:58:18Z","last_seen":"2026-04-03T22:29:59.443435Z","times_seen":7303,"resource_available":false,"data":null}},"time_used":244,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":244,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/images/common.js","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.809Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /images/common.js HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4296,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"067db716ba94e4ea9997b80c002b93a7","sha1":"4e3fccf3856845c2556a836a99be8b13da95dfb5","sha256":"ceb66a6c44cc31e0ebced01468574367b8256aaeb95890bc13a0b3a560c53330","sha512":"6ba100d8c2da6c25e497261dbb00c96bde363fb7b1ce95a723ba8414c81af91aa9df1a537cbfe491305e320e7579df17564b0cafa64485a6b5838e9a029b5646","ssdeep":"96:MjAjezEvkFlCSNeIvdHCt4kRe3wANqR5XtEF+ZPAXBb/4:8AjH8fCSNeIvditMwJR5DtAXBb/4","tlshash":"9791da9cf523102948b772690b8f26457878f4276007c8507d2e8aac4fac464276fffb","first_seen":"2026-02-13T05:49:21.93453Z","last_seen":"2026-02-13T05:49:21.93453Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1839,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1839,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/loadingIcon.gif","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.974Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /loadingIcon.gif HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:53 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 0\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":4804,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4804,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/otf/bet365v2.jpg.otf","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:51.024Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/otf/bet365v2.jpg.otf HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bannner-08.cfd/\r\nOrigin: https://bannner-08.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: font/otf\r\ncontent-length: 12048\r\ndate: Fri, 13 Feb 2026 05:46:33 GMT\r\nx-oss-request-id: 698EBAB92131AD343211B7E3\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Multipart\r\nx-oss-storage-class: Standard\r\nx-oss-server-time: 3\r\nvia: ens-cache24.l2de4[601,601,304-0,H], ens-cache13.l2de4[602,0], ens-cache1.nl3[0,0,200-0,H], ens-cache1.nl3[1,0]\r\netag: \"BDEF1E94160929E659A15505A64F895F-1\"\r\nlast-modified: Mon, 09 Feb 2026 08:36:48 GMT\r\nx-oss-hash-crc64ecma: 13812578787366314352\r\nage: 138\r\nali-swift-global-savetime: 1770961593\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 13 Feb 2026 05:46:33 GMT\r\nx-swift-cachetime: 3600\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617310348823e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":12048,"size_decoded":0,"mime_type":"font/otf","magic":"data","md5":"69645a11b9f7520faf53689dcea67bba","sha1":"33568b00a221e5d4a7fdee8fda375349572080b5","sha256":"acd420a630da28d9e370ad331c26837c1f968471fa8adb1a46e2c02f86ed181d","sha512":"acdeeb9c603462930ea6c1439e98de223eea304a64a888731b803e71e8697953810c8bb4fc9881c81153933905d90a6e7a760afafc7f7964830e57a791001427","ssdeep":"192:98gIHcRNbDQE4Mf8oDVmtRVeiZUvSAyxc2+od6SzWJcTOZfjR40PFzyorcFZ:HTRlMpMFmMiZU6pmWoSzWJ380dzy5FZ","tlshash":"2c42d18ea60d764eb61380bdd357d34a55720d4dfceabc3be0238529113b16b1772c15","first_seen":"2025-09-03T16:33:36.481539Z","last_seen":"2026-03-12T08:11:54.066672Z","times_seen":889,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":28,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/otf/sun.png.otf","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:51.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/otf/sun.png.otf HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bannner-08.cfd/\r\nOrigin: https://bannner-08.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: font/otf\r\ncontent-length: 10176\r\ndate: Fri, 13 Feb 2026 05:46:35 GMT\r\nx-oss-request-id: 698EBABB4FBFB830334197E9\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Multipart\r\nx-oss-storage-class: Standard\r\nx-oss-server-time: 7\r\nvia: ens-cache37.l2de4[621,627,304-0,H], ens-cache23.l2de4[637,0], ens-cache11.nl3[0,0,200-0,H], ens-cache1.nl3[1,0]\r\netag: \"C227AAA1C405DEEFC0B4E1E90131F0C6-1\"\r\nlast-modified: Mon, 09 Feb 2026 08:37:10 GMT\r\nx-oss-hash-crc64ecma: 3434292821648763748\r\nage: 136\r\nali-swift-global-savetime: 1770961595\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 13 Feb 2026 05:46:35 GMT\r\nx-swift-cachetime: 3600\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617311658989e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":10176,"size_decoded":0,"mime_type":"font/otf","magic":"OpenPGP Public Key","md5":"7108e01ef9138ebfd67c91fb29cb2923","sha1":"dcbdc3c59f191bdb66eb282a5e3511edb62eb0d1","sha256":"40493a065122203e79824d79901ebf86c10c26681e2782b2b8fc15e368895f1c","sha512":"3e432559024e6d8d051a18582169d3b05773326c2a1001a3f1dc13a3c2d85c24a2c375a9f467ad927c2235e7a0ccbbbcfba6079157930d0207fc73e567c528b3","ssdeep":"192:fcV1UMbshQNM1fhUG8pqB4Dcxe5o1Yuwg46/gfmtqXoUJuha3f0zvh4NZm:fcMML61fhUG8pqBOivgf2qYUJFQ5h","tlshash":"ff22c1b2052d05875a9dffa127e53d1f4e600b121df50a359607179c1b32cbf9151fb6","first_seen":"2025-09-03T16:33:36.535805Z","last_seen":"2026-03-12T08:11:54.078143Z","times_seen":875,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":27,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/otf/galaxy.png.otf","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:51.262Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/otf/galaxy.png.otf HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bannner-08.cfd/\r\nOrigin: https://bannner-08.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: font/otf\r\ncontent-length: 3936\r\ndate: Fri, 13 Feb 2026 05:46:40 GMT\r\nx-oss-request-id: 698EBAC0C0CBF53231B51953\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Multipart\r\nx-oss-storage-class: Standard\r\nx-oss-server-time: 16\r\nvia: ens-cache7.l2de4[2502,2502,304-0,H], ens-cache6.l2de4[2505,0], ens-cache3.nl3[0,0,200-0,H], ens-cache1.nl3[1,0]\r\netag: \"CCB23ABA2E4F6E87D58529D36EA1F8D9-1\"\r\nlast-modified: Mon, 09 Feb 2026 08:36:51 GMT\r\nx-oss-hash-crc64ecma: 10899675424917328619\r\nage: 131\r\nali-swift-global-savetime: 1770961600\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 13 Feb 2026 05:46:40 GMT\r\nx-swift-cachetime: 3600\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617312731109e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":3936,"size_decoded":0,"mime_type":"font/otf","magic":"data","md5":"7ebc4aafbfaa9081fdd761e98d7c3c71","sha1":"0303d265bdd24326c6efc8eb0174324dc4bdbb41","sha256":"1be0111c90f853371c32acd60c2ae5262f7c02a2a19232162d26aa8d27b2e182","sha512":"da1594ee7c519df5c52b4516738bb578597f12a733ac5e52fee06d6a33e37727c12e0f542ad815adc08eb39d7a5aae58058bbed92b18e5b09544110938603d90","ssdeep":"","tlshash":"49817d11bf3882893a6cfd019d8ff9b8f40aab579f7c52e257167642c989146538c613","first_seen":"2025-09-03T16:33:36.541591Z","last_seen":"2026-03-12T08:11:54.068428Z","times_seen":863,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/images/front.js","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.722Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /images/front.js HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:48 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12840,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"3683fdcb294453c60c0674f37936231f","sha1":"61a90d43c11a10cccbc1093ee7050f25a19ea337","sha256":"5354afbc8187c2525b99b2ba09bd6ccb20708901b80893556c333b9a30a130bb","sha512":"cd80bebe1941f6f42b1b939323c37d5db706c81ba3e8ab9cb3a53534d7b08fd17861aae83b24daa73b02b51e1ac8259bf3bd8796b9faf018d7c025dcaf23bfb8","ssdeep":"192:UZJamO9A6LhFbSWd9u5IcXPq3LwgqkoUPDydqPvMPrXYKpdiJ/ygO5dVTnmkPs4r:jm8A6tZSWuHfQwgqk7Dydqv4rXY2fJb","tlshash":"3742006db39c051c82c1b374887f1118c87aea268e42946dfe6c58d87eb8b557163f3e","first_seen":"2024-06-12T11:36:11Z","last_seen":"2026-04-02T05:54:19.672867Z","times_seen":10,"resource_available":true,"data":null}},"time_used":252,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":252,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/djgz/202411/W020241119215895124897.jpg","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.778Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /djgz/202411/W020241119215895124897.jpg HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":29257,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x261, components 3","md5":"54e038e40460fb8c56d3442160cf5a5b","sha1":"61af9bfeab4f21e52ef6995873f7590b0c6ba1ce","sha256":"fccbf11e95143da8b86ef4fc836c66d067d98668fc6e0f348b11137ff7e15e78","sha512":"4d01e5605faec379e1f92cdb9caf527e8cefae4bb1fdbc1bd076d7b2d72f0bf1c5a552a2bd6a487427365ad9e4c070e264ebdf1478f7932bf6900830e8119cc3","ssdeep":"768:zkCXlD9K2xhytnUuqyg7mCEZo4Gh5tLkyrnS5MWMHYwa0E:zTVJHhydvK1h42twxI/4","tlshash":"5ed2e15d88be50e80b8b2a295370f721e2f41d6c3211e2d9178a925e7246eb5bd2f11e","first_seen":"2026-02-13T05:49:21.937273Z","last_seen":"2026-02-13T05:49:21.937273Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1877,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1877,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/images/VCG41163942995.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.782Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /images/VCG41163942995.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":44286,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 480 x 261, 8-bit colormap, non-interlaced","md5":"a99dd67a3f3ef3b87a827461145545c0","sha1":"cb7d7b03305f6dacb9e3188ec116808106f6bc96","sha256":"90f131fa3d2f7c739981e8ae75bad3fe86e011c6221e28d8ab01cad758fb209e","sha512":"e4fa7c8d013559e6e1f46641a78761a479300f4a91df7773d17397a16c235ca6348f938b874dc6c532af12d9afb559c0159b97da9d907b644b53309b2f664c19","ssdeep":"768:cYcj0/qvQWg51wOFItDIUyLsh04m2/I6ZlQytMytpmF4sRrJi2:cYAPvQW9OoRnyTKQytSKsRrJi2","tlshash":"9913027f08b7dcb0ecf05ee3243a38b6b67308a1d09865652d9bae641e42897157df21","first_seen":"2026-02-13T05:49:21.938134Z","last_seen":"2026-02-13T05:49:21.938134Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1699,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1699,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/synr/202411/W020241119247837135461.jpg","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.792Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /synr/202411/W020241119247837135461.jpg HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12138,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 350x277, components 3","md5":"25855c41a204cda67e94329d07c22804","sha1":"c269069115699337d133006178438056411c8ad8","sha256":"b42886bdda073ebe3fe8fcad24ac7e7b4e1931a831ddd612e077eb948db017f1","sha512":"48039137bf5fe2c9ae2359521b97b39567f00bd98977cf507e721e563aba3204103517ab7981cb8e659d52a16171c1c5e996ea5104816ebe71d24271ba2d6423","ssdeep":"192:L5qcIlEA4teXZERFrFzoRh//bHNvxKxuqEQP57+zcpa+0fQ3eTpeGr4Pp:tqjSjYXZKFrFuh//blYpa+0fQ32er","tlshash":"fe42bf69ff3268508f98d6bc198f92d226fc7f8e41f575b753a828e89230df1c422418","first_seen":"2026-02-13T05:49:21.939074Z","last_seen":"2026-02-13T05:49:21.939074Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1859,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1859,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/synr/202411/W020241119248243938846.jpg","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.800Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /synr/202411/W020241119248243938846.jpg HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23021,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 398x243, components 3","md5":"c1cedfdffe2223dfbdbb04a93e57a0c4","sha1":"e68eb1f01cbc216a18a20859e2eadbf6877bb653","sha256":"22819e98c3706b0963eb2ac7cc3cd558376f160b5908b06c8317727f6f506a6e","sha512":"72c16c026d232ed2b7f753729ee88b8d23b3a45fac4ed2a2c89d8a58485ca28e2924f9472ead7cf086752fdeffeba3e4a7ec3d05a1f07b9ec4a7e2c69341170c","ssdeep":"384:YnA6XpbGTMT0fDYyW8SjHk8eYVxvDY3Yl2GE/nYbrltCQPibDD+58Stbye8T:YPuMT0fDtnKgYVdDYO2G4neZtCnC8+yT","tlshash":"1da2d050c1cf40286fd1ebddeb008fad8a202d6d3d6164bb5a13b9e47a14dfc629f4a4","first_seen":"2026-02-13T05:49:21.943827Z","last_seen":"2026-02-13T05:49:21.943827Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1846,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1846,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/otf/title_header_2.png.otf","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:50.834Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/otf/title_header_2.png.otf HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bannner-08.cfd/\r\nOrigin: https://bannner-08.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: font/otf\r\ncontent-length: 5952\r\ndate: Fri, 13 Feb 2026 05:46:29 GMT\r\nx-oss-request-id: 698EBAB5E8040634384B9A65\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Multipart\r\nx-oss-storage-class: Standard\r\nx-oss-server-time: 32\r\nvia: ens-cache16.l2de4[848,848,304-0,H], ens-cache39.l2de4[849,0], ens-cache1.nl3[0,0,200-0,H], ens-cache1.nl3[1,0]\r\netag: \"3C3BE02A795AD5A24D08684F0C03585B-1\"\r\nlast-modified: Mon, 09 Feb 2026 08:37:11 GMT\r\nx-oss-hash-crc64ecma: 11387363650588875629\r\nage: 141\r\nali-swift-global-savetime: 1770961589\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 13 Feb 2026 05:46:29 GMT\r\nx-swift-cachetime: 3600\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617308258593e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":5952,"size_decoded":0,"mime_type":"font/otf","magic":"data","md5":"f797a693cb2d2c2973a02cf52984265d","sha1":"c80c4020e380fa30717e0e30511e33332659030c","sha256":"9416326679c40636493616e5e076c44bf25732bbb334e2b1ef82f652a43cb70a","sha512":"eab92353d54994891839a6c4771ca7f1b6f60464bf444b690f1f29a38aba4f0b34aceeffef85336675f354a6c8fec529248d36221e076d8106896457f4410a5e","ssdeep":"96:jq/ZImtdXy/HyvIs0sRw6ZqXAd+XziOfWZLglqIk3O8fbV4O4yfuflT3Tj3jG:j+ZIa9uSdYyqXAdkiOf0usdbVClBj2","tlshash":"45c19db221697ae413519005e00ce8532c3bfbb99b5bb6fbd21c4ca5b09d1278ac324c","first_seen":"2025-09-03T16:33:36.476554Z","last_seen":"2026-03-12T08:11:54.059651Z","times_seen":889,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/otf/jinsha.png.otf","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:51.235Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/otf/jinsha.png.otf HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bannner-08.cfd/\r\nOrigin: https://bannner-08.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: font/otf\r\ncontent-length: 3632\r\ndate: Fri, 13 Feb 2026 05:46:37 GMT\r\nx-oss-request-id: 698EBABDA7D90C343956DF3B\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Multipart\r\nx-oss-storage-class: Standard\r\nx-oss-server-time: 22\r\nvia: ens-cache12.l2de4[629,629,304-0,H], ens-cache11.l2de4[630,0], ens-cache7.nl3[0,0,200-0,H], ens-cache1.nl3[1,0]\r\netag: \"D4B02D0458B40CD885826364FD8F35F3-1\"\r\nlast-modified: Mon, 09 Feb 2026 08:37:02 GMT\r\nx-oss-hash-crc64ecma: 11667451016884255353\r\nage: 134\r\nali-swift-global-savetime: 1770961597\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 13 Feb 2026 05:46:37 GMT\r\nx-swift-cachetime: 3600\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617312451078e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":3632,"size_decoded":0,"mime_type":"font/otf","magic":"data","md5":"6d762b9475a91c7b730a190e9797fa09","sha1":"82814eb6e9289e742b2278afa9be573f576a321d","sha256":"a3786238c0d414f23d5c98beb46d06c1c19de0cb08bf8efbd5b13be63d47d014","sha512":"2c38cc93c45e1d28b1fbfebd770740e137818a3f4c3f58d7b6f50a137d60fa836fdc6184dde0338e231f672e6b3861a7d032f85c142a686072eebebcddcc6ede","ssdeep":"","tlshash":"b1716d54deb5a1baf7b07a8323f14ade284bbc61de0fe4537c9a3290103e7325649742","first_seen":"2025-09-03T16:33:36.484439Z","last_seen":"2026-03-12T08:11:54.079114Z","times_seen":868,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/otf/o3.png.otf","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:51.449Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/otf/o3.png.otf HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bannner-08.cfd/\r\nOrigin: https://bannner-08.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: font/otf\r\ncontent-length: 6272\r\ndate: Fri, 13 Feb 2026 05:48:51 GMT\r\nx-oss-request-id: 698EBB43F357BB3130E0487C\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Multipart\r\nx-oss-storage-class: Standard\r\nx-oss-server-time: 6\r\nvia: ens-cache13.l2de4[632,632,304-0,H], ens-cache13.l2de4[633,0], ens-cache4.nl3[640,657,200-0,C], ens-cache1.nl3[659,0]\r\netag: \"8E0EFC506F5C56FCB390EAF765E3900A-1\"\r\nlast-modified: Mon, 09 Feb 2026 08:37:09 GMT\r\nx-oss-hash-crc64ecma: 4590402592081478128\r\nage: 0\r\nali-swift-global-savetime: 1770961732\r\nx-cache: HIT TCP_MEM_HIT dirn:0:1375375451\r\nx-swift-savetime: Fri, 13 Feb 2026 05:48:52 GMT\r\nx-swift-cachetime: 3600\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617314591323e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":6272,"size_decoded":0,"mime_type":"font/otf","magic":"data","md5":"f81df81d8cc99461a0aa98c1be47d52a","sha1":"5960ec0ccce538716e5a94cd9fea4f5017238568","sha256":"4efa1f49e42d2d4b9e2385449a3700fc2eac33bd7641dde8da6630d4257cd2a0","sha512":"43830883229ff0b08228b02cc091b7777612f4d10c0d95611c11148e7734f48b2cb174c29f450ef68dc28fd7be3ab7bd6b1410fd3dd76b701fcef11d99d55ba9","ssdeep":"192:k4x3T3Nw532n95nUwKm7Ec9sS8/hvqUj8:k4tbUUEdRSUY","tlshash":"2dd1a0a8ef2b7e09307860e034eb4ae7b1784878d841f5273d7211283939ae019fd5c9","first_seen":"2025-09-03T16:33:36.513085Z","last_seen":"2026-03-12T08:11:54.082575Z","times_seen":844,"resource_available":false,"data":null}},"time_used":686,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":686,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/images/swiper.min.js","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.808Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /images/swiper.min.js HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":140929,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65284)","md5":"10ad6473484630a85272174de546fa21","sha1":"ea40634dc07be2074345cdc14f6844d3cf3f02bd","sha256":"36231d9ccbf4581029b3733c99c07b587ce56a7113b74ae7c0c0a083aec38029","sha512":"547b0d695d42e176e02927363b4ad90e69143a130a3e0feb222f1a6d7f6a4da543cd5267ac31871672e70a7b8f999ddc362d674099be7f326d05b654f72442c3","ssdeep":"1536:MOgAc1fFOszeCOG3RxCK8Yi/Glq+dBZDUiOMRLMGpukRRgj8evHgZsUgeAq5qV8h:uQCL7ji/udoxKRRtYHgZsUgeAq5qOsJu","tlshash":"fbd3094eb39061a551e36257525e8241a3b72409b80ad0ac35b68cd7adbde4c13bfffc","first_seen":"2023-03-07T01:24:40Z","last_seen":"2026-04-03T23:20:27.074224Z","times_seen":5087,"resource_available":true,"data":null}},"time_used":1836,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1836,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/synr/lbt/202506/W020250618644790912428.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.787Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /synr/lbt/202506/W020250618644790912428.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":592438,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 452, 8-bit/color RGBA, non-interlaced","md5":"8f9aa0ab9449681e91ee7c25ed455932","sha1":"1138cca48240f2bd7c0688c2dd339fea8648b9bc","sha256":"2cf00f895fb13a6be9cdd33ce9f544a7614cb82f8418ef4c1c426a02999d625f","sha512":"544f3ff891593ee224d4e16bbd9580a8cc3c4f38a2d8dfd842cd8e7b22363f556cbe47415a9ed265545df169b8592d1dfe8cffefb2704c69fef31118a5eb7bf5","ssdeep":"12288:tFq4Wu01CdKOp5lD0Ckq3nPBcJgOj/9duF5dClmzGEMxeWyK7X8:m4Wu01CblwCkqLOj2S4Ms","tlshash":"9fc423ebe5de48f02b5e02735b001ab0972a4d325f0c7a73ebbf79a6a475f90148452d","first_seen":"2026-02-13T05:49:21.94543Z","last_seen":"2026-02-13T05:49:21.94543Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1867,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1867,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/synr/202411/W020241119247838273326.jpg","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.797Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /synr/202411/W020241119247838273326.jpg HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14126,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 350x277, components 3","md5":"d8eb3d3462696b600c5ca1746bc6ca2d","sha1":"3485a3701ebe47febb6c08d67b231908e7d03a98","sha256":"96f38bb51106829b5bbb5eec2c3110176657542450c2e147b84848ce07f9a0e1","sha512":"be8bbd5ca341d04082c4d6896e0cdaf74a4f276af99a07aaf5f48b5fefd3564a188500ce64f13db30c40245ff01a5ed765432fc722ce19ce6eb5e5506637a1ee","ssdeep":"384:ts29EIoA/6OGV0Vq9caxUtgMRB6UZqhxQtouajUZXt:tL9mTVD9c7dGHtgH","tlshash":"4052d05e6f265d023feac75b544b225bd389beff219110b2b8f2f1e65561c390009a1f","first_seen":"2026-02-13T05:49:21.946504Z","last_seen":"2026-02-13T05:49:21.946504Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1676,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1676,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/otf/h4.png.otf","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:52.142Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/otf/h4.png.otf HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bannner-08.cfd/\r\nOrigin: https://bannner-08.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: font/otf\r\ncontent-length: 2976\r\ndate: Fri, 13 Feb 2026 05:48:52 GMT\r\nx-oss-request-id: 698EBB4477B09D3238118B31\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Multipart\r\nx-oss-storage-class: Standard\r\nx-oss-server-time: 10\r\nvia: ens-cache12.l2de4[613,613,304-0,H], ens-cache10.l2de4[615,0], ens-cache10.nl3[626,633,200-0,H], ens-cache1.nl3[636,0]\r\netag: \"D9DA029C25FFC33566A3BBE7F7F519EA-1\"\r\nlast-modified: Mon, 09 Feb 2026 08:36:57 GMT\r\nx-oss-hash-crc64ecma: 12211000741100375803\r\nage: 0\r\nali-swift-global-savetime: 1770961732\r\nx-cache: HIT TCP_REFRESH_HIT dirn:9:380395430\r\nx-swift-savetime: Fri, 13 Feb 2026 05:48:52 GMT\r\nx-swift-cachetime: 3600\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617321521993e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":2976,"size_decoded":0,"mime_type":"font/otf","magic":"data","md5":"c916c98ab726be50ad848a8a2bcb8f3c","sha1":"339db709496a570c20060dffd1d2ebd7384c944b","sha256":"bfe250accafb70d77c5dcddcc9576eb3fa4e1132f1a109c3209d38a362c0efe6","sha512":"abdc4bc0802e6e263613f73a0626ffb0f84a1ab16c5701c603038321284e7f67de5853a69f2d1458d936165e81dfebec16c95d431fb22da9644768383115421d","ssdeep":"","tlshash":"ab514aae803abbaed82884175e678b556a092cb2778f4015d595e3f2583c4ecd4c5a0b","first_seen":"2025-09-03T16:33:36.529475Z","last_seen":"2026-03-12T08:11:54.06346Z","times_seen":840,"resource_available":false,"data":null}},"time_used":665,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":665,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wnsr113.com/","fqdn":"wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-13T05:48:46.829Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":451,"timings":{"blocked":0,"dns":80,"connect":180,"send":0,"wait":0,"receive":0,"ssl":188},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/images/search.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.741Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /images/search.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":382,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 20 x 18, 8-bit/color RGBA, non-interlaced","md5":"56216a4dd720e2d3a10539e5a089d60f","sha1":"aa74e4a7d8d4fafe2753772ad1a6ec5c3abb2594","sha256":"a0efe729d17d686dbf740886af1387cdbc81deb34dc487c7567ab3dbb240e7d9","sha512":"49dae1d5830920f2deccd7d20226f284a44679d87a5ac216f16a877283d344c436d8d1339b82ca104ba5627d24d794a0598c1207927c3b04f83676d7f585a844","ssdeep":"","tlshash":"2de0f8ce70232c2381aa1e4a5306023acc2202cf2ab2c30c82a2381c09a0320b4b9ac8","first_seen":"2026-02-13T05:49:21.948062Z","last_seen":"2026-02-13T05:49:21.948062Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1727,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1727,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/ywly/fdsb/202411/W020241111286779317742.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.751Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /ywly/fdsb/202411/W020241111286779317742.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":347,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 34 x 36, 8-bit/color RGBA, non-interlaced","md5":"78cfc9bb9eec42055d3a9be9a11a5130","sha1":"0a2c6c0afc501769fb4d1f899481d7d2f9d26bb0","sha256":"326a646ef3d94f2030d963b3ae87085170268ab15173eadf0db0e5d46e92353e","sha512":"3c49a89d1f7dabac44588fef664ecf2f984e4ad7b487da00f3c43ef52044d71ea76250cc029a6e30d5a12a44f49cc31a4592b50e22c6d00cbf45a0d8d0bb8f31","ssdeep":"","tlshash":"cce0c0c797404539d3262923121a5ef0cc1272c8801d984ba66d48f708715044855d72","first_seen":"2026-02-13T05:49:21.949139Z","last_seen":"2026-02-13T05:49:21.949139Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1897,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1897,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/ywly/hjgc/202411/W020241111294291446887.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.773Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /ywly/hjgc/202411/W020241111294291446887.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1195,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced","md5":"603ba2504f807a15bc0c6b6902663dba","sha1":"7bc813c1be5a36f718939c693e10aabebfc29441","sha256":"61d9069ae5be4400c187ac00bd776bedf8a50cf850db3f6d00031a040bd6ced3","sha512":"f1f98d0886af23376b9af64ec1d66cf7d485936daca075ec2d9fd0b3d3003a466359adb318c93101d6ba0eaa84755b0ce42fe1ea9ee8bb969410778a1690f29e","ssdeep":"","tlshash":"0121da5c27546030c35f596699ece62537225ff241138a14b5424ff391467448d558b7","first_seen":"2026-02-13T05:49:21.950039Z","last_seen":"2026-02-13T05:49:21.950039Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1884,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1884,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/images/224644.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.804Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /images/224644.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":98748,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1881 x 147, 8-bit colormap, non-interlaced","md5":"1b13f7576ad631cda9073d5f50eb565a","sha1":"5d67fa36f5e6f520164d2edae18f2b35365ce426","sha256":"e51f9b3033ba18486fa121c1195f817dfa2630d6a0a109cb7454a881ffe2c85a","sha512":"492b97949580b2bd323f0b3fe7c94a093074ecd4d2a504d02cb0b4d426b433549d39ca699ef3406f8670809ec5eb57d29023cecd4a5b9467d4a26350817ca9a2","ssdeep":"3072:RCbLg5OIU05cfkBIQ4HyUAO6AkVw3dGX1DSK2a:Uby5cfPQ4HwO6A7CDSKV","tlshash":"7fa312ec562345e53ea6b3625099bb10edd80fcb614e2f3f442b10d2629db6e0466de3","first_seen":"2026-02-13T05:49:21.951014Z","last_seen":"2026-02-13T05:49:21.951014Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1844,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1844,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/otf/mgm.png.otf","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:51.379Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/otf/mgm.png.otf HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bannner-08.cfd/\r\nOrigin: https://bannner-08.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: font/otf\r\ncontent-length: 4000\r\ndate: Fri, 13 Feb 2026 05:46:43 GMT\r\nx-oss-request-id: 698EBAC30A264D323309E93A\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Multipart\r\nx-oss-storage-class: Standard\r\netag: \"3E39E827A69618FF1BE3FBF66743061E-1\"\r\nlast-modified: Mon, 09 Feb 2026 08:37:03 GMT\r\nx-oss-hash-crc64ecma: 664789275228283238\r\nx-oss-server-time: 33\r\nvia: ens-cache36.l2de4[623,623,200-0,H], ens-cache39.l2de4[624,0], ens-cache12.nl3[0,0,200-0,H], ens-cache1.nl3[1,0]\r\nage: 128\r\nali-swift-global-savetime: 1770961603\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 13 Feb 2026 05:46:43 GMT\r\nx-swift-cachetime: 3600\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617313891236e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":4000,"size_decoded":0,"mime_type":"font/otf","magic":"data","md5":"8fc578655b61cd90a53376a783c18c81","sha1":"698ca5bc7e58f50ddae98a9248d496f082ef09c3","sha256":"78e6447dc0bad783f278a7e96607201ed370e026763ff4c908c2241971f12fc0","sha512":"730e649fff4e7d873e18df56b3c7e33b6ed5624475d3151baaa9a852a0bbc4edd2573e8d37f70f26102db80c81bbc08e5319148eb13d11d180aa97382ad4e3c0","ssdeep":"","tlshash":"31817d9764a2930302b69ac00b7c320e361d7c7caff39c570d314d9a25aa8e68444f22","first_seen":"2026-02-01T10:10:54.3396Z","last_seen":"2026-02-18T20:47:40.203571Z","times_seen":22,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/ywly/gtbj/202411/W020241111291986943681.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.766Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /ywly/gtbj/202411/W020241111291986943681.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1070,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 40 x 31, 8-bit/color RGBA, non-interlaced","md5":"01538c0476cb4f2c89cffae80c8bb912","sha1":"156fdfafb2a42616a3fbad4a102da35bced07c4a","sha256":"c8e54321cb2e14be70f65259305cbdad4be8bbc5319f70260022a60d2e419b8a","sha512":"73d8e3baeefdf7c0648b90d906c48a33c5ef0538b67702663356b881c9b0c3af8685a538283d74ef4c63ab79ab106f2a294d6b41190ccb8eb32bb4a8859cf004","ssdeep":"","tlshash":"b311b52c415bfe2b48794bbd0386ac91b56d50ff040a09aed45b82795ce382638b6160","first_seen":"2026-02-13T05:49:21.95672Z","last_seen":"2026-02-13T05:49:21.95672Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1886,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1886,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/ywly/trzpt/202411/W020241111295081457590.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.777Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /ywly/trzpt/202411/W020241111295081457590.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1236,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced","md5":"3e595f322f92c6284d5da2867f86a351","sha1":"983e435d2097a167d99c824d2148747a8ca8a68b","sha256":"f031825c8b4dfb2718513d2b0be18c5a27f900edaa452c57659f787c2997651b","sha512":"d9818ad85057e76fc33d3f1c3ca54b8704698154ca211c02a6d69a2c1902adb3a7769755c645c704221c1ce0cd9b85d65a2139ebdc12cac0343d0b41cfe6e781","ssdeep":"","tlshash":"1121eaf163a537f7b56f88e94091940a9ac5cf19452120501f30eab2a11d57bb89871b","first_seen":"2026-02-13T05:49:21.958985Z","last_seen":"2026-02-13T05:49:21.958985Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1883,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1883,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/otf/huobo.png.otf","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:50.900Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/otf/huobo.png.otf HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bannner-08.cfd/\r\nOrigin: https://bannner-08.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: font/otf\r\ncontent-length: 5696\r\ndate: Fri, 13 Feb 2026 05:46:33 GMT\r\nx-oss-request-id: 698EBAB96A794D3335F78BC9\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Multipart\r\nx-oss-storage-class: Standard\r\nx-oss-server-time: 3\r\nvia: ens-cache34.l2de4[634,634,304-0,H], ens-cache29.l2de4[636,0], ens-cache4.nl3[0,0,200-0,H], ens-cache1.nl3[1,0]\r\netag: \"DC0EF75C2D751FA99AF06CB3236235B2-1\"\r\nlast-modified: Mon, 09 Feb 2026 08:36:59 GMT\r\nx-oss-hash-crc64ecma: 16231537361387094329\r\nage: 137\r\nali-swift-global-savetime: 1770961593\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 13 Feb 2026 05:46:33 GMT\r\nx-swift-cachetime: 3600\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617309108678e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":5696,"size_decoded":0,"mime_type":"font/otf","magic":"data","md5":"c62993dd7c96d3492c2482b3415c955b","sha1":"3880a1507942f2f61c12265b37cab28a97e7fa56","sha256":"3a48bb5a921ad7cf8eab9a61ea2287f2598502fd55739d94538664631c76ae28","sha512":"52370c455376ecb11ee5f8f4590826b064f2e5eebd788c92fb1133562d840b9d8397e789424a8b31cd64ee9bfe69e794538f00ef78dbc2223ce6452c7f2c7966","ssdeep":"96:4gcDB8WGQmt2THu1gh5LZzhPPiBTZrkITXY1uKgfCQKDAebhqD:l2B3GNtMCsZtPWpNY1uRAAYhqD","tlshash":"72c16def30addf12406929f686a4610994cace5501bac0294b63a7cdf831198da27fca","first_seen":"2025-09-03T16:33:36.522914Z","last_seen":"2026-03-12T08:11:54.08206Z","times_seen":882,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":28,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/otf/venetian.png.otf","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:51.101Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/otf/venetian.png.otf HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bannner-08.cfd/\r\nOrigin: https://bannner-08.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: font/otf\r\ncontent-length: 4224\r\ndate: Fri, 13 Feb 2026 05:46:35 GMT\r\nx-oss-request-id: 698EBABB94C62B333358F35E\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Multipart\r\nx-oss-storage-class: Standard\r\nx-oss-server-time: 16\r\nvia: ens-cache21.l2de4[604,604,304-0,H], ens-cache2.l2de4[607,0], ens-cache2.nl3[0,0,200-0,H], ens-cache1.nl3[2,0]\r\netag: \"02C1854BC28993BB4CF117DD2347CC08-1\"\r\nlast-modified: Mon, 09 Feb 2026 08:37:12 GMT\r\nx-oss-hash-crc64ecma: 1165881306545535803\r\nage: 136\r\nali-swift-global-savetime: 1770961595\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 13 Feb 2026 05:46:35 GMT\r\nx-swift-cachetime: 3600\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617311248957e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":4224,"size_decoded":0,"mime_type":"font/otf","magic":"data","md5":"bbe7c9f2ff75f71f0712adad57a8581a","sha1":"497277bc92a2d28ca5fbf43209cf311881559a76","sha256":"5853c93e0a75652995044598c8f20b4e20c882f2af738236cf8d1c510e4e6215","sha512":"1176c292a36b1ca4c25cdfc80cb5f26251d87aa1b793941a94a843cee35d15924979a9e2a69749920a3f187aa9f766596fb3752c423f3b6aad3920770ba0a5f3","ssdeep":"96:cX2LSLIlzqOv5WXPUHdQQyUuTtfUeWZc0vqBR+OHbdoUnM6:e0zqG5WXPUHryTxMm0vqBRjoc","tlshash":"06916ed8104ae07424d1c8447a4d7cf567dc82d9b5e5d0dd69e99abf385e2279cc48cc","first_seen":"2025-09-03T16:33:36.54313Z","last_seen":"2026-03-12T08:11:54.075228Z","times_seen":878,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":14,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/otf/aocai.png.otf","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:51.296Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/otf/aocai.png.otf HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bannner-08.cfd/\r\nOrigin: https://bannner-08.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: font/otf\r\ncontent-length: 1968\r\ndate: Fri, 13 Feb 2026 05:46:42 GMT\r\nx-oss-request-id: 698EBAC2486D923638D41D83\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Multipart\r\nx-oss-storage-class: Standard\r\nx-oss-server-time: 5\r\nvia: ens-cache36.l2de4[2201,2202,304-0,H], ens-cache2.l2de4[2203,0], ens-cache7.nl3[0,0,200-0,H], ens-cache1.nl3[1,0]\r\netag: \"AFA5A117A210BFBA332E8B8DF69A112B-1\"\r\nlast-modified: Mon, 09 Feb 2026 08:36:46 GMT\r\nx-oss-hash-crc64ecma: 3635831070579949241\r\nage: 129\r\nali-swift-global-savetime: 1770961602\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 13 Feb 2026 05:46:42 GMT\r\nx-swift-cachetime: 3600\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617313061138e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":1968,"size_decoded":0,"mime_type":"font/otf","magic":"data","md5":"18850feb75108ba3d486a75c7f3f25f1","sha1":"d1378c6083124a9fa05bce188e862900a79a232c","sha256":"096c3be773c93b06876eaadbf2bf529a3fecb7cc459702c01eac1e36d37c36a6","sha512":"2d6e63dabf0a958680f8a76f887652a149e555a3360ccff3050d61fe4474a46833467ceb8f23ce1a0b37f59d2e3b77f5c699db0e16980ef02a9cbded70bc53af","ssdeep":"","tlshash":"b84139f3843fcf6f474adda15009a924a1f42e6e0120b60f7a82041deaed83c625866f","first_seen":"2025-09-03T16:33:36.528099Z","last_seen":"2026-03-12T08:11:54.090622Z","times_seen":860,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-13T05:48:47.705Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:48 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery:1.11.3","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":88594,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2253)","md5":"dbe05d276dac7e3c99586402ebd3f26f","sha1":"6c5e74e57f5ec8e35fe831c50990ae9e816d1d96","sha256":"4b3b18facdb0ecbcd04a04d7aa5e7b36b45b0b1a8476aa3709dcc3f1acb6ead8","sha512":"f4226a82d70a0ab273453dfad891a153460887d34f7e3cae6990865215e8c66f36429abbc01eaffd559c3b502471208ea22183a16f7c20dcf8d4473c86955548","ssdeep":"1536:PwrTLjZIAZqfF0LhxXkEYSanmgL32gl5j1RH:PwH2C/fgL32g1h","tlshash":"ea83a42468f220d611a7d3a45eb67f4e7fa1a047d009dd407badafc0cfd6f929803699","first_seen":"2026-02-13T05:49:21.967058Z","last_seen":"2026-02-13T05:49:21.967058Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1135,"timings":{"blocked":397,"dns":47,"connect":170,"send":0,"wait":341,"receive":0,"ssl":177},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/ywly/xxyw/202411/W020241111293185288942.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.770Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /ywly/xxyw/202411/W020241111293185288942.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1428,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced","md5":"b208f8013dacd237aedefc94a177437d","sha1":"c3b1c505c91a078f700b644a988f3bd270dcb04f","sha256":"77a96a12881c2e1414e83f2b19584279a3cb7bc32dcc2d399566b425c6a7719d","sha512":"f50bcc330cbd782455f34cbc2d82e4b5f7f6ddc5217520c2c92f56c47bc5f005afaa09c5f982ad39b201e1aa28c6c00e653d83725024e904e6b20a0d67832a1a","ssdeep":"","tlshash":"b8211b5101702ea5ce9a43bb97e84cdec914f8145f60613d0d8b1276d312f92bc2a53d","first_seen":"2026-02-13T05:49:21.968918Z","last_seen":"2026-02-13T05:49:21.968918Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1885,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1885,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/synr/202411/W020241119248244213215.jpg","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.802Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /synr/202411/W020241119248244213215.jpg HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":34096,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 398x243, components 3","md5":"e7dd13d29b579e39af12eddf9eb2424a","sha1":"204bbfceb89f7860cce1429cfd956acfd1803d29","sha256":"2ea3b03c755459d22e90036ef1c6f970ab04909d4ff81cdb7fb01b0fd90f99d0","sha512":"d0f372cb54646f33a0514466c6a2fcc3b3d73eb56f4f9c5bb2d56b022e72fcab7b47cc31dbfea92b52903da6ae07f5ed0657cdaca7db5bf65fcec867c9ad7b8e","ssdeep":"768:Y4cXXpYqbD0gHkFIIa7lxWUuw1Z6T+mvMNajhNtgJmATNF:Y4cKUIgHk2IG0N86T+mUNKtgJmAj","tlshash":"52e2f2368889d5cc3b92fb5e97d6f233df59c1e06c4f906479f5a976bc10e080095ab8","first_seen":"2026-02-13T05:49:21.970251Z","last_seen":"2026-02-13T05:49:21.970251Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1669,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1669,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"huobosports.pages.dev/?referer=www.wnsr113.com/?referer=zhizhuchi-7/?referer=","fqdn":"huobosports.pages.dev","domain":"huobosports.pages.dev","tld":"pages.dev"},"ip":{"addr":"172.66.47.54","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:49.168Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"huobosports.pages.dev","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Thu, 25 Dec 2025 16:32:24 GMT","end":"Wed, 25 Mar 2026 16:39:40 GMT"},"fingerprint":{"sha1":"B8:86:9D:93:B3:37:81:48:90:44:AC:19:F5:42:BB:1A:99:0F:F3:CC","sha256":"CC:CA:9B:5E:BE:CC:E1:4F:C0:58:80:B4:E0:50:2C:7A:3A:23:17:A0:E0:D1:2B:24:F0:02:72:74:04:BF:72:9C"}}},"request":{"raw":"GET /?referer=www.wnsr113.com/?referer=zhizhuchi-7/?referer= HTTP/1.1\r\nHost: huobosports.pages.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 13 Feb 2026 05:48:49 GMT\r\ncontent-type: text/html; charset=utf-8\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlink: \u003chttps://fonts.googleapis.com\u003e; rel=\"preconnect\"\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wbpTECsdeoTbw6MOXNY54A%2BiqztW3ZNTXFyTpjAJxj0oSuTUr%2FzPusv4aUwQ1plimmVKU9hY4%2BfAdWEiN%2BW6fjGArMYwDiN1nD%2BkTzbLMsKAHMaz3w%3D%3D\"}]}\r\netag: W/\"d7102b655fd98e2d9294cc9eda6fc315\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9cd209f789beb28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":80,"timings":{"blocked":35,"dns":7,"connect":1,"send":0,"wait":6,"receive":0,"ssl":26},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/images/reset20200710.css","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.734Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /images/reset20200710.css HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:48 GMT\r\ncontent-type: text/css; charset=utf-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2972,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"0920e2bc21ffc7cb74bbdc553d974be1","sha1":"aaea479a835047913693186923c2b5bdb816b1b0","sha256":"9b836fb4ddf27242466555b08f5f00ab09bc7ba29e25f77a8f3ac7879865b21e","sha512":"b9f1b9108bc9137d939b10205d79fd0ff7ca20c87b6686bc269f9db601906a7d4d3fbb755a3bac598a88a56416c73b412fcf0a8d1cbbf91d19f323ec96ef1f10","ssdeep":"","tlshash":"2551fe7a07232598e42382f93e935b49133e4007f94f4f25bb97ad6caf8e069117368d","first_seen":"2026-02-13T05:49:21.973391Z","last_seen":"2026-02-13T05:49:21.973391Z","times_seen":1,"resource_available":false,"data":null}},"time_used":333,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":333,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/otf/h1_2_bg.png.otf","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:50.835Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/otf/h1_2_bg.png.otf HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bannner-08.cfd/\r\nOrigin: https://bannner-08.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: font/otf\r\ncontent-length: 5664\r\ndate: Fri, 13 Feb 2026 05:46:31 GMT\r\nx-oss-request-id: 698EBAB7486D923335E40583\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Multipart\r\nx-oss-storage-class: Standard\r\nx-oss-server-time: 4\r\nvia: ens-cache25.l2de4[636,636,304-0,H], ens-cache23.l2de4[638,0], ens-cache11.nl3[0,0,200-0,H], ens-cache1.nl3[2,0]\r\netag: \"4A59804B881DBEC1EC2232E1E1CCDD53-1\"\r\nlast-modified: Mon, 09 Feb 2026 08:36:55 GMT\r\nx-oss-hash-crc64ecma: 17043963358344161980\r\nage: 139\r\nali-swift-global-savetime: 1770961591\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 13 Feb 2026 05:46:31 GMT\r\nx-swift-cachetime: 3600\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617308268597e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":5664,"size_decoded":0,"mime_type":"font/otf","magic":"data","md5":"deef657ef864c2d159d5db2cc529d692","sha1":"c99f09600a5f87e18725ba85d64f73600b6d1a44","sha256":"1fee54caca0e2018a3582c7f5196a390700bb60911b17ed49416eb033c08a9fe","sha512":"f9aebe44ba2d4d8b46a7f9eca1446f3a84dc9f8dd20572fb708351f569a8cbaa1d3d4af4146bab33fcf3b04354da1c3dfc04532be5ede58cd04aa9633dc795a3","ssdeep":"96:1JE91T1eh/MtQoIUklsxTH6jBgQz1vkoaswfbRIqwFBospgIhquv7CRm6k:Q91JeyIsZOBpkoaJrEBoEjumt","tlshash":"f2c1ae01b514124e0a93bbd9fe313c4796fafcb4494ec4e82f09ed8e8b42697751dae4","first_seen":"2025-09-03T16:33:36.534383Z","last_seen":"2026-03-12T08:11:54.076659Z","times_seen":889,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/otf/lecaiwang.png.otf","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:51.330Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/otf/lecaiwang.png.otf HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bannner-08.cfd/\r\nOrigin: https://bannner-08.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: font/otf\r\ncontent-length: 10368\r\ndate: Fri, 13 Feb 2026 05:46:43 GMT\r\nx-oss-request-id: 698EBAC3408B2B3531A133DE\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Multipart\r\nx-oss-storage-class: Standard\r\netag: \"7E600AAB82B2EA51FAF3576C0FE11DA9-1\"\r\nlast-modified: Mon, 09 Feb 2026 08:37:03 GMT\r\nx-oss-hash-crc64ecma: 11669669320036622189\r\nx-oss-server-time: 7\r\nvia: ens-cache13.l2de4[628,628,200-0,H], ens-cache24.l2de4[630,0], ens-cache5.nl3[0,0,200-0,H], ens-cache1.nl3[1,0]\r\nage: 128\r\nali-swift-global-savetime: 1770961603\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 13 Feb 2026 05:46:43 GMT\r\nx-swift-cachetime: 3600\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617313401172e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":10368,"size_decoded":0,"mime_type":"font/otf","magic":"data","md5":"592ba33607eb06725cb184f0c71394b0","sha1":"b7c83ce8abe029b97033be7e7e7a224c4ace5dd7","sha256":"b9d1fc75e25b0444b0c5f0a3eebfad0fa01b1b82beb4b303cd64fd5dc0cf20bd","sha512":"6db10daa24ce9739658c1e647398d2a8741c9b71c5e29e5cb877d7eb128dc1479a55aa71ae8c6a3fa04fcf560f75424be6982818dfa1d25de0d45bf019ae5f98","ssdeep":"192:JPXKB/+uZrv0Uw/EXQOwWn7eDAPeqYK939UZxmhvHm5wKcl7:JPXW/+Kv0UgCQOwW71IyUZxKvG6Ht","tlshash":"cc22b0ca261cdb89d3bd0402f5ec560aca39b6c3641dcdc84cc7e49e610b4f95a9415f","first_seen":"2025-09-03T16:33:36.507713Z","last_seen":"2026-03-08T09:42:45.644545Z","times_seen":801,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":27,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/ywly/qjny/202411/W020241111294778773306.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.776Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /ywly/qjny/202411/W020241111294778773306.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1369,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 36 x 44, 8-bit/color RGBA, non-interlaced","md5":"c771c5d1bdfb8bc72f59ca9315aba684","sha1":"d535f00355883eb5023e233c914d592382fc0bee","sha256":"d711cc4d91c73897497e36c2f8bb2df9bcda452756c4b842af07a54817ffb051","sha512":"a035824bac736632daf99fad9a9710399be348a6b70d16f505f086e6d2b0e77ada13857be8d1cdfa6810c7ffd8dfb5b4eea0f3eb54fc8fbb76ed3197d0b6b101","ssdeep":"","tlshash":"b621b8d9aa5e2359cbd987a6ad4d1e822957460b45d2e131825c02425e8830de8f4607","first_seen":"2026-02-13T05:49:21.975426Z","last_seen":"2026-02-13T05:49:21.975426Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1881,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1881,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/synr/202411/W020241119247837962843.jpg","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.796Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /synr/202411/W020241119247837962843.jpg HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21216,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 350x276, components 3","md5":"1f9c0de67e559dd437cf11159ece06f0","sha1":"f799d90220b3890c307741877ae44abc127fbe24","sha256":"4b0d72214681cd5385e25e197b1993d9b3b93358672305b8c7b804d42fa99912","sha512":"79a49aabfce8838dbebfcc38e7e5870c983190690f72f1c7d3a1b6d1b2756e591c1d96967d1c37b029fecb85c1900a95191dcc3d6bb985ed049129e587472285","ssdeep":"384:8FqaFw1mwe3ljcDKxePmWUom2XclznkfKZMCU0z9siM02eCbyzw:8zGnKwOWUom2MuwBz6DeW","tlshash":"e092d14e56905082fe2225da3806eb7040f5472476a1dbf710247bbae234df7eb44aef","first_seen":"2026-02-13T05:49:21.976526Z","last_seen":"2026-02-13T05:49:21.976526Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1854,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1854,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/images/debt_qrcode.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.807Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /images/debt_qrcode.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9885,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 600, 8-bit/color RGBA, non-interlaced","md5":"976507102a6d055fdce62ab159148e62","sha1":"622404ce4ea615fcfb48c18691bbe260771e52d0","sha256":"d30593f1fb8aafb726c5f7897472aee57075f7410dbe0bc918bc53898227e0bc","sha512":"47165e1af2cbe837fdc35a5bfac91987333a2e5ff9ad733ae39cd9b7e59beadc8287e906a876d2bc9fb9daf2a9dc6ae10b48fbb758dc76d34c11b1a6e421e7a4","ssdeep":"192:gYG9ZwFOpDu2OjaUlgNmyBeq5V9/0c4TpnVg/zoVXX:0PTg2KaUlgPBeY/0cKhwzoJX","tlshash":"e2124f416aa21196bc3f9a40277dbf86025403139a064e48ea37fb77de42adf177b4d3","first_seen":"2026-02-13T05:49:21.97826Z","last_seen":"2026-02-13T05:49:21.97826Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1837,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1837,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/otf/h3.png.otf","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:51.413Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/otf/h3.png.otf HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bannner-08.cfd/\r\nOrigin: https://bannner-08.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: font/otf\r\ncontent-length: 3440\r\ndate: Fri, 13 Feb 2026 05:46:44 GMT\r\nx-oss-request-id: 698EBAC4140EF1383644E539\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Multipart\r\nx-oss-storage-class: Standard\r\nx-oss-server-time: 7\r\nvia: ens-cache2.l2de4[648,647,304-0,H], ens-cache7.l2de4[649,0], ens-cache6.nl3[0,0,200-0,H], ens-cache1.nl3[1,0]\r\netag: \"9AB5748AB4A27D6CD3E3D4A2DD921C6A-1\"\r\nlast-modified: Mon, 09 Feb 2026 08:36:57 GMT\r\nx-oss-hash-crc64ecma: 6996494176447752236\r\nage: 127\r\nali-swift-global-savetime: 1770961604\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 13 Feb 2026 05:46:44 GMT\r\nx-swift-cachetime: 3600\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617314231286e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":3440,"size_decoded":0,"mime_type":"font/otf","magic":"data","md5":"daf6223bf2ab16e39c3395214c4d0982","sha1":"9e8f2b502cbb8d35b323ff2898db97abb8949f32","sha256":"a6d466bfccb6f3645aaf1abbb51bebaeab1b93ebc361e66ae1e804f91cf85685","sha512":"9b11c5d35fff2953b52da2b71c0829d840ed81246681634a79f98315f1b366a6fdec0b08735fb51b114572fbf04db771e30080adf294238c23149e4057b9dfaa","ssdeep":"","tlshash":"40616deab0075b2ad6ee5c4722ea05e801b411448f6af73d52333d80407ee71db14738","first_seen":"2025-09-03T16:33:36.494534Z","last_seen":"2026-03-12T08:11:54.065517Z","times_seen":859,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/ywly/fdsb/202411/W020241111286779115365.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.749Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /ywly/fdsb/202411/W020241111286779115365.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":375,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 34 x 36, 8-bit/color RGBA, non-interlaced","md5":"a93e6cd329b0345dc792567cf7c909c6","sha1":"b638630180affb4f3c9474521fddc03797789920","sha256":"a7f018e89a90dc7961dbe724044ad5593f66352a1e2853d1f4c09c1075cce66f","sha512":"11de17fabf95a7424716ba6f0cbf838e9c2a6f260d1fbe11ff89d7acbdfdb5f9ad9f8b767e33fbb8f6101fdb7ac66bfcbf952e3fd4f5d9736abb4c4e6225dd79","ssdeep":"","tlshash":"25e0f1130b01f434a60e84d24bb10a36d862204a2520485c945af66b4b1b8090244523","first_seen":"2026-02-13T05:49:21.982227Z","last_seen":"2026-02-13T05:49:21.982227Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1899,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1899,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/ywly/qjny/202411/W020241111294778562394.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.775Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /ywly/qjny/202411/W020241111294778562394.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1774,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 36 x 44, 8-bit/color RGBA, non-interlaced","md5":"9c5e25cdaf27158b0f72d6c0b853ecfc","sha1":"fd689b3979944da63739ea52e943d83248567039","sha256":"4c3faf38cbd32e41cbb7ece927340dc22b79635d74d8df7fd05a1e24e1180235","sha512":"c5af72e581c21829904acb3cde2f61aec4b4d1086e8f51944a97f73e6d55d6d939eff3961861291ad1e126e5b8e044f4211e798858d5ec73d40eec6468835181","ssdeep":"","tlshash":"f83108ebfa53b370550e606ae23be005dd5582a970d7797c7a497a846782c4c437ec11","first_seen":"2026-02-13T05:49:21.984534Z","last_seen":"2026-02-13T05:49:21.984534Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1881,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1881,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/images/h_erweima.jpg","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.805Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /images/h_erweima.jpg HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":115633,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x1280, components 3","md5":"c1ddbe5589a0ab8fde33d4f413800f07","sha1":"bc4da310516a86e4753f43910995a25c18bc243e","sha256":"dd1ef77a2e20a96408e6d31473926f47cfdebd95a472867374b5b415539b0ac2","sha512":"7405ec63bf23f8ba7dabc8eb94d09580978d6a2dd81ad85c424236c1190d90f94980ae4cf29fcca9393621793b423c1b17d5bdc2d003b8a3979baf67b48a4c75","ssdeep":"3072:0SyR+XYSSAemFFzGBXX0HY+MprPhUTJub3Zbix4hPM:0SyR+XYSS7mFh8XX8Y+MprJ8J6b1U","tlshash":"32b36a0758098753a81c86e8bd472d6c2f176b1ca6d67afe51a31e9f3e903b08dcd12d","first_seen":"2026-02-13T05:49:21.986132Z","last_seen":"2026-02-13T05:49:21.986132Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1841,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1841,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/otf/yongliv2.jpg.otf","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:51.193Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/otf/yongliv2.jpg.otf HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bannner-08.cfd/\r\nOrigin: https://bannner-08.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: font/otf\r\ncontent-length: 18768\r\ndate: Fri, 13 Feb 2026 05:46:36 GMT\r\nx-oss-request-id: 698EBABCC697F43130B62E30\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Multipart\r\nx-oss-storage-class: Standard\r\nx-oss-server-time: 7\r\nvia: ens-cache37.l2de4[889,891,304-0,H], ens-cache37.l2de4[895,0], ens-cache12.nl3[0,0,200-0,H], ens-cache1.nl3[1,0]\r\netag: \"DCCBCF1886C414EFF3D07F1FD91D3B4E-1\"\r\nlast-modified: Mon, 09 Feb 2026 08:37:12 GMT\r\nx-oss-hash-crc64ecma: 144771093701938812\r\nage: 135\r\nali-swift-global-savetime: 1770961596\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 13 Feb 2026 05:46:36 GMT\r\nx-swift-cachetime: 3600\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617312031033e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":18768,"size_decoded":0,"mime_type":"font/otf","magic":"data","md5":"47f5ecd7bea6fb60c2eb965130ab6a9e","sha1":"79df686e71cbd14002b3ed129cd9072bab9d5804","sha256":"e27e5dff537f04897daa950b2d177d28fbf018067e76dc512ec5f4a6aa1ef9e1","sha512":"ac5056436af720955dbad9c1950a014b6448b867dddcc658179a3374a678b26468c65df0f1f35aae5796b706a5f8a3e44dc5988d7ab3efcd6bf0897cdde92102","ssdeep":"384:h8zr075Lg9XvF4+/yKNfkhB1DI8gnIOp9NjEs+oJlMhHc23JsTwg:ivv9XvV/yKahB1DIEOpcs+oJ2F2L","tlshash":"7782d0a47e8d0d5f0f260b66ecb6567f361241fcc92dbcea21412961aec730c16b419a","first_seen":"2025-09-03T16:33:36.511403Z","last_seen":"2026-03-12T08:11:54.062846Z","times_seen":870,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":27,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/otf/aocai.png.otf","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:51.309Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/otf/aocai.png.otf HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bannner-08.cfd/\r\nOrigin: https://bannner-08.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: font/otf\r\ncontent-length: 1968\r\ndate: Fri, 13 Feb 2026 05:46:42 GMT\r\nx-oss-request-id: 698EBAC2486D923638D41D83\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Multipart\r\nx-oss-storage-class: Standard\r\nx-oss-server-time: 5\r\nvia: ens-cache36.l2de4[2201,2202,304-0,H], ens-cache2.l2de4[2203,0], ens-cache7.nl3[0,0,200-0,H], ens-cache1.nl3[0,0]\r\netag: \"AFA5A117A210BFBA332E8B8DF69A112B-1\"\r\nlast-modified: Mon, 09 Feb 2026 08:36:46 GMT\r\nx-oss-hash-crc64ecma: 3635831070579949241\r\nage: 129\r\nali-swift-global-savetime: 1770961602\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 13 Feb 2026 05:46:42 GMT\r\nx-swift-cachetime: 3600\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617313191148e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":1968,"size_decoded":0,"mime_type":"font/otf","magic":"data","md5":"18850feb75108ba3d486a75c7f3f25f1","sha1":"d1378c6083124a9fa05bce188e862900a79a232c","sha256":"096c3be773c93b06876eaadbf2bf529a3fecb7cc459702c01eac1e36d37c36a6","sha512":"2d6e63dabf0a958680f8a76f887652a149e555a3360ccff3050d61fe4474a46833467ceb8f23ce1a0b37f59d2e3b77f5c699db0e16980ef02a9cbded70bc53af","ssdeep":"","tlshash":"b84139f3843fcf6f474adda15009a924a1f42e6e0120b60f7a82041deaed83c625866f","first_seen":"2025-09-03T16:33:36.528099Z","last_seen":"2026-03-12T08:11:54.090622Z","times_seen":860,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/synr/202411/W020241111249106269623_80.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.739Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /synr/202411/W020241111249106269623_80.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3364,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 22, 8-bit/color RGBA, non-interlaced","md5":"7d99004d3613824a9470044ca2e010f4","sha1":"11fa9ef11d72fd0676e1d18a0bc828b521bcfab1","sha256":"d587be460775772a7d1bb848d537e099473561dd2038a47ecda34496a030d5df","sha512":"2653186bd39326e2391b1f07c57a8cb5164544d250cdeb1291316bc9e92511910bc32b3c6e5750eef241125b535c86113d4956813bbdfca48b014cea82227a15","ssdeep":"","tlshash":"9f616edb79f6373306c44b0af742633e9b2a3281365ecc9891184407ce52723e0d1c2a","first_seen":"2026-02-13T05:49:21.987494Z","last_seen":"2026-02-13T05:49:21.987494Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1901,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1901,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/ywly/fz/202411/W020241111287216926652.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.754Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /ywly/fz/202411/W020241111287216926652.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":922,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 40 x 33, 8-bit/color RGBA, non-interlaced","md5":"01245036477730d70a8155477cb1147e","sha1":"ef525a2b2d0c5f63f73333e124e99090cc401f1c","sha256":"f070329005b6de7227193c586c635f4169215d36fed8928e1ad47e71a59a9a67","sha512":"4c3657edade9e0659820bf381a7816740bd7a86eb6aad01b7b0d32ee463fecf1a06cc4bc58103ee33a6d1bbd8d193604719db6b8f0283f1f8f08e78db9c8fe82","ssdeep":"","tlshash":"4611b7a7993d794949301c3643a771b93f034b159f50722a8e31b4919d0a7e3829e387","first_seen":"2026-02-13T05:49:21.988665Z","last_seen":"2026-02-13T05:49:21.988665Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1897,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1897,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/synr/202411/W020241119247838412874.jpg","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.798Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /synr/202411/W020241119247838412874.jpg HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":24846,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 350x277, components 3","md5":"adee890e5845ca3693323ee63459eaeb","sha1":"145588fc36059aa98cf7c8ad45f11bf0597f56ee","sha256":"a61dc4465f0b87bbbe4480ceae588b73a2ca63ed436b0163675d6ddc294c062a","sha512":"964572b1f363aa81befcb09f189646b994df05b713d6d8a23c79e590cd8d08969bb572464fc0e474062112c3e57ce4ccf9f6f8919bd7d46c616223648ae3bc3d","ssdeep":"768:tFge1ffx9LmJlmhouCLoZWxmWzo3731uQFfp:ttp967I0xmW0rf","tlshash":"28b2f1779363a02097c0839cc00ab54290c30665f1aa4fb3374a46db5fedd79f46e575","first_seen":"2026-02-13T05:49:21.989855Z","last_seen":"2026-02-13T05:49:21.989855Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1849,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1849,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/news/ywzx/202509/W020250926737407180808_ORIGIN.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.819Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /news/ywzx/202509/W020250926737407180808_ORIGIN.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:48 GMT\r\ncontent-type: text/html\r\nlocation: https://huobosports.pages.dev/?referer=www.wnsr113.com/?referer=zhizhuchi-7/?referer=\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":323,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":323,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/otf/huobo.png.otf","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:50.928Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/otf/huobo.png.otf HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bannner-08.cfd/\r\nOrigin: https://bannner-08.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: font/otf\r\ncontent-length: 5696\r\ndate: Fri, 13 Feb 2026 05:46:33 GMT\r\nx-oss-request-id: 698EBAB96A794D3335F78BC9\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Multipart\r\nx-oss-storage-class: Standard\r\nx-oss-server-time: 3\r\nvia: ens-cache34.l2de4[634,634,304-0,H], ens-cache29.l2de4[636,0], ens-cache4.nl3[0,0,200-0,H], ens-cache1.nl3[2,0]\r\netag: \"DC0EF75C2D751FA99AF06CB3236235B2-1\"\r\nlast-modified: Mon, 09 Feb 2026 08:36:59 GMT\r\nx-oss-hash-crc64ecma: 16231537361387094329\r\nage: 137\r\nali-swift-global-savetime: 1770961593\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 13 Feb 2026 05:46:33 GMT\r\nx-swift-cachetime: 3600\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617309398714e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":5696,"size_decoded":0,"mime_type":"font/otf","magic":"data","md5":"c62993dd7c96d3492c2482b3415c955b","sha1":"3880a1507942f2f61c12265b37cab28a97e7fa56","sha256":"3a48bb5a921ad7cf8eab9a61ea2287f2598502fd55739d94538664631c76ae28","sha512":"52370c455376ecb11ee5f8f4590826b064f2e5eebd788c92fb1133562d840b9d8397e789424a8b31cd64ee9bfe69e794538f00ef78dbc2223ce6452c7f2c7966","ssdeep":"96:4gcDB8WGQmt2THu1gh5LZzhPPiBTZrkITXY1uKgfCQKDAebhqD:l2B3GNtMCsZtPWpNY1uRAAYhqD","tlshash":"72c16def30addf12406929f686a4610994cace5501bac0294b63a7cdf831198da27fca","first_seen":"2025-09-03T16:33:36.522914Z","last_seen":"2026-03-12T08:11:54.08206Z","times_seen":882,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":28,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/synr/202411/W020241111249106083092_80.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.737Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /synr/202411/W020241111249106083092_80.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2224,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 22, 8-bit/color RGBA, non-interlaced","md5":"5a237ab403d78a9b38c959c11ac9cf67","sha1":"67e43014c1375765e01b8c3eae26a22068621401","sha256":"be0006ccbe065a399b8facea4febc45cdaa6d75465a37dcd35cbaa957812e332","sha512":"8f568d1a95a526f1a2a9a50f6a6ca77cbf467f57acd6d453a5be7a4df607981fb6f460c7405fca5ff8b78afddbabdfd116ab23bdb14039965c5159b8872e6cfb","ssdeep":"","tlshash":"66415bcef338d1f71c5e2921210eb089e771fc5f34d69a52623608f41ea59086b8b620","first_seen":"2026-02-13T05:49:21.990967Z","last_seen":"2026-02-13T05:49:21.990967Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1901,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1901,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/xxgk/202411/W020241119218216220370.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.781Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /xxgk/202411/W020241119218216220370.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":151142,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 480 x 260, 8-bit/color RGBA, non-interlaced","md5":"fafa2f4af09561b5ce939e76d456c4fa","sha1":"ea216c4f604a2c3e4d190052c7dabee6d9074f38","sha256":"c3bff60642759264d83e78f6fdb907e9dae44b04972743bd3ffd3a7e674cd183","sha512":"6a12cdc403a867ee8d740f8a2d126c26098ebaf797ffc45d787de959e767764da015ce9a57928b62b42bd5444971aa8a9244f623dc4844c2552c87632fcf3b85","ssdeep":"3072:jxF3EXJICgt2x4P12+lHfgHJP8r1NJr74uxzvxqhKB0SNnB:jxxAJICgkqdlskr/Jr743hKGSNB","tlshash":"30e312a3014e81285f2358bedb15fcfb56bfac29c277b1d48626c9e06f3341a479d522","first_seen":"2026-02-13T05:49:21.991929Z","last_seen":"2026-02-13T05:49:21.991929Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1873,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1873,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/images/beianLogo.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.979Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /images/beianLogo.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1603,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 36 x 40, 8-bit/color RGBA, non-interlaced","md5":"a35ab3d2f72313f3e621ca29d02d950a","sha1":"d41d634216494aff3fa454dfc0c7dc6e3f95978b","sha256":"9ee7a4b8684455049ac46a6f471c4eaca489c174d3164040f082d1d770e4d8a3","sha512":"863906d0a7483a0b08a25ef5e87285bd2862c314ab1872023dc8124d6a81cb529fc676b84164730a475a0a58788a6751682bf3d4c60e61352d78581602cdbc92","ssdeep":"","tlshash":"13310cc35336375efc9196c59d2a7cf4c6b5745c397522d08d89f355b441c0c527d218","first_seen":"2025-09-27T11:52:37.273082Z","last_seen":"2026-03-04T03:03:56.858794Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1622,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1622,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/css/app.d9301c2d.css","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:50.377Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/css/app.d9301c2d.css HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bannner-08.cfd/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: text/css\r\ncontent-length: 4375\r\ndate: Thu, 12 Feb 2026 14:45:50 GMT\r\nx-oss-request-id: 698DE79EF6D5D4303764C6C0\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Multipart\r\nx-oss-storage-class: Standard\r\nvary: Accept-Encoding\r\nlast-modified: Mon, 09 Feb 2026 08:23:53 GMT\r\nx-oss-hash-crc64ecma: 6650614325847064471\r\nx-oss-server-time: 6\r\ncontent-encoding: gzip\r\nvia: ens-cache11.l2de4[0,0,200-0,H], ens-cache23.l2de4[1,0], ens-cache12.nl3[0,0,200-0,H], ens-cache1.nl3[1,0]\r\nage: 54180\r\nali-swift-global-savetime: 1770907550\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 13 Feb 2026 05:46:26 GMT\r\nx-swift-cachetime: 32364\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617303868129e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":11415,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (11415), with no line terminators","md5":"678ce203e4823a489d2b98aa09a15e80","sha1":"ba039eb4462dfdb8d34caf773f2e6b78eb8b9e06","sha256":"e1ecc45d6bf1ea82a209e6cb9e9e5fc856548c7585d82993e33afdffa4d015a4","sha512":"46a2cde787ffada831d13914857aed2a374dd81486d00cadcc768cb14911f96fa48618c87c646e830b50d02e320d37c81873ed712368f1348550bd0ef3b4d992","ssdeep":"192:JjlMemUnBkJfQ4D24ZJQKMDmxxN2yZbJq67W:R9Bke4D8KzW","tlshash":"8132a63feb10a93dd26e1b19a280acde3378e34ab7529d71c893eb56c35115e5a302c4","first_seen":"2026-01-31T16:31:05.520792Z","last_seen":"2026-02-18T20:47:40.19618Z","times_seen":33,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":28,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/otf/gf.png.otf","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:50.627Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/otf/gf.png.otf HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bannner-08.cfd/\r\nOrigin: https://bannner-08.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: font/otf\r\ncontent-length: 7248\r\ndate: Fri, 13 Feb 2026 05:46:28 GMT\r\nx-oss-request-id: 698EBAB4A902D23232CB2BDF\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Multipart\r\nx-oss-storage-class: Standard\r\netag: \"B7BB3CE5CB411EB237FD018C6B0B07B3-1\"\r\nlast-modified: Mon, 09 Feb 2026 08:36:53 GMT\r\nx-oss-hash-crc64ecma: 14846563367258194295\r\nx-oss-server-time: 7\r\nvia: ens-cache24.l2de4[0,0,200-0,H], ens-cache16.l2de4[1,0], ens-cache1.nl3[8,8,200-0,M], ens-cache1.nl3[9,0]\r\nage: 141\r\nali-swift-global-savetime: 1770961589\r\nx-cache: MISS TCP_MISS dirn:-2:-2\r\nx-swift-savetime: Fri, 13 Feb 2026 05:48:50 GMT\r\nx-swift-cachetime: 3600\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617306378401e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":7248,"size_decoded":0,"mime_type":"font/otf","magic":"data","md5":"7f02cb25f6eabcb68f80d7f6c9aef294","sha1":"806e2335841cf01333441d877c5f63e9a6c08649","sha256":"4cafdb32238c727db07aa4a17a66332a883d73f041fbeae6656c3914c1f03812","sha512":"e69bc0f3d6fdbb634b24b88f57a5fc65611d69b2d91d9c275f6d05c9502d956823ee37739f64be4e98fba512ec6ddcc63508d99326e7e3488283809b03850f7b","ssdeep":"192:pIJ4GOl/PwNVhhCyejkp96ydUDOJD3OcZM2qn/Uy:Ets/PW05ji96ydQO9+Mqcy","tlshash":"63e1ae8c4bc043cf791631d79bdab4299b57a69ac05e8a50f5e7360b21b12acec4f138","first_seen":"2025-09-03T16:33:36.505647Z","last_seen":"2026-03-12T08:11:54.062239Z","times_seen":889,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":93,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/images/header.css","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.729Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /images/header.css HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:48 GMT\r\ncontent-type: text/css; charset=utf-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9519,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (327)","md5":"68e18b74f94244ecfd0a439fb519bac6","sha1":"44eef46eba13b627f45b371480da975fbdef08db","sha256":"66b7fa7349b2ea666c2ba4f0d8f73cc91489775dceb0dad7de5b0c5d27fa7a28","sha512":"13d76afbca60e48381322288e88a6064ca96b0c1d947ca7afc78c9a69e536cc57d8cc477c5cea3cbdabb97165678d9dc9e54b48c932e26da329bd533b4babcbe","ssdeep":"96:tYNbwphghcfoWezGZ2XCiWvGHKG1l1mwjq99ZBztmx71EulP6njAKBA2+/j9Kdid:tAbXCVvkKG46q9/BzEgMKmt7eC","tlshash":"c712302756f2310ef0379221ead97ffcb25c8803669f4e6eb566633fc29606895261c0","first_seen":"2026-02-13T05:49:21.995056Z","last_seen":"2026-02-13T05:49:21.995056Z","times_seen":1,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":247,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/synr/202411/W020241119247837479038.jpg","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.793Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /synr/202411/W020241119247837479038.jpg HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18472,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 350x276, components 3","md5":"7c1c1cb57056492937e5e232fd2d2810","sha1":"53a8b2226a1c0ece348d763872892b30af491cda","sha256":"4a91500ab2b01c44f0e577fdb02dcf8b6de96a3cf3081ea6b507e373cc599b0d","sha512":"c12d64cf8e5ebdafaaa265421cb223ce9c895287ccad96ba02bbf557cecdefeba1d96c79dda4b516449d21b3f21be2e5fc281433d1c044d151f81d6a60c2e53d","ssdeep":"384:87uSwFNSo56pwAi19iZc1ZiNoN3upYITt6PNxO96so7U6HU:8y9FVYpwxUZc1Zi2U2ITtWEsU6HU","tlshash":"8082d04ee18b2506cb2a286855113864b2ff83847bf671390a629f3d16d1dfbf1d1ad1","first_seen":"2026-02-13T05:49:21.99646Z","last_seen":"2026-02-13T05:49:21.99646Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1860,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1860,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/ywly/jdsbjk/202411/W020241111290557884125.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.763Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /ywly/jdsbjk/202411/W020241111290557884125.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1758,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 42 x 38, 8-bit/color RGBA, non-interlaced","md5":"aa1904efd97748da21c35bc27a08ed0a","sha1":"9163d4d1f07ae4e22fdb9dbc81326fc13a472aef","sha256":"84879fafbd838463fb2dcc1b56e39a93858e1f5e9cf785370ec353882d788dcb","sha512":"ca2bf14fef8337037c81fecd6087edcdfd948b9d2f574dbd289cf38653c81bdbeb6eb8cb9b94aba1445f29cb622e1b081a7cfb9d08d45f97484bfdb2f7b7f583","ssdeep":"","tlshash":"47312b00026f77a03368322052121a03dd32249e57e57ec1a2792583bfe220d76d51cf","first_seen":"2026-02-13T05:49:21.997324Z","last_seen":"2026-02-13T05:49:21.997324Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1889,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1889,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/ywly/qclghjl/202411/W020241111292677049800.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.767Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /ywly/qclghjl/202411/W020241111292677049800.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1433,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 45 x 29, 8-bit/color RGBA, non-interlaced","md5":"045786ff4e6a2957c2c6145d2870b077","sha1":"d43ca28d91ac793c73a7767fc118d6571cc8ca06","sha256":"4c9993ea92f0c0ae72c0fb441bd25b390769781fb0e42c26cae63718fddcc228","sha512":"6150f518238c571e880c147f4664c32f4202dc5f069ab27cd11ab802e82f63d0525d31bd36a3bdba6f0007ed03a14451cd2a1cf4b454590a512a2d80c4448dd2","ssdeep":"","tlshash":"a521c6e072e029ae8577367949bd221181adb222685aae7c89310999c2e24cb24e509b","first_seen":"2026-02-13T05:49:21.998466Z","last_seen":"2026-02-13T05:49:21.998466Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1885,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1885,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/ywly/hjgc/202411/W020241111294291249740.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.772Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /ywly/hjgc/202411/W020241111294291249740.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1656,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced","md5":"8787b89b66577ece19938c95db015c8d","sha1":"a36d467d67172ae58e82be1b7805fc44e574f5a1","sha256":"f74f12702b9f78172683ca71526d44d737885ccc4525c4af00a72202adc720aa","sha512":"e05afc3b78e8bb396c99e239be06e4249ea18700918f46cfb172daf58dfd2676a78d22faf689bc74d1dec4210323e94587c858716bb4fb00a5cff0890cc4d43c","ssdeep":"","tlshash":"a7310c5786555778d6a31d23cb4263d41cc60fc06276891aa4947b357244b5c4e38f56","first_seen":"2026-02-13T05:49:21.999611Z","last_seen":"2026-02-13T05:49:21.999611Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1884,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1884,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bannner-08.cfd/sttcs/?channel=88801\u0026ref=","fqdn":"bannner-08.cfd","domain":"bannner-08.cfd","tld":"cfd"},"ip":{"addr":"107.163.157.112","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.926Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bannner-08.cfd","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Dec 2025 11:45:20 GMT","end":"Sun, 22 Mar 2026 11:45:19 GMT"},"fingerprint":{"sha1":"36:67:E7:21:4B:66:64:BE:48:50:A5:40:48:CE:03:F3:1F:46:4E:F6","sha256":"4B:83:B3:34:79:FE:08:01:CD:EB:DE:4D:C7:93:46:3C:92:E5:3C:5D:E2:21:57:A8:B3:9F:66:7C:15:11:9D:58"}}},"request":{"raw":"GET /sttcs/?channel=88801\u0026ref= HTTP/1.1\r\nHost: bannner-08.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: uuWAF\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nm-processed-time: 0.460338 ms\r\nvary: accept-encoding\r\ncontent-encoding: gzip\r\ndate: Fri, 13 Feb 2026 05:48:49 GMT\r\nX-Waf-Cache: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4410,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (3381)","md5":"e6a34f39b40a16a6dbf987914c9d603b","sha1":"87bf45af80a8a151eda5b0f133032f2d62da62b1","sha256":"e880c5602fa0b11ae1bb2caf8cb97bac27f0507b50a13cc9f197fa60e4f691e6","sha512":"c07ff97a215286cb6363d9f2f8349f9a35a00e403537c52dde7000abafeb70e288f2d4ac0fc16ab0bd4aea0358529828a4d27574cd287e4bdba67f117e1c3fa8","ssdeep":"96:P8lGAWyv6ZJ9O5RbBv9FqLWudPHCpAYAkH0jnc/Xg8Cw69:PQX1v6ZO5RbBvzqquNHncHQ6ZNa","tlshash":"4c91ed6a9d91e8517b4b4eab7937b009e537784f2950804eb00cf9503f90b34edcb27a","first_seen":"2026-02-04T19:29:57.406377Z","last_seen":"2026-02-18T20:47:40.209423Z","times_seen":27,"resource_available":false,"data":null}},"time_used":1345,"timings":{"blocked":542,"dns":1,"connect":260,"send":0,"wait":261,"receive":0,"ssl":276},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/otf/new_h2_2_bg.png.otf","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:50.891Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/otf/new_h2_2_bg.png.otf HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bannner-08.cfd/\r\nOrigin: https://bannner-08.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: font/otf\r\ncontent-length: 9216\r\ndate: Fri, 13 Feb 2026 05:46:32 GMT\r\nx-oss-request-id: 698EBAB898945C3737133FC2\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Multipart\r\nx-oss-storage-class: Standard\r\nx-oss-server-time: 5\r\nvia: ens-cache21.l2de4[611,611,304-0,H], ens-cache29.l2de4[613,0], ens-cache1.nl3[0,0,200-0,H], ens-cache1.nl3[1,0]\r\netag: \"CBB219A6C688831D1A7B009DC5EC26CF-1\"\r\nlast-modified: Mon, 09 Feb 2026 08:37:06 GMT\r\nx-oss-hash-crc64ecma: 10263721311128828130\r\nage: 138\r\nali-swift-global-savetime: 1770961592\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 13 Feb 2026 05:46:32 GMT\r\nx-swift-cachetime: 3600\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617309018664e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":9216,"size_decoded":0,"mime_type":"font/otf","magic":"data","md5":"4b180ea84ecfb9925de8663011430f8c","sha1":"799c1348f4a0d2493e91709dc6d7965d61bb7b35","sha256":"2e0180f69a72b25cbfba62ef0a0897f9541f7ff5b0c2a7c18bcdfacc208838f6","sha512":"61b1368c748119fb089c81c385fadcd8ee87e4e2e404d6706c44ee61688dae92dcbc6f8f3c253db1680d00db539dc6d3fbcf4313f2e024f43f9e0683a20924a7","ssdeep":"192:ZI1QJrmbSy7pRGYsH84w8AFV8WeeKhUApzy7VXBp9RETnUm6wRqVW9W/rbwRqXBs:ZIWUpMLc4CAheKhU2ypXBCTFb0zbwCBs","tlshash":"a312d0038b4ddc5d5deb96f7bbf394924a17e9c215f708bdc2e89130514018c60a22e3","first_seen":"2025-09-03T16:33:36.550748Z","last_seen":"2026-03-12T08:11:54.074729Z","times_seen":889,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":27,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/ywly/dlgj/202411/W020241111286160282207.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.746Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /ywly/dlgj/202411/W020241111286160282207.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1191,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 44 x 40, 8-bit/color RGBA, non-interlaced","md5":"102f400b605da5c7fbe4cd52621c96bc","sha1":"240671b997395e711821c6645540d083afb184b7","sha256":"3ee54f35cbf59d51bbd14ff02cf4f904b8f58d3aea84d006867d62b79d8c75f9","sha512":"58351b2fed425cfbaa1e65f61b924e0fc8787f0cefcf4f094056d745d917a01280b9898d598815ee287842dcf479a0b15381f4cad8b88c49238080e91e82d57e","ssdeep":"","tlshash":"7d21aae90626de65bf382c9cd0b6314d8cb351356cc301cb8b68855155c9644d7645db","first_seen":"2026-02-13T05:49:22.001846Z","last_seen":"2026-02-13T05:49:22.001846Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1900,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1900,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/news/zxzx/202508/W020250825645723224768_ORIGIN.jpg","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.817Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /news/zxzx/202508/W020250825645723224768_ORIGIN.jpg HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:48 GMT\r\ncontent-type: text/html\r\nlocation: https://huobosports.pages.dev/?referer=www.wnsr113.com/?referer=zhizhuchi-7/?referer=\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":323,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":323,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/js/app.d6b608d8.js","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:50.380Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/js/app.d6b608d8.js HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bannner-08.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: application/javascript\r\ncontent-length: 28003\r\ndate: Thu, 12 Feb 2026 14:45:43 GMT\r\nx-oss-request-id: 698DE797D1E56736350BFF6A\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Normal\r\nx-oss-storage-class: Standard\r\ncontent-md5: T5bidPD0iYfseqXmYJLEIw==\r\nx-oss-server-time: 22\r\nvia: ens-cache4.l2de4[0,0,304-0,H], ens-cache21.l2de4[1,0], ens-cache12.nl3[0,0,200-0,H], ens-cache1.nl3[0,0]\r\nvary: Accept-Encoding\r\nlast-modified: Sat, 31 Jan 2026 10:57:12 GMT\r\nx-oss-hash-crc64ecma: 7938614471151842741\r\ncontent-encoding: gzip\r\nage: 54187\r\nali-swift-global-savetime: 1770907543\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 13 Feb 2026 05:46:26 GMT\r\nx-swift-cachetime: 32357\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617303898133e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":70802,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65082), with no line terminators","md5":"4f96e274f0f48987ec7aa5e66092c423","sha1":"39d517836b5a15980a71d359923a8433be6e9245","sha256":"d8e0e626d79e1f67222468121f89b1ac6252394418a307cb63fd67d40f00edc5","sha512":"8641c27657de53be3a8d3555af8a418b90718a6df8d2bed8adaefd9c4f33565ec9809f5133e46a8344357901164cef8598e0a616f1d4f0997383e2d0f599bad0","ssdeep":"1536:q6cagyxlDtE+34vELKm2AnI0I2ehI4FUHdiTM:KetbiU7IM","tlshash":"cf633cc06108b892527b61e5443f2407b1a23a3be205d5d4f2b9f8ededb85e9732d93d","first_seen":"2026-02-01T11:45:29.523436Z","last_seen":"2026-02-18T20:47:40.194938Z","times_seen":28,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/otf/bet365v2.jpg.otf","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:51.022Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/otf/bet365v2.jpg.otf HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bannner-08.cfd/\r\nOrigin: https://bannner-08.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: font/otf\r\ncontent-length: 12048\r\ndate: Fri, 13 Feb 2026 05:46:33 GMT\r\nx-oss-request-id: 698EBAB92131AD343211B7E3\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Multipart\r\nx-oss-storage-class: Standard\r\nx-oss-server-time: 3\r\nvia: ens-cache24.l2de4[601,601,304-0,H], ens-cache13.l2de4[602,0], ens-cache1.nl3[0,0,200-0,H], ens-cache1.nl3[1,0]\r\netag: \"BDEF1E94160929E659A15505A64F895F-1\"\r\nlast-modified: Mon, 09 Feb 2026 08:36:48 GMT\r\nx-oss-hash-crc64ecma: 13812578787366314352\r\nage: 138\r\nali-swift-global-savetime: 1770961593\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 13 Feb 2026 05:46:33 GMT\r\nx-swift-cachetime: 3600\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617310248808e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":12048,"size_decoded":0,"mime_type":"font/otf","magic":"data","md5":"69645a11b9f7520faf53689dcea67bba","sha1":"33568b00a221e5d4a7fdee8fda375349572080b5","sha256":"acd420a630da28d9e370ad331c26837c1f968471fa8adb1a46e2c02f86ed181d","sha512":"acdeeb9c603462930ea6c1439e98de223eea304a64a888731b803e71e8697953810c8bb4fc9881c81153933905d90a6e7a760afafc7f7964830e57a791001427","ssdeep":"192:98gIHcRNbDQE4Mf8oDVmtRVeiZUvSAyxc2+od6SzWJcTOZfjR40PFzyorcFZ:HTRlMpMFmMiZU6pmWoSzWJ380dzy5FZ","tlshash":"2c42d18ea60d764eb61380bdd357d34a55720d4dfceabc3be0238529113b16b1772c15","first_seen":"2025-09-03T16:33:36.481539Z","last_seen":"2026-03-12T08:11:54.066672Z","times_seen":889,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/ywly/xf/202411/W020241111289409677402.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.761Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /ywly/xf/202411/W020241111289409677402.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1749,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 33 x 34, 8-bit/color RGBA, non-interlaced","md5":"6e0b522061f08ccc5dbb19e6714bc92c","sha1":"fcf7a594271822b9556b0e9f96a7d00c58227c61","sha256":"440aca73f38e99be7b1f96af90d4eb0702508916dff439413073b61678aaa13d","sha512":"1b359617e6440e0d2acdbff0f3f847a0fb0a2f1013b836e1917133857b1c9333c9d4faefcdc4a9033cd77f6d634b54bbc61ff50384719167d8505409c65790d4","ssdeep":"","tlshash":"5d311de7601ea624e39e2461040a007fa5b13f9b4267525c664e697d34cceb436d7f91","first_seen":"2026-02-13T05:49:22.002787Z","last_seen":"2026-02-13T05:49:22.002787Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1892,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1892,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/talent/202411/W020241119217588465049.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.780Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /talent/202411/W020241119217588465049.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":47332,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 480 x 261, 8-bit colormap, non-interlaced","md5":"532c26ddf19471f4c76f77e5275e8e0b","sha1":"7118bd5ff04c1689474ddfbaa58cb9655d3503f1","sha256":"8a7ee2f2b75b7230eaa792f79e36a03a8fa7a2c0ab17ea1e685fdd860f6b3f24","sha512":"fe892e9a70e70a66aff9656022b3a61fa38b4b9923df781c0b1375be47bdd14313371e83b09903260b2fe84b29959d8fe856a6433be1e410b4a5e10d8d65f7e0","ssdeep":"768:NdrOrXneR7w2q0kOdLwb3RcKod6WqM504f7akY6HOsEypCMj5N46rU:frUX47iOib3lWL504/HOsXCMj746rU","tlshash":"452302c58170cb58e348fa8249b9926e628c0967615cceb85018ff1af2fd464b5774de","first_seen":"2026-02-13T05:49:22.004257Z","last_seen":"2026-02-13T05:49:22.004257Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1361,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1361,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/synr/202411/W020241119247837796754.jpg","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.795Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /synr/202411/W020241119247837796754.jpg HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":36461,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 350x278, components 3","md5":"de323c7099814b29f302679359ce32be","sha1":"b8dd73c8a207919a1264569b50fc576a15a16b66","sha256":"316f7d91f4b2ec840ba5cc2b4f0922c241396fd5787fe19ce90455e5b101750c","sha512":"220ba2fdf65e41bae05029291920e9c8fa534b71227076b2bb0f6e063c221618653ba139e233673822330e81aec11d647713444d1c9cdec14a77f93dd73d05ae","ssdeep":"768:yURxdE7vVJwiOnRIn8YNJLWP7YeA+71k6EOgyaKQ+587vTNBaT:yUxE7vVonk79cc+71qzTB+5OBaT","tlshash":"02f2f1098405a174a71588f6d0596cbab79efdc5f7403ffe58a080eca935abdcf48861","first_seen":"2026-02-13T05:49:22.005292Z","last_seen":"2026-02-13T05:49:22.005292Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1851,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1851,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/js/chunk-vendors.8940929e.js","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:50.379Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/js/chunk-vendors.8940929e.js HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bannner-08.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: application/javascript\r\ncontent-length: 203753\r\ndate: Thu, 12 Feb 2026 12:20:57 GMT\r\nx-oss-request-id: 698DC5A9F8C6043938240114\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Multipart\r\nx-oss-storage-class: Standard\r\nx-oss-server-time: 22\r\nvia: ens-cache10.l2de4[0,0,304-0,H], ens-cache16.l2de4[2,0], ens-cache6.nl3[0,0,200-0,H], ens-cache1.nl3[1,0]\r\nvary: Accept-Encoding\r\nlast-modified: Mon, 09 Feb 2026 08:37:02 GMT\r\nx-oss-hash-crc64ecma: 1207873209088534847\r\ncontent-encoding: gzip\r\nage: 62873\r\nali-swift-global-savetime: 1770898857\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Thu, 12 Feb 2026 22:09:36 GMT\r\nx-swift-cachetime: 51081\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617303878130e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":664871,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"85de9f46a34713e60bff58e0dd38e3f2","sha1":"3128363a5522a58d120a54bbb97ec508a0312d38","sha256":"0414818b8792692d4daef5946748f6f95e9e0a15aa1f062731d9f8bda1bc025d","sha512":"2e8f14ec9bead8332333e075dc15bd24d7d3e6cfcf2307d41ede93839b6dba946b50db66ec30bb5074bd87c547b2ecb40b9ea5412875945644e9f442de6457b4","ssdeep":"3072:PHqbuXPX0TXSjWbmkHqbuXPsFEXQT5VXbGpLsev6ns106vHqbuXPlG9ft3DN1umc:cSDXCNvms1jG9t3DNkms2z88CTCxJI2I","tlshash":"3ce4c884b774b02287ad3ee4052b504fe279fa2d684740bcf268d4f57cb9985663af34","first_seen":"2025-12-22T21:05:20.395283Z","last_seen":"2026-03-31T02:34:08.002573Z","times_seen":289,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":71,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/otf/gf.png.otf","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:50.624Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/otf/gf.png.otf HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bannner-08.cfd/\r\nOrigin: https://bannner-08.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: font/otf\r\ncontent-length: 7248\r\ndate: Fri, 13 Feb 2026 05:46:28 GMT\r\nx-oss-request-id: 698EBAB4A902D23232CB2BDF\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Multipart\r\nx-oss-storage-class: Standard\r\nx-oss-server-time: 7\r\nvia: ens-cache24.l2de4[2140,2139,304-0,H], ens-cache20.l2de4[2142,0], ens-cache12.nl3[0,0,200-0,H], ens-cache1.nl3[1,0]\r\netag: \"B7BB3CE5CB411EB237FD018C6B0B07B3-1\"\r\nlast-modified: Mon, 09 Feb 2026 08:36:53 GMT\r\nx-oss-hash-crc64ecma: 14846563367258194295\r\nage: 141\r\nali-swift-global-savetime: 1770961589\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 13 Feb 2026 05:46:29 GMT\r\nx-swift-cachetime: 3600\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617306368399e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":7248,"size_decoded":0,"mime_type":"font/otf","magic":"data","md5":"7f02cb25f6eabcb68f80d7f6c9aef294","sha1":"806e2335841cf01333441d877c5f63e9a6c08649","sha256":"4cafdb32238c727db07aa4a17a66332a883d73f041fbeae6656c3914c1f03812","sha512":"e69bc0f3d6fdbb634b24b88f57a5fc65611d69b2d91d9c275f6d05c9502d956823ee37739f64be4e98fba512ec6ddcc63508d99326e7e3488283809b03850f7b","ssdeep":"192:pIJ4GOl/PwNVhhCyejkp96ydUDOJD3OcZM2qn/Uy:Ets/PW05ji96ydQO9+Mqcy","tlshash":"63e1ae8c4bc043cf791631d79bdab4299b57a69ac05e8a50f5e7360b21b12acec4f138","first_seen":"2025-09-03T16:33:36.505647Z","last_seen":"2026-03-12T08:11:54.062239Z","times_seen":889,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":30,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/otf/venetian.png.otf","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:51.088Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/otf/venetian.png.otf HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bannner-08.cfd/\r\nOrigin: https://bannner-08.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: font/otf\r\ncontent-length: 4224\r\ndate: Fri, 13 Feb 2026 05:46:35 GMT\r\nx-oss-request-id: 698EBABB94C62B333358F35E\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Multipart\r\nx-oss-storage-class: Standard\r\nx-oss-server-time: 16\r\nvia: ens-cache21.l2de4[604,604,304-0,H], ens-cache2.l2de4[607,0], ens-cache2.nl3[0,0,200-0,H], ens-cache1.nl3[1,0]\r\netag: \"02C1854BC28993BB4CF117DD2347CC08-1\"\r\nlast-modified: Mon, 09 Feb 2026 08:37:12 GMT\r\nx-oss-hash-crc64ecma: 1165881306545535803\r\nage: 136\r\nali-swift-global-savetime: 1770961595\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 13 Feb 2026 05:46:35 GMT\r\nx-swift-cachetime: 3600\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617310988913e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":4224,"size_decoded":0,"mime_type":"font/otf","magic":"data","md5":"bbe7c9f2ff75f71f0712adad57a8581a","sha1":"497277bc92a2d28ca5fbf43209cf311881559a76","sha256":"5853c93e0a75652995044598c8f20b4e20c882f2af738236cf8d1c510e4e6215","sha512":"1176c292a36b1ca4c25cdfc80cb5f26251d87aa1b793941a94a843cee35d15924979a9e2a69749920a3f187aa9f766596fb3752c423f3b6aad3920770ba0a5f3","ssdeep":"96:cX2LSLIlzqOv5WXPUHdQQyUuTtfUeWZc0vqBR+OHbdoUnM6:e0zqG5WXPUHryTxMm0vqBRjoc","tlshash":"06916ed8104ae07424d1c8447a4d7cf567dc82d9b5e5d0dd69e99abf385e2279cc48cc","first_seen":"2025-09-03T16:33:36.54313Z","last_seen":"2026-03-12T08:11:54.075228Z","times_seen":878,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/otf/sun.png.otf","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:51.152Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/otf/sun.png.otf HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bannner-08.cfd/\r\nOrigin: https://bannner-08.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: font/otf\r\ncontent-length: 10176\r\ndate: Fri, 13 Feb 2026 05:46:35 GMT\r\nx-oss-request-id: 698EBABB4FBFB830334197E9\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Multipart\r\nx-oss-storage-class: Standard\r\nx-oss-server-time: 7\r\nvia: ens-cache37.l2de4[621,627,304-0,H], ens-cache23.l2de4[637,0], ens-cache11.nl3[0,0,200-0,H], ens-cache1.nl3[1,0]\r\netag: \"C227AAA1C405DEEFC0B4E1E90131F0C6-1\"\r\nlast-modified: Mon, 09 Feb 2026 08:37:10 GMT\r\nx-oss-hash-crc64ecma: 3434292821648763748\r\nage: 136\r\nali-swift-global-savetime: 1770961595\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 13 Feb 2026 05:46:35 GMT\r\nx-swift-cachetime: 3600\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617311628986e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":10176,"size_decoded":0,"mime_type":"font/otf","magic":"OpenPGP Public Key","md5":"7108e01ef9138ebfd67c91fb29cb2923","sha1":"dcbdc3c59f191bdb66eb282a5e3511edb62eb0d1","sha256":"40493a065122203e79824d79901ebf86c10c26681e2782b2b8fc15e368895f1c","sha512":"3e432559024e6d8d051a18582169d3b05773326c2a1001a3f1dc13a3c2d85c24a2c375a9f467ad927c2235e7a0ccbbbcfba6079157930d0207fc73e567c528b3","ssdeep":"192:fcV1UMbshQNM1fhUG8pqB4Dcxe5o1Yuwg46/gfmtqXoUJuha3f0zvh4NZm:fcMML61fhUG8pqBOivgf2qYUJFQ5h","tlshash":"ff22c1b2052d05875a9dffa127e53d1f4e600b121df50a359607179c1b32cbf9151fb6","first_seen":"2025-09-03T16:33:36.535805Z","last_seen":"2026-03-12T08:11:54.078143Z","times_seen":875,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":28,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/otf/h3.png.otf","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:51.410Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/otf/h3.png.otf HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bannner-08.cfd/\r\nOrigin: https://bannner-08.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: font/otf\r\ncontent-length: 3440\r\ndate: Fri, 13 Feb 2026 05:46:44 GMT\r\nx-oss-request-id: 698EBAC4140EF1383644E539\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Multipart\r\nx-oss-storage-class: Standard\r\nx-oss-server-time: 7\r\nvia: ens-cache2.l2de4[648,647,304-0,H], ens-cache7.l2de4[649,0], ens-cache6.nl3[0,0,200-0,H], ens-cache1.nl3[1,0]\r\netag: \"9AB5748AB4A27D6CD3E3D4A2DD921C6A-1\"\r\nlast-modified: Mon, 09 Feb 2026 08:36:57 GMT\r\nx-oss-hash-crc64ecma: 6996494176447752236\r\nage: 127\r\nali-swift-global-savetime: 1770961604\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 13 Feb 2026 05:46:44 GMT\r\nx-swift-cachetime: 3600\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617314211285e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":3440,"size_decoded":0,"mime_type":"font/otf","magic":"data","md5":"daf6223bf2ab16e39c3395214c4d0982","sha1":"9e8f2b502cbb8d35b323ff2898db97abb8949f32","sha256":"a6d466bfccb6f3645aaf1abbb51bebaeab1b93ebc361e66ae1e804f91cf85685","sha512":"9b11c5d35fff2953b52da2b71c0829d840ed81246681634a79f98315f1b366a6fdec0b08735fb51b114572fbf04db771e30080adf294238c23149e4057b9dfaa","ssdeep":"","tlshash":"40616deab0075b2ad6ee5c4722ea05e801b411448f6af73d52333d80407ee71db14738","first_seen":"2025-09-03T16:33:36.494534Z","last_seen":"2026-03-12T08:11:54.065517Z","times_seen":859,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/news/202411/W020241118289263773021.jpg","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.779Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /news/202411/W020241118289263773021.jpg HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:48 GMT\r\ncontent-type: text/html\r\nlocation: https://huobosports.pages.dev/?referer=www.wnsr113.com/?referer=zhizhuchi-7/?referer=https://www.wnsr113.com/\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":390,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":390,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/synr/lbt/202411/W020241111317115261791.jpg","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.785Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /synr/lbt/202411/W020241111317115261791.jpg HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":149632,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x450, components 3","md5":"204958c24476eafdb076b7db8ae93e51","sha1":"54876773a739958072144ae3dbf0545d5f3a1afb","sha256":"b383d1ad10f3b50a118ba82d5142d1606a699e57563be1e8f92f2b290c2cee38","sha512":"76813e23e07e193c4dc81c533eeb20febfc5a25c20b0be4ec8e89216122b8ac5eba2b80327ef2ed349b61e2b5649fe81b3e7a4b94439e94a7988b74fb4f99773","ssdeep":"3072:xn7kwIqdXb7o2cOVdhXrvUQasKxONGUpA9wpe7Tv8GV1SZKt8O0w2lvq:xYbqdR32aKcNGUp6wpefv8A1Azlvq","tlshash":"79e3127336865799a75102cd3f4f1baca2913a8cbb35a63a8f146c193e01d1bfd9b01d","first_seen":"2026-02-13T05:49:22.007563Z","last_seen":"2026-02-13T05:49:22.007563Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1870,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1870,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/img/earth.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:49.086Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /img/earth.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/images/header.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:53 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 0\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":4567,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4567,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/otf/mgm.png.otf","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:51.367Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/otf/mgm.png.otf HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bannner-08.cfd/\r\nOrigin: https://bannner-08.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: font/otf\r\ncontent-length: 4000\r\ndate: Fri, 13 Feb 2026 05:46:43 GMT\r\nx-oss-request-id: 698EBAC30A264D323309E93A\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Multipart\r\nx-oss-storage-class: Standard\r\netag: \"3E39E827A69618FF1BE3FBF66743061E-1\"\r\nlast-modified: Mon, 09 Feb 2026 08:37:03 GMT\r\nx-oss-hash-crc64ecma: 664789275228283238\r\nx-oss-server-time: 33\r\nvia: ens-cache36.l2de4[623,623,200-0,H], ens-cache39.l2de4[624,0], ens-cache12.nl3[0,0,200-0,H], ens-cache1.nl3[2,0]\r\nage: 128\r\nali-swift-global-savetime: 1770961603\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 13 Feb 2026 05:46:43 GMT\r\nx-swift-cachetime: 3600\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617313761218e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":4000,"size_decoded":0,"mime_type":"font/otf","magic":"data","md5":"8fc578655b61cd90a53376a783c18c81","sha1":"698ca5bc7e58f50ddae98a9248d496f082ef09c3","sha256":"78e6447dc0bad783f278a7e96607201ed370e026763ff4c908c2241971f12fc0","sha512":"730e649fff4e7d873e18df56b3c7e33b6ed5624475d3151baaa9a852a0bbc4edd2573e8d37f70f26102db80c81bbc08e5319148eb13d11d180aa97382ad4e3c0","ssdeep":"","tlshash":"31817d9764a2930302b69ac00b7c320e361d7c7caff39c570d314d9a25aa8e68444f22","first_seen":"2026-02-01T10:10:54.3396Z","last_seen":"2026-02-18T20:47:40.203571Z","times_seen":22,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/synr/202411/W020241111249104890004.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.736Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /synr/202411/W020241111249104890004.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":64274,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2210 x 614, 8-bit/color RGBA, non-interlaced","md5":"e001651a0add74d46b35343425e0a0ac","sha1":"25b2d8e13f50fd744809fa5f2b8d02b2fcba207a","sha256":"ab7139dfb4d90c3f94bbe3745c259755a37c49c3d94c116c0951dce118be6f49","sha512":"a9d30ca8a0e2917f4433dd42eff7c91cf2a0e8b2fa56d7e3c0d46828061c45d9ba076e6f3fd79bb92eb78c7ba79f07efded1a11c85f1016678a054a499e1d3a7","ssdeep":"1536:+gBUFvDS3qiw2CxtE9gCezCIKmkLYxRVfLIQU:+pVucaKCIfkLY5fLIT","tlshash":"a253f12e875af6c7a910bd6d52ff87de8a80a5f0c1172ec6cacbb70d0b64d6148249c5","first_seen":"2026-02-13T05:49:22.008676Z","last_seen":"2026-02-13T05:49:22.008676Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1728,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1728,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/synr/202411/W020241119247837631765.jpg","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.794Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /synr/202411/W020241119247837631765.jpg HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":26693,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 350x277, components 3","md5":"e61b0acfafe59cbebd08f5967e43a67c","sha1":"ba6154d98df64a87fb803876e3b3f02735fd43a4","sha256":"a87b6716397636a67b09803ad7574fa16584c6aed4701ad409cdd33256b3c5d0","sha512":"d75fbe1db7ba34f77c31177315c374e48e13649c976d0c86590b7bd43b759ed51040b163128ef9f8afcb93012b18ebeb7a52bd99814945ae7dd93b867a4073e6","ssdeep":"768:tp1xM6HZF+U8H8O/PWCqhY0dDxXAxhVnWEKeejj:tF5F+/HzqK0d6xhVwv","tlshash":"27c2e0528f2250564f2e06724c86593930f1a6c80728deb917ff92d3cadccb98d29827","first_seen":"2026-02-13T05:49:22.009809Z","last_seen":"2026-02-13T05:49:22.009809Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1857,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1857,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"huobosports.pages.dev/?referer=www.wnsr113.com/?referer=zhizhuchi-7/?referer=https://www.wnsr113.com/","fqdn":"huobosports.pages.dev","domain":"huobosports.pages.dev","tld":"pages.dev"},"ip":{"addr":"172.66.47.54","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:49.167Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"huobosports.pages.dev","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Thu, 25 Dec 2025 16:32:24 GMT","end":"Wed, 25 Mar 2026 16:39:40 GMT"},"fingerprint":{"sha1":"B8:86:9D:93:B3:37:81:48:90:44:AC:19:F5:42:BB:1A:99:0F:F3:CC","sha256":"CC:CA:9B:5E:BE:CC:E1:4F:C0:58:80:B4:E0:50:2C:7A:3A:23:17:A0:E0:D1:2B:24:F0:02:72:74:04:BF:72:9C"}}},"request":{"raw":"GET /?referer=www.wnsr113.com/?referer=zhizhuchi-7/?referer=https://www.wnsr113.com/ HTTP/1.1\r\nHost: huobosports.pages.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.wnsr113.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 13 Feb 2026 05:48:49 GMT\r\ncontent-type: text/html; charset=utf-8\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlink: \u003chttps://fonts.googleapis.com\u003e; rel=\"preconnect\"\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UxHChyYxC3n1MxAPK%2FKV3IFCBdimegWusPk8uJdQ2yrolbJPuiBpdR0xsaQB%2F2BO4wRo1C48%2BhEF4QSIVVzBAoTM0qjtEGyngrA6FO8IrYQyCW2lcA%3D%3D\"}]}\r\netag: W/\"d7102b655fd98e2d9294cc9eda6fc315\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9cd209f789dcb28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":85,"timings":{"blocked":41,"dns":5,"connect":1,"send":0,"wait":3,"receive":0,"ssl":28},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/synr/202411/W020241119247836887176.jpg","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.790Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /synr/202411/W020241119247836887176.jpg HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22644,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 350x277, components 3","md5":"9d975c70573ab6be566e63d6b3579e3f","sha1":"e21be075d189ff07dff43945fffeb693fa1b8837","sha256":"b96a35957a6cd311a9d6e7e084d7dff4c9c603ef8e98cfd66ff42239d7afb95e","sha512":"1a4dd6d28c0bdd14aa1f24940bd94322afb2f6aa5541a41e6bda1c6922ba4ed15359d516033feb2b85e3ee0c63f82dee78cafc31e071ad3fb5e339ed813abf09","ssdeep":"384:tLLoZljVlfVAb6pNtqlFoa5W78H9QWE7PhkaL7Ax8k7FfiA80CnIjOu:t3a+bSYOUWgHqWEdd6DJiBnw","tlshash":"73a2e11ccb8e1f01ce7dcad01e0c5878a7e55ed475892a73b89319e63b05cf9647894b","first_seen":"2026-02-13T05:49:22.010956Z","last_seen":"2026-02-13T05:49:22.010956Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1861,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1861,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/otf/h1_2_bg.png.otf","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:50.855Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/otf/h1_2_bg.png.otf HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bannner-08.cfd/\r\nOrigin: https://bannner-08.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: font/otf\r\ncontent-length: 5664\r\ndate: Fri, 13 Feb 2026 05:46:31 GMT\r\nx-oss-request-id: 698EBAB7486D923335E40583\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Multipart\r\nx-oss-storage-class: Standard\r\nx-oss-server-time: 4\r\nvia: ens-cache25.l2de4[636,636,304-0,H], ens-cache23.l2de4[638,0], ens-cache11.nl3[0,0,200-0,H], ens-cache1.nl3[1,0]\r\netag: \"4A59804B881DBEC1EC2232E1E1CCDD53-1\"\r\nlast-modified: Mon, 09 Feb 2026 08:36:55 GMT\r\nx-oss-hash-crc64ecma: 17043963358344161980\r\nage: 139\r\nali-swift-global-savetime: 1770961591\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 13 Feb 2026 05:46:31 GMT\r\nx-swift-cachetime: 3600\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617308658629e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":5664,"size_decoded":0,"mime_type":"font/otf","magic":"data","md5":"deef657ef864c2d159d5db2cc529d692","sha1":"c99f09600a5f87e18725ba85d64f73600b6d1a44","sha256":"1fee54caca0e2018a3582c7f5196a390700bb60911b17ed49416eb033c08a9fe","sha512":"f9aebe44ba2d4d8b46a7f9eca1446f3a84dc9f8dd20572fb708351f569a8cbaa1d3d4af4146bab33fcf3b04354da1c3dfc04532be5ede58cd04aa9633dc795a3","ssdeep":"96:1JE91T1eh/MtQoIUklsxTH6jBgQz1vkoaswfbRIqwFBospgIhquv7CRm6k:Q91JeyIsZOBpkoaJrEBoEjumt","tlshash":"f2c1ae01b514124e0a93bbd9fe313c4796fafcb4494ec4e82f09ed8e8b42697751dae4","first_seen":"2025-09-03T16:33:36.534383Z","last_seen":"2026-03-12T08:11:54.076659Z","times_seen":889,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":27,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/otf/xpj.png.otf","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:51.052Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/otf/xpj.png.otf HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bannner-08.cfd/\r\nOrigin: https://bannner-08.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: font/otf\r\ncontent-length: 3728\r\ndate: Fri, 13 Feb 2026 05:46:34 GMT\r\nx-oss-request-id: 698EBABAA7D90C3835A4D83B\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Multipart\r\nx-oss-storage-class: Standard\r\nx-oss-server-time: 7\r\nvia: ens-cache21.l2de4[632,633,304-0,H], ens-cache6.l2de4[634,0], ens-cache2.nl3[0,0,200-0,H], ens-cache1.nl3[1,0]\r\netag: \"24EC20DEF607613060B13416694E1C02-1\"\r\nlast-modified: Mon, 09 Feb 2026 08:37:12 GMT\r\nx-oss-hash-crc64ecma: 3958719860094207122\r\nage: 137\r\nali-swift-global-savetime: 1770961594\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 13 Feb 2026 05:46:34 GMT\r\nx-swift-cachetime: 3600\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617310638864e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":3728,"size_decoded":0,"mime_type":"font/otf","magic":"data","md5":"f4b6b558959771fc485ece1be94915df","sha1":"bab00a57859a67027c6278e884d9409fd4175d0a","sha256":"0709e51d6b1ee93c7cea8fd80a939d2a05c13cd096ba6bd73a5feab771683d59","sha512":"8ccd35e43dc90c59c8278b37ccf5a9e755e16526cf30e1c7e8d97ec18080959d32f05cfe2c3be9ab6151328cf6924541f2b68edb5e05369acf02e20a53714140","ssdeep":"","tlshash":"29715e615e6fc01ed85fa6ee0e454a58706093c57aa55c874316d45c0f7a5f10b8721d","first_seen":"2025-09-03T16:33:36.491393Z","last_seen":"2026-03-12T08:11:54.077138Z","times_seen":880,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":27,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/sttcs/stjs-remote.js","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.716Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /sttcs/stjs-remote.js HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:48 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":111738,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"16d81df56206c6937872ac86e5f14b81","sha1":"84ebf609d73b6a91ed13378ce1b3c5b38235b9fd","sha256":"73d3b3522af8af36383f325a6dc13f533e8a165cdf1e9078f3ae585563fabfde","sha512":"5340fe6296f9322e3a54751e5ba93a03526e72a7af830ac8b2e8c14fc0dcb44ad0e4951ed871460427450685c589695eae632186ba252c2beee8c953b3662ffe","ssdeep":"48:I40W40c0406ThLx40cL040U40W40c0406ThLx40cL040EQlR0406T340c040D04V:WGZKcW31FobyiCQ2asotAI","tlshash":"47b3080dc012ebd5b5ce15ac38e49e9d5e0d8e0fbfa4c66c2e49b792579aff0a080c51","first_seen":"2025-09-10T06:16:12.689327Z","last_seen":"2026-03-08T16:25:31.15287Z","times_seen":60,"resource_available":true,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/images/common.css","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.727Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /images/common.css HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:48 GMT\r\ncontent-type: text/css; charset=utf-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15518,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (467)","md5":"92526813b041adaae96b3a5af9bba7cd","sha1":"699032daadd4b4e493612b1ffc6ef0c19e820fc6","sha256":"9b7f47ffc75aec006a03b5ca59141a0f10b9aa8fe126e2e3608ad53a24089eba","sha512":"ad0ea4c824f3de24b2f8d0cd53a4ec7d62f7507ad0991cbd221d45cb6f3809e7f4cc0a51ffaf15315abfa1a3d08b9e2ba8b9959f82d0e61422d9cf392e392749","ssdeep":"192:UpWgANtCjMY9Y4pIOsnVNI8Y1e7FLFEer377bjyrucb44fJ8MIg41kQnK:TTNtClSOsVIYr377b+runRK","tlshash":"7262757259a1211cf0278927bbd12fac263dc003a2574dfeb74da57acf8b19d11b138a","first_seen":"2026-02-13T05:49:22.016473Z","last_seen":"2026-02-13T05:49:22.016473Z","times_seen":1,"resource_available":false,"data":null}},"time_used":338,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":338,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/ywly/fz/202411/W020241111287216707191.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.752Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /ywly/fz/202411/W020241111287216707191.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":944,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 40 x 33, 8-bit/color RGBA, non-interlaced","md5":"335499138a1b88555ffb7dd8e8ac25e8","sha1":"5c79ffe3787f80123c39074e3ad6f6ae632b8b90","sha256":"abc6ab4c03ad2ee17f879e0cacb8e599e8336b9dc3ce1469f04bb52c00a01fc8","sha512":"353ba7f7d0b2dbe03f0e795aa819b970b77ac84335a785297a2f55df6c324370c9df8b57db61acf480a63173049e24dc3d39decd54a1cccda4609baad39ce493","ssdeep":"","tlshash":"da11c844dc958a79ca6a23521d185428cf7f19e947a3f21d4089f23c2d1ea044fcef9a","first_seen":"2026-02-13T05:49:22.018442Z","last_seen":"2026-02-13T05:49:22.018442Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1898,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1898,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/synr/202411/W020241119247838119051.jpg","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.797Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /synr/202411/W020241119247838119051.jpg HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16570,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 350x277, components 3","md5":"571b0538e818294d05d89b2c48fd5e9a","sha1":"4e0839a55a90c875666a14e13fff16b532367737","sha256":"d62d040c31166dc792dfbd3167ee26ec48516017d84315d06faf6437aab6a1e6","sha512":"78b9f1b03aec036b5b6bb2a35b1b28a20e232e8186af6995637b6f514503bd1a275f30fe24fb5d4e154ac3c25761f035c5a3e885c69bf3843095c86919fc7e41","ssdeep":"384:tiTwkKLSRnEK1W3YC+gH5S3YrYjVJZWXu6wO6R/XR/:tIwkpRv+z+gHE3Y6LvjXf1","tlshash":"d172d0547f9980acdf5483628146d121d1fd4d730b6cbfbf8b14676183a3fb40ea0899","first_seen":"2026-02-13T05:49:22.02151Z","last_seen":"2026-02-13T05:49:22.02151Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1851,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1851,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/synr/202411/W020241119247838563125.jpg","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.799Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /synr/202411/W020241119247838563125.jpg HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10129,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 350x276, components 3","md5":"925e025f8477a4ed483ef99cc8108cb1","sha1":"49d41331c84878f6f0ccc1152bfbfe59b5b232ad","sha256":"211c0be6b0165c700e70b1fd8b858ed28ad4f69da426eacc39131756ef5ac46a","sha512":"4fa47d1b7fd1ee880690b3bacf25c0647d55718c2620480ec21af1757919024d3444f3eb66cd4e48ae13862b2c7dd5bcc739df9e3d057a80346f0200296d1119","ssdeep":"192:L4GuDS3IC2sUu1x8SzezKhg10UNfwLorhIjNSa4HjF:8Gt72sFISG1uUrCka4HjF","tlshash":"b422bf04bf62a0c54bb1e0847d162d6f92d39e006c8b9b71ae60f8b06563e76fc0c4e3","first_seen":"2026-02-13T05:49:22.0227Z","last_seen":"2026-02-13T05:49:22.0227Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1503,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1503,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.king-pco.com/v2/js/app.d6b608d8.js","fqdn":"sadasd.king-pco.com","domain":"king-pco.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:50.119Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/js/app.d6b608d8.js HTTP/1.1\r\nHost: sadasd.king-pco.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bannner-08.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\nserver: Tengine\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: text/html; charset=utf-8\r\nx-tengine-error: denied by IP ACL = blacklist\r\ncache_control: no-cache, no-store\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 3600\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nvia: ens-cache6.nl3[,403004]\r\ntiming-allow-origin: *\r\neagleid: 2ff6309a17709617302212800e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":213,"timings":{"blocked":93,"dns":34,"connect":26,"send":0,"wait":27,"receive":0,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/otf/h4.png.otf","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:52.145Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/otf/h4.png.otf HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bannner-08.cfd/\r\nOrigin: https://bannner-08.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: font/otf\r\ncontent-length: 2976\r\ndate: Fri, 13 Feb 2026 05:48:52 GMT\r\nx-oss-request-id: 698EBB4477B09D3238118B31\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Multipart\r\nx-oss-storage-class: Standard\r\nx-oss-server-time: 10\r\nvia: ens-cache12.l2de4[613,613,304-0,H], ens-cache10.l2de4[615,0], ens-cache10.nl3[626,630,200-0,C], ens-cache1.nl3[633,0]\r\netag: \"D9DA029C25FFC33566A3BBE7F7F519EA-1\"\r\nlast-modified: Mon, 09 Feb 2026 08:36:57 GMT\r\nx-oss-hash-crc64ecma: 12211000741100375803\r\nage: 0\r\nali-swift-global-savetime: 1770961732\r\nx-cache: HIT TCP_MEM_HIT dirn:9:380395430\r\nx-swift-savetime: Fri, 13 Feb 2026 05:48:52 GMT\r\nx-swift-cachetime: 3600\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617321551997e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":2976,"size_decoded":0,"mime_type":"font/otf","magic":"data","md5":"c916c98ab726be50ad848a8a2bcb8f3c","sha1":"339db709496a570c20060dffd1d2ebd7384c944b","sha256":"bfe250accafb70d77c5dcddcc9576eb3fa4e1132f1a109c3209d38a362c0efe6","sha512":"abdc4bc0802e6e263613f73a0626ffb0f84a1ab16c5701c603038321284e7f67de5853a69f2d1458d936165e81dfebec16c95d431fb22da9644768383115421d","ssdeep":"","tlshash":"ab514aae803abbaed82884175e678b556a092cb2778f4015d595e3f2583c4ecd4c5a0b","first_seen":"2025-09-03T16:33:36.529475Z","last_seen":"2026-03-12T08:11:54.06346Z","times_seen":840,"resource_available":false,"data":null}},"time_used":661,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":661,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/images/close_qrcode.jpg","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.806Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /images/close_qrcode.jpg HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:49 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":700,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 12x12, components 3","md5":"b80770ed905991d70ccc9a3a82599b14","sha1":"a745c57f5138d35b1a1ef0e3aeb8e65a980fd228","sha256":"d8514057dcb321c02eb66531b29c05b1fc4092203a3a5c0d5d97c12440cecd25","sha512":"e6479cae3735a913449230a443813c12b0ff3376d1c40f33834fdf98853a83154cf110e0825b8811987a49a39f8ab57091b715ddd83a7153f3fdcf97ffdbf3dd","ssdeep":"","tlshash":"52012d5a5b0b2340df5381bd261a22b3928a89823d607b3129b18aa5c510cf884487a8","first_seen":"2026-02-13T05:49:22.024096Z","last_seen":"2026-02-13T05:49:22.024096Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1324,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1324,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/images/jquery-1.11.3.min.js","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.719Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /images/jquery-1.11.3.min.js HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:48 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":89475,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"12b69d0ae6c6f0c42942ae6da2896e84","sha1":"d2cc8d43ce1c854b1172e42b1209502ad563db83","sha256":"6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f","sha512":"a55f55d56899ab440ef0cae17b28d5cc8f5b9766d1e9bc1a8ac6b89376924b476c1ab0c325497eb5d44af41f4ebf8eea236d87a36902244b8a3eca54994b8711","ssdeep":"1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakV:AYh8eip3huuf6IidlrvakdtQ47GKl","tlshash":"e893f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","first_seen":"2023-03-07T01:02:27Z","last_seen":"2026-04-03T23:29:22.908103Z","times_seen":14627,"resource_available":true,"data":null}},"time_used":422,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":422,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/ywly/xf/202411/W020241111289409874472.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.762Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /ywly/xf/202411/W020241111289409874472.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1407,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 33 x 34, 8-bit/color RGBA, non-interlaced","md5":"e04ac2a7bea3a52e2db9dc1c38a4ea6c","sha1":"a5e5d0349f25a9eb5a09981636afccd4b837c1b0","sha256":"07162e7d087087daf0e4718edd636af0740837d3bc4fc25034045e2f7a42a6fb","sha512":"2420a8252952b10dd8d90e0b63aae7d937100785c1e2490965951f98b8a6a8e7c1361d73a155848e7aac4d54bd250b48ddab040ade4d90dc4bac0a34920ec1db","ssdeep":"","tlshash":"7b210bf5c21ed810428d1fb636119921e7727c8f02556a9d44be035738b8e2d7b58716","first_seen":"2026-02-13T05:49:22.026332Z","last_seen":"2026-02-13T05:49:22.026332Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1717,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1717,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/otf/new_h2_2_bg.png.otf","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:50.860Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/otf/new_h2_2_bg.png.otf HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bannner-08.cfd/\r\nOrigin: https://bannner-08.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: font/otf\r\ncontent-length: 9216\r\ndate: Fri, 13 Feb 2026 05:46:32 GMT\r\nx-oss-request-id: 698EBAB898945C3737133FC2\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Multipart\r\nx-oss-storage-class: Standard\r\nx-oss-server-time: 5\r\nvia: ens-cache21.l2de4[611,611,304-0,H], ens-cache29.l2de4[613,0], ens-cache1.nl3[0,0,200-0,H], ens-cache1.nl3[1,0]\r\netag: \"CBB219A6C688831D1A7B009DC5EC26CF-1\"\r\nlast-modified: Mon, 09 Feb 2026 08:37:06 GMT\r\nx-oss-hash-crc64ecma: 10263721311128828130\r\nage: 138\r\nali-swift-global-savetime: 1770961592\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 13 Feb 2026 05:46:32 GMT\r\nx-swift-cachetime: 3600\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617308698635e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":9216,"size_decoded":0,"mime_type":"font/otf","magic":"data","md5":"4b180ea84ecfb9925de8663011430f8c","sha1":"799c1348f4a0d2493e91709dc6d7965d61bb7b35","sha256":"2e0180f69a72b25cbfba62ef0a0897f9541f7ff5b0c2a7c18bcdfacc208838f6","sha512":"61b1368c748119fb089c81c385fadcd8ee87e4e2e404d6706c44ee61688dae92dcbc6f8f3c253db1680d00db539dc6d3fbcf4313f2e024f43f9e0683a20924a7","ssdeep":"192:ZI1QJrmbSy7pRGYsH84w8AFV8WeeKhUApzy7VXBp9RETnUm6wRqVW9W/rbwRqXBs:ZIWUpMLc4CAheKhU2ypXBCTFb0zbwCBs","tlshash":"a312d0038b4ddc5d5deb96f7bbf394924a17e9c215f708bdc2e89130514018c60a22e3","first_seen":"2025-09-03T16:33:36.550748Z","last_seen":"2026-03-12T08:11:54.074729Z","times_seen":889,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sadasd.dgxmwl56.com/v2/otf/xpj.png.otf","fqdn":"sadasd.dgxmwl56.com","domain":"dgxmwl56.com","tld":"com"},"ip":{"addr":"47.246.48.184","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bannner-08.cfd/sttcs/?channel=88801\u0026ref=","date":"2026-02-13T05:48:51.063Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s0eb4aly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 20:02:35 GMT","end":"Mon, 06 Apr 2026 20:02:34 GMT"},"fingerprint":{"sha1":"EA:3F:EB:50:6B:70:D9:93:31:61:DC:50:9E:D5:F6:5E:BD:80:75:68","sha256":"91:78:E0:F8:93:F9:CE:A1:F5:5B:58:E8:75:30:31:A4:3F:C9:E6:83:10:EF:53:82:CC:A5:06:7E:1A:2A:1A:91"}}},"request":{"raw":"GET /v2/otf/xpj.png.otf HTTP/1.1\r\nHost: sadasd.dgxmwl56.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bannner-08.cfd/\r\nOrigin: https://bannner-08.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Tengine\r\ncontent-type: font/otf\r\ncontent-length: 3728\r\ndate: Fri, 13 Feb 2026 05:46:34 GMT\r\nx-oss-request-id: 698EBABAA7D90C3835A4D83B\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Multipart\r\nx-oss-storage-class: Standard\r\nx-oss-server-time: 7\r\nvia: ens-cache21.l2de4[632,633,304-0,H], ens-cache6.l2de4[634,0], ens-cache2.nl3[0,0,200-0,H], ens-cache1.nl3[1,0]\r\netag: \"24EC20DEF607613060B13416694E1C02-1\"\r\nlast-modified: Mon, 09 Feb 2026 08:37:12 GMT\r\nx-oss-hash-crc64ecma: 3958719860094207122\r\nage: 137\r\nali-swift-global-savetime: 1770961594\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 13 Feb 2026 05:46:34 GMT\r\nx-swift-cachetime: 3600\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309517709617310718871e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":3728,"size_decoded":0,"mime_type":"font/otf","magic":"data","md5":"f4b6b558959771fc485ece1be94915df","sha1":"bab00a57859a67027c6278e884d9409fd4175d0a","sha256":"0709e51d6b1ee93c7cea8fd80a939d2a05c13cd096ba6bd73a5feab771683d59","sha512":"8ccd35e43dc90c59c8278b37ccf5a9e755e16526cf30e1c7e8d97ec18080959d32f05cfe2c3be9ab6151328cf6924541f2b68edb5e05369acf02e20a53714140","ssdeep":"","tlshash":"29715e615e6fc01ed85fa6ee0e454a58706093c57aa55c874316d45c0f7a5f10b8721d","first_seen":"2025-09-03T16:33:36.491393Z","last_seen":"2026-03-12T08:11:54.077138Z","times_seen":880,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"sadasd.dgxmwl56.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.wnsr113.com/ywly/jdsbjk/202411/W020241111290558077076.png","fqdn":"www.wnsr113.com","domain":"wnsr113.com","tld":"com"},"ip":{"addr":"107.163.230.2","port":443,"asn":18978,"as":"ENZUINC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.wnsr113.com/","date":"2026-02-13T05:48:48.763Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.wategoswatermark.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 09:08:44 GMT","end":"Mon, 13 Apr 2026 09:08:43 GMT"},"fingerprint":{"sha1":"12:37:06:10:9C:70:BC:79:14:66:72:84:0C:D4:A7:DE:10:27:C2:35","sha256":"9E:E8:11:A9:F8:4E:6C:E8:77:61:37:30:27:98:2D:94:17:C0:E1:26:CB:06:C8:50:7C:B1:AB:16:C8:09:5C:F6"}}},"request":{"raw":"GET /ywly/jdsbjk/202411/W020241111290558077076.png HTTP/1.1\r\nHost: www.wnsr113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.wnsr113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 05:48:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1611,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 42 x 38, 8-bit/color RGBA, non-interlaced","md5":"d91ad1b864b7b2d5d72f9e10d5e7ed0e","sha1":"52d8c8e5acd4f35e7a61a8170d5a971a209e389e","sha256":"a2d238c708b768cebd036f83d72262f0a922fa0d2d2d56854beb75f8f145a982","sha512":"0779f4edab5d6eacf61b14284cea884957fc66b73b2bee79939d703ba82b593a58f8b1086e52f1aa6eb14ede4de136ecc717436b3acff59c248c9bc64769b005","ssdeep":"","tlshash":"c0310cdf8ea39d6cda7407054490edf3f0b634a24786085d53c88ec2d801d1447bb2d5","first_seen":"2026-02-13T05:49:22.027421Z","last_seen":"2026-02-13T05:49:22.027421Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1890,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1890,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}