{"report_id":"72d36fa2-d449-48de-a89e-27aaab45dda6","version":6,"status":"done","tags":[],"date":"2026-05-11T10:23:23Z","url":{"schema":"http","addr":"h4yvz2.tflixziz.cc/","fqdn":"h4yvz2.tflixziz.cc","domain":"tflixziz.cc","tld":"cc"},"ip":{"addr":"43.228.233.124","port":0,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"final":{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"title":"51吃瓜网 - 吃瓜爆料第一站，全网最快最全的吃瓜平台","dom":{"size":1278,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (1278), with no line terminators","md5":"0e60d99d611111f41a41d8c21dda5299","sha1":"700e167fc158b0b0e328279ee29247eede3dc5c6","sha256":"f0fa8fd12848a5833bbefd4bce6e80a23d2107f39b09fa57ec539a84e7ea3c1d","sha512":"e978c043b4a5fba31d759845a7f17b6acca7ebae3c5624508a7cb7dd4460d0ca571017ade41594610c81b913e0840aec8945e73febfefdd1553037ed64c98dad","ssdeep":"","tlshash":"e62172f74cc1989c8ef694e1b866b8eda103900ecf4bed26dfc11454d6092b648479e8","dom_hash":"domhashf719041d038dffc106ee2f8182fe3d3a","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"h4yvz2.tflixziz.cc/","fqdn":"h4yvz2.tflixziz.cc","domain":"tflixziz.cc","tld":"cc"},"ip":{"addr":"43.228.233.124","port":0,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-15T10:23:23Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":5}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"api-dc-prod-001.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"api-dc-prod-002.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"h4yvz2.tflixziz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"h4yvz2.tflixziz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"h4yvz2.tflixziz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"pic.pqmdsl.cn","ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"domain_registered":"2025-06-18","domain_rank":0,"first_seen":"2026-05-10T10:31:40.893574Z","last_seen":"2026-05-10T10:31:40.893574Z","alert_count":0,"request_count":81,"received_data":19974390,"sent_data":37351,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"api.shenfeng.cc","ip":{"addr":"104.21.4.85","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-11-20","domain_rank":0,"first_seen":"2026-04-17T21:06:52.624123Z","last_seen":"2026-05-08T23:43:21.649216Z","alert_count":0,"request_count":2,"received_data":1730,"sent_data":1009,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www.google.no","ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2001-02-26","domain_rank":92680,"first_seen":"2012-06-26T23:22:08Z","last_seen":"2026-05-10T22:43:43.88618Z","alert_count":0,"request_count":1,"received_data":580,"sent_data":619,"comment":"","tags":null,"fingerprints":null},{"fqdn":"adservercdn.54ads.com","ip":{"addr":"188.240.13.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2010-07-29","domain_rank":0,"first_seen":"2026-05-11T10:23:31.027807Z","last_seen":"2026-05-11T10:23:31.027807Z","alert_count":0,"request_count":1,"received_data":44792,"sent_data":386,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.googletagmanager.com","ip":{"addr":"216.58.201.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-05-10T22:25:41.533246Z","alert_count":0,"request_count":1,"received_data":525217,"sent_data":439,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"dspcdn.54ads.com","ip":{"addr":"188.240.13.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2010-07-29","domain_rank":0,"first_seen":"2026-05-02T20:48:35.22953Z","last_seen":"2026-05-02T20:48:35.22953Z","alert_count":0,"request_count":1,"received_data":1253060,"sent_data":510,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}]},{"fqdn":"code.54ads.com","ip":{"addr":"136.243.69.251","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2010-07-29","domain_rank":0,"first_seen":"2026-03-25T15:57:14.724396Z","last_seen":"2026-05-02T20:48:36.226625Z","alert_count":0,"request_count":2,"received_data":2723,"sent_data":1864,"comment":"","tags":null,"fingerprints":null},{"fqdn":"h4yvz2.crddgkmc.cc","ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":72,"received_data":3429224,"sent_data":35631,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"jQuery:2.2.4","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Parsley.js","description":"Javascript forms validation script.","website":"https://parsleyjs.org","common_platform_enumeration":"","icon":"","categories":["JavaScript libraries"]},{"name":"Clipboard.js","description":"","website":"https://clipboardjs.com/","common_platform_enumeration":"","icon":"Clipboard.js.svg","categories":["JavaScript libraries"]}]},{"fqdn":"stats.54ads.com","ip":{"addr":"136.243.62.212","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2010-07-29","domain_rank":0,"first_seen":"2026-03-25T15:58:30.933552Z","last_seen":"2026-05-02T22:02:03.146971Z","alert_count":0,"request_count":1,"received_data":717,"sent_data":492,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ap.dc-report.cc","ip":{"addr":"54.251.157.140","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"domain_registered":"2025-12-07","domain_rank":0,"first_seen":"2025-12-23T07:41:17.432845Z","last_seen":"2026-05-08T15:25:37.794811Z","alert_count":0,"request_count":2,"received_data":846,"sent_data":1009,"comment":"","tags":null,"fingerprints":null},{"fqdn":"api-dc-prod-001.cyou","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2026-04-23","domain_rank":0,"first_seen":"2026-04-23T19:09:41.772784Z","last_seen":"2026-05-07T19:25:46.467864Z","alert_count":1,"request_count":1,"received_data":0,"sent_data":527,"comment":"","tags":null,"fingerprints":null},{"fqdn":"api-dc-prod-002.cyou","ip":{"addr":"149.104.32.238","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"domain_registered":"2026-04-23","domain_rank":0,"first_seen":"2026-04-23T19:09:41.770165Z","last_seen":"2026-05-07T19:25:45.430994Z","alert_count":2,"request_count":2,"received_data":1018,"sent_data":1019,"comment":"","tags":null,"fingerprints":null},{"fqdn":"region1.analytics.google.com","ip":{"addr":"216.239.34.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22257,"first_seen":"2022-03-17T11:26:33Z","last_seen":"2026-05-10T22:48:16.151621Z","alert_count":0,"request_count":1,"received_data":830,"sent_data":1023,"comment":"","tags":null,"fingerprints":null},{"fqdn":"h4yvz2.tflixziz.cc","ip":{"addr":"43.230.114.210","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"domain_registered":"2025-09-03","domain_rank":0,"first_seen":"2026-05-11T10:23:31.019111Z","last_seen":"2026-05-11T10:23:31.019111Z","alert_count":3,"request_count":1,"received_data":292772,"sent_data":487,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"3c26dfd73eb1b5eb506e8003aa3e671e","sha1":"aff17961c8ecb884d2e7a3c67a8b2e127fee1afb","sha256":"bdfad5879a9baee166056b4c907b7ee22140d65c68ba56bd935106ca192e9286","sha512":"8bc8cfc42bafbeb1bf357e792c01b1cfd0f809c5f2227912d8a71056722eed6c2798c64d357e4cb65922e1f5dc0ca400a7ea397de3b0af3a3db9810e4db2a03f","ssdeep":"","tlshash":"b311f07623594cc24ee4b5d37b8b689d6d246100022ab4b9e946ce91ced9dc4052bff5","size":1099,"data":"","first_seen":"2026-04-16T05:51:18.631183Z","last_seen":"2026-05-11T10:34:25.121351Z","times_seen":514,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d1a7f8805bfaf711f28437f8ab936ca9","sha1":"6f6d4f865195ee84d2cb4349f785ac3e2529decb","sha256":"1c47e66880af5210a71b11dae6f3b7fd15259b6ca025b933604e17850d06d774","sha512":"20aebba0ad67acc54c70b1f7d703fbf3538dabef5b0de519cb75baaadc117eddd3dbb475a669bf0a2b049ed2d54c55110c79c950e1c5ef934947dabc2da0ae60","ssdeep":"","tlshash":"a201241dbae31458b61337389b3f4389787015032428db88f84ce681af60c2594feaf9","size":683,"data":"","first_seen":"2023-03-13T16:33:51Z","last_seen":"2026-05-11T10:59:05.011477Z","times_seen":31657,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"17ef3489fc49f91cb65909deb6a725e5","sha1":"57699807bd282f82ba755fd72d9a6e74110041a3","sha256":"08563bd3e7d4836939aedfc1b4d18b09a8ff5d0cf96439dece4fe2c23e5edc62","sha512":"bf8df3efcc4ff4421fe617360f8791c3f5fb953d4e2d326e39beadcacbdddc7145b62633d4aad546ae10366672fe4767bd932d84d11e43962fbe30e3845fe304","ssdeep":"","tlshash":"0fc02b8c210e0c7041fb2b40cbbfbe04b0423314d4e26d33891923445d30f13d744c10","size":153,"data":"","first_seen":"2024-05-29T22:00:38Z","last_seen":"2026-05-11T10:34:25.122968Z","times_seen":9384,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"00512f7fff683f8661a4e1276423c8e1","sha1":"eae81307615a61a5b21bc823ef367c4c4b9401d3","sha256":"7ee3ec8dec0c3feb5e2176077de51c8b85c25d72ce470b1f7fc5dd3013e99f1f","sha512":"858f14d4d505e697d6f8e28d73509f0bea912cb8f1130e3117c39527e37931362bd331f5d5565404d78610ebea8003c8388cf7099827593e3b11c75972d2ddb9","ssdeep":"","tlshash":"b941246a4906922566441078ad0fe74137ca932bbc4cf701f2ecda087f6ea2de4b5ce4","size":2082,"data":"","first_seen":"2026-05-10T08:32:47.970077Z","last_seen":"2026-05-11T10:34:25.123659Z","times_seen":36,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"e50ebfcefd6cb362885dc70437b0b101","sha1":"e6e5d4b64aac6e38387e236b4b02315fe29fab79","sha256":"f1f9bf4ad7f37b1525d117e49369dc6d7116efca1c61f2de3c9b2b837bad2d2b","sha512":"0ff4be125d40b9d058327b4a9878a0a340609b5bfddf9134d12f57e8efa05b2ce3625f97ea0c16e574b3fef4602d377552a5bb5c1e2ec49a66a1b96f3b70d7d6","ssdeep":"","tlshash":"cbc0929c80e3e080a55a2229729e838929f2800b2a96e72bbe1c81486f0059e45385b0","size":144,"data":"","first_seen":"2023-03-08T09:43:22Z","last_seen":"2026-05-11T10:59:05.013171Z","times_seen":31622,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"b6de2fbcc7c834ed50e2f1873c53e4bf","sha1":"fd1d138a7d9d30684557a3664a258d8afa0458ce","sha256":"a8d080afbdb9d28572091a90097ded0beddff3cd784d1c3a9f6536a07c9cbebc","sha512":"8fb29c65e7ed7a437c4afc152cd73019dad0323b62bff02b9c66cc29fa8ecf1d22cb316077e3c77387b73fce7e2321b43699d4a9f2af5946192588c76162d668","ssdeep":"","tlshash":"390176fb78a267b04bbbb03e33ffd345393560031801d9527d0c48a06fa4ea4202aac9","size":751,"data":"","first_seen":"2026-03-04T08:58:20.595878Z","last_seen":"2026-05-11T10:34:25.125082Z","times_seen":9611,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/js/7.10.0/swiper-bundle.min.js?v=1","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f9cadf6d58ee7c472ec17cc71a5cbe09","sha1":"1ff2760a4dbbcb6c9b5b7b5d614041f5ec0f9646","sha256":"ca14261d766828dfc9120faacc847fbafc086fb2948c5e219ac989403ba8ba2b","sha512":"f0fc4bef7db4a44d983ce101de96da366b94a0fd17d5fc8f721713f66f98cce0b602f570aa3134766d5501c86fd4f307bd31d0852b892e99d346a49f69980b4f","ssdeep":"3072:QJVnjuHkOVtuD6poy9v8cnWDkwV4y+6GEcTYEfBxK/Mxz:QJVniHkOVtuD6pl9v8cnWDpV4y+6GTcs","tlshash":"e6d3f8997320b1a552e3268b92a9c611e3b51400b409c4e871bd4c9b6d7e99c13ffffe","size":140474,"data":"","first_seen":"2023-03-09T03:55:40Z","last_seen":"2026-05-11T10:34:25.026277Z","times_seen":21453,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"ab2bcd63fc80d89c823d8815c5f01f59","sha1":"a1ceb22ff604efcbd264d6edef9dc3bb3ea8f52b","sha256":"abecb9bd9743e60dec11eef7f4e0c9bc7075216816e5aad1264247ed87336a6c","sha512":"ed51da49aa702d521d96da1ae1c90fac7f6f28c43859ed639ed2482bee284f90239f2b8de8c2d16ba743fcea6cf839818a3c448e2ba7ec44145035f6627d6317","ssdeep":"192:UDKhafGfAG/QN8QgVa5yvpLkq4mDycdJH06y7zN/0ov/JbVhZ8WRqh9fd5gMlpJv:Uehm1ERBzW0b9px","tlshash":"d4321e0c9ef3546da123703e5b7f5248727981035208cf153e5ce290af61976aaf6bf8","size":11906,"data":"","first_seen":"2026-03-13T10:31:56.759888Z","last_seen":"2026-05-11T10:34:25.126344Z","times_seen":9264,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"0f644ded6bfc5d620f0c03a6978e7921","sha1":"3b83566660b779a041666866b7c81a28959ff40a","sha256":"003ca60c4cf5c0c65a3a2349a9ec7031584bbfb841829c5802b07bce41bcda61","sha512":"bf86cd65413307310fa5915f31d655c5630128345318effaba6d91f1b534fba5dd8b7cdcff7bba38781544fef2b36182ccf52b6dedde1b5713464606b318e023","ssdeep":"","tlshash":"5bf05005d0d386ebd9bb3b1216c74b843ba2698b7ec67f22719cd7499f004ec5478ac0","size":607,"data":"","first_seen":"2023-03-08T09:43:22Z","last_seen":"2026-05-11T10:59:05.014682Z","times_seen":31005,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/plugins/tbxw/js/zzz.js","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"78dab9fcf576de8cba46edd716dd2309","sha1":"7113abe41f95159f9bfccf70d01bdda1055af2ad","sha256":"7c66d6c8e2c470780513a282b66e2b5b7429ed863d6a0ecd6054b38dcda004b5","sha512":"dbb858875e532b475f827c930c154cac09e9a952b20053a0f7e1b34a050100a0a3a41f8aabeeab4af2dd90082363fe3ced3a5957f7250a4918d305b49655e040","ssdeep":"768:J1Z4iiyfiD78x6l42SWRV4HC0o10LEnM9OT81agZnEpn6ZFCsUleZ:vZYDc6lXJd1mZpZEdq","tlshash":"da331bc5a19c609153a774d50d7f704bb4637526170d89acf228e8eeecfcaea9039d38","size":50811,"data":"","first_seen":"2023-03-13T16:33:51Z","last_seen":"2026-05-11T10:59:04.994832Z","times_seen":33059,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"ffc4769935e3514ee9aa9715af7d464d","sha1":"f59bb56f382dd3515670cb12ca673c05fda86304","sha256":"79859b6742ed15bf297d299b30e85e2a5c08e91ba28dcdafafaaea484256db1d","sha512":"b744a2ea82e0af4957f2dff5cb60654a041b927dfd5af0fa326603c346c908bdeebe1a2bb6a38646bc62d213cbddd086613022c8d478abf55f72149b589587c6","ssdeep":"","tlshash":"5dc02b03332de05d28a4b00569c5854f7044098f04c463033bcc45d5cf0c77f160a210","size":168,"data":"","first_seen":"2026-05-10T10:31:52.57591Z","last_seen":"2026-05-11T10:34:25.12761Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"36c5b99772d821752789e963ed9a3023","sha1":"602e8f9dca590d4922a2905a000dd0ff649574d8","sha256":"5f4794b8ef7384a1ba2983d8e1765f152d17a43dc479c4369903ce50b7c82e70","sha512":"bc1ddb43c233e304b61677916cffb54fa84b1eb41584f00fc05fc8d200092fdbcbd6b147bbeeaf9bb378bf2def24525fbe150ed36a64d50479e5fd6c08a64e72","ssdeep":"","tlshash":"0f1168cdc853067c166b0acb1ee306c82352a58be446c22732edd74e9fc42d458397c0","size":966,"data":"","first_seen":"2023-03-08T09:43:22Z","last_seen":"2026-05-11T10:59:05.015973Z","times_seen":29024,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"195f5a2f3c5d7c190b6c0b0ffaa27505","sha1":"d975f0b22fc5665190e11cb5e77f76690d27bef3","sha256":"d650be4c86383fe2863d53f86fb123fd7441ecab55dfb96b95bb0331a41bf068","sha512":"424133ff9c7eaaf2daeb98bd154e389451367a7a0e565bac9dc134d9737a23909230ad2323ea88b44777eba5cc1dc1af8a8900e6956234c46dad1783845fd45f","ssdeep":"","tlshash":"efd08c308771f420c42b0947e733138a30c2420b5644c00bf36ce48c2f18e823aa84f2","size":243,"data":"","first_seen":"2025-07-04T14:08:19.000209Z","last_seen":"2026-05-11T10:34:25.129515Z","times_seen":21965,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"c430759ada1e4d4aa09251a54cdd256c","sha1":"1e0b4e3954cf567335df57848ce9be405edbc5b9","sha256":"52b54c3ca08caac4a9f3fb8120f45d880b5fbf695c6d2a6a8c356c9e3ef77879","sha512":"64983ed52ed91b778c499e1c299565ee2b0edf700e6821beede4165f003c45d02cfb728cb35fad3b3390963f2517d3ed6c395654ba354ab012f9169c9d1cb05e","ssdeep":"","tlshash":"ede026126f303031e616808f91a512c26cd0035b6a45e892301dd0459fc0856549ace4","size":399,"data":"","first_seen":"2026-03-26T09:29:39.001408Z","last_seen":"2026-05-11T10:34:25.130181Z","times_seen":8201,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"4deecbff65bd8c89b2967a463389eaac","sha1":"ab8255fee6d1a26b1588789ef72ad0d317418af1","sha256":"746a361262d93f53af876f96ca2ea15d22d7ea93a427217a597c8f19c065790a","sha512":"113b04839a083f6bd16eaa0eabbbf41bb00e094d0e8036a7bd30a1f2138d8f27b67101dfbf934282f21bb920ca443752a138d83caa2bae12d37d3c6575858dc3","ssdeep":"","tlshash":"8ff0c2318a24847ac53f528b61f687cbac91250f3c06740e336c0b881fdceee22a2861","size":560,"data":"","first_seen":"2026-05-10T10:31:52.581298Z","last_seen":"2026-05-11T10:23:44.264146Z","times_seen":39,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"fa51644289ece745863c0a1277ec26a1","sha1":"eb424160e7ba8d10d02bdcf2393caa4e8ef10499","sha256":"6def86852803ad0edce1a43559c4cfeefe8769df5d27f90bdb5b96b2ae193616","sha512":"be542af5915e81583691c5ad01aba0b1f2129d02d144eec77d70009f835cde0c9ded970502fe2ff842f804236a791339eedddf909ee635ce407514dcabf6eee2","ssdeep":"","tlshash":"f3f0c2b11a2884bd412f428b49ea97cabca1144b6c09720a33ad07882f5ce6f0762961","size":560,"data":"","first_seen":"2026-05-10T10:31:52.583875Z","last_seen":"2026-05-11T10:34:25.132705Z","times_seen":40,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/js/7.10.0/mirages.main.min.js?v=20251215","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3e74f28be5c8473ddd3eb46a9a34adf9","sha1":"d0105607fcc8d0b77e928a5fa96403d9ee31d334","sha256":"d48a8141b043e7d566d7a28367cca55f4e6e0169a841e05a1454ce4a464d4b69","sha512":"bee300cf41b00c82629eb482a3f3458adf9bd4461b62f3dea85a07dd1d823dc4153029c2bc80917e437945629ebb5e286120b7b599fb56d60c2c17a2bd03c23e","ssdeep":"","tlshash":"dd11ab0865d6a995b753f039cbdf9846b135882b21ccdd04784ce3e49f2183947b5e8c","size":1000,"data":"","first_seen":"2025-04-07T09:38:32.671167Z","last_seen":"2026-05-11T10:23:44.265862Z","times_seen":2871,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"624339b2ce7b028addc157486837e17f","sha1":"3f20af5327958fe6e21c9f81c37bd867e12cff89","sha256":"ae4278300c85f12efb3180de8d6e4b002a7b41f0298812d45789944a7ae5cb57","sha512":"2a5f2d22e8c9fa326be84253766507c8f35efc812ec427ebbefd4e2ab398248eabfd9bdcd539c05b434c43ed285bebdb7da32b14deba9be6ff1f220f5c82c66f","ssdeep":"","tlshash":"86f026e1662584bd604ac2cb587607c68c91380f2800b00e335c07884f88eeed630892","size":586,"data":"","first_seen":"2026-05-10T10:31:52.586151Z","last_seen":"2026-05-11T10:34:25.133377Z","times_seen":39,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7e6fddba7f196cddbb3537cf85df890b","sha1":"ebd23e34de514c7f1501ab1ea01a45da9ab8af3c","sha256":"44e08e0acede110c0490bb144aa8e2b6c4aa58c44db433c098be55e5c7fbc348","sha512":"a7e9b20571dc2bbbcc035ec9567e2b6af7c0723fa031ceb9df380e166db9cf8e5fd61aa397a45c76a99a59df68602cb9d77bdbac898121188ccb9dd86b061d93","ssdeep":"","tlshash":"acf0c2314e25883d8217868745a6f7cabca2140b3c09604a332c17a81f8ce6e03b2c61","size":560,"data":"","first_seen":"2026-05-10T10:31:52.589206Z","last_seen":"2026-05-11T10:34:25.134052Z","times_seen":39,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"b5f347b4e85235d5607c5ead2e4e8a22","sha1":"af5c83a311a93f001214bc6b425e807325ea983e","sha256":"56ca6cd34c3628ae96bd0844e1b5c4bac1cd880ce2f6490d27b5bc9927b6432e","sha512":"5dda59ce5ccc8eddb1d01cfb675c5a423ec059823f873ff501a2dec8bd9a3d2490e7ec029aa900ba529e242e7ac9a5a23c45077ff6147061f1ccc10f629e119f","ssdeep":"","tlshash":"5bf086625665c0be459783cb69ae47cbdc51280f2805704e735c0b885fcce7ed531566","size":586,"data":"","first_seen":"2026-05-10T10:31:52.59118Z","last_seen":"2026-05-11T10:34:25.134689Z","times_seen":39,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"8d8943f97c270a9f1beb191964239c22","sha1":"dcc255a36ed3cf5e9fc6d5a41447f940ec86132e","sha256":"9213a31b7590df63a60ebc0cb812cfa61f4b60965c0871866f1e93119579a2be","sha512":"1ba23acc313d2509cfc8d6a11352bbc23e6371adeb6cd9ab77b5d7728f35516a121cf220dc24c0ee75137c0982c86eda7da4d90371f954bfa7dac23a9b804c95","ssdeep":"","tlshash":"c5f0cd710916847b4107428771e5dbc9bc6119173c09700633ac17941f5ce6e56a1c65","size":560,"data":"","first_seen":"2026-05-10T10:31:52.5934Z","last_seen":"2026-05-11T10:34:25.135322Z","times_seen":39,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/js/7.10.0/index.js?v=2","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"eb453de4d0aa150fc7aeca37d503ed17","sha1":"ebeffdc810fc83601f1a5a190055271b3d091927","sha256":"09acedf483ef711119ca9d2aa8260575fad2a7791aa90c1c1f5133590a403afd","sha512":"fc1be9d0abdb35fc05f5e349f7b0edf6f29a1c2c7f87e46efea25b1bd59d04864d9c22c6008d7d42aef5a7bc06ce85d626aa2f9574088d4b7a018f3094cd5e0d","ssdeep":"","tlshash":"d1712e9930f320b04bb7a47d2babe5083121045b510acd18bd5c43859faca38a9f6bde","size":3514,"data":"","first_seen":"2026-04-15T07:12:26.118176Z","last_seen":"2026-05-11T10:34:24.967515Z","times_seen":1497,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"3b15119f341a1fae82906d9dc206f710","sha1":"ade42df3ef5d184117e421108ab6201b063aec23","sha256":"a95f525e9eaf14529e098933ed523bb9669b07f833a99d19b21f61c086ddf9fe","sha512":"264bb153a51ae24a9f2a97aeabb225eca32dd19f7118e898fc2d6cece57c4e83addabb8a9b95e1ab9e8996da90ea3086bc93ff1b017ebe678021f46aa190c8fa","ssdeep":"","tlshash":"e3f026350768c43d1a4682d791b14bc6a8922a0f2805b00a372c078c4f48e7e1260855","size":586,"data":"","first_seen":"2026-05-10T10:31:52.596169Z","last_seen":"2026-05-11T10:34:25.136819Z","times_seen":39,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"badc97a73e1f39677cd2d43fb29c758a","sha1":"587abfabd60cc3ab5afdf4a1f043456abbd1a7c5","sha256":"3170368b603f01db270a591b14a1dc283af7b22fe84249c468af621e6c3628e9","sha512":"798fe17a942ff7c9ce6147e5399b22315ec9dd955c1f4c8bee59c7549d29782d87414dba092b8fa2bb1829274249d7e79c3d76ffe05fb382d75a7c9a867a405c","ssdeep":"","tlshash":"81f0c2320e24803a410b528741b2e7cabca2340b6c49680f331c17a81f4ceae2262d62","size":560,"data":"","first_seen":"2026-05-10T10:31:52.597867Z","last_seen":"2026-05-11T10:23:44.270734Z","times_seen":38,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/static/jquery/2.2.4/jquery.min.js","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2f6b11a7e914718e0290410e85366fe9","sha1":"69bb69e25ca7d5ef0935317584e6153f3fd9a88c","sha256":"05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e","sha512":"0d40bccaa59fedecf7243d63b33c42592541d0330fefc78ec81a4c6b9689922d5b211011ca4be23ae22621cce4c658f52a1552c92d7ac3615241eb640f8514db","ssdeep":"1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2","tlshash":"1e83c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","size":85578,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-05-11T11:33:13.440139Z","times_seen":278059,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"1c530e878deb63d253d3bf2ac9bb9833","sha1":"2ca49da497e606daca37c82644cec3cdc9df4d32","sha256":"84788532e563440984a03d8ee402595e02b2d5fdd18b84ee8f442713efc68b76","sha512":"9d07d4a960345f39d77527ebf527c8783ca3b112e4b4051d01a826d71956188e6d1564056286af0be5ad21ca788e82dd2113668caa6699e2aaddfab39c4f1da4","ssdeep":"","tlshash":"ebf08666476580ba485782cb69aa47cf9c91290f7805700e335c07885fcce6ed131556","size":586,"data":"","first_seen":"2026-05-11T10:23:44.271539Z","last_seen":"2026-05-11T10:23:44.271539Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"fb6f987da7606a38c06a1892ee7bc99c","sha1":"1c898945e522c4a8d069a63b508a19c719360e8e","sha256":"3d387bb6a959beff9d312364fbaeead63a02846ca8ef7cbd251cf52b68656fc7","sha512":"7cd2a8070764a87da2bc63debdd3d9e505bb6356abb3c721838060173e49ae15e495e922d34ff6ba3cfbac22ded2c8a4fcfe3e1310c44eb9bace9a5d13fefdcf","ssdeep":"","tlshash":"ecf0c2258e29803d952b8a8751e2d7cabc92148b3c0aa00e336c07e85f4ce6f5372c65","size":560,"data":"","first_seen":"2026-05-11T06:12:50.911426Z","last_seen":"2026-05-11T10:23:44.273816Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"9e4e14c7956cd6bfb4aa35b14d4591ec","sha1":"b72a32af57cb26acd2250ff773ed80c73253a7ad","sha256":"e06035aebfbda64c9766811daf4c8905c310ec2287a60695ea55691695d8c282","sha512":"a4f0900660122dcdc45c18c3aee191959adfc090e0fdd24a59f21a254136e4e4cb1f728da9ceb645692068c94ce8cffdb66803c705aa69c0efd4185ae0ab2ba7","ssdeep":"","tlshash":"d4f0cd31562580bd455793cbb5a647c69ce5284f6c05b04f332c0b885fccefed2b1a51","size":586,"data":"","first_seen":"2026-05-10T10:31:52.603499Z","last_seen":"2026-05-11T10:23:44.274718Z","times_seen":37,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"542d3f3b3d0021c5defb0e46a5ccff2f","sha1":"dcdfc386249fd1dae4687ac02774d2ef9126608b","sha256":"82137136caa7e40b849d8fe54e1965d25a64bc8f3d05cccbfbf6c161fa37de08","sha512":"e03a8200091204fb9e7bca01e2fa5efa9da966e8bc41c54555cecaee38e7c2b4579cb8bad7093e4814b89b5bfe12a219ddf22e4f69176c0f8730aa923aefa3c3","ssdeep":"","tlshash":"63f0c2714e25843e712b428761f9d7caacb6150b3c09a00a332c17981f4ce7f47a2c61","size":560,"data":"","first_seen":"2026-05-10T10:31:52.606652Z","last_seen":"2026-05-11T10:23:44.276264Z","times_seen":37,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"pic.pqmdsl.cn/upload/xiao/20231026/2023102620184263484.png","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.303Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /upload/xiao/20231026/2023102620184263484.png HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 29 Dec 2023 10:47:00 GMT\r\nEtag: \"946b371c92f41dbca23c565c90e21f03\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 25 Jul 2025 14:05:37 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 76602\r\nContent-Length: 688\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 8544334266168017504\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":688,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"946b371c92f41dbca23c565c90e21f03","sha1":"a6a99ac271f1bc2b2589ffd9811dc10b6079e927","sha256":"9f48835d6b4ad4d6310dfb1b45049caafd7517008223e12b7003cf06080e4ad3","sha512":"af96d4ec2af6ad354f58d1319b35c30d9eab05e2988f5569223cfaed1cb0b06f1893255d459963aeaf89a0f4728b505715f31c1baef587935420edc3eebfd1da","ssdeep":"","tlshash":"f40144f482df411d82a8de89623063e4320e98063761c351f522d9f41d602b7444aff4","first_seen":"2023-11-12T15:49:18Z","last_seen":"2026-05-11T10:34:24.979558Z","times_seen":23478,"resource_available":false,"data":null}},"time_used":1087,"timings":{"blocked":1066,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/images/popup_default.png?v=2","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:23:00.881Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/images/popup_default.png?v=2 HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _ga_P6HKH41365=GS2.1.s1778494980$o1$g0$t1778494980$j60$l0$h1428737922; _ga=GA1.1.1636593283.1778494980\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 7206\r\ndate: Mon, 11 May 2026 10:07:55 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Wed, 15 Apr 2026 04:01:46 GMT\r\netag: \"69df0daa-1d5c\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: SSHiTicbpMjXgbyltP2QHC1yQhMLMUKUdKH0Hk_TmEOQDFn2yiR0lg==\r\nage: 905\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7516,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1220 x 1360, 2-bit colormap, non-interlaced","md5":"ff1018f02a790b0f6c22b01433633e5a","sha1":"95b327c3b53043e72602314b9a3d8d4557d50432","sha256":"8c106a91bced58c6b6702d2d56ed6342f294c3b501d69ed67b9c0295188b2d76","sha512":"867fdfd024c15e874d432e71e7c29d7cb14c31a975880d72e9e73af7da8123798fdeccd7e4218138777ea735f5e1f1c061272f36674b76a6fc671c872b1c949e","ssdeep":"192:Ko6oBAbALudpYNo0MiD+87TeqsUNvZgXz1jxUQi:O3pY60pD+8mq7fkE","tlshash":"71f19df554a6593ceebf02b81c1517e3de2e8313ec53b606aa90d24bca71fce11185e2","first_seen":"2026-04-15T07:12:26.080415Z","last_seen":"2026-05-11T10:34:24.989569Z","times_seen":1410,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/js/7.10.0/index.js?v=2","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.613Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/js/7.10.0/index.js?v=2 HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 1360\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Wed, 15 Apr 2026 02:53:14 GMT\r\netag: \"69defd9a-dba\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: xqZ21mMmgzw7hSnom68HUCigFd478oZydDYMVOJxQTvGDBlx_Lzg_g==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":3514,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"eb453de4d0aa150fc7aeca37d503ed17","sha1":"ebeffdc810fc83601f1a5a190055271b3d091927","sha256":"09acedf483ef711119ca9d2aa8260575fad2a7791aa90c1c1f5133590a403afd","sha512":"fc1be9d0abdb35fc05f5e349f7b0edf6f29a1c2c7f87e46efea25b1bd59d04864d9c22c6008d7d42aef5a7bc06ce85d626aa2f9574088d4b7a018f3094cd5e0d","ssdeep":"","tlshash":"d1712e9930f320b04bb7a47d2babe5083121045b510acd18bd5c43859faca38a9f6bde","first_seen":"2026-04-15T07:12:26.118176Z","last_seen":"2026-05-11T10:34:24.967515Z","times_seen":1497,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages//images/logo-2.png?v=1","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.639Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages//images/logo-2.png?v=1 HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 37360\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Fri, 10 Apr 2026 02:21:44 GMT\r\netag: \"69d85eb8-91ec\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: bGBo37uczjZFSv_fbc5NnjyHwXjlcbZbWTFExOGgIaVxl-LS8iNtQw==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":37356,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 260 x 80, 8-bit/color RGBA, non-interlaced","md5":"58e4aeb5c8a2c2b803d40a7e72b952d9","sha1":"5ca98ad019e741eda326feccffdc99622cfc1a83","sha256":"50d767bcb329515a617f0e5ae57f10d9e18e68e96d828ab26d8718011eb0e196","sha512":"588241567592c1126ee0bfea947411b3da41d44eb3095386247ae7ed4f36f9e15ad08b5d2b86cd1b483c44914e2cb28c604c30dc197591c3b2233e14118dfdd1","ssdeep":"768:AlU492+h646Uc3jM/0MiYyU9sZ2qz+XKcPVBBC8hNO:AlD2j4EBJU9sME+6cjwd","tlshash":"84f2f18a056283be4fdd18dbdec23f8c3eda09e5dd2ef12d4994444d576cb8350ae294","first_seen":"2026-04-10T03:52:30.156352Z","last_seen":"2026-05-11T10:34:24.955128Z","times_seen":1939,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/images/zw.png","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.648Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/images/zw.png HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 955\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Fri, 10 Apr 2026 02:20:57 GMT\r\netag: \"69d85e89-3b7\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: bptPjCmbT4DtpSqaKRawQ38oC1PgztPxp8oPbjSfX-JRn2FJL6vPeA==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":951,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 112 x 112, 4-bit colormap, non-interlaced","md5":"66058c44f8ec86ae8afe2b26fa5afe77","sha1":"11e33bf76694e2d3549c49406f41b767590c61f2","sha256":"ecbd34c21cc7580e6367269236c3c6d79d292925adfe6992bc7591f3778b8679","sha512":"1f879cdd609a33fe4541ec7ff7170b8fe3d60c32e85b372915dff43a36ce70eb73437ff770a3accb7f4fb7aa6c5c94a4f08257033361520423f4719e75cbfe12","ssdeep":"","tlshash":"4d11c8816730a5360a484c77c251b8b4ce32668a3331a142b34f9c0ff8b6c31466ab37","first_seen":"2026-04-10T03:52:30.245251Z","last_seen":"2026-05-11T10:34:24.961508Z","times_seen":1928,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/plugins/AiSuite/assets/common/image.0821.js","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.672Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/plugins/AiSuite/assets/common/image.0821.js HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 48012\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Mon, 17 Nov 2025 09:30:40 GMT\r\netag: \"691aeb40-4b5b1\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: dZlfr0Y7Y9EFkTv3YpAVrwD6kpS5241w_HrjrmpGiWGS0iuPFYrF2Q==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":308657,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3229)","md5":"5e58c86a740cd6c1821106b20c0c7f48","sha1":"88ee6c584e88c228fa8d67d969d853c0aeb95ada","sha256":"9fead600c0800d0a226d684f2604f4c6f1eaf3528b2357fdac942d450538a442","sha512":"1b907e01624056461d591abaca6780eb3e33a23c0da393ad369e27895b3e09984922c68e8b536ce4794499c70aab341047d9529737c8a3afc4a3df5e00b5979d","ssdeep":"3072:LPP0McCvleCNzRxnnpa9PYetJYRw0qvl+itTRRnnpa9v4+tJ4xQU/9Au:LPP0LypY06pYU/l","tlshash":"1564104a9fe31194f513b43c6b3f6805a1e6b0275ad9dc0e791ca9e0cf29428c579bec","first_seen":"2025-11-08T04:26:01.795335Z","last_seen":"2026-05-11T10:59:04.999985Z","times_seen":24140,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/js/7.10.0/fp.min.js","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.690Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/js/7.10.0/fp.min.js HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 18948\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Sat, 18 Apr 2026 04:14:03 GMT\r\netag: \"69e3050b-991c\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: iu7AYD8q-oEEJxRIL7-qUd868nVmQsHBJRPmkF49rOb9wbaRy6UNjA==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":39196,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (38663)","md5":"77e1af2a8f9e72161e3150ffb423cefa","sha1":"0fa12e154ddc02b527cf02a211ccc037ab95572a","sha256":"dc5806b620f7aa86336a5cf2168465b56c715f7fed2d8baefb90c252ced0f3d5","sha512":"a5c032301f6d77f89f228d45aa2145d17c939227072361ca685462c64262e3ed76a3644aa8073deac403cac3b4895fe4af7e30de4112773f8c3e95af39637ffa","ssdeep":"384:zxcveZQQET0RFqpexXD+9vwKfeHSMRw5+pCqNFaiE8E0QIQfJxf0fo7Qzzf2dmZt:aZQqpetsgkc9NwlJxfwPzUFLq","tlshash":"480305c8b2c3b06d127368b9453f6046b23a7d55746d8842c623e1957ca9e2e913bfec","first_seen":"2025-05-03T14:32:44.139412Z","last_seen":"2026-05-11T10:59:04.979664Z","times_seen":2606,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2026-05-10/996b4a09395218792b14eb6759cd8901.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.096Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-05-10/996b4a09395218792b14eb6759cd8901.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sun, 10 May 2026 02:30:20 GMT\r\nEtag: \"f872d547467c0da3a8741a249867dca1\"\r\nContent-Type: binary/octet-stream\r\nDate: Sun, 10 May 2026 02:30:20 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 542\r\nContent-Length: 169600\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 2460048404429063806\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":169600,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"f872d547467c0da3a8741a249867dca1","sha1":"f512ee2ccfa0fc19f398d98feb30f6ec7de5495d","sha256":"dd5b188abe495a80a26d590e2c56eca7169a45f1a38f74c3d14e0a65a1d6950b","sha512":"75cec63f31ca8d19792872bacd10acc6a1a076218542f4732b69ab5e92792d48903d87d69671b6d940f50b1bd678d3d2ada3f3db1614a5328cee31505f31e8cb","ssdeep":"3072:s5CPfNn17yr8/e/YANXU/22yWV4TlXuOtZ1Sz3kQgmosSpGqWzmCsFEQPl4yynPJ:nyr+efJka1SvgtTpGqgmNECgnPJ","tlshash":"91f312cea21c948e6dd0d391dcdea4243d37884b1aa3a3dc669db93b71622047dd0b93","first_seen":"2026-05-10T03:00:06.977419Z","last_seen":"2026-05-11T10:34:24.977833Z","times_seen":67,"resource_available":false,"data":null}},"time_used":769,"timings":{"blocked":750,"dns":0,"connect":0,"send":0,"wait":15,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2026-05-10/d242cef48eea664fd3c3a7be334c6421.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.121Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-05-10/d242cef48eea664fd3c3a7be334c6421.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sun, 10 May 2026 12:12:24 GMT\r\nEtag: \"3fb0753fdaa56d5a664f57f70601102a\"\r\nContent-Type: binary/octet-stream\r\nDate: Sun, 10 May 2026 12:17:02 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Miss from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nContent-Length: 660944\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 3390468292891023243\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":660944,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"3fb0753fdaa56d5a664f57f70601102a","sha1":"6aa82786a4d72147619fdd2f340730f6530f0793","sha256":"02c7c0b60b573a5b6a418a97252613bcea2c34dab99453fb62de0a94ce9bb1e2","sha512":"b4044d94d979c1dc6407bc90036f5e3f31ec250f20be533ebfedb2edc81f9dd75bc52bf5a0d0089ffb24f0c4d30ff34475792e8f51e6c5656175fb210640f3e5","ssdeep":"12288:wB8r14dE8Oir0QoSN3DteFFVVrpuo8RCw1cXK46ceYDEakuGJ6YsFIVbFA:wmqdRSrS1Je4oG0KtaDEakVA4W","tlshash":"0be4231f4b285b9bd8ca3b27008406b95d40d257b2a55de3b7f6c3bbf7188e7a005876","first_seen":"2026-05-10T13:56:52.330135Z","last_seen":"2026-05-11T10:34:25.104403Z","times_seen":42,"resource_available":false,"data":null}},"time_used":911,"timings":{"blocked":856,"dns":0,"connect":0,"send":0,"wait":21,"receive":34,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2026-05-11/8e6168b41704daf066e1db1a762213f2.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-05-11/8e6168b41704daf066e1db1a762213f2.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 11 May 2026 09:39:41 GMT\r\nEtag: \"255fe99d916a60b562fa26875c82463e\"\r\nContent-Type: binary/octet-stream\r\nDate: Mon, 11 May 2026 09:39:41 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 44\r\nContent-Length: 410352\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 11974539870051504704\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":410352,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"255fe99d916a60b562fa26875c82463e","sha1":"e8e81d051f5d86d86ec97710eb13a82164cbd869","sha256":"110b44bb786c60ba3ecee213abebdcef538c15866d4d44fef2d6714c39c07293","sha512":"4575f1bc59397ab8b926338c4963791e8d0f5e1313652d72b60dfe1a4f8ea65b07e8dc1ff5cc66b048c61e7727ea6bd53932c72dc6373e0834e093ebb2a45ed9","ssdeep":"6144:XEwUZBtB9yJhDtU1jRQYkG1V2RjtY4XZ5Z2HzJL4Bma9pxYsV5jVb:0xR0Jhu1jR7ihZjOLYP9R3jZ","tlshash":"b8942321746acc28689bcdafa8e3f7c1e50ba2476146246edfff978b36255903d14433","first_seen":"2026-05-11T10:23:44.026267Z","last_seen":"2026-05-11T10:34:24.941977Z","times_seen":2,"resource_available":false,"data":null}},"time_used":950,"timings":{"blocked":913,"dns":0,"connect":0,"send":0,"wait":25,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/plugins/AiSuite/assets/common/index-ai.css?v=20251210","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.595Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/plugins/AiSuite/assets/common/index-ai.css?v=20251210 HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-length: 3690\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Thu, 26 Mar 2026 08:53:44 GMT\r\netag: \"69c4f418-2c41\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: M7xhiZtt_t_2qf9RORJbc0ezmTbLOZCLve-l3hcZOZl-crYvKinJkQ==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11329,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"e589c31b3d44df7a1333b54148e77ec9","sha1":"1eb26afcad71481d3a775c26848099f21a0fa89e","sha256":"74cd118c7b61b20948fabd0bb6ea2239b7e1ea5ea055b7008ea45d825624d164","sha512":"92281528b0c09ff5bd60aa456bb918d18079a40ad9c3308294ee7943088e61489a870f163619c1c3188c3620938960699292d4845c365292b78a0e4114b6c05c","ssdeep":"192:8nfAMTN/pMlr7BwFbuA+ZmVckg5plXrcOY:8f9Vbuvm+kgJW","tlshash":"f432a610e25f385b761b80b8badcebc4272c2404bf049fa8b56579b2478e3d514b37e2","first_seen":"2026-03-26T09:29:38.87734Z","last_seen":"2026-05-11T10:34:25.111763Z","times_seen":8773,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2026-04-19/995c120e70748c0023841105faa79947.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.256Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-19/995c120e70748c0023841105faa79947.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sun, 19 Apr 2026 02:59:20 GMT\r\nEtag: \"2423eed7f327c9b717c7e251f6f903b7\"\r\nContent-Type: binary/octet-stream\r\nDate: Sun, 19 Apr 2026 02:59:23 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Miss from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nContent-Length: 189024\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 18401857346738243511\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":189024,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"OpenPGP Public Key","md5":"2423eed7f327c9b717c7e251f6f903b7","sha1":"6d4814422f3cd9a3a5a3902db2dd91cfac48b7fd","sha256":"d023c917788399b339c64b1c56fb5257a7bae532bae1eaf3aa7d7f2dc698015f","sha512":"8248078e1b01fb657dcd821c5d7cd6ada64b9c6768cfd9c1cf8692c1d324c398ca9d4054429e5e0c22f8e63790a7faa051088759a66505f082537a827ad7a794","ssdeep":"3072:oLTxCK1q4eSzghbpgsTQs0Tq07rIN/HwIEgm/g3rq4lsP7JN2VxTs2:oLTxL6tN/kq07MJHd7q+sn2VxA2","tlshash":"be0412ef39632a5e8bbae1ce1ba11153d68354e34d002f32ab7f94d9637b5d11423e02","first_seen":"2026-04-19T03:21:27.721789Z","last_seen":"2026-05-11T10:34:25.021765Z","times_seen":1670,"resource_available":false,"data":null}},"time_used":1037,"timings":{"blocked":1009,"dns":0,"connect":0,"send":0,"wait":23,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/upload/xiao/20240424/2024042420520426003.png","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.296Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /upload/xiao/20240424/2024042420520426003.png HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 24 Apr 2024 12:58:09 GMT\r\nEtag: \"51419f3b333d8eb4ea1815f60c5aa1f8\"\r\nContent-Type: binary/octet-stream\r\nDate: Thu, 09 Oct 2025 03:12:05 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 83847\r\nContent-Length: 480\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 4502199324038265853\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":480,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"51419f3b333d8eb4ea1815f60c5aa1f8","sha1":"73cca655def494d52431bf6b70b03a53d2266047","sha256":"b940f4a6ea758b9ffaa1a7cfaa9ab6d08ae73e2fb77b30c60b15fb64200af77c","sha512":"ccf724c3e0eb4f5a6a59a5ae7dd96089f9b2d89b82330d6dd64f0baa9286666be0eda76656715f2290203f5241dea851a59823eb18b1ef8ea42fc5b2c2a018bd","ssdeep":"","tlshash":"c4f0540ddd7b01e4efcc28304d03950b71ba3e2947016f2c234f89e21d1d1c41195815","first_seen":"2024-05-03T10:06:21Z","last_seen":"2026-05-11T10:34:25.010208Z","times_seen":23450,"resource_available":false,"data":null}},"time_used":1064,"timings":{"blocked":1052,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/upload/xiao/20231026/2023102620184288771.png","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.297Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /upload/xiao/20231026/2023102620184288771.png HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 29 Dec 2023 10:52:07 GMT\r\nEtag: \"f1b7329bb20d3bf35a27caaae871c85c\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 26 Jul 2025 05:35:41 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 20798\r\nContent-Length: 816\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 17648409091260911803\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":816,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"f1b7329bb20d3bf35a27caaae871c85c","sha1":"3b3791ca288fdad4cef0b48cd6081aed157b521f","sha256":"c6cd5ff057ebb6c6b3686110e90c6f1d61283197527b89a571a008bfc98aac30","sha512":"41bf59a3cb85338b083881001d96d59f51aebfdd62b60611487455d6b763ddfd3fd5bcffd159f7e616126d25e515521ab929027cda0011aab15fd0a9d73e9a98","ssdeep":"","tlshash":"5e01868cbc48f9d99929e10dd1880d73a890662b166e0cb13485ce6cbc8551c41d02b7","first_seen":"2023-11-12T15:49:18Z","last_seen":"2026-05-11T10:34:25.022711Z","times_seen":23551,"resource_available":false,"data":null}},"time_used":1059,"timings":{"blocked":1051,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"stats.54ads.com/tracking/imp.gif?token=9i8wbwzdmp11zoxd1taziajnkx5xb\u0026price=0.009","fqdn":"stats.54ads.com","domain":"54ads.com","tld":"com"},"ip":{"addr":"136.243.62.212","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:23:01.156Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"stats.54ads.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 05:28:34 GMT","end":"Sat, 08 Aug 2026 05:28:33 GMT"},"fingerprint":{"sha1":"63:0B:0B:91:83:49:AD:31:36:39:A5:45:19:E1:26:CC:0F:A5:AC:72","sha256":"15:70:9C:9B:15:23:EA:30:7B:14:42:7A:17:D7:6B:50:9A:88:0B:F1:FE:1B:EA:64:29:A8:06:97:B1:38:BA:2A"}}},"request":{"raw":"GET /tracking/imp.gif?token=9i8wbwzdmp11zoxd1taziajnkx5xb\u0026price=0.009 HTTP/1.1\r\nHost: stats.54ads.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 11 May 2026 10:23:01 GMT\r\netag: W/\"58000a927133472146d90aee51f4091e7695e04f945bdea52f6f3261faf398dc\"\r\ncache-control: no-cache, no-store, no-transform, must-revalidate\r\nx-edsp-accepted: true\r\nx-responded-by: cors-support-provider\r\naccess-control-expose-headers: set-cookie\r\naccess-control-allow-origin: *\r\naccess-control-request-headers: origin,accept,content-type,x-requested-with\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH\r\naccess-control-max-age: 86400\r\ncontent-type: image/gif\r\ncontent-length: 49\r\ndate: Mon, 11 May 2026 10:23:01 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":49,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"56398e76be6355ad5999b262208a17c9","sha1":"a1fdee122b95748d81cee426d717c05b5174fe96","sha256":"2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef","sha512":"fd8b021f0236e487bfee13bf8f0ae98760abc492f7ca3023e292631979e135cb4ccb0c89b6234971b060ad72c0ca4474cbb5092c6c7a3255d81a54a36277b486","ssdeep":"","tlshash":"609002438585c491d151c1304814935011b5a5614505134ea6a836adac551a1c800408","first_seen":"2023-04-05T11:29:19Z","last_seen":"2026-05-11T10:34:25.080609Z","times_seen":10436,"resource_available":true,"data":null}},"time_used":328,"timings":{"blocked":91,"dns":114,"connect":36,"send":0,"wait":39,"receive":0,"ssl":45},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.shenfeng.cc/api/eventTracking/batchReport.json","fqdn":"api.shenfeng.cc","domain":"shenfeng.cc","tld":"cc"},"ip":{"addr":"104.21.4.85","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:23:01.197Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"shenfeng.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Mar 2026 10:02:51 GMT","end":"Wed, 24 Jun 2026 11:01:29 GMT"},"fingerprint":{"sha1":"29:E9:ED:51:42:52:E0:B1:7F:3D:BA:85:1B:7C:2A:26:30:6A:E3:03","sha256":"63:BA:19:E0:5D:0F:BA:2C:62:63:00:B8:0D:7F:28:3A:02:D6:0F:B5:FD:F4:EC:7A:94:31:18:75:42:18:9E:C0"}}},"request":{"raw":"OPTIONS /api/eventTracking/batchReport.json HTTP/1.1\r\nHost: api.shenfeng.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 May 2026 10:23:01 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://h4yvz2.crddgkmc.cc\r\naccess-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS\r\naccess-control-allow-headers: content-type\r\naccess-control-expose-headers: *\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 3600\r\nallow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GYefj5Nctl6fBdjQaB1ALvm7Ob%2BLBZVJ6Hv0kuomGUZkQ74%2BjWI6P%2FYThy%2FhFlGGWdgVLdnUtUkLZfN%2BQ1dirsftcIQHHK5gOMqHioZ9G4tcwFIjdRxLUgvCG4pJbkqPLMA%3D\"}]}\r\nserver: cloudflare\r\ncf-ray: 9fa0773fe838dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-11T12:02:54.547078Z","times_seen":15008011,"resource_available":true,"data":null}},"time_used":774,"timings":{"blocked":-1,"dns":7,"connect":2,"send":0,"wait":396,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/plugins/AiSuite/assets/images/ai.png","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.645Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/plugins/AiSuite/assets/images/ai.png HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 364\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Mon, 17 Nov 2025 09:30:38 GMT\r\netag: \"691aeb3e-168\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: wq4nNt01uJgoJgTStspjd0iMtWPVhs6E0DXR4Spk-maYAbI2sOYNUw==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":360,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 22 x 19, 8-bit colormap, non-interlaced","md5":"bdfd73be05b313c5c343e02c19e69b35","sha1":"40a591d8ec0f5134270fad42812002458e1fa3b7","sha256":"ea22009d2eb53a8f88f109607d8ff75814059f83ad1e4c1aa54179f5b1385bc6","sha512":"e67420d8689d83569fef893f166ab041b5863fd33f1b8a34056044e25eca04836cdfde2000cc306d1efccaed4340889c643706420f9d927d309100d41cf40474","ssdeep":"","tlshash":"eae0c072728cff3a9cb10273089791f58a2a4f76516491065f15841c68e6644415278f","first_seen":"2025-11-08T04:26:01.793992Z","last_seen":"2026-05-11T10:59:04.955264Z","times_seen":23713,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/images/Search/pc-nav-icon-tw@3x.png","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.644Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/images/Search/pc-nav-icon-tw@3x.png HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 504\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Tue, 22 Jul 2025 12:20:43 GMT\r\netag: \"687f821b-1f4\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: Y8uaiiAOwlzRqdibf_PMMiOvu-NqULnw2xAehBZkoKNpdM2YbNyBLA==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":500,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 60 x 60, 8-bit colormap, non-interlaced","md5":"7c92935d5bf83d7aca1ec31dc31e7abc","sha1":"975dc5c3c14a1774bf97f2a22ebf524fc4a8709f","sha256":"59bd73a9b3e779db687f9cdcd77ebff91850e618a1469b6f08686df4a392e37c","sha512":"d8c08d787976b3470cd71ff27126d92239fe7a0cedc1daa672939e2817a556c53f07c782e54c8030e3cb43ea5663875f1996e8a91cb521e5da1226135dcb315c","ssdeep":"","tlshash":"4bf023d7a7543c5481a74edbf8e11993f83a3c6a050152aeacb4f0b5083c08bc196184","first_seen":"2025-07-12T04:18:51.012831Z","last_seen":"2026-05-11T10:34:24.937843Z","times_seen":23471,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/plugins/AiSuite/assets/common/vue.prod.js","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.667Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/plugins/AiSuite/assets/common/vue.prod.js HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 81733\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Mon, 17 Nov 2025 09:30:40 GMT\r\netag: \"691aeb40-2f925\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: Fjys9Gp8sxyOEQnm6XtsWE66UEPw1ZonMGk8llFk4nreog7AGfNWtg==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":194853,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (28532)","md5":"9b14a30d9be6b89ccb5d9426baa70059","sha1":"e55a9116be9d0907b48698418b9e348d36bd3624","sha256":"97374c2e6815b02920dc02d8cca04507973d9a4d82aa5dafa20d04c2227ac9d2","sha512":"90840f4551f1ceeb2e764fed6a632d0eb39006fcbec40166664f0e7f0241347d8679fddf6e41658f939d0b00e893f1bf4ae97429f320c6dc60af0d87c4ef9dfc","ssdeep":"3072:c0RkBL/7KE2X44lDzvWUgT5Asswj2z+e7/72oIKc01DcUrIH:c0KuE2X44lDjWXT3j7e2KctH","tlshash":"2c1428b93181703217ea14e250bb0016f33a1525780984e8b5bde8df2d7695a61fffbe","first_seen":"2025-06-27T04:20:30.543622Z","last_seen":"2026-05-11T10:59:04.944004Z","times_seen":33659,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/css/7.10.0/icon-up@3x.png","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.976Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/icon-up@3x.png HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4yvz2.crddgkmc.cc/usr/themes/Mirages/css/7.10.0/search.css?v=20260414\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 358\r\ndate: Mon, 11 May 2026 10:05:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Tue, 22 Jul 2025 12:20:29 GMT\r\netag: \"687f820d-162\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: JhY0nmHZ-Eramk3BvWYmOS3pW2QiAOh-jyw-i_8DbLIjQLXnTr3QWg==\r\nage: 1045\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":354,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 4-bit colormap, non-interlaced","md5":"81df81c8a4d658d5e3e22e9f14a90cf6","sha1":"dba2119bec81f3ce458ed0ffdeefde0afc5eb5e1","sha256":"a5007a2bd7b90cc4566abf22b92f0365ae6377209b749dbf74626ee96bfb0fa7","sha512":"c7f98e5eaf3ba2336c5138c45242f8c96ce2eee72fbc8c00dabf7ae58515d3ebf35534dbfbb85796e8e8058651462c0ec404fec9080140cad917e57a14adfaf8","ssdeep":"","tlshash":"0ee02df4da09ea9040744c2bd8b163d0feb29d8c3120c0dfad68303823b8106d2437a2","first_seen":"2025-07-12T04:18:50.98186Z","last_seen":"2026-05-11T10:34:25.018446Z","times_seen":23511,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn//upload_01/xiao/20260430/2026043018271044468.jpeg","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.029Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET //upload_01/xiao/20260430/2026043018271044468.jpeg HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 30 Apr 2026 10:27:16 GMT\r\nEtag: \"3e282227a24596439aec5f802c53880f\"\r\nContent-Type: binary/octet-stream\r\nDate: Thu, 30 Apr 2026 11:07:54 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 192\r\nContent-Length: 91952\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 7931639024777613032\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":91952,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"3e282227a24596439aec5f802c53880f","sha1":"6c12253a405c0e906b9bdd0a4e19f5d52d4b1696","sha256":"8caf9ace725fde043c9c0b8791cc2b314cd6578a0d533d5cb284cff17ae3201e","sha512":"113bb59837d223407b6e7e0aa4816840d01ac02a8c15eea71d3f2815ccd6da44545aedb1a5a07e64f4827e32b384ef3674e162044fa4566298e5eaaeaa54b729","ssdeep":"1536:ghsYHV+3ar02iBmpAGU5oOml8hbUYYNttGgOA995GyVxlfICEjoMoIJyHdmU+p6w:CsY1+3e0VYpAGCoOG8aYYNttNH3Goxt2","tlshash":"db93128cd9558f3b095a349e0672bfc39ddd74ea2b17e4a04a7d8ca933e459f62010e2","first_seen":"2026-04-30T11:52:07.127644Z","last_seen":"2026-05-11T10:23:44.04944Z","times_seen":826,"resource_available":false,"data":null}},"time_used":953,"timings":{"blocked":726,"dns":0,"connect":8,"send":0,"wait":8,"receive":12,"ssl":197},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2026-05-11/d8297bc4d06065ba328a7bc17ce19dcc.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.077Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-05-11/d8297bc4d06065ba328a7bc17ce19dcc.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 11 May 2026 09:36:45 GMT\r\nEtag: \"e412d123414c39f35cc94a5cdbbce67b\"\r\nContent-Type: binary/octet-stream\r\nDate: Mon, 11 May 2026 09:40:54 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 193\r\nContent-Length: 121088\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 2106776266570912301\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":121088,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"e412d123414c39f35cc94a5cdbbce67b","sha1":"23746363301eb3ce7f8fa56928728184052cc95a","sha256":"282d76a2ce380d2e82d145d07c1af35b64932e7cf4f4ddfeb76ef8bfbac2e9b9","sha512":"e6501007ab1504bbc6a00091c31e6d66db9df33393398819c720cffc78e0f787cfde422c4b353fd30e981c6d6fa540d5092214c907a7e57525f404f28f8c0149","ssdeep":"3072:jK7RD24fFx6swYRxlOzKk8q8qvHPynUkTdyrPaUu49zKml:m1DVxvRxWfsLYCUtz9","tlshash":"b1c312916be96eb3ba5d531e8143f0fbdeb29bd4036867d139a9182b106734e1142fcc","first_seen":"2026-05-11T10:23:44.050369Z","last_seen":"2026-05-11T10:34:25.118352Z","times_seen":2,"resource_available":false,"data":null}},"time_used":746,"timings":{"blocked":726,"dns":0,"connect":0,"send":0,"wait":16,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn//upload_01/xiao/20260506/2026050613550912553.jpeg","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.094Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET //upload_01/xiao/20260506/2026050613550912553.jpeg HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 06 May 2026 05:55:13 GMT\r\nEtag: \"1f02afefda5105a9dcf674bf0cc4f678\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 06 May 2026 09:01:57 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 419\r\nContent-Length: 63024\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 12048197049346820095\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":63024,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"1f02afefda5105a9dcf674bf0cc4f678","sha1":"8137dc6635a3b3a2a2892d2663704f6a8c883008","sha256":"092ec9314ddca47af698ae382bab3e54596973947c248fa9363eefc234206f17","sha512":"b4f4c38fb0121375eab67186671ab22406524d595d27ad1bef9f82aae0aef35e2c87b38726c4e62ce4203c6ad9a1443576b1380b45e43dd56e1f7c9a885f25a0","ssdeep":"1536:EMcLpHbn/KjTImFzWgaUsB9DXLueNxk3PN4Jix69rTHukfaP+ffeg:3c1HbijDpeB9HueNxk3PN4J+6hDupP+x","tlshash":"f95302e4cc3313ada92dc9346b8698c8b2f5e8ccea27d58164a02e4575344ded5bc9f8","first_seen":"2026-05-06T09:21:47.033171Z","last_seen":"2026-05-11T10:34:25.114183Z","times_seen":307,"resource_available":false,"data":null}},"time_used":753,"timings":{"blocked":742,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/upload/xiao/20240424/2024042420520546340.png","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.284Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /upload/xiao/20240424/2024042420520546340.png HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 24 Apr 2024 12:58:09 GMT\r\nEtag: \"27ae198fca34876f072bb644aa9242c4\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 26 Jul 2025 09:17:38 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 7481\r\nContent-Length: 272\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 17118236261380550835\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":272,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"27ae198fca34876f072bb644aa9242c4","sha1":"be8da11fbe724e2910ff65d54bba67bdbf86fb05","sha256":"26e9ae75be4e86f7ecccc70c05f9d1742f2a7520fed7dd1258a94284c08101c0","sha512":"977e72a9845b87082d55e6a7e55dbdd5dc004cdde4ad3ad0c3f63b627c550958ff86add8f5aee020dc08f188ce747d9c7d909ed01669bb19577eeff9e8c6b6b9","ssdeep":"","tlshash":"b7d02b1545220b922f9aa72e4bb154644f63c292405f4a765184e61a1de2454b100d57","first_seen":"2024-05-03T10:06:21Z","last_seen":"2026-05-11T10:34:24.959815Z","times_seen":24725,"resource_available":false,"data":null}},"time_used":1040,"timings":{"blocked":1025,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/plugins/AiSuite/assets/common/vant.css","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.593Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/plugins/AiSuite/assets/common/vant.css HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-length: 60280\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Mon, 17 Nov 2025 09:30:40 GMT\r\netag: \"691aeb40-30a89\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: SAH0THytZDwaeyT8hFYgEYI-q6c2T9PcuzrNn-YQUMw3gye7_t9CHw==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":199305,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"ec97f98b8f11e72ca35d2a8939500e67","sha1":"fcdcaecbd29eb74c4d507c0f23d3758052aba3eb","sha256":"52fcb2a7486d329611d7fc1562e0dbcde9f4494728b88dc26932388fee77391f","sha512":"16ec7dfa0d84e113ac71cf66bc4aa1659d3a9089fe76c8e2834d0bd1ee25db5fb2ad0dfe35dbb9ba2340957396a603a09c8ebbacf49c90a65df12f522d9b851d","ssdeep":"1536:VjQbFNJ+jqkiHckCwsBlDOFIxuVoxJPBik/1Al5aIzb2VTVaxA:VuClDsIxuVSmRdJA","tlshash":"ec149495e69091bcbf27f275ab8b96dcf23cf560ed01daa4f10051580ec7bf50623a1a","first_seen":"2025-06-27T04:20:30.581604Z","last_seen":"2026-05-11T10:59:04.998522Z","times_seen":33586,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/plugins/AiSuite/assets/css/index.css?v=20251212","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.596Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/plugins/AiSuite/assets/css/index.css?v=20251212 HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-length: 10192\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Wed, 15 Apr 2026 02:53:11 GMT\r\netag: \"69defd97-eb62\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: RQsHV2OlyMM2i7TKxXsfF7Js2ZZzDaDxWZUJiac5d3cbnhQhsFBX7g==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":60258,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"3b8f741d2ad86d582332ceded47c660b","sha1":"1f54bd44e6d5fc53ba05bcf88eda9d196e108dd0","sha256":"b9efc9a83549bc52fd1e75888f343edfd32b73e29efd424d629dc1463860d1a6","sha512":"1f755737cd40c98b0fb21173eef8df2798a6ed6c95d5d0aa37bb57ce55a2fda0370a72b0dc4ba8c1b4dad2bf0672b21d05e6b842c50801cfb2a2d20936e2119e","ssdeep":"768:pB3/VjKqjwp5G9ftX1udyF23LeBKQRQqQoURvKFxXRC/YeJh:/J1udyF232KeBORvKFxXRC/Ye3","tlshash":"2143440426230904789795babf7b17c56258c087cd0ac96d7fcfe649cf8e128b5b6bc9","first_seen":"2026-04-15T07:12:26.183174Z","last_seen":"2026-05-11T10:34:24.936108Z","times_seen":1660,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/js/7.10.0/mirages.main.min.js?v=20251215","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.653Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/js/7.10.0/mirages.main.min.js?v=20251215 HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 72020\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Wed, 15 Apr 2026 02:53:11 GMT\r\netag: \"69defd97-4cf14\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: -6X4z-wYSAFln0ZHoL5mMwlcxwKuQi2f0eoXkPIcujSD43fiLB9nkA==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":315156,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (942)","md5":"e801a3336d048275971bf98814969763","sha1":"659747de5d357cc82c04a82c7b6a44b980ac88fc","sha256":"9903f75439e18802331e0d3ff4abdb668f2d2b1b1d514059d2e3e3f2334b7591","sha512":"f770f151ac5756390ab78ecb79a8c9b51655605505f2efee35387f1102e36e00704676bc5695fcc1f42f7ed8ba7eced8fa46c542b69a6387b3eaeb3329638452","ssdeep":"3072:/VbqwelyE+K3TAO4czuJ19WxZ/Y8f4Sqvw+Uki/uMSB+jonuLzAX:/Vz4TAauJXW3Y8f4Pw+UVuTxnuLsX","tlshash":"0064a40baaf314725563b0bc4b6fa5043231806b5e59fd643e5c82dc4f1d83d26b6bae","first_seen":"2026-04-15T07:12:26.07619Z","last_seen":"2026-05-11T10:34:25.105904Z","times_seen":1660,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2026-05-08/78003c151993acf541d026952b2c4720.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.204Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-05-08/78003c151993acf541d026952b2c4720.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 08 May 2026 12:43:41 GMT\r\nEtag: \"2221857142f3302306b0220a461fa340\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 08 May 2026 12:59:39 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 7\r\nContent-Length: 180432\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 4416526942136090587\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":180432,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"2221857142f3302306b0220a461fa340","sha1":"b68b53098a88b0fd835adcf24ea16584470afea4","sha256":"c7849fb0bce51b6c621ac67a4be043ad941ab27e14c5172a9d555264fe39138e","sha512":"78a6e8de73124525dee971c6e6477d7324fe01d7d1930de701595584d0ed813e63eb8aba30eca4c02b34f1b7bd8a5efded37cbe43c764fe4cbe9e1f91da84cc8","ssdeep":"3072:4+dNJxZSoBXt8GC8xVsC4v2mKt1jk262xvKOx4MCzelIQhPwMUeswvWwmP6m:dXJxwoBX7CWVedKzE6vj4RelIQefeBeR","tlshash":"840413ca1a8f1e3755a44eb1d37323a3afa20034b137ddfea26480f679365c5ad85132","first_seen":"2026-05-08T13:24:19.95859Z","last_seen":"2026-05-11T10:59:04.961241Z","times_seen":204,"resource_available":false,"data":null}},"time_used":979,"timings":{"blocked":937,"dns":0,"connect":0,"send":0,"wait":36,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/js/layui/css/modules/code.css?v=2","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.339Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/js/layui/css/modules/code.css?v=2 HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-length: 545\r\ndate: Mon, 11 May 2026 10:04:37 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Fri, 14 Jul 2023 10:04:07 GMT\r\netag: \"64b11d97-527\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: QTg2UIvXCIzGlh9vv1HlZ-Op_yXDwy3hkT9QEHQc74r7IA127Lft4w==\r\nage: 1102\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":1319,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1319), with no line terminators","md5":"986d0d70b033a195fc1bd1527b06993b","sha1":"69ea79bb09bddd3b988db70ef8b10be9ed0f0065","sha256":"3f27194c2e479212781a76f993b778d724ac9838e780b19472c0357cd3081431","sha512":"a3d1ffa0ba90c8ed8f1330c456760ad7098b683756f1f5d2aae6ec89502c0fe1ff6287e7b1180b9df8f50d517118b610566e9315de055d4780a230488eda10e0","ssdeep":"","tlshash":"d721493aa3852118354bf21574fcbcbca03cb1d6a5ea0eaaff416797c944c51083674f","first_seen":"2023-04-11T12:12:51Z","last_seen":"2026-05-11T10:59:04.972237Z","times_seen":32948,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ap.dc-report.cc/api/eventTracking/batchReport.json","fqdn":"ap.dc-report.cc","domain":"dc-report.cc","tld":"cc"},"ip":{"addr":"54.251.157.140","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:23:01.195Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.dc-report.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 07 Dec 2025 00:00:00 GMT","end":"Tue, 05 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"C2:B5:BA:75:40:71:82:8A:0C:30:43:7C:87:CC:C2:C3:63:69:3A:16","sha256":"41:CE:19:28:BB:9F:95:C3:A8:5A:6E:DA:C9:CD:C2:6F:06:2F:9D:37:81:96:91:C2:D9:EF:88:93:F2:EA:18:E8"}}},"request":{"raw":"OPTIONS /api/eventTracking/batchReport.json HTTP/1.1\r\nHost: ap.dc-report.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 May 2026 10:23:02 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://h4yvz2.crddgkmc.cc\r\naccess-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS\r\naccess-control-allow-headers: content-type\r\naccess-control-expose-headers: *\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 3600\r\nallow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-11T12:02:54.547078Z","times_seen":15008011,"resource_available":true,"data":null}},"time_used":2714,"timings":{"blocked":952,"dns":13,"connect":336,"send":0,"wait":335,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api-dc-prod-001.cyou/api/eventTracking/batchReport.json","fqdn":"api-dc-prod-001.cyou","domain":"api-dc-prod-001.cyou","tld":"cyou"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:23:01.198Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"OPTIONS /api/eventTracking/batchReport.json HTTP/1.1\r\nHost: api-dc-prod-001.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-11T12:02:54.547078Z","times_seen":15008011,"resource_available":true,"data":null}},"time_used":7581,"timings":{"blocked":7581,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"api-dc-prod-001.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.shenfeng.cc/api/eventTracking/batchReport.json","fqdn":"api.shenfeng.cc","domain":"shenfeng.cc","tld":"cc"},"ip":{"addr":"104.21.4.85","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:23:01.521Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"shenfeng.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Mar 2026 10:02:51 GMT","end":"Wed, 24 Jun 2026 11:01:29 GMT"},"fingerprint":{"sha1":"29:E9:ED:51:42:52:E0:B1:7F:3D:BA:85:1B:7C:2A:26:30:6A:E3:03","sha256":"63:BA:19:E0:5D:0F:BA:2C:62:63:00:B8:0D:7F:28:3A:02:D6:0F:B5:FD:F4:EC:7A:94:31:18:75:42:18:9E:C0"}}},"request":{"raw":"POST /api/eventTracking/batchReport.json HTTP/1.1\r\nHost: api.shenfeng.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 2\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2,"data":"[]"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 May 2026 10:23:01 GMT\r\ncontent-type: application/json\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://h4yvz2.crddgkmc.cc\r\naccess-control-expose-headers: *\r\naccess-control-allow-credentials: true\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=akLWx6rzyuxbJhDClfxFhgHB4roBCNE6%2FB0Hv99DUZtGk0Up99efN0iV73D5dZBdDQRpz5FfGzqxyQUX%2F3Ah2Myyeo4OEM7xzsbHLUX2QRNIuPMq%2F9XW6ud4eqHLnQAlt1M%3D\"}]}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9fa077426808dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":38,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"0ab94d0fc1ecb3477a682ada19ad817d","sha1":"e6311ec9ae74beb1f7461c0ae5e81c8f835e0f3a","sha256":"7f86129f0513b8495b7ecf4f1414314df859f22b58b45b9036f4d9e48df30074","sha512":"d2da24f6eda58fd1fa39d5f154744ec618de7a1f431f149104d745db588c59b65ce10f819cc611a7241aa1470d3053c3d69ca57709becdf95e54556d4f4789bb","ssdeep":"","tlshash":"a4800433141c04430501354c00053f04105c11534f100771cc5c4715c75c074f151410","first_seen":"2023-08-16T08:22:40Z","last_seen":"2026-05-11T10:59:04.954683Z","times_seen":2159,"resource_available":false,"data":null}},"time_used":198,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":198,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/images/tg.png","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.619Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/images/tg.png HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 664\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Thu, 26 Mar 2026 08:53:44 GMT\r\netag: \"69c4f418-294\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: 3QSwJTSpBH5q4Ff2gHlJzXDAUAg5hYoFvbeCp0NWDcZqO1j2Ahj5Bg==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":660,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 84 x 84, 4-bit colormap, non-interlaced","md5":"acb2287624a689367fa72a2200928580","sha1":"a5e082d439cb717c0b6f2c48055489ea2492da6c","sha256":"8864aa112a229bbc9f5803af7384b8710b1fe9c057aedf0cc7842b80809ce232","sha512":"e5456ff71b64d0dcc032b5f58b6dc2b8fd77698f746bb541505d0b594c8c1e8e56a1a90fa0deae8ea839e23abd98da6548132f7c1331de969126f667a7702fba","ssdeep":"","tlshash":"400123df74a7ca26a19599ce54b616d87828b34db1c054289d01ed2ccd14170056e763","first_seen":"2026-03-26T09:29:38.981381Z","last_seen":"2026-05-11T10:34:25.004882Z","times_seen":8748,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/images/qq.png","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.632Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/images/qq.png HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 692\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Thu, 26 Mar 2026 08:53:48 GMT\r\netag: \"69c4f41c-2b0\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: hPs39CM0utVpLLuBGRtP2TobHc8WoiGGV76oNhBdxwBH-JR4JMo8xQ==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":688,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 84 x 84, 4-bit colormap, non-interlaced","md5":"b438b2edc7a587a3d2d692af6ee71aca","sha1":"f0a18a1d84367d4ff0882cfd080fd8d30106b3a1","sha256":"b0179e7817d4ed817b4410cafe2d175db262c5b1c0e6ef55b31e18d801fa5e17","sha512":"969e750e8aa3209213fa782ecd4d5bd2a929d6e8e7e566288c0b716cdf5f55c122a7f57fcd70d34b13ee038f5ed34be3233f6fbb560a83756958731a5a0c3a38","ssdeep":"","tlshash":"310123c58ec66a0523af66d656f34013e4276faa242c762c6da27858ceb515050136af","first_seen":"2026-03-26T09:29:38.938458Z","last_seen":"2026-05-11T10:34:24.963081Z","times_seen":8750,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2026-05-05/c87abe99f219113cd64b54d80e5cacb6.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.118Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-05-05/c87abe99f219113cd64b54d80e5cacb6.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 05 May 2026 08:42:43 GMT\r\nEtag: \"59ef3a4dfad5d279e0a4323d3a82bb17\"\r\nContent-Type: binary/octet-stream\r\nDate: Tue, 05 May 2026 08:43:24 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 130\r\nContent-Length: 228272\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 9964417093166935943\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":228272,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"59ef3a4dfad5d279e0a4323d3a82bb17","sha1":"d061af761e072fd4b6a7b49ef30ee5850efa79dc","sha256":"108fe9a7733919ebcd015b760092e56365d2187fb0bd9f795b18c5ada306cf99","sha512":"b9d04bd4a092a854efbff4702355b89b23dc0380417a75c687b7efa2a23b4ae9a69cdaed796936fb5f7af6ca9c02e32f5b48498fbd0c171704a09e542fd8fa1e","ssdeep":"6144:ORsVsq0QFP8Bq7PP61RxGQpIRtUNGW/4KZE+f:0I8Bq7PileRCIW/tZE+f","tlshash":"582412d112dc3f9aa99a8f07ad461c07c509a7dffb86146cf2b9cd864016fa470fb069","first_seen":"2026-05-05T09:22:39.181176Z","last_seen":"2026-05-11T10:34:25.030451Z","times_seen":389,"resource_available":false,"data":null}},"time_used":868,"timings":{"blocked":852,"dns":0,"connect":0,"send":0,"wait":8,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2026-05-10/025ef02ac89f03f31fa0e6f3dd6a61b6.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.197Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-05-10/025ef02ac89f03f31fa0e6f3dd6a61b6.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sun, 10 May 2026 02:39:40 GMT\r\nEtag: \"86b39b66c97289f40cd0b8cec27171ac\"\r\nContent-Type: binary/octet-stream\r\nDate: Sun, 10 May 2026 02:39:46 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 34\r\nContent-Length: 204592\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 10736840413363395758\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":204592,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"86b39b66c97289f40cd0b8cec27171ac","sha1":"b6e6f7f2ec42077c3736d28fdfa3b9f9a1b0a9a7","sha256":"76755ed17396046c40116fde5371b71d561c069b92aa25ed045d10b86bb773de","sha512":"609edc7a94dab3811b9224e53343572eaf6d52617c5f26097dec1f270c1e32314f148ed751d040dfea78b6c508c4d817e2af4ae8796cbfce0dc24863fa267dc9","ssdeep":"6144:Mj8KkLM5MGbQH8n8e8tJ5xDnLdSIjgY47RA4K:NK6GTwJHwOm721","tlshash":"d614230f5be429dd97afc45610abc5e09ef64b1c3a78cc8ee6047ae11020f970a9d567","first_seen":"2026-05-10T03:00:06.891403Z","last_seen":"2026-05-11T10:34:25.028955Z","times_seen":67,"resource_available":false,"data":null}},"time_used":943,"timings":{"blocked":916,"dns":0,"connect":0,"send":0,"wait":12,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/images/ads-close.png","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:23:00.879Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/images/ads-close.png HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _ga_P6HKH41365=GS2.1.s1778494980$o1$g0$t1778494980$j60$l0$h1428737922; _ga=GA1.1.1636593283.1778494980\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 3684\r\ndate: Mon, 11 May 2026 10:07:55 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Thu, 26 Mar 2026 08:53:48 GMT\r\netag: \"69c4f41c-e60\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: C3M5VWAHTWN9HT22OKxw8vnhgdIvDf657O5uVsjfRIyCPruVOH_qUQ==\r\nage: 905\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":3680,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit colormap, non-interlaced","md5":"bce8f4b10d2dbc022ab99bd81cbbe96d","sha1":"7241af47b82f6a19a2a2ba433ccc1cc5eaba299b","sha256":"86a0628056be4dc9d7da2e94f7378f668ff982214766518e8a802f7a5bf32ca6","sha512":"83aa88f2d13b612767153b2261897d85055a96e25eec5efa91c7f9f7acfcf1491915433f9e1438d5d7495def7467d7a3511db0f50341a2c7dd2a05847cb06329","ssdeep":"","tlshash":"e4717ed9faf95c9697058e662851f0ed7d33b5c0090310ef447120ad6cbb9e446edb92","first_seen":"2026-03-26T09:29:38.920905Z","last_seen":"2026-05-11T10:34:25.023579Z","times_seen":8370,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/css/7.10.0/mirages.min.css?v=20251218","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.586Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/mirages.min.css?v=20251218 HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-length: 42608\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Wed, 15 Apr 2026 02:53:14 GMT\r\netag: \"69defd9a-31777\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: r7H9hqQHWTJcoYfPcTQXytdhFWaJh1r24wFEsDFbbFOzWLp1YDPX9g==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":202615,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1228)","md5":"4c63eeca0f13e5196057c93fb4a8c008","sha1":"cc216fba81b8038d5a9a5568aed5f61895d7c367","sha256":"e4c5fb1fbf0308e87b3ac3ea686030651f5ee6c75beb87388d839e95ab4d1322","sha512":"7dfb07c6b0a4791d3d58d8834126601b262617b5db255ba0517ece4bdbd3baaceda35b1a4f26ceaa28e75b9ba6ef2040482803eb83f28b7c3326b304f28dbbb2","ssdeep":"6144:PwcGuP/Y1iBl4fOBl4feYEG8PnXNsSd1XmFotaSgofgO:PwcC1W/","tlshash":"a214847c954111d46373ca1aafc4b6582738f226dd052ebdf12721d8dbc2b9b12e2b8d","first_seen":"2026-04-15T07:12:26.165309Z","last_seen":"2026-05-11T10:34:25.052743Z","times_seen":1655,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/plugins/AiSuite/assets/common/parsley.js","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.661Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/plugins/AiSuite/assets/common/parsley.js HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 27972\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Mon, 17 Nov 2025 09:30:37 GMT\r\netag: \"691aeb3d-1730b\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: SlGInBKC5KZoNjYmbUXPcHvgW3Cn2dMMzMbWL6u3AO8HjqGOJ4l99A==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":94987,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (885)","md5":"a442261f7fdcdb3396b2982e7d5ff2d3","sha1":"f2a873ba1e0a2400f6c5f165eb9d4f4d36b4e2dd","sha256":"be43eddbeae875bbc9b68f4a6a95de3fad6798b733dd55f2cdc2bf81a5a33848","sha512":"16aff01ee308ec0adaa0e2be8ee139a1820b2af48f7ba182e595999efa4e3bf64f76dc80dbd9fe6b99152cfe1768bc83cbd0f52013d8cdd17270edf72237743e","ssdeep":"1536:qAj0W4ZuOjkI33R+a0WQ09uH60SkAZzvH6KomR7Gi21l:qAQTuOjkInuH9Sk2vAl","tlshash":"f49371497ae221018d2730bc1fafa0067274811b5409ad94f98d93d0af94d7993faff9","first_seen":"2023-03-12T07:21:41Z","last_seen":"2026-05-11T10:59:04.966096Z","times_seen":24642,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/plugins/AiSuite/assets/common/clipboard.min.js","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.664Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/plugins/AiSuite/assets/common/clipboard.min.js HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 3634\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Mon, 17 Nov 2025 09:30:37 GMT\r\netag: \"691aeb3d-23c8\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: H2UBDHViIdNDlAqnKK_WVxEcDD6z1sNd4Nui3e9oOsmy9Y824QvCsQ==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9160,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (9067)","md5":"15f52a1ee547f2bdd46e56747332ca2d","sha1":"9a7cb405f9beed005891587d41f76a0720893ffc","sha256":"e17a1d816e13c0826e0ed7febfabc3277f45571234bde0bf9120829a7169edc9","sha512":"ecee695e9734a0246bc64f1151f0d81609f49ced6dfa32ee20e41d38c469e003c1eee678bd28eca73a79cba603b43b385735124db5b304567f2ca2619f214e2b","ssdeep":"192:s6IMH3HEG9JVwkHg4LyAal318/NYusfkApXMdgmkpj:sy0G9J1zG3eFYP/XMmmkpj","tlshash":"77126399b291b0b15ae731a9412f920bf2766969708b90d0d239d4f0acbcdde4463f3d","first_seen":"2023-03-07T12:23:44Z","last_seen":"2026-05-11T11:28:46.87611Z","times_seen":29919,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn//upload_01/xiao/20260509/2026050911550350104.jpeg","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.107Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET //upload_01/xiao/20260509/2026050911550350104.jpeg HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 09 May 2026 03:55:07 GMT\r\nEtag: \"d84dc1c67ef8baecc086f2e2ad0f4e6f\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 09 May 2026 04:04:36 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 648\r\nContent-Length: 208000\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 11791899745983510351\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":208000,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"d84dc1c67ef8baecc086f2e2ad0f4e6f","sha1":"263b2776e58c2ace56f9afbbaafd6d2b560e980d","sha256":"67a4a44c9243fd5c7d8f704fe302b62c483baf9ce14836c5f9c13332fb2fa793","sha512":"5a4fec850d40d615cde7de9900c42d3c4e364e6413411de205b72185e7a350a033e91884232f7cea9f9f6982e4e3b2ba755ef6d084392bc8ec985e832ccdece7","ssdeep":"3072:Mj29VOzsvUeHyada15kWCK0hXERHKRGUq0WBV0V6+nM6iFS6dHHp6pkwV:MiMzeHwe0aXERqdEqrWS6BHp6CwV","tlshash":"5c1412cbc6c33df6a0261e20fcd5f1501cac061bfc445a6b166acb9d9d8e151abb187e","first_seen":"2026-05-09T08:32:00.624389Z","last_seen":"2026-05-11T10:34:24.985989Z","times_seen":134,"resource_available":false,"data":null}},"time_used":843,"timings":{"blocked":813,"dns":0,"connect":0,"send":0,"wait":24,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2026-04-19/1953a5507dcc3e5f37de3856101c1f72.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.166Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-19/1953a5507dcc3e5f37de3856101c1f72.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sun, 19 Apr 2026 08:19:19 GMT\r\nEtag: \"5753ae8bb71b30544ef38ae5865c9867\"\r\nContent-Type: binary/octet-stream\r\nDate: Sun, 19 Apr 2026 08:19:19 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 32\r\nContent-Length: 129840\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 7881978373445150634\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":129840,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"5753ae8bb71b30544ef38ae5865c9867","sha1":"7938cf9fc8a820c760e005c0930a5987f7caa78f","sha256":"50f6a1d0897a477d7b3e42b995db24e3b6b8830003665170cc1dccf74c97a206","sha512":"dafee541b3744c8625338b4af628183d1a2185cc3e014370de2ac26c08bd1891952aacfde030a6adac03d1f112906cbcab69208a6e639a22cbcc48ae15510472","ssdeep":"3072:eDTksvEt4/LXflVirs5qTpPQTuyKUI5EOnlQyrXKbZazcpfW:ekU/LXfjQTRQqyKUs3lQy4vO","tlshash":"c1c313cb521c2d015be53b6b22ef31872e4f65e58d1d842b0b96e15f867acc6d12cc1d","first_seen":"2026-04-19T08:44:06.146515Z","last_seen":"2026-05-11T10:59:04.989884Z","times_seen":1595,"resource_available":false,"data":null}},"time_used":936,"timings":{"blocked":902,"dns":0,"connect":0,"send":0,"wait":22,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2026-04-28/5c7d32e885448ccd03d3e309af3759ba.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.260Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-28/5c7d32e885448ccd03d3e309af3759ba.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 28 Apr 2026 08:39:27 GMT\r\nEtag: \"7cc759621023c4cb64e838e17b8c7a3d\"\r\nContent-Type: binary/octet-stream\r\nDate: Tue, 28 Apr 2026 08:39:38 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 12\r\nContent-Length: 124000\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 7733511942426321055\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":124000,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"7cc759621023c4cb64e838e17b8c7a3d","sha1":"caf8b538a33c2c1f756d53d74d57b841ffb7b5a3","sha256":"5e5228e5d48eb750f536c139c94d6c9a7339f6f2715019fab5a22fd8753e7404","sha512":"d17d354eaa2eb560ac4b8ff8baa34ca51e01486f96d4d742338f39e0fa998215f4163aa3dc82bccc2d5484cce06d6d7da4727babaae84c9e08aaff1461066055","ssdeep":"3072:XQ9D6WyfeHig5gyX5bfxPGhqkQHUWxGfsDz4Cz714OHpo6:HNgz5PGhxXfsP9v2Mpo6","tlshash":"7fc31259c5811b042390de276a3fc78c47ae35be482d925c3a8bb077dbc9534b5a3c6a","first_seen":"2026-04-28T08:47:43.228286Z","last_seen":"2026-05-11T10:59:04.985282Z","times_seen":1244,"resource_available":false,"data":null}},"time_used":1037,"timings":{"blocked":1005,"dns":0,"connect":0,"send":0,"wait":28,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2026-04-19/649ab82e5a47ca78d3009b25cf2e3d15.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:23:00.944Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-19/649ab82e5a47ca78d3009b25cf2e3d15.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sun, 19 Apr 2026 08:22:03 GMT\r\nEtag: \"be44f4a982c4b6ef59dc568a314f92cd\"\r\nContent-Type: binary/octet-stream\r\nDate: Sun, 19 Apr 2026 08:22:04 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 466\r\nContent-Length: 430560\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 474849549930630010\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":430560,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"be44f4a982c4b6ef59dc568a314f92cd","sha1":"ebd71726aa16054e77ee9e8d5175b1328a1d6e27","sha256":"b98c69934e82f836d374a334329f25ae7fc3a910c0a286ac909aaffc93c3a70d","sha512":"b44f714acf6673f25b034e555e6438fab32904a5f6b1b5c553cfd51bdb7256ef295bd29544d52fddb9715a16ffcbabca0afc5c235a9dd3495045103bccc7cfb9","ssdeep":"6144:ijAyx8CqS2MTeyJ0Wogn+UhuFSE/4s5H+oWgocvlmfiRW/nRPoXf9z2Ypvn/W:mx8Un0x2+UhiD/4IeoQmSRWvnu","tlshash":"d794235d5a953ad2efa4e17b22c2829379d8753858539a1f73b335b0f3b542c072ca2c","first_seen":"2026-04-19T08:44:06.071566Z","last_seen":"2026-05-11T10:34:25.024455Z","times_seen":1341,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.no/ads/ga-audiences?v=1\u0026t=sr\u0026slf_rd=1\u0026_r=4\u0026tid=G-P6HKH41365\u0026cid=1636593283.1778494980\u0026gtm=45je6562v867709946za200zd867709946\u0026rcb=1\u0026aip=1\u0026dma=1\u0026dma_cps=a\u0026gcd=13l3lPl2l1l1\u0026npa=1\u0026frm=0\u0026tag_exp=0~115938465~115938469~118463261\u0026z=2111316952","fqdn":"www.google.no","domain":"google.no","tld":"no"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:23:01.539Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.no","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 08:38:19 GMT","end":"Mon, 13 Jul 2026 08:38:18 GMT"},"fingerprint":{"sha1":"58:B1:9C:84:37:C4:16:7D:09:24:A0:56:6F:FC:62:E1:16:50:08:58","sha256":"92:8F:8A:20:D2:C6:8F:CF:8A:6C:9B:24:98:0D:06:B6:DA:28:21:0A:15:EB:E4:E1:74:F8:F9:F5:1E:ED:DC:67"}}},"request":{"raw":"GET /ads/ga-audiences?v=1\u0026t=sr\u0026slf_rd=1\u0026_r=4\u0026tid=G-P6HKH41365\u0026cid=1636593283.1778494980\u0026gtm=45je6562v867709946za200zd867709946\u0026rcb=1\u0026aip=1\u0026dma=1\u0026dma_cps=a\u0026gcd=13l3lPl2l1l1\u0026npa=1\u0026frm=0\u0026tag_exp=0~115938465~115938469~118463261\u0026z=2111316952 HTTP/1.1\r\nHost: www.google.no\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\np3p: policyref=\"https://www.googleadservices.com/pagead/p3p.xml\", CP=\"NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC\"\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ndate: Mon, 11 May 2026 10:23:01 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-type: image/gif\r\nx-content-type-options: nosniff\r\nserver: cafe\r\ncontent-length: 42\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":42,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"d89746888da2d9510b64a9f031eaecd5","sha1":"d5fceb6532643d0d84ffe09c40c481ecdf59e15a","sha256":"ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629","sha512":"d5da26b5d496edb0221df1a4057a8b0285d15592a8f8dc7016a294df37ed335f3fde6a2252962e0df38b62847f8b771463a0124ef3f84299f262ed9d9d3cee4c","ssdeep":"","tlshash":"c4900023fa808000c3a8c2300a0b238a2b8c80200a28030b80ae208cec3a3a22c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-05-11T11:37:48.804842Z","times_seen":872928,"resource_available":true,"data":null}},"time_used":579,"timings":{"blocked":85,"dns":340,"connect":7,"send":0,"wait":68,"receive":1,"ssl":75},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/css/7.10.0/search.css?v=20260414","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.590Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/search.css?v=20260414 HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-length: 13143\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Wed, 15 Apr 2026 02:53:14 GMT\r\netag: \"69defd9a-12b08\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: h0sXYGlhCy9CPp1AwIs4jLxvJuc1_dleoeXnGB7S2UOMuYD_SVtfEA==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":76552,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, Unicode text, UTF-8 text","md5":"b4de1d11af4a5bda743273bc1e1cef6b","sha1":"027ebc944d74844532e14ca93736e6618f442c00","sha256":"6a1ead2dcf0ee0ec7f994df637df81b0841cec683cc76198726f7b08da3fe01a","sha512":"406c8fd479246ca0f50ea492324eb7b83a71c714eac6386395aea3fdda7bf3cd4935d7d3708b9c26b743713eee9cd75ec15583e19de91aaf91394c7b9447ceb5","ssdeep":"1536:rH1UEnq8Zo8jE2dod5dwdKdjdgdSOOVkKLOxuOyZ2g:jZo8UkKLVR","tlshash":"9773ce0b9b530125f9b744ac2b6a7b842729d407ed05ceac7bdea584cfcf950b4a17c8","first_seen":"2026-04-15T07:12:26.071873Z","last_seen":"2026-05-11T10:34:25.014005Z","times_seen":1659,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/plugins/AiSuite/assets/common/index.css?v=20260510","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.594Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/plugins/AiSuite/assets/common/index.css?v=20260510 HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-length: 2011\r\ndate: Mon, 11 May 2026 10:10:34 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Mon, 11 May 2026 09:30:28 GMT\r\netag: \"6a01a1b4-1a69\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: gkkdVS1TYznfp4_tHa2VqAUfyNkIJi9DMw809Cgo-CqWy7MfzaWIcg==\r\nage: 744\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6761,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"bfedd3b809bb5df716a35f2b7031b129","sha1":"be47e31fe54a2eb52224a5bb39a815eb6b09252d","sha256":"f9568d1150e2675ae41fbbb54f4247dc41ac5332c7d971b054a5b7f0e36b4f60","sha512":"efd3deb9620b3a2625d9c85e982d41195b06afe29b93e00811012a424fa2d625134ddec266f5756c6e5dd0ebae8907ba056a0ffa9afd9e7b1198eb7ebb00e4f3","ssdeep":"192:2TI9FY31TYgHA+9+Ycv7BTKTN1TeATRg4Uq:6gY31TYgHF9+f1TKTN1TeAT+Y","tlshash":"c0d116521e672408501fe5984ef967ac563ed042bf4b4d2eb6d73999cf8d2c801bbec2","first_seen":"2026-05-11T10:23:44.075104Z","last_seen":"2026-05-11T10:34:25.002902Z","times_seen":2,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/plugins/tbxw/js/zzz.js","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.609Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/plugins/tbxw/js/zzz.js HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 20137\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Fri, 14 Jul 2023 10:04:07 GMT\r\netag: \"64b11d97-c67b\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: U4MS_ZRUkH9Oo_Y7cXwi1lq898XXqwwHFuMRo0s_kyG3_O9AWdq77g==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":50811,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (48316)","md5":"78dab9fcf576de8cba46edd716dd2309","sha1":"7113abe41f95159f9bfccf70d01bdda1055af2ad","sha256":"7c66d6c8e2c470780513a282b66e2b5b7429ed863d6a0ecd6054b38dcda004b5","sha512":"dbb858875e532b475f827c930c154cac09e9a952b20053a0f7e1b34a050100a0a3a41f8aabeeab4af2dd90082363fe3ced3a5957f7250a4918d305b49655e040","ssdeep":"768:J1Z4iiyfiD78x6l42SWRV4HC0o10LEnM9OT81agZnEpn6ZFCsUleZ:vZYDc6lXJd1mZpZEdq","tlshash":"da331bc5a19c609153a774d50d7f704bb4637526170d89acf228e8eeecfcaea9039d38","first_seen":"2023-03-13T16:33:51Z","last_seen":"2026-05-11T10:59:04.994832Z","times_seen":33059,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/images/logo-2.png?v=1","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.616Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/images/logo-2.png?v=1 HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 37360\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Fri, 10 Apr 2026 02:21:20 GMT\r\netag: \"69d85ea0-91ec\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: YxWEwtAX2XxOWdOZiL1_Saznvbhrn4dAwmZS53GNdWD4CEkP8GdqUA==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":37356,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 260 x 80, 8-bit/color RGBA, non-interlaced","md5":"58e4aeb5c8a2c2b803d40a7e72b952d9","sha1":"5ca98ad019e741eda326feccffdc99622cfc1a83","sha256":"50d767bcb329515a617f0e5ae57f10d9e18e68e96d828ab26d8718011eb0e196","sha512":"588241567592c1126ee0bfea947411b3da41d44eb3095386247ae7ed4f36f9e15ad08b5d2b86cd1b483c44914e2cb28c604c30dc197591c3b2233e14118dfdd1","ssdeep":"768:AlU492+h646Uc3jM/0MiYyU9sZ2qz+XKcPVBBC8hNO:AlD2j4EBJU9sME+6cjwd","tlshash":"84f2f18a056283be4fdd18dbdec23f8c3eda09e5dd2ef12d4994444d576cb8350ae294","first_seen":"2026-04-10T03:52:30.156352Z","last_seen":"2026-05-11T10:34:24.955128Z","times_seen":1939,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/css/7.10.0/img-placeholder.png","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.027Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/img-placeholder.png HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4yvz2.crddgkmc.cc/usr/themes/Mirages/css/7.10.0/search.css?v=20260414\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 9209\r\ndate: Mon, 11 May 2026 10:04:34 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Wed, 15 Apr 2026 02:53:11 GMT\r\netag: \"69defd97-25da\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: dLyQbsjOeu26UzEm6zkTUtSSFWXSslAfi9WnaTx6NtbtK5Wh0M-j8Q==\r\nage: 1104\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":9690,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1900 x 558, 4-bit colormap, non-interlaced","md5":"7cdd409365344df5309615f783e1a33d","sha1":"973168e3e3ae97af7f14f536865354bea3de3a2c","sha256":"adc742c831c9edda144963c0e26f0c7f85d931d237694cc51971b9ac57443920","sha512":"e7b27426fef5e5adf3b8947064cfef3ad5e5af756e38b4f08bfb53c69599285d482db4333e6daca781a0c3f3b10fb88fe90a582998f1a2eaa76c0fe3d5a85fc8","ssdeep":"192:YJQx6L+VUMb86sDtTZxNLhYD8XTT3RZbvlG0EOkptyG2RyKzkD2GeoRMCem6t3NE:OQK+ueJsDZzhRds0EcGqyKoXfaHXi/F","tlshash":"d9128e9c42d326b463b41cfc1d952df8905191120e426286abfee07f49c5fca2cebb58","first_seen":"2026-04-15T07:12:26.119732Z","last_seen":"2026-05-11T10:34:24.976974Z","times_seen":1636,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2026-04-19/0be393a186b7fb1a4871efff039103df.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.036Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-19/0be393a186b7fb1a4871efff039103df.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sun, 19 Apr 2026 08:12:25 GMT\r\nEtag: \"c06dde3015d4128d5191e0f363ac05ef\"\r\nContent-Type: binary/octet-stream\r\nDate: Sun, 19 Apr 2026 08:13:05 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 237\r\nContent-Length: 346992\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 15677121254970860515\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":346992,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"c06dde3015d4128d5191e0f363ac05ef","sha1":"46e7c783bfc24fbf2cf78a3c5f401a679a99c76d","sha256":"32c7857e2ffc7207fe1246a89454862e6f4fd8a61fd4a294911bc1c9f3503509","sha512":"5df309c2e413189a267e3a68396db2450f1d366ce3bdc2dc4bb15c70cb93c7aaeebc2c380995c5ccef37cc74bdb930693b3e005f79e50fb618e97f8b1f8fea7d","ssdeep":"6144:fdDamlBadpydJQ74Nk35l4b80Sahoc15W3h71X2gCfDME4FoEek:FaZyrQ7os4KkozJQ7ME4WE3","tlshash":"107423ca7f2d01505f16e591c1aa73e727becb2018df624cd646cfa1bafec5c896410a","first_seen":"2026-04-19T08:44:06.127136Z","last_seen":"2026-05-11T10:59:04.975581Z","times_seen":1398,"resource_available":false,"data":null}},"time_used":1701,"timings":{"blocked":788,"dns":569,"connect":10,"send":0,"wait":20,"receive":49,"ssl":259},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2026-05-07/65f6d1bb26db4c10b5f6340a9e4fc30e.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.233Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-05-07/65f6d1bb26db4c10b5f6340a9e4fc30e.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 07 May 2026 04:39:35 GMT\r\nEtag: \"3a7e04ea0180d91dd0745e74543ae275\"\r\nContent-Type: binary/octet-stream\r\nDate: Thu, 07 May 2026 04:39:35 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 100\r\nContent-Length: 345584\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 18436918663707707954\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":345584,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"3a7e04ea0180d91dd0745e74543ae275","sha1":"cfbc26aab46285adc4144d37f8512ace815f22a2","sha256":"efdb4fa8a5cadef866b7fb296364535d1900707190a28b411e82fbdc923e4925","sha512":"fdc84a0ce023d1c35220cb9506e2e791df303f0b468619af5fce53d6fa5694085914a3169d4408bf61095d85081db9d66ab6851545a7b1c16a82b94e7f78ae36","ssdeep":"6144:q4u1Qyk39D9QXeztDeucIBwzCukUHVVYTFqrtnW1IK4aZUpcj/n7o9ue:7t56ezIH/3CUZHaZccjTm","tlshash":"bf7423cce8f2449b44847cd799f7686f4f19fd182223e8a6fcea45e9d39805593e210e","first_seen":"2026-04-25T12:50:13.747417Z","last_seen":"2026-05-11T10:59:04.984753Z","times_seen":312,"resource_available":false,"data":null}},"time_used":1039,"timings":{"blocked":999,"dns":0,"connect":0,"send":0,"wait":33,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/upload/xiao/20231026/2023102620184160107.png","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.300Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /upload/xiao/20231026/2023102620184160107.png HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 28 Dec 2023 12:12:49 GMT\r\nEtag: \"a6bdcdf9f788925c40b4933ade16e75a\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 25 Jul 2025 17:12:44 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 65375\r\nContent-Length: 736\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 13073467759754180778\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":736,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"a6bdcdf9f788925c40b4933ade16e75a","sha1":"b9d417252d52c8bfa41462a728c67205febfb9be","sha256":"67f7c7ed605dda502279353b1b43c59fdabd43a10d84c1f9b4b925a0946db40a","sha512":"a9f62b51d36b29c6082e1730f497d0f7f9b9be8f15773600f0776c9dc955b1c18da3887c521ccafba00301bddf7ea3094976e162a8c8adb597d017b6b5744b7e","ssdeep":"","tlshash":"dd0165c210e56805b694a517758086f9ae44195987209c7dda568610ee33d338c54279","first_seen":"2023-11-12T15:49:18Z","last_seen":"2026-05-11T10:34:24.982491Z","times_seen":23324,"resource_available":false,"data":null}},"time_used":1091,"timings":{"blocked":1068,"dns":0,"connect":0,"send":0,"wait":22,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/css/7.10.0/swiper-bundle.min.css?v=1","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.600Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/swiper-bundle.min.css?v=1 HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-length: 5081\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Thu, 29 Aug 2024 12:36:52 GMT\r\netag: \"66d06b64-3e37\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: 3lNp6f9_tM3uhW5lZsQUZlenbsK1tKTueC0RG2-9-fBRC_j6e32CNA==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15927,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (15672)","md5":"4f58978f1d4b2860f7cd2a14aaccacb7","sha1":"ecab9abbe6e9fd3f1f71760d665a6ca09a889065","sha256":"5e47bcf3c1df613cfc0c373b7ae064c7e9ef7b2d3cedba73baa10532068bd256","sha512":"79eb9b500a1711dd9ffe55be53f443a0be9dccffb04323238ebe4d6725c518b9d812c01f4b82112ab22762d757a27ccce7e059fd731da6093d25432d0aff4216","ssdeep":"192:obvmUJbiKneTT4bHZ+SKbP3p/a/AMQfHff21eesedOJ9A5Pz+c3At2/E:oKUbeTMbHZ+VA/AVfHfd4XYD","tlshash":"de62136813402c2753274f364b71cbb9ddb444924b93896e92c0ee84d7b68bd236f6e9","first_seen":"2023-06-27T01:17:46Z","last_seen":"2026-05-11T10:34:24.943973Z","times_seen":21388,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adservercdn.54ads.com/7db20370.js","fqdn":"adservercdn.54ads.com","domain":"54ads.com","tld":"com"},"ip":{"addr":"188.240.13.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.645Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adservercdn.54ads.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Apr 2026 13:45:56 GMT","end":"Tue, 07 Jul 2026 13:45:55 GMT"},"fingerprint":{"sha1":"0A:2C:ED:7B:86:68:1C:6D:82:B3:1A:49:2D:EC:40:D9:B9:F0:7A:7D","sha256":"57:94:1A:05:60:8F:1C:1B:90:62:CF:EB:92:C5:57:66:AC:A7:B8:11:07:D7:B1:BE:C2:4A:3D:08:96:C7:08:24"}}},"request":{"raw":"GET /7db20370.js HTTP/1.1\r\nHost: adservercdn.54ads.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 May 2026 10:22:58 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\ncontent-length: 44448\r\netag: \"084c295955d615cf3004faf33e4cbee8c\"\r\nexpires: Wed, 13 May 2026 10:22:58 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS9225\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":44448,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (608)","md5":"84c295955d615cf3004faf33e4cbee8c","sha1":"3de157377e9f3eb6683a0400721ded82ff316575","sha256":"303b210c8f6c38e39d402bc698a0bd49251f7baeb9ab0a7e3bec17ca45d92b65","sha512":"d5f0c41ace08ea09f832ffb37fec83ddccd0015c306060927a9f025ab9e65288bbea67eb508d104645b68601ab0abecb2d918816fa0239e38b9e955b90d8f65f","ssdeep":"768:hs0P7HXfiMZJNOGzOkok0Ep8Vod9h/ZfmH3bBX9dwDGU0m:hjLiS/uEpYoLrOX19dwDvR","tlshash":"f51309dcb6a2b0a543675074403f920bf23e6876684c9094f259d9e17cb8d9e163bf7c","first_seen":"2026-04-23T14:32:57.672574Z","last_seen":"2026-05-11T10:34:25.005897Z","times_seen":18,"resource_available":true,"data":null}},"time_used":180,"timings":{"blocked":26,"dns":56,"connect":19,"send":0,"wait":19,"receive":33,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/js/layui/layui.js","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.659Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/js/layui/layui.js HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 107853\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Fri, 14 Jul 2023 10:04:07 GMT\r\netag: \"64b11d97-471d6\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: 2AwzIWeshtFoLVEEdor5UKRs6lYLQv_1HDhiFEVVxzNinI0LYFlwTA==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":291286,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"70ed0e8151d23de969de514bfd802a56","sha1":"569e6c1b0ac0b8efaa7dc0015b691334947a9665","sha256":"92c7997b3dce6ab2368b1bdb34ff4b67ac77957898a126c7eba452a8080bec95","sha512":"947eeb19fb055b07a191ec89625941abbdc8b2247b447dbec2e3958ebd3aabc34ac07a79c559e4752bd49bc44db77d500913aab4fae300077556e347d084b1a9","ssdeep":"3072:tVo+F//NOM0SF0Mz0pZN6TPKWjZIpYCrYtJ+8CZrcNBf4XcIiOb9:Xo+FdO3SF0Mz0Z6TfIpPS+8grcNBQcIZ","tlshash":"02543a9d758574b3237360a6406f990eb17b093daa0a8060f166d4fa2dbdc885237f7f","first_seen":"2023-03-07T12:09:26Z","last_seen":"2026-05-11T10:59:04.971237Z","times_seen":33289,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2026-04-28/8a39906b8253cc9c5a097a6d6a24a326.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.125Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-28/8a39906b8253cc9c5a097a6d6a24a326.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 28 Apr 2026 08:25:25 GMT\r\nEtag: \"dfa9c8431e9c0f3fc152f038952c3423\"\r\nContent-Type: binary/octet-stream\r\nDate: Tue, 28 Apr 2026 08:32:08 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 674\r\nContent-Length: 180480\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 375291834826884131\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":180480,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"dfa9c8431e9c0f3fc152f038952c3423","sha1":"5bf6c1821ad07354d3ade7ae675445f193dd8cfd","sha256":"563691909e328f9a3d5ea009022fe8003f9fe8e42eb756badc8dfa0dfa3335ce","sha512":"f1ac5d4476489b94db7624535ff30ed92f557f69bbb99c5de31c9b3b9280b9210042d78a9b29195f91176ae96e6543e53a3e8b74fc26011e7a610091ee9036da","ssdeep":"3072:f+zmPgnDdmjXRzqvAA568dNAuISGryOOonqX9tsGTknjII1hRFI2AzCc:f+zrgRqvAA56puvEyOKAGTknjII3g","tlshash":"de041258ee6f0279a240f96df3e65c6892335c9b08867d7040ada5d0f4782795fc3af8","first_seen":"2026-04-28T09:07:09.235516Z","last_seen":"2026-05-11T10:34:25.000101Z","times_seen":1047,"resource_available":false,"data":null}},"time_used":893,"timings":{"blocked":863,"dns":0,"connect":0,"send":0,"wait":26,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/js/layui/css/modules/laydate/default/laydate.css?v=5.3.1","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.335Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/js/layui/css/modules/laydate/default/laydate.css?v=5.3.1 HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-length: 2101\r\ndate: Mon, 11 May 2026 10:04:37 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Fri, 14 Jul 2023 10:04:07 GMT\r\netag: \"64b11d97-1cc5\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: MVur2FG-88SV-Rwb0On62ryM7jN9QwcFZqYClGeXGNkljZ_t6UQo8Q==\r\nage: 1102\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7365,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7365), with no line terminators","md5":"e9078eef34fe9a44e44bdd55b48fdc55","sha1":"73ef00229810ee179915661786d9b66b7fc2d568","sha256":"ab9dbdf922a26509951347fcfa83704d86afd2df855c827740c23df72fd8ab3f","sha512":"dbf200ca6effc6bee2f7e8f516dafe6b25fa66093f19fff117a8bd87732a3ca0206480319d5f733eb07d18f564cba1dfc6143587cbc5ea1d5d370948d8ab3921","ssdeep":"96:7OyDQi4ijYyC43i7hlVVZ4LyLk5bYsBE2rBOB:7OQQfyPCoiFVqHbrBE2rBA","tlshash":"45e1cc71b1542cd4702bc222b4a87cbfaef8dc02dae3265ce5b8621b85c15b7957d34b","first_seen":"2023-04-11T12:12:51Z","last_seen":"2026-05-11T10:59:04.971761Z","times_seen":32886,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/static/jquery/2.2.4/jquery.min.js","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.606Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/static/jquery/2.2.4/jquery.min.js HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 34713\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Fri, 14 Jul 2023 10:03:45 GMT\r\netag: \"64b11d81-14e4a\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: iy5dxolsDB2AUGxE23IrHJGVZqRTpSPVySocLuMYXbsCH5oXx2jp8A==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85578,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32065)","md5":"2f6b11a7e914718e0290410e85366fe9","sha1":"69bb69e25ca7d5ef0935317584e6153f3fd9a88c","sha256":"05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e","sha512":"0d40bccaa59fedecf7243d63b33c42592541d0330fefc78ec81a4c6b9689922d5b211011ca4be23ae22621cce4c658f52a1552c92d7ac3615241eb640f8514db","ssdeep":"1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2","tlshash":"1e83c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-05-11T11:33:13.440139Z","times_seen":278059,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/plugins/AiSuite/assets/common/vant.min.js","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.670Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/plugins/AiSuite/assets/common/vant.min.js HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 89193\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Mon, 17 Nov 2025 09:30:40 GMT\r\netag: \"691aeb40-3b3ee\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: XUPX96DV9-5fptJ7ppvRstRvVIPhCEOzgYA676435KJkF8wuWX8JLA==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":242670,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (36859)","md5":"48c71ec4ea36fdd75033bbb278a861f3","sha1":"b47d16bde5c94e468ef249bd2126b846a39afe73","sha256":"0b18e273bc785dd0e5cc43218ee879bce10461fdf3b1274a1f2c8962aaecb49a","sha512":"bd3e587cf0fa0c2d777e1918b2067a2a2cce648996ea7e490098d609b20bacec6c2fb6dbe682ac1e212eafe2c1e33364a8cde40439ab6d24638b9b23b69489a1","ssdeep":"6144:XEB3BhYNbHp+fvbtgMAgMgQ8dOq11tUxLEm+Om0RbU:XEBIHpevogQ8dOw1sEam0R4","tlshash":"d23439a0f685f42547b790e6507a0610e1290b48f009d1e0f57ded8e2aede94b6bef7c","first_seen":"2024-08-02T14:48:31Z","last_seen":"2026-05-11T10:59:04.995333Z","times_seen":33667,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/plugins/AiSuite/assets/common/popup.js","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.678Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/plugins/AiSuite/assets/common/popup.js HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 2210\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Mon, 17 Nov 2025 09:30:40 GMT\r\netag: \"691aeb40-1a0d\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: 5KFEjTaXcvSPouwkKmwYh06llV6Yw3R_8KKU1EqRohxvL0YduL55sA==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":6669,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"026709ed231cf8d920385fed59c17ca6","sha1":"19696886744402cb73a48a41e625b23f5acbb813","sha256":"3438d0b2d18590fa1f7f0c324a5ba9f42b699de78006ed372ad043bdf46a7e1e","sha512":"aa01a6f89fad627df9437b5bcf8c3feeb7bb9719d12f12ad8e00d031f3092d1de299ffa4cd98229ddbfd3c455a21934e0e391e1c06d979cfe65fbc0f08cf99e4","ssdeep":"96:P1spJ1L0gLrdAZLLCWICzj3nMjnjOSdFsCaxud:QTo3ZLLCvQj3nMjnjOSdFsCaxud","tlshash":"c4d12f9931f3213082abb27e6faba0143230a0477108dd197f4d5f900fc573a66e1bea","first_seen":"2025-11-08T04:26:01.83069Z","last_seen":"2026-05-11T10:59:04.981142Z","times_seen":24551,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/js/7.10.0/web-sdk-v1.1.3.js?v=1","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.693Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/js/7.10.0/web-sdk-v1.1.3.js?v=1 HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 16941\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Sat, 25 Apr 2026 07:57:56 GMT\r\netag: \"69ec7404-b4c9\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: 3MjS_RP2rPiyOvwI8lslopBbaSS2NyzL9wsIy4h_7lWOMvVt86aibA==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":46281,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (45886)","md5":"2b196930fa8660c3a3e9688b07e864df","sha1":"522362f66db5cb600042a7b85589efd1a778559b","sha256":"b016790e18668a5cdf7faa1f6f6b6dcbb2e5fb8bc52a41c7788fe0fe852532d1","sha512":"d4d25eeb8ea600f57ab64cf1ccd4da93a53189497e41220e407c3fa0b2a8fba1cb1e8a8c9581b3e06f0c3055cd587dd09b9d15f1bfb14cb101bda1997d3f6b0f","ssdeep":"768:7kgfsiW7qvtwF/t5NErAneLbk2c/zezOxdn/MNOuVJHcXn4jy21:7kg4/GWbzaz/Ka","tlshash":"9a23d89ab796712703926975582f100be23b5e1e4c4d41b4f311ece47cbe28ed236fa9","first_seen":"2026-04-25T08:47:24.286204Z","last_seen":"2026-05-11T10:59:04.947722Z","times_seen":1629,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/fonts/OpenSans/300.woff2","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.022Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/fonts/OpenSans/300.woff2 HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: font/woff2\r\ncontent-length: 16344\r\ndate: Mon, 11 May 2026 10:19:57 GMT\r\netag: \"64b11d97-3fd8\"\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\naccept-ranges: bytes\r\nlast-modified: Fri, 14 Jul 2023 10:04:07 GMT\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: OVELo1p27mM1IOuw4ugv08CYJEyV9eXwZwRHW55H8xyHsru2v0uVtA==\r\nage: 181\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16344,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16344, version 1.6554","md5":"c027111d6febba054f7cd5e5fddf2243","sha1":"7c6ebfb74210e4d368ba5df96b2c5aa448a3953e","sha256":"c347496b917562bd48ed65545fbced7c9fb2a3e48c1102708a7e615fd4fb2ed8","sha512":"1a819ee0993cbed2399265606b2adc0866dd34fcab1272b6d1798e08010cab4e38af1a2299d74a706690a3188d0081d92804568982fd23f6d2ce946ac29fb61c","ssdeep":"384:sO3z8BPeD5+oRjlrvO+uuGnSDKDPVb0fOovWO1aDDBAb:pgdeD5jRjpO+ugDKDPZ0mwV1aDD6b","tlshash":"ad72cf62810dd851e31137fd7c6622e0878cb0a392121bfc5bebd8ec09204e67ac43be","first_seen":"2023-08-07T12:25:19Z","last_seen":"2026-05-11T10:59:04.958129Z","times_seen":22895,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/upload/xiao/20240424/2024042420561219898.png","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.300Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /upload/xiao/20240424/2024042420561219898.png HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 24 Apr 2024 12:58:09 GMT\r\nEtag: \"b6f6d478d3e25a828f113463607a175c\"\r\nContent-Type: binary/octet-stream\r\nDate: Thu, 04 Sep 2025 12:04:04 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Miss from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nContent-Length: 992\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 10621822491989408368\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":992,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"b6f6d478d3e25a828f113463607a175c","sha1":"86b2ce61c15e61abb950f6903c6f23882c23dd7e","sha256":"dbe1684d86e552a2b97e3d2e1fc7a537fa0ef75da7b68fd10bb93a7f9a2d8ac1","sha512":"d5d3f7797e0f6a51d268768a0827a4ee8e404090469c70aabfb2e58ab02e34346daa77903d86c8a1d95af38b352a4899f3e4521add5fba9b2c099b9fe36d0a20","ssdeep":"","tlshash":"2511c84bdc791af9773d9bd10c816e880051858bf55f09092cb5633d988616ac867827","first_seen":"2024-05-03T10:06:21Z","last_seen":"2026-05-11T10:34:24.972701Z","times_seen":23460,"resource_available":false,"data":null}},"time_used":1074,"timings":{"blocked":1066,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/css/7.10.0/rank-3@3x.png","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:23:01.075Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/rank-3@3x.png HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4yvz2.crddgkmc.cc/usr/themes/Mirages/css/7.10.0/search.css?v=20260414\r\nCookie: _ga_P6HKH41365=GS2.1.s1778494980$o1$g0$t1778494980$j60$l0$h1428737922; _ga=GA1.1.1636593283.1778494980\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 2500\r\ndate: Mon, 11 May 2026 10:05:40 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Thu, 05 Jun 2025 07:04:03 GMT\r\netag: \"68414163-9c0\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: fcarnjFQ0JpFrfzfBRsrxFlDVHwH89MAyqXMbxPhU2bcgbYkkkVEYw==\r\nage: 1039\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2496,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"44b6dc38e9133c0cea22f7458442ec3e","sha1":"4963100db4a6f4e33837a07f0d62370524423673","sha256":"28a64014ea2e54dee4a96dfd9923ea4693ea6a0532cf6cf5cd1c8f1aaa1e543b","sha512":"7351991697ad02b03a4e5ba0dbe7595cd5c89eb88749fa4c4df353b97bc896d0741a485faf72198694af42e58610ec3981e32b4752042b14127415f972f3db15","ssdeep":"","tlshash":"40515bda280dcc1bc2261875342cb81de565582c41f3e4adfee3c5a066a8c98c2f9d43","first_seen":"2025-10-28T07:13:52.658458Z","last_seen":"2026-05-11T10:34:25.025394Z","times_seen":10580,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2026-05-05/9d0ffaf2e715b43222d495943bed2223.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.252Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-05-05/9d0ffaf2e715b43222d495943bed2223.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 05 May 2026 08:59:35 GMT\r\nEtag: \"b2e85c465204dd0ac3e57ba6af972d89\"\r\nContent-Type: binary/octet-stream\r\nDate: Tue, 05 May 2026 08:59:35 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 5\r\nContent-Length: 368000\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 17239404462101254282\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":368000,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"OpenPGP Secret Key","md5":"b2e85c465204dd0ac3e57ba6af972d89","sha1":"22b64a6eac45dfd0cad56e948b1caf4215f446dd","sha256":"80712d5a2cb9494fda823778cb27ce5e720032cfd7acc6b24db57ef4c9abf3d4","sha512":"debb4c27e9f6ddbb251437274cba9db53eeee53a0ccda68be84e6fbdd8c016738cb4d29f0bf3019c43311add25fc38388c90cdb9c379ba4569fa4df3f221e391","ssdeep":"6144:EiFNZH3i3kuKBTzSq3NFlBkEw+DDXimwjKANH1mXIf9K10DviDdA/z8xb3nY9xpy:EUHckZBTztnEEzDrqjvNVbf920bWdA/0","tlshash":"c774230c8cdd27c9985456d55d3bdadbe06cf0b8b19668ee2ac6b34a3d60038d397d32","first_seen":"2026-05-05T09:22:39.301607Z","last_seen":"2026-05-11T10:59:05.007609Z","times_seen":413,"resource_available":false,"data":null}},"time_used":1029,"timings":{"blocked":999,"dns":0,"connect":0,"send":0,"wait":22,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2026-05-06/b229728c49422a5a744e5a3d354bcc98.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.267Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-05-06/b229728c49422a5a744e5a3d354bcc98.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 06 May 2026 13:39:56 GMT\r\nEtag: \"c7b49cc2ee8091b689b9e71076b69f4a\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 06 May 2026 13:39:56 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 2\r\nContent-Length: 1477664\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 16255944109972694636\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1477664,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"3fc22987423853842d2951f38c8f60b1","sha1":"d0e3e3d8ba44d4e778196b7359190c16448ae6d3","sha256":"9b8dc4cbab248e4e8dd8f2b7301f4d62c8ce6f7aaa196f59aaadffb7fb110b30","sha512":"03d88fc9553cdf895525694b0a73286ed7758e841fc27cf5b868e6e70d72c5dc292ef1a3e5057cb6692826fdab0040349c390bb2611e5a5075d27c203f361018","ssdeep":"24576:vVwNo14E/Q7P1IndQkUYeYm9dFnlxQBoDsdmyRmwaUtxxESwxdEYs:dNx4LwQkeYmlnfLDem2mwaaxEzaT","tlshash":"c4253306347e06ad18a098c19d72fe6f68c0d3acdd537b62e1fc5d293178bf8e824695","first_seen":"2026-05-06T14:23:07.278514Z","last_seen":"2026-05-11T10:59:05.008163Z","times_seen":311,"resource_available":false,"data":null}},"time_used":1281,"timings":{"blocked":1014,"dns":0,"connect":0,"send":0,"wait":16,"receive":251,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/upload/xiao/20231025/2023102511321596540.png","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.287Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /upload/xiao/20231025/2023102511321596540.png HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 29 Dec 2023 10:47:00 GMT\r\nEtag: \"17bd572f88a1fee3c902a691acdb8574\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 25 Jul 2025 17:52:19 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 63000\r\nContent-Length: 608\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 4171601511244943185\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":608,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"17bd572f88a1fee3c902a691acdb8574","sha1":"1dab6e54398b54b5b1082bb52a6ebf923434826b","sha256":"8c6a0267279f65b90e630d1f0c58c2d29b793c05aac1b343b0c10b77eb4455c1","sha512":"92c347130852ae789476448e289de577641145551258eb0fe4f263fe2011f36775d4c775da4898f413948943c1b5f92abe09703effd88b3fca236d0654ba2f76","ssdeep":"","tlshash":"e5f0b71c829184fd618009947cbfcd43005da6ef5dbd0321f14a17505cede0ec6e262c","first_seen":"2023-10-25T11:55:10Z","last_seen":"2026-05-11T10:34:24.981591Z","times_seen":23539,"resource_available":false,"data":null}},"time_used":1059,"timings":{"blocked":1031,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/plugins/AiSuite/assets/common/axios.min.js","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/plugins/AiSuite/assets/common/axios.min.js HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 21089\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Mon, 17 Nov 2025 09:30:37 GMT\r\netag: \"691aeb3d-cc17\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: fkuZqYGsirFjS41UmRzHAXlCp55PewXDGBJVlchbuG4jLZlgwuQtXg==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":52247,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (52208)","md5":"99714d221df650b50da3b7bf97e2987d","sha1":"493b74178a63429fff2aab081b3a1ca73d362085","sha256":"8ad11c4cb079bba93156727270f510292eedcc0716c6f21725074a59ec8b9b96","sha512":"2520851e12838a54d14577bd6a4fc5276f1d729389c7341a09ddd783c33217a5c58ce0e1cbf60c08cf075b44c50dc90d1d651ec16fa47ef8629f8de12ad27103","ssdeep":"768:Wjp+L+sl7x97+om+oCICTUOD3cQ3F1C+SqImCjL/hQBf/MEVgnyzB/c2OiwBaGcj:Up+b0GUOLMPLJQf/CEB6iwOj","tlshash":"2c33b6cd76d6f06243a77174802f610bf23aad16a44d8460f224ece6bcb854e9337f69","first_seen":"2024-05-21T19:06:10Z","last_seen":"2026-05-11T10:59:04.962253Z","times_seen":34601,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/upload/xiao/20240424/2024042420520535158.png","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.288Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /upload/xiao/20240424/2024042420520535158.png HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 24 Apr 2024 12:58:09 GMT\r\nEtag: \"6e220a8ec043e7945835b16c327d6346\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 25 Jul 2025 17:40:59 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 63680\r\nContent-Length: 544\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 585489706316573988\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":544,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"6e220a8ec043e7945835b16c327d6346","sha1":"c8481ea75ba92c081353928d121f7b8cc98cb382","sha256":"be2dde197704a4ecdf8ce80a296fee2e32b9a50125d3da59c7ddd324145dfde7","sha512":"9facd03c5abdfed6145fa35a475684e69768951cef50c530c7897f23ec332ec80ae338f9eadab69ff4efe542c30225646c8e29e6b8c8112838f7a3cfd877317f","ssdeep":"","tlshash":"6af02613537e004e2e1b198a6fad3107458164ef416a432d7bc21716695e7277465528","first_seen":"2024-05-03T10:06:21Z","last_seen":"2026-05-11T10:34:25.031851Z","times_seen":23504,"resource_available":false,"data":null}},"time_used":1059,"timings":{"blocked":1030,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/upload/xiao/20240424/2024042420561168459.png","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.301Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /upload/xiao/20240424/2024042420561168459.png HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 24 Apr 2024 12:58:09 GMT\r\nEtag: \"745e05087f2c2985a982f236036c750b\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 26 Jul 2025 11:18:57 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 202\r\nContent-Length: 1008\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 2296553825553812708\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1008,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"745e05087f2c2985a982f236036c750b","sha1":"0ee044b91f7f2e3c88b43f1f3f33d474a032f09e","sha256":"0e492574eefb14856928c6210ed8a109e0ae77e529168ac15d2993d64d4e0953","sha512":"e0dd8a6d0a05a00b4049f721654da619e50575a7466e2e5e7d4ae620ac753c34d78f529b58ce566048cf49fad7d205dbc95da3d519352500229ce0d04723d4ff","ssdeep":"","tlshash":"571165b9805d5187ab6d9b6734ed26aa75e5174de3fb3d5b8261658374040060044c29","first_seen":"2024-05-03T10:06:21Z","last_seen":"2026-05-11T10:34:24.97356Z","times_seen":23320,"resource_available":false,"data":null}},"time_used":1077,"timings":{"blocked":1068,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/js/layui/css/modules/layer/default/layer.css?v=3.5.1","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.336Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/js/layui/css/modules/layer/default/layer.css?v=3.5.1 HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-length: 3428\r\ndate: Mon, 11 May 2026 10:04:37 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Fri, 14 Jul 2023 10:04:07 GMT\r\netag: \"64b11d97-37bf\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: 3O43pSYNJ47KrzmdPDUyeuhvIsKdRQJJxOLzcanDnxjxfia0TUShqg==\r\nage: 1102\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":14271,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (14271), with no line terminators","md5":"c234eb06d5f32055092294e78957f17d","sha1":"f15ee0bcb9694f32f5e1d524f2653aa0dd043402","sha256":"5cdf3edb27b0c9f8e48918c486e9ae65a9e5beab806b64c4a7bc5bac53c0f540","sha512":"3f06b51116d7f8026d81c7eb6a3c4d871462d09fe0a5b8cc8b7feaf20cbc88b0b6a545f0ec7cbc17566a9ff609405f58fad6eddfb3a8b3f6d530ede8fa3fad5c","ssdeep":"96:mp+Ntha8qNEp+wRY1vUPXi0nMLPD2OtLzAyPHL/LztJDzyv2OQ7KGx1j9d2/nWUU:1ELr2Otzrzzt42OQ7KGx1j8WUq4S3cU","tlshash":"f75242e144911299b0278721d6dc7eba32f88d43e5630caef2573c1f874c6dba2b6647","first_seen":"2023-03-10T11:40:20Z","last_seen":"2026-05-11T11:27:35.115286Z","times_seen":51035,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/images/Search/pc-nav-icon-gh@3x.png","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.641Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/images/Search/pc-nav-icon-gh@3x.png HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 736\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Tue, 22 Jul 2025 12:20:29 GMT\r\netag: \"687f820d-2dc\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: cYx50RXszWYr3Pf8vGUsDxjrNtHGYVg8rVVnoTl9HMm0Igcmd5V_dA==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":732,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 60 x 60, 8-bit colormap, non-interlaced","md5":"0065fa7f70b2b08b15d3fd0f5791d5b8","sha1":"d3de2f101b2f9e8b9bf41c2b896dafd6d760199e","sha256":"4d6b1fc6cfb3528a1ad9dc78c51f7005a26fd2251c49b1060e37f30e2a9caa2c","sha512":"8ed33dce5119cb2fd93dad87b72b3325e627c40e3cd20d50bb6726986a915e22daa2f23fc38fb09d2580295babffd0b55b20592fc9f41d1a7a7cd2888e8a6221","ssdeep":"","tlshash":"0501886323d95a3dfff841b7272171e46d455cf8996281c67a6d3001463d1ac9740762","first_seen":"2025-07-12T04:18:50.94389Z","last_seen":"2026-05-11T10:34:24.963958Z","times_seen":23526,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2026-04-19/dcbb9057bd813312546dca943c225826.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.056Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-19/dcbb9057bd813312546dca943c225826.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sun, 19 Apr 2026 08:12:26 GMT\r\nEtag: \"bf2e3809bf412d640822f5569943d4b4\"\r\nContent-Type: binary/octet-stream\r\nDate: Sun, 19 Apr 2026 08:13:50 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 192\r\nContent-Length: 350528\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 2284391720966043757\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":350528,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"bf2e3809bf412d640822f5569943d4b4","sha1":"f7b59d8d3b14ba8d7839a183b351a1222a891e00","sha256":"deaa3948ba53635fbc3af99ce32fc5b95c7521324eb86e1d5badb4f3d7b243a9","sha512":"1148a06529a024e36c952d705f232ec96c34d0d93acf64ca0de8447cbde47787a26110b6068cc525135acb5b88c03357e3df9760b1ff0872036ee91fe0ea3d23","ssdeep":"6144:jPDiIBPn2pBD5hiuc86k60+OelXeUW0fdsYB7NYp4vHkRHrYrNxnquqFm3r391Tz:jGyn2zDVT6kuOmXE0eYFNYVFKNxnYo37","tlshash":"9f7423a85e44b171d20e0c409db34f147366bcafd14cc5ea6a548f8bac46af65fbc788","first_seen":"2026-04-19T08:44:06.1028Z","last_seen":"2026-05-11T10:34:25.108908Z","times_seen":1386,"resource_available":false,"data":null}},"time_used":1587,"timings":{"blocked":708,"dns":571,"connect":50,"send":0,"wait":25,"receive":69,"ssl":141},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn//upload_01/xiao/20260506/2026050621412395169.jpeg","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.139Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET //upload_01/xiao/20260506/2026050621412395169.jpeg HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 06 May 2026 13:41:28 GMT\r\nEtag: \"31e5ca5cea4576ead9fbf3c48d4c557a\"\r\nContent-Type: binary/octet-stream\r\nDate: Thu, 07 May 2026 01:03:52 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 154\r\nContent-Length: 275440\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 6377813421197538858\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":275440,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"31e5ca5cea4576ead9fbf3c48d4c557a","sha1":"92245b8680a9128cc2a57ff99f1814f091fe3d6f","sha256":"aaecad0b6bd5220656f8ea5446631c382e6b17113fe4c5b1e655cf324951de87","sha512":"347be8f4bc3afe94a4e2cafa44b0bf4e741e28598428fe18456b59ca49a6f3a9f7cf305cdb5511f56e818932adbbf4e2824e5ef4792e55dd9fff4e4d6ba5966e","ssdeep":"6144:CIVxMmMDdyrcLIBpy2q8QQ21nqgBaBSsiAmu2J93/revQ:TKmMhyhBpTB2xvGSsDmu2Xvrx","tlshash":"cd4423ebd01f305d1bfabc897a4aa96125169c0d529a6c0d7c9ac83537d5cc3c4b3de2","first_seen":"2026-05-07T12:53:42.933568Z","last_seen":"2026-05-11T10:34:25.00933Z","times_seen":210,"resource_available":false,"data":null}},"time_used":924,"timings":{"blocked":894,"dns":0,"connect":0,"send":0,"wait":22,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2026-04-13/67b3a352262f21d25b13607b92d28f7c.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.180Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-13/67b3a352262f21d25b13607b92d28f7c.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 13 Apr 2026 09:14:38 GMT\r\nEtag: \"154045294b9bdf219bea8703058711c4\"\r\nContent-Type: binary/octet-stream\r\nDate: Mon, 13 Apr 2026 09:14:39 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 51\r\nContent-Length: 389120\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 14318575884252556513\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":389120,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"154045294b9bdf219bea8703058711c4","sha1":"bd21bf588c3f0b3a98028d87ee563f6d0c3677c3","sha256":"8135149f02fe76e33891a42e79f26a1c83c2e9774702786bce4c599aa9be66ec","sha512":"c62b19ddad24e32ef375c7ecc2a5ff6e8fd5365f2cdfefdfa9a5f86ed9b9e98b1bc9bda5e628ca077a7ecfef938ea18f070f2ca2850aebd27b6c27cda98e0dc4","ssdeep":"6144:XSm4myDahLGsfMT5L8etJveBgGwAoKgsz+p9wzdDoTGn/V9d9d:pCr6M5LvGBgGwKnM9wzdZ/hT","tlshash":"4d84230dcab14d146ae0183c9982f7385e45c12feab3d15fefba150a1de22778f91687","first_seen":"2026-04-13T07:59:55.497195Z","last_seen":"2026-05-11T10:34:24.944772Z","times_seen":1845,"resource_available":false,"data":null}},"time_used":931,"timings":{"blocked":903,"dns":0,"connect":0,"send":0,"wait":18,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api-dc-prod-002.cyou/api/eventTracking/batchReport.json","fqdn":"api-dc-prod-002.cyou","domain":"api-dc-prod-002.cyou","tld":"cyou"},"ip":{"addr":"149.104.32.238","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:23:01.198Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api-dc-prod-002.cyou","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 13:55:49 GMT","end":"Tue, 28 Jul 2026 13:55:48 GMT"},"fingerprint":{"sha1":"E2:76:5B:F7:27:C9:73:D6:04:E5:F7:DC:A5:7A:C7:F6:7A:DA:3A:75","sha256":"8F:1F:6E:49:61:08:13:E9:B9:AD:27:2F:37:49:94:A0:AF:57:F5:EE:E3:DF:F6:AD:68:B8:29:20:47:C7:B6:F7"}}},"request":{"raw":"OPTIONS /api/eventTracking/batchReport.json HTTP/1.1\r\nHost: api-dc-prod-002.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 11 May 2026 10:23:01 GMT\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://h4yvz2.crddgkmc.cc\r\nAccess-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS\r\nAccess-Control-Allow-Headers: content-type\r\nAccess-Control-Expose-Headers: *\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Max-Age: 3600\r\nAllow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH\r\nContent-Length: 0\r\nx-request-id: 019e168f-c453-7d10-8f63-4dd45a61ed2f\r\nServer: Xcdn\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-11T12:02:54.547078Z","times_seen":15008011,"resource_available":true,"data":null}},"time_used":729,"timings":{"blocked":-1,"dns":76,"connect":152,"send":0,"wait":334,"receive":1,"ssl":165},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"api-dc-prod-002.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/css/7.10.0/VirtualList/virtuallist.css?v=20251205","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.589Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/VirtualList/virtuallist.css?v=20251205 HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-length: 3352\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Wed, 21 Jan 2026 09:20:11 GMT\r\netag: \"69709a4b-3a46\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: sIfXWV2jwuTSrMObZ3szSXcQAUJjcxMwjySKxDIlDoWcU4H9BuxaaQ==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":14918,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"445f4adfb2a73e5051e2736ea9412403","sha1":"58acf37f0398907cfd89dc53639b25401da65a42","sha256":"eb80348fc71167f273aa3e77e24f0aa7a4b851fd8a2ba7aaf8c0e4e88611e803","sha512":"47fe60b0530fa962ea928b65235d39b90602187bdd494c25a0b4915ad733f6d59e2e1275b558349a05913215c919dbf25174a537ff71754a8efb74fbcd8e18c6","ssdeep":"192:HIjaV2e72zSkaah+oIVNmu3JpL7NBOr2N5Ywwqk3ub7TmfRyPdC+6PwmBV3IKs4m:Hb5LJidrI9","tlshash":"e4629b9c15d22544a49fb40c3eaaf98a621d971bc916c9ec3fad6388cf8df41656238c","first_seen":"2026-01-21T09:49:21.708299Z","last_seen":"2026-05-11T10:34:24.974447Z","times_seen":10888,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/plugins/AiSuite/assets/js/qrcode.min.js","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.679Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/plugins/AiSuite/assets/js/qrcode.min.js HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 8132\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Thu, 26 Mar 2026 08:53:44 GMT\r\netag: \"69c4f418-4dd7\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: ifEJI4BbkC06JdEc1jx7Fi-ut9U1JqOiR67SWjMfrL4mqcmtXM5jkA==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19927,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (19927), with no line terminators","md5":"517b55d3688ce9ef1085a3d9632bcb97","sha1":"2d06c1f823f34c19981c6ae0b0eb0f5861c5e14b","sha256":"c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36","sha512":"08d80845e706a3b9e985b799d3849cd7791ad3ba5aa9d793bb4591d4833890d7299810144874905f416c94d8530da74be0ee520066a91ade05a1da8bf0ccb498","ssdeep":"384:WRQ2kvcAAdTRhQLThP2yO9/9G84U5xOiKQYHHHsglDep9m1yfB8dKLMyA+LyUyy9:xThP2V/9N4U/gQYPXa8CAPLyrZ","tlshash":"8c92c7e4f36542f6915e6cd4283f104b64a0a4636c1490acbfb5c1e6a9f8fe0647af74","first_seen":"2023-03-07T01:14:56Z","last_seen":"2026-05-11T11:37:26.211905Z","times_seen":58769,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/upload/xiao/20231025/2023102511321748042.png","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.294Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /upload/xiao/20231025/2023102511321748042.png HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 29 Dec 2023 10:48:33 GMT\r\nEtag: \"0a924cade949087f8b6bf7313aa986ef\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 25 Jul 2025 17:35:53 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 63986\r\nContent-Length: 480\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 3634734254420342611\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":480,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"0a924cade949087f8b6bf7313aa986ef","sha1":"056a7262d79428dd375e0804bb442f31d8c8c075","sha256":"bed19286a8429e9bba96a38393b3e23dab3449f3080833745238aab768ea7bdc","sha512":"20f6cd8832039db48068c7176c216dea73aad21c694784c0c5ed352c25f7bbad9907fca1b3c58e43ba73d26ccb7b54218b571b79ca76f03914efda6156855d75","ssdeep":"","tlshash":"0ff054bf501576ec00345ec404a5d026351e90cf6f4dac5f91d0b2c30e1ee643207180","first_seen":"2023-10-25T11:55:10Z","last_seen":"2026-05-11T10:34:24.933037Z","times_seen":23480,"resource_available":false,"data":null}},"time_used":1074,"timings":{"blocked":1053,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/fonts/OpenSans/400.woff2","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:23:00.845Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/fonts/OpenSans/400.woff2 HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nCookie: _ga_P6HKH41365=GS2.1.s1778494980$o1$g0$t1778494980$j60$l0$h1428737922; _ga=GA1.1.1636593283.1778494980\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: font/woff2\r\ncontent-length: 16644\r\ndate: Mon, 11 May 2026 10:19:24 GMT\r\netag: \"64b11d81-4104\"\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\naccept-ranges: bytes\r\nlast-modified: Fri, 14 Jul 2023 10:03:45 GMT\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: JsEz6PDgMFSugbomnhm7DGd5RTACxgHNq5uYRJedNUtiW9JC-v739A==\r\nage: 216\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16644,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16644, version 1.6554","md5":"6276351c3fd3053a0cab736572d6ced1","sha1":"326b281cbcf5070d140fadedc4b1354f1a5d916c","sha256":"43640ab0efbdbd50a1162047c1f62f338fb84de407411b98bfa6a1f8666ef0af","sha512":"c9885c9fa086350a150efae1c40c9ab22314db0baf47b457c3de4be5c7e609313b9fec4f9000b133a9f8b365c2d5d3703bbff579833a8b81195062e5f6bfe5e7","ssdeep":"384:JK4eVLUx4mqjtgI4cwDn/HnhbXOU7WYb+KFqEevY5:Y4edUqmBIkD/HhjHWYb+KFGvY5","tlshash":"bf72cf83f467d9f0f42836305db116e3b979ef357761ace0621445aa1232bd02e847dc","first_seen":"2023-05-08T23:10:23Z","last_seen":"2026-05-11T10:59:04.991959Z","times_seen":24895,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/images/x.png","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.633Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/images/x.png HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 758\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Thu, 26 Mar 2026 08:53:44 GMT\r\netag: \"69c4f418-2f2\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: kQUzN3Hwv8t7JWPH4APVjzLOZckXHaTuBKfqzIEOqJiZTRBM3gZEvQ==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":754,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 84 x 84, 4-bit colormap, non-interlaced","md5":"e8c4a2f11a54a236d01be9d480bc6416","sha1":"60c3df5c18916d70592285db2870114ed8884a09","sha256":"bf7dfa326c23f9d45ce5b96e8b614ed975104ab649ad7c8ee20e9f09be632ed0","sha512":"04a77830842646fd45b2a03f6c7c4919049787a2bbde091024e677edc8884102b9165737d1ec97abbb504ab207f53a840d4c29ee6b4672ea1e0e276fe3d7320b","ssdeep":"","tlshash":"aa0199a6c0990d56f96964fae75fc045e9b11d905d100407dd16f41d68ba2b245c439f","first_seen":"2026-03-26T09:29:38.990317Z","last_seen":"2026-05-11T10:34:25.099102Z","times_seen":8747,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/css/7.10.0/search@3x.png","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.019Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/search@3x.png HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4yvz2.crddgkmc.cc/usr/themes/Mirages/css/7.10.0/search.css?v=20260414\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 634\r\ndate: Mon, 11 May 2026 10:05:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Thu, 05 Jun 2025 07:04:03 GMT\r\netag: \"68414163-276\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: 5Qj0bi6NxYHCojSPC9AtB0a1lRzL9JCSKBTxC1LSOVsJAeVvcUL8dQ==\r\nage: 1045\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":630,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 4-bit colormap, non-interlaced","md5":"a4b5282346fb42d90c59fa556c76e8e0","sha1":"0a12261356eef879559d3bc1dae88cf08dc23a1e","sha256":"aa5da5e9cc04a263402c2c75dc6485c929de92186e8efb80ba3c7cd9604bf950","sha512":"c385c6f1f449891870f786d9fc9bf140cb4218633c39b09ce7895b0c8950ae918327a49036b63f793e58dfec8ba308050d2cef338caffc1b6c856eb31893e6ab","ssdeep":"","tlshash":"bdf00251822d7c9bb34b2916c0177762f858d915771113cfcf0aa83c59151d6c2fd209","first_seen":"2025-06-06T19:17:52.685678Z","last_seen":"2026-05-11T10:34:24.969249Z","times_seen":25598,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2026-05-02/15c84f6206abb3a776abe2bbeb992121.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.110Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-05-02/15c84f6206abb3a776abe2bbeb992121.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sun, 03 May 2026 03:48:31 GMT\r\nEtag: \"eab1f782067bb40a8414b2f0f238b48a\"\r\nContent-Type: binary/octet-stream\r\nDate: Sun, 03 May 2026 04:03:10 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 901\r\nContent-Length: 918944\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 17738647634547310247\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":918944,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"eab1f782067bb40a8414b2f0f238b48a","sha1":"59d2d8a938844c0111ab3aa952e2c757e9e5fc83","sha256":"3762ff24163efefd219374cf798a48385041970bb596c125fe255615938a3592","sha512":"16c45266df50e3fa172aa0759e37cbafe10817d4f2d918bb9fe2afc9b7a1dd06f8c25524d7a27ad5c58b5f070bedf4d256f160dd43ed7cbbfb528b42881d3a4a","ssdeep":"24576:dcRGHhAnyGP8PgJmxSpEhO4OCXS514M9JvjhB49XcXZImqByd8O:dOIAnkgJwaEhbe5XfjY9MQu8O","tlshash":"331533dc75ed8600a999c159c6339ca9353740302e0b6b7a9f4cdf9b36a9129ccc638f","first_seen":"2026-05-03T04:33:38.282321Z","last_seen":"2026-05-11T10:34:24.986878Z","times_seen":550,"resource_available":false,"data":null}},"time_used":1122,"timings":{"blocked":819,"dns":0,"connect":0,"send":0,"wait":11,"receive":292,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn//upload_01/xiao/20260509/2026050915392881838.jpeg","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.128Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET //upload_01/xiao/20260509/2026050915392881838.jpeg HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 09 May 2026 07:39:33 GMT\r\nEtag: \"6b83ee9ae650b20c4eac15aa51dd42ef\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 09 May 2026 07:47:34 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 617\r\nContent-Length: 215680\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 7280149071104924829\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":215680,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"6b83ee9ae650b20c4eac15aa51dd42ef","sha1":"14a4d887ab45796449dc9df2a009454a0531857e","sha256":"1e0a5c76fc70088cd11df8e7129d8158ef682d0c89fc88bc0f527de82eabb1a3","sha512":"e0cc0c366c59e41a26c9124816e31e565d5b5afdcd6f0d691f24c41e4ef8f7bed660836654401d2c454106b71681bc5df58a1a6b24724e76e688acf8a0c48714","ssdeep":"6144:F6UF19HuNcSVHdtcbmDiHtNEVkkGQrEdUt8JS7Y:F6c1t3SVHQrNYrqUt8Q7Y","tlshash":"fe242391f2a77184e7d0cbf61c0eee4a5eb88d6a6055d49226ffe35e54e3bd01783008","first_seen":"2026-05-09T08:32:00.68409Z","last_seen":"2026-05-11T10:34:25.019252Z","times_seen":135,"resource_available":false,"data":null}},"time_used":909,"timings":{"blocked":867,"dns":0,"connect":0,"send":0,"wait":24,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/upload/xiao/20240424/2024042420561566169.png","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.298Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /upload/xiao/20240424/2024042420561566169.png HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 24 Apr 2024 12:58:10 GMT\r\nEtag: \"e8ea473291e2351d50cd83d799e46e4d\"\r\nContent-Type: binary/octet-stream\r\nDate: Mon, 10 Nov 2025 00:51:48 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Miss from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nContent-Length: 880\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 3294091958000399914\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":880,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"e8ea473291e2351d50cd83d799e46e4d","sha1":"9339cfb3c5d3ec47c8d7b0abbc42bd80e758aad6","sha256":"7876d5dcedf4ab2894859fdebeeed291c05a294537f95f48f01ce69ca66f4a82","sha512":"fd5e7d6c70dcc183e5ac17efbb6a7dddaa5b441c2cc40a53fa4e8b544a86b8450464af25a6d4434cff846bae456aa9c9abd4d138abdb448213b1ed248ee8eeaf","ssdeep":"","tlshash":"d1111a3300670655367ea34d8ee35f9c52583c194903acbce30e8ec787078129707b2b","first_seen":"2024-05-03T10:06:21Z","last_seen":"2026-05-11T10:34:24.95007Z","times_seen":23533,"resource_available":false,"data":null}},"time_used":1067,"timings":{"blocked":1059,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-P6HKH41365","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"216.58.201.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.582Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 08:35:05 GMT","end":"Mon, 13 Jul 2026 08:35:04 GMT"},"fingerprint":{"sha1":"E7:E4:62:10:D0:4A:34:4C:52:81:20:8A:19:37:09:AC:CB:16:42:54","sha256":"08:43:11:5A:D2:42:9C:49:2D:21:51:4F:92:B8:9E:59:04:F2:2D:E8:0F:ED:E7:49:06:D8:6F:61:B9:41:A2:36"}}},"request":{"raw":"GET /gtag/js?id=G-P6HKH41365 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\ndate: Mon, 11 May 2026 10:22:58 GMT\r\nexpires: Mon, 11 May 2026 10:22:58 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 173053\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":524611,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"8d2f196a02160548dc41df34d9a09915","sha1":"2e4dc584d3487e45e1a7c22e0173452c69fb4056","sha256":"2406de1e202ec72d5138376784a506671efc6090f581fb7c15b65c5d1af4dc14","sha512":"4c2a079fe09189ee14e4f2f46e757c23dc83a3f8d8181665ec1e78e60e46fb970ede85e60975616815d6984556521879954728a6dcb1679c3988cc6404a46d6f","ssdeep":"6144:Gkik1UvK5yOKCDm3dR5fTW8xhWN3ivVC4uxEvP4kzPPVYeYz:4vK54CC3d344+EvP4kzCh","tlshash":"6ab4f9ceb3c674625396f478903f01cba97b25a2b45cc8aab189ccf02d3465a5177f78","first_seen":"2026-05-11T09:12:40.555029Z","last_seen":"2026-05-11T10:34:24.943191Z","times_seen":6,"resource_available":true,"data":null}},"time_used":838,"timings":{"blocked":350,"dns":0,"connect":21,"send":0,"wait":34,"receive":65,"ssl":365},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/plugins/AiSuite/assets/js/user.js?v=14","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.686Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/plugins/AiSuite/assets/js/user.js?v=14 HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 4274\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Thu, 26 Mar 2026 08:53:44 GMT\r\netag: \"69c4f418-3eb2\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: mRQWbXSB8xaN0taO6KpFBu5-R_XRDo1ppaRMDNRUQVoK9C3p1CHYhw==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":16050,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"8d95cebf26c81a43cc2db9bb3dd2bd4c","sha1":"734e62d7f43f72a137ade8e66e38f693b6256bae","sha256":"1d534de6c385ea7ae90712551fcfea20e61bab348af7745882685635c4f17feb","sha512":"9b60e85ae53d50b4dcc763e6146314244c8651ab93263f2137a135982eaf0b223e054c9fb735dc8ecba2d98c2ae4df2146588c34e321bca7f9846a109210cc77","ssdeep":"192:G4pcNs9UU7MENyT7ACneMrr4bUDUrMVCr1JB7yifGQ/FoWjxk0vwnaI3QUGMugCA:G53Kmuj/J6KUBn","tlshash":"c562730ab1f905624b5361b06b9b2204713195072a0add1c3e3d9bd82f5ed79c2e7bef","first_seen":"2026-03-26T09:29:38.978452Z","last_seen":"2026-05-11T10:34:25.02099Z","times_seen":8773,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2026-04-13/0b2fa311d35d9d94a896109cb8ac85ed.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.061Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-13/0b2fa311d35d9d94a896109cb8ac85ed.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 13 Apr 2026 09:06:38 GMT\r\nEtag: \"96aaf9fbfe0af21e567e87a4cb133529\"\r\nContent-Type: binary/octet-stream\r\nDate: Mon, 13 Apr 2026 09:07:01 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 130\r\nContent-Length: 489168\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 17768076455447178161\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":489168,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"96aaf9fbfe0af21e567e87a4cb133529","sha1":"7f0798611b7457f29675257b3f228aa6f6b36662","sha256":"c1356bf0c8d43f5b985fab267cb8615f3cbd2169feed3adbaa277b03cda59a0a","sha512":"f3613c36112f85b009810b386cc6647a4522c4db85b3f837765330352df251ca7e12ecf909d66bf00e3164a835b7993db8f57b6982baab6d4026bfd3100eeec0","ssdeep":"12288:hZki+ROQWgIlg/IgdgNLTygitAm6q6YYzcpf6BQa/H:jkcbgIlZKgBq6YYwNXav","tlshash":"75a423d08e9b990428e1b80da70c4b0cc58c3643f9b6af721579b5f7db7b128b82dd56","first_seen":"2026-04-13T07:59:55.505218Z","last_seen":"2026-05-11T10:34:24.926399Z","times_seen":1630,"resource_available":false,"data":null}},"time_used":757,"timings":{"blocked":727,"dns":0,"connect":0,"send":0,"wait":8,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn//upload_01/xiao/20260511/2026051112170382523.jpeg","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.080Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET //upload_01/xiao/20260511/2026051112170382523.jpeg HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 11 May 2026 04:17:07 GMT\r\nEtag: \"2afaf46287092f3d8080a1d3df2c40c5\"\r\nContent-Type: binary/octet-stream\r\nDate: Mon, 11 May 2026 05:04:09 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1181\r\nContent-Length: 201296\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 16093038139411875868\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":201296,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"2afaf46287092f3d8080a1d3df2c40c5","sha1":"bedaf8841f6a15790aa85e41a692fd90e307d9c7","sha256":"a08d8ab7fdde5b2d516708bfe97a95e22d02ec8663416e540c8628956f7f15d2","sha512":"1ace24608fe5db38fb93a04565b09249861eec0de2fc312f2d068dec375c666f4c30ddeb36748f8488b5e298f4835307b0c3667bf0bd1fc1db2d38c495bef0e7","ssdeep":"6144:qU8M6z2wu8RH1XdZclJ1WNRG+G4U5fwgSIE:qZM6zu8RFdOcnG4sBe","tlshash":"fb1412b68cf0ed9999e771da2f40dd572a1b3a2feb04fcf482435550def9808a12c459","first_seen":"2026-05-11T06:12:50.549356Z","last_seen":"2026-05-11T10:34:24.993072Z","times_seen":8,"resource_available":false,"data":null}},"time_used":756,"timings":{"blocked":739,"dns":0,"connect":0,"send":0,"wait":9,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2026-05-07/2fd5dcdf32f0ea6f22583c8829a00ca9.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.225Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-05-07/2fd5dcdf32f0ea6f22583c8829a00ca9.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 07 May 2026 02:19:36 GMT\r\nEtag: \"c2401224455629d980b8847388558d06\"\r\nContent-Type: binary/octet-stream\r\nDate: Thu, 07 May 2026 02:19:37 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 6\r\nContent-Length: 386688\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 2776191778087089590\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":386688,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"c2401224455629d980b8847388558d06","sha1":"72d4e0a6b53c1ddb566e03aa95dcbea872b3861f","sha256":"ae4ff879611b9fa65755809e972b9d30c9d0f4ec07eb09df8a157a9ef63f26de","sha512":"986dd30945b4e9158d91e4469dfc8ed5f38596ccd8ac9525a4daef9cf3d545a1c4f4780277ade6b934107fb618b2fc02af5e76d577129f4838ab61c71a3be623","ssdeep":"6144:uzAgAHKbLNhv1d3nUF+truP/IValjP0ZRZBGQGjAMAj7iwd7P/JaFHPcaxXop527:GAPKbLPv1FUotA/IcljPCVGQfMAj3d7s","tlshash":"ad8423f55353dd10dcb52a2b4a8246f93f76200cd10d3f6a52162fe3fea66b0908d9da","first_seen":"2026-05-07T04:19:06.387572Z","last_seen":"2026-05-11T10:34:24.945568Z","times_seen":264,"resource_available":false,"data":null}},"time_used":1015,"timings":{"blocked":976,"dns":0,"connect":0,"send":0,"wait":32,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2025-12-30/86b16c3ee0e7d34c8b5b10ccef8d5eee.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.240Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2025-12-30/86b16c3ee0e7d34c8b5b10ccef8d5eee.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 31 Dec 2025 11:30:40 GMT\r\nEtag: \"a7765d45a33330edfbbf67ba0e66f2c7\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 31 Dec 2025 11:30:45 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 72\r\nContent-Length: 308368\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 4096456044817734269\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":308368,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"a7765d45a33330edfbbf67ba0e66f2c7","sha1":"d12b6a6e34647358ee13355d93174e48a248e1fe","sha256":"9342ddbd6a4e054b0f4450b07577687faa96398e215c46dc51cd1f408e5a113e","sha512":"fc2bd4ac433b9391673b62cdd1a00b8270e9a3824bf4e36348437a6b42eff27c2dfe5339b31ff88444459d33b7e7c86a32bb96a6eddb90a4f01a26290cd80a54","ssdeep":"6144:Jbk1A4+QKHSLfYM33iW5VDfYjeYwAw0K5dMwoY/Xpc4uLf9qo56gFk:Jw74HSEMnPDQs0K5djN/XpNuLVqoQgG","tlshash":"b26423db231e41d3394f0f86850bdcdab9779bba190310b2ec575e59b56da3a2880e42","first_seen":"2025-08-14T12:52:38.397864Z","last_seen":"2026-05-11T10:34:24.929267Z","times_seen":15003,"resource_available":false,"data":null}},"time_used":1018,"timings":{"blocked":993,"dns":0,"connect":0,"send":0,"wait":19,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/upload/xiao/20240424/2024042420561150988.png","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.311Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /upload/xiao/20240424/2024042420561150988.png HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 24 Apr 2024 12:58:09 GMT\r\nEtag: \"e3cd4c01559c4c07d1139d8cf0fd8f87\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 26 Jul 2025 06:26:13 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 17766\r\nContent-Length: 864\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 15414629494317346459\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":864,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"e3cd4c01559c4c07d1139d8cf0fd8f87","sha1":"ed230b75680db09a681f949947a50d0fc73a7f7d","sha256":"4fd50bd19c882486279b1e1ce4ce6bfbf09488740e86f89c87e1435062585b47","sha512":"14f75f1a24dac2aaaeb50ca2fdd3b7097b0c987fe373eddbdd76c99d804ae904b1f29e9f8f6c165752f20f99ecfd140eabf80c6cdd3952543f39e8b6d09f53cb","ssdeep":"","tlshash":"d81196ba04f2d7a15f0c43115fc5c6285aa06b51c22a6ee9ea4254f72b04021804370a","first_seen":"2024-05-03T10:06:21Z","last_seen":"2026-05-11T10:34:25.033429Z","times_seen":23462,"resource_available":false,"data":null}},"time_used":1072,"timings":{"blocked":1064,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ap.dc-report.cc/api/eventTracking/batchReport.json","fqdn":"ap.dc-report.cc","domain":"dc-report.cc","tld":"cc"},"ip":{"addr":"54.251.157.140","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:23:02.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.dc-report.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 07 Dec 2025 00:00:00 GMT","end":"Tue, 05 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"C2:B5:BA:75:40:71:82:8A:0C:30:43:7C:87:CC:C2:C3:63:69:3A:16","sha256":"41:CE:19:28:BB:9F:95:C3:A8:5A:6E:DA:C9:CD:C2:6F:06:2F:9D:37:81:96:91:C2:D9:EF:88:93:F2:EA:18:E8"}}},"request":{"raw":"POST /api/eventTracking/batchReport.json HTTP/1.1\r\nHost: ap.dc-report.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 2\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2,"data":"[]"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 May 2026 10:23:02 GMT\r\ncontent-type: application/json\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://h4yvz2.crddgkmc.cc\r\naccess-control-expose-headers: *\r\naccess-control-allow-credentials: true\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":38,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"0ab94d0fc1ecb3477a682ada19ad817d","sha1":"e6311ec9ae74beb1f7461c0ae5e81c8f835e0f3a","sha256":"7f86129f0513b8495b7ecf4f1414314df859f22b58b45b9036f4d9e48df30074","sha512":"d2da24f6eda58fd1fa39d5f154744ec618de7a1f431f149104d745db588c59b65ce10f819cc611a7241aa1470d3053c3d69ca57709becdf95e54556d4f4789bb","ssdeep":"","tlshash":"a4800433141c04430501354c00053f04105c11534f100771cc5c4715c75c074f151410","first_seen":"2023-08-16T08:22:40Z","last_seen":"2026-05-11T10:59:04.954683Z","times_seen":2159,"resource_available":false,"data":null}},"time_used":334,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":334,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/images/github.png","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.630Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/images/github.png HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 628\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Thu, 26 Mar 2026 08:53:44 GMT\r\netag: \"69c4f418-270\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: K1VxiApSb3_D60cEdZ-Y3nh2AxSYUF6OUA1q-8AWXPYUftD3RJfUug==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":624,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 84 x 84, 4-bit colormap, non-interlaced","md5":"7eeb4e826318468dd09ffcd3713d4008","sha1":"e2907d62b39dd78deb8daaae30760f7e40f02123","sha256":"d1f426df6fa06fa7557522a8569969f1ab37f80995501527709460bd06a672e5","sha512":"3dfe022dd48b2c1014d7290050f699217410d2f1d531c6edc986257a3a542d2f2f93ea0be1df95f13635cad82bb832c3ca5407f012ffa85b768b8a8398d72555","ssdeep":"","tlshash":"3cf0b7c567178c2bd777d595dd875680b8aa0c27a350024f1845b11f8d3802110bc10b","first_seen":"2026-03-26T09:29:38.993708Z","last_seen":"2026-05-11T10:34:25.081889Z","times_seen":8751,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn//upload_01/xiao/20260511/2026051115182943649.jpeg","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.099Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET //upload_01/xiao/20260511/2026051115182943649.jpeg HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 11 May 2026 07:18:34 GMT\r\nEtag: \"086c1b0033d660fad99551b5426c36a3\"\r\nContent-Type: binary/octet-stream\r\nDate: Mon, 11 May 2026 07:36:45 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 188\r\nContent-Length: 119328\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 14813971161567301825\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":119328,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"086c1b0033d660fad99551b5426c36a3","sha1":"e72d415851c7de6b10d3672be0df637916fd4da5","sha256":"3417d2d0f3d6c748af087e67fee7b586b65a4745603a2da4b24e245a52befa26","sha512":"066edb47fca5c83bc921eef7fd060e1805c014e29d5d2b0d0ce768d964d736bf7073408bd2024d9c472f9b3e26df468fa9e94eebc884b483cb8a3fae6937327f","ssdeep":"3072:7zQRpvioG0zkw5xhjpe1xElWe+aCfE+1YOhLXNR0Oz9U:Y40zV5vpS+l/+atCXn0O2","tlshash":"94c312930c1c79f76556c9e1144dc0cacea95a08526708ae9f9fe0c78bb66748c8f4bf","first_seen":"2026-05-11T09:12:40.589605Z","last_seen":"2026-05-11T10:34:25.110265Z","times_seen":6,"resource_available":false,"data":null}},"time_used":761,"timings":{"blocked":748,"dns":0,"connect":0,"send":0,"wait":10,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/upload_01/xiao/20260504/2026050419414994214.jpeg","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.123Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /upload_01/xiao/20260504/2026050419414994214.jpeg HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 04 May 2026 11:44:42 GMT\r\nEtag: \"d2b79a34085910694eb845c4d4961c55\"\r\nContent-Type: binary/octet-stream\r\nDate: Mon, 04 May 2026 11:47:44 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 3351\r\nContent-Length: 54080\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 13599891045024616303\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":54080,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"d2b79a34085910694eb845c4d4961c55","sha1":"013ea5798d8cbcc4ca235229f20b080fb5b662ea","sha256":"bfb30a9678dcb8cd804114d95783ed3c37c6893b2b195b8d7f9c2ce71af20cf6","sha512":"4a46ce425bed526605aa6d8676e0473f01c650eccda1c6749294f2411fdec3ece7af02f941f0d75b175f62a404506cc3346a640ff775fc46561f28c446a0528c","ssdeep":"1536:UzqWGv8vz1eAhvzrVD9i04UYk/a2RsmbfgFb:kGMz1eqnJ9HxYKzbfgB","tlshash":"ae3302078fa30b5ef325fbf51d159a1847bde5f1cb93e4a89688204776bfa42c630518","first_seen":"2026-05-04T13:37:59.2903Z","last_seen":"2026-05-11T10:23:44.168678Z","times_seen":402,"resource_available":false,"data":null}},"time_used":873,"timings":{"blocked":863,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dspcdn.54ads.com/b768ed89-3530-4b83-9a46-200284170227/814f79510fb068331f8cb3cda0b77c2c/300x250.gif","fqdn":"dspcdn.54ads.com","domain":"54ads.com","tld":"com"},"ip":{"addr":"188.240.13.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:23:01.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dspcdn.54ads.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Apr 2026 13:31:08 GMT","end":"Tue, 07 Jul 2026 13:31:07 GMT"},"fingerprint":{"sha1":"CC:F9:79:19:3B:69:88:CA:5D:7B:77:F3:E6:D3:21:67:8B:58:1A:5D","sha256":"40:05:52:AF:05:4F:89:DB:F1:EB:D1:15:74:AE:15:26:45:22:E1:9D:58:BF:14:E2:EB:42:8C:9F:FA:56:2C:59"}}},"request":{"raw":"GET /b768ed89-3530-4b83-9a46-200284170227/814f79510fb068331f8cb3cda0b77c2c/300x250.gif HTTP/1.1\r\nHost: dspcdn.54ads.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 May 2026 10:23:01 GMT\r\ncontent-type: image/gif\r\ncontent-length: 1252276\r\nlast-modified: Mon, 11 May 2026 03:54:41 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-meta-contenttype: image/gif\r\nserver: AmazonS3\r\netag: \"814f79510fb068331f8cb3cda0b77c2c\"\r\nvia: 1.1 81778ad49fdfc2a287b18d1cd9825028.cloudfront.net (CloudFront)\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD, POST, OPTIONS\r\naccess-control-max-age: 3000\r\nx-cache: RefreshHit from cloudfront\r\nx-amz-cf-pop: FRA56-P16\r\nx-amz-cf-id: XA0vE6CLUc1x8hiJxur8BxISvB4yyg5Em_W2eDUft9KGnC6z8J3OCA==\r\nexpires: Wed, 13 May 2026 10:23:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS9225\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":1252276,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 300 x 250","md5":"7ffbb88909806d2d7d9956b2a155a4cb","sha1":"58842d3ffb81f01c0ed98c8b0fa3e204393af51f","sha256":"e7b410e9dbf026bfd8cf00ae4d4e7b78fda4f1a50178273f938acbf2cfea2b26","sha512":"d2f336ea66ddc48a256f3843c919b2c3b512888e0cb60f2660a7362ae3aab59a63859350acda966a0b3705c67e527046aacb1920e04ce7e9547db55a2c4daf0c","ssdeep":"24576:ziA6ZxZoTzh7ljLu9KwBdw35nvRBW1yaj6BNKR:uA6ZxZohVL2wxRiyaj6B4R","tlshash":"8c2523dbce17c7daf0ae753054d3aa02a66f6a8c40612eebfcf18c95703795858c174a","first_seen":"2026-05-11T10:23:44.169891Z","last_seen":"2026-05-11T10:34:25.011209Z","times_seen":2,"resource_available":false,"data":null}},"time_used":658,"timings":{"blocked":16,"dns":75,"connect":19,"send":0,"wait":20,"receive":500,"ssl":26},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2026-04-26/aa17f7d7ff95cc14e137fdb9804613e4.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.100Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-26/aa17f7d7ff95cc14e137fdb9804613e4.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sun, 26 Apr 2026 02:42:34 GMT\r\nEtag: \"ec9f02c252933486b84832e4f55fdda4\"\r\nContent-Type: binary/octet-stream\r\nDate: Sun, 26 Apr 2026 02:43:42 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 383\r\nContent-Length: 442256\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 9408851425450938623\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":442256,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"ec9f02c252933486b84832e4f55fdda4","sha1":"2a7b90cb7df2fb6f38cccbac78816a1051fe0e1a","sha256":"0398642488fb13ade1570e6f7d63295fb7b8eb8156e823d2287845faaffc7de1","sha512":"f331e6e4faf0f38446bb26e9775d7d9069ca09d3ac83f6207d24018324b0b5066ade8c4c0e1da06ebedf1fb5d8bc4e2864a4899639f1163858a282292152936b","ssdeep":"6144:RQP136dEnvnPmqQ5fTXqnIYI+Guz9vGr7CpgZt9y3miwRsjgqbGOx0DnF0:Rc36dg+rAIMt9vIZtQhNuOm0","tlshash":"3394232bd64068d5dc638e0b15265ba5c33fa334f3b2938de49765036a8f1ed0a71b36","first_seen":"2026-04-26T03:18:48.612139Z","last_seen":"2026-05-11T10:34:25.058442Z","times_seen":1256,"resource_available":false,"data":null}},"time_used":819,"timings":{"blocked":757,"dns":0,"connect":0,"send":0,"wait":25,"receive":37,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn//upload_01/xiao/20260509/2026050918461648183.jpeg","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.105Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET //upload_01/xiao/20260509/2026050918461648183.jpeg HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 09 May 2026 10:46:21 GMT\r\nEtag: \"b7ab2d4e43acf9c1b5d32aa3fe6f207b\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 09 May 2026 12:02:21 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 96\r\nContent-Length: 189664\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 4458207388311808962\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":189664,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"b7ab2d4e43acf9c1b5d32aa3fe6f207b","sha1":"5d23aee21e1ad459487ddbc9420c62e2b1bc9756","sha256":"49fabeec15b11dd57cb9dfea45a08a2c5ab090f7e11d6df759aa8a82b179d037","sha512":"9f3c2f3097f307cde2c8b1b84fee6123d8b004343933232f9e88f92b69224a486c0edecca80d7d9b651641376c408f3c33a7810f250fb1ba678945146ddce840","ssdeep":"3072:gBnUX4j6l1S1GoGlFWfPbJY1Su3gfJecHHvpGRBcJDA5UsMifUZTze417FbEidP:VX4Wl1bzWfPbJYkAgfdGqA57fyj1hbTV","tlshash":"7d0423374eac6d5eb4e89fb21e18f5dd66b6b1987101572b446c0e7c2f322da24f2113","first_seen":"2026-05-09T20:03:42.333336Z","last_seen":"2026-05-11T10:34:24.930498Z","times_seen":28,"resource_available":false,"data":null}},"time_used":821,"timings":{"blocked":795,"dns":0,"connect":0,"send":0,"wait":20,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2026-05-07/1f4bb0459d403c2eab0a8b7990202704.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.137Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-05-07/1f4bb0459d403c2eab0a8b7990202704.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 07 May 2026 04:30:45 GMT\r\nEtag: \"69ad1f618fba08ccd855e5799ebdc4b6\"\r\nContent-Type: binary/octet-stream\r\nDate: Thu, 07 May 2026 04:32:56 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 51\r\nContent-Length: 281152\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 11201820510746391933\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":281152,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"OpenPGP Secret Key","md5":"69ad1f618fba08ccd855e5799ebdc4b6","sha1":"69f0a0efeab1d4938e9e5b9a2f8242f36f513e51","sha256":"cfe0bece6efdef7393f2a764e475030778251d6ead69e4bf714c7d7c77340c34","sha512":"7ac4b61f5ddad65cd9805ee98490acefb90d274b86d94b98d53639449f848a5be9862471e400508cd415a66336a831e2190692a4c55f2ae3232ab55cb001ba54","ssdeep":"6144:Pvo+pMU6iv2FjIeX/V7LjG2+hzTWaX3V2SNTLiQlqtNtGKzskD75WpL:PvjsivYVN7G2+hzZXF2SJGQstBzVDFWR","tlshash":"0054237482c64a6f8d43774036a8ac1762a3b3668f635c1bceb8e91615b1cb4dfd3198","first_seen":"2026-04-25T12:50:13.759218Z","last_seen":"2026-05-11T10:34:24.994754Z","times_seen":275,"resource_available":false,"data":null}},"time_used":912,"timings":{"blocked":882,"dns":0,"connect":0,"send":0,"wait":22,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn//upload_01/xiao/20260511/2026051111320432773.jpeg","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.147Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET //upload_01/xiao/20260511/2026051111320432773.jpeg HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 11 May 2026 03:32:08 GMT\r\nEtag: \"b54962e9851d64ae2b578f47a0fd707f\"\r\nContent-Type: binary/octet-stream\r\nDate: Mon, 11 May 2026 03:42:25 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1799\r\nContent-Length: 206656\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 4755208963432350578\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":206656,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"b54962e9851d64ae2b578f47a0fd707f","sha1":"0d2a9f51f93256c32cf32576ac2d35def2696b99","sha256":"1b0c661f1cdd6d7ec298d0c06c26107ed4f7d3401529507415d90d7a4fb790be","sha512":"415e6186d3eec51c86cd709e065e670fbcb17090b3904022c5c49da176e24e974eea5bf955463cb21c7412eecda339bb38992880b66d02c3ee0f5b7a1dfc8468","ssdeep":"6144:zzyercUdzox5FG8ViTxfY7fzWIglk9ZdN/7rJajS:zOewUd0xie7Cxk9ZdN/7rkjS","tlshash":"33142342e9a93a1bf6486304f24d30343d4dfbe754ec602478a8dcd99b604f1a24eef9","first_seen":"2026-05-11T06:12:50.532942Z","last_seen":"2026-05-11T10:34:24.941196Z","times_seen":8,"resource_available":false,"data":null}},"time_used":950,"timings":{"blocked":916,"dns":0,"connect":0,"send":0,"wait":27,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/fonts/OpenSans/300.woff2","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:23:00.846Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/fonts/OpenSans/300.woff2 HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nCookie: _ga_P6HKH41365=GS2.1.s1778494980$o1$g0$t1778494980$j60$l0$h1428737922; _ga=GA1.1.1636593283.1778494980\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: font/woff2\r\ncontent-length: 16344\r\ndate: Mon, 11 May 2026 10:19:57 GMT\r\netag: \"64b11d97-3fd8\"\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\naccept-ranges: bytes\r\nlast-modified: Fri, 14 Jul 2023 10:04:07 GMT\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: z3vSt_hlpCu_VoDbKixoqwYoE0tirZI2Bx8cLNQvmuQ60mv5j5R6HQ==\r\nage: 183\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16344,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16344, version 1.6554","md5":"c027111d6febba054f7cd5e5fddf2243","sha1":"7c6ebfb74210e4d368ba5df96b2c5aa448a3953e","sha256":"c347496b917562bd48ed65545fbced7c9fb2a3e48c1102708a7e615fd4fb2ed8","sha512":"1a819ee0993cbed2399265606b2adc0866dd34fcab1272b6d1798e08010cab4e38af1a2299d74a706690a3188d0081d92804568982fd23f6d2ce946ac29fb61c","ssdeep":"384:sO3z8BPeD5+oRjlrvO+uuGnSDKDPVb0fOovWO1aDDBAb:pgdeD5jRjpO+ugDKDPZ0mwV1aDD6b","tlshash":"ad72cf62810dd851e31137fd7c6622e0878cb0a392121bfc5bebd8ec09204e67ac43be","first_seen":"2023-08-07T12:25:19Z","last_seen":"2026-05-11T10:59:04.958129Z","times_seen":22895,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/images/close.png","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.610Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/images/close.png HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 332\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Tue, 22 Jul 2025 12:20:43 GMT\r\netag: \"687f821b-148\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: 7J5aA0efda8zRlGsNVzNRirQ85wESqDkXFT6fnN7G8qaSqPw5X2OvA==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":328,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 30 x 30, 4-bit colormap, non-interlaced","md5":"215a1e584cb0039d319ffd69d9df0e51","sha1":"8a3d3e65a0260d286373b8882487a0ac6a9724c7","sha256":"f4693ad8590376075c38055091de94c7ae92b5abc56182861a53e76c4bc8feb5","sha512":"0b5aa0817a7205e14f38c93038490f57956cc5632a6c50db1e84fe5e9e5b0df100a3ea41c6178ffdba66fc59f04a0cdb479ba5b81d505e7327e60334e7870f67","ssdeep":"","tlshash":"b4e07d93fc7aad38c6caa133b7a4819196bcab7e6564992f2e530169806804d9445318","first_seen":"2025-11-17T11:08:20.211585Z","last_seen":"2026-05-11T10:59:04.973268Z","times_seen":19848,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/images/Search/pc-nav-icon-tg@3x.png","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.643Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/images/Search/pc-nav-icon-tg@3x.png HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 728\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Tue, 22 Jul 2025 12:20:43 GMT\r\netag: \"687f821b-2d4\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: ZZ5arxq1LoXeIUxgEklOGs13ZNILZaUWS6EnW6UuE-7H5rTY8hC-Ig==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":724,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 60 x 60, 8-bit colormap, non-interlaced","md5":"f85347d7d3b89528c8ed9b2302cffd75","sha1":"f867345d5d76084326d8e0fd56165e943887c1b2","sha256":"0d4dea28dc89bf49c23d0b981000855ab6b6353641619c737afe4a1581ebfee1","sha512":"90da37dce95e7282af9bff7b041c2cd4c5becea138cab3be876170067c8480398981bcdc0b43185f08e7fc0e34f921c92dc118e8fb3aa9608626cd9b9efb70e5","ssdeep":"","tlshash":"04018870f1841d38cd34a85c9c73abd56e019d0b1354f062c8d5bd747dfc04eac45420","first_seen":"2025-07-12T04:18:50.990855Z","last_seen":"2026-05-11T10:34:25.087382Z","times_seen":23534,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/images/logo.png?v=2","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.647Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/images/logo.png?v=2 HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 3195\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Fri, 10 Apr 2026 02:21:20 GMT\r\netag: \"69d85ea0-c77\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: WTMGn2KCkOtSCaC32pSZEE7PAKPuer1SM3QsY7XZMuH05seLuatn1Q==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":3191,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"0f4abefb5886bf21e199b9629c9b45a1","sha1":"fd78f3c804e7a915bbdf1cf94157bb2569eaec33","sha256":"ffc5863f95f104813ab4ef0b05bca1b2d8d28f1274a08715af15fc38277f4593","sha512":"701341c52f891aa55a33f01aa87bfade7f2a02da937be7eec667e763156d49b82a5c4f5b586a3e04c6a60fb8868fb700aa6a8bbb615045cc825b2cba160b5208","ssdeep":"","tlshash":"66611a72698c3837d00bd895464af9f7a0ea7eb0f535436e092f5be402d1780a7e9717","first_seen":"2026-04-10T03:52:30.146454Z","last_seen":"2026-05-11T10:34:25.116808Z","times_seen":1679,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/js/7.10.0/app-download.js","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.680Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/js/7.10.0/app-download.js HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 536\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Thu, 26 Mar 2026 08:53:45 GMT\r\netag: \"69c4f419-308\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: IQ4HI_tjgFM6EwOBfIW0zkLH7RLf0xpF4X3R8qrUtSzeF3QQdNHjjg==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":776,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"b178f7a7536c73fbac0afb970f249403","sha1":"9920bf020d4b8f58cf66869be87b459f648f8446","sha256":"caaf593068e7236c228e9a3872980e4e6297f90a6d14eddbea4934f0a374ea80","sha512":"eef21fc9c72c0adc9d090a661d9e9ab8057a592fca6891a94833916e19bb5a94459c81eaacaa6313381ccbe0ff42f8991b7f899b5af4e0beac0127e1b93c01d9","ssdeep":"","tlshash":"c501ce25e2bc702c8233e3f9470f62c45235106789000c1208acaefc8db312aa362cab","first_seen":"2026-03-26T09:29:38.905848Z","last_seen":"2026-05-11T10:34:24.949247Z","times_seen":8774,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2026-04-01/206b381a7070d0098e45adff94142a4e.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.105Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-01/206b381a7070d0098e45adff94142a4e.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 01 Apr 2026 10:36:31 GMT\r\nEtag: \"aa17b2abf016a6a67f1abc758d9f953b\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 01 Apr 2026 10:36:32 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 528\r\nContent-Length: 223536\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 17033359303945853408\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":223536,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"aa17b2abf016a6a67f1abc758d9f953b","sha1":"c6e40dc70565bd90849b6752ef3e0f878080b256","sha256":"5e0f020fc8b0c96f00a6a4b22b024f31de337fbd25ab451cafec5cd48afb8d65","sha512":"119bf79be647226e334d685c9898fdac7b4ea4a9e0736fa3a261483adf43aa84202201b55086e6c067d75ca49b0563a4f63b282ffeb1f4dcd3f195e6f63a97ac","ssdeep":"6144:I3CYPO50ViUpOZeYLeeYY7h91QTQpXCHcqzBp:I34k4ZLeeYYxXCH/7","tlshash":"6b242387013b903a7e17913b9daddda170009eb82802aca1c347a4c9d755facf99eb46","first_seen":"2026-04-01T11:04:29.225549Z","last_seen":"2026-05-11T10:59:04.987273Z","times_seen":9432,"resource_available":false,"data":null}},"time_used":807,"timings":{"blocked":789,"dns":0,"connect":0,"send":0,"wait":12,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2026-03-18/de518aea55e39cda1f3e083511c581c4.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.115Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-18/de518aea55e39cda1f3e083511c581c4.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 18 Mar 2026 11:18:42 GMT\r\nEtag: \"0b0fdf9efe1395ca2e8bd6088f05ef94\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 18 Mar 2026 11:18:43 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 448\r\nContent-Length: 483104\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 4066503262631621628\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":483104,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"0b0fdf9efe1395ca2e8bd6088f05ef94","sha1":"d953f58f67c88b79b9543dc606d1ebb3f0b698c2","sha256":"50efb6697bdb71826148571cc334ecfca084e97aaa5457f3cea08da707df2701","sha512":"c6b1416b8ba3a54558dd04bb55e2d905fc449e11bd83e18d8d7fa924a6ba2b768bc3183d36d3f3f36268925973e973f216a4c212b47de1834bc8712b2cd9fd45","ssdeep":"12288:A3tpOCsReeKp3qsWwg8KXTtBtNEj1rlDbyPy0:6yCZRaPwg8KntNEprN2f","tlshash":"78a423dc7d5504c8c86ef85866f46f128c341a1983bb9a3f4b9b30b5c6f8306d5ba687","first_seen":"2026-03-18T21:18:37.787698Z","last_seen":"2026-05-11T10:34:24.980703Z","times_seen":10805,"resource_available":false,"data":null}},"time_used":854,"timings":{"blocked":824,"dns":0,"connect":0,"send":0,"wait":13,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/upload/xiao/20231025/2023102511321611484.png","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.281Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /upload/xiao/20231025/2023102511321611484.png HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 29 Dec 2023 10:52:07 GMT\r\nEtag: \"2001f683716e4fbeb353c7d40bbd0362\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 25 Jul 2025 13:35:27 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 78412\r\nContent-Length: 288\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 15185355640767887519\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":288,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"2001f683716e4fbeb353c7d40bbd0362","sha1":"b588560d562a1656ae06afbada1823bfbf830e0e","sha256":"89924fc3c9399587455720b36af65bc7f559379841de342e235bc47f5fdc4564","sha512":"afc4730cb39fa235e118d92e632a53814f38b2021896f9e990dae0f6a94a6130a57a4647c6cd2e9eca6694f284bff4d1fefa6fcf83222956f449720d1bd9e948","ssdeep":"","tlshash":"d0d0eb0022300cba1b1666b0ccc08068c66100d8b10749368b7ecb0fca3a35adee55ec","first_seen":"2023-10-25T11:55:10Z","last_seen":"2026-05-11T10:34:24.988614Z","times_seen":24775,"resource_available":false,"data":null}},"time_used":1028,"timings":{"blocked":1016,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/plugins/AiSuite/assets/images/avatar.png","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.623Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/plugins/AiSuite/assets/images/avatar.png HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 315\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Mon, 17 Nov 2025 09:30:37 GMT\r\netag: \"691aeb3d-137\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: hIm8iu0mgTr-cFArDJC_y0joWsZhzWNOwo2lEYwvVLfpib7sL_pr9A==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":311,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 18 x 20, 8-bit colormap, non-interlaced","md5":"30c01d82427d0b622f89b4696cfa8fe1","sha1":"f0316536a6c8f645a3a4bbb4dd0473e3c8853a4f","sha256":"7ceba85b04db09cfa45db7b953297889da29ea113dcc0d037eafb86203b200ee","sha512":"e9cefe20bff8e7812e2b6eb2dfeee8a71950e5fe3859a50967ad54c861da3f25049aef2cf32a1518706670d6c7cc3054afa0ec934fb8e344465d5753f93ce97c","ssdeep":"","tlshash":"98e0cdf35389ecb985a7441a10e36510f10d6979433382dbd755543e51140c4497575a","first_seen":"2025-11-08T04:26:01.782802Z","last_seen":"2026-05-11T10:59:04.947164Z","times_seen":21997,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/plugins/AiSuite/assets/js/index.js?v=20251205","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.683Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/plugins/AiSuite/assets/js/index.js?v=20251205 HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 8422\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Fri, 12 Dec 2025 04:31:36 GMT\r\netag: \"693b9aa8-f250\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: yg6yXmqTViLP2-JKGcebwJytDQeYnLQOYR94UFFAi1mDxSMTtp0Owg==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":62032,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"e2ad1d1df5ac8f6a22b4a7318c4ea830","sha1":"da681999fe3f9c153b93133204311d6f90432802","sha256":"9333f887c1b4bde80c4451eb806795179aa6dfab3b7a6566fb923ac76ba8b0f2","sha512":"127b92b87baa965853e12a14717f4a8d4166b5d565631068bba786c87b305aad0141ede31c09f6508c51641fc092238f4a7a7000dd2fa6bcfc0837dc0e3a8d7f","ssdeep":"768:rP4lBd6lebchYzp1DT6ekRmmTEXEHkYRtQ+zqDxbFxAespKSzEXEHG4lEd+zVuQy:Mu8vp1n6d9Rt6bQrKEjl7zVuQgl","tlshash":"5753636e22fa150a5b4330292f9f300a3210a4571d49ee9cbe0d97d45fdd678e1f2be6","first_seen":"2025-12-11T05:08:28.597561Z","last_seen":"2026-05-11T10:34:24.956929Z","times_seen":16400,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn//upload_01/xiao/20260426/2026042615183547683.jpeg","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.034Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET //upload_01/xiao/20260426/2026042615183547683.jpeg HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sun, 26 Apr 2026 07:18:40 GMT\r\nEtag: \"ced316c4813ecc6192405f19619f1b92\"\r\nContent-Type: binary/octet-stream\r\nDate: Sun, 26 Apr 2026 07:28:37 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 654\r\nContent-Length: 120928\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 4531095690737278250\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120928,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"ced316c4813ecc6192405f19619f1b92","sha1":"0e807581ae651f2cce6ab93c9422036621d7b979","sha256":"c6aba51d361fee000274ba192a62a15fc20d3f2bdcee317a0f5ff5d8aca58577","sha512":"7207a1302b8c2e957aabebbe333b02c0d8b54470a3cd0c1b01fcfe7348e98dd3b81b14c20f7bf7acd3e1f4e72e2676fe35b410460984f6cfbe7d02e50a249158","ssdeep":"3072:QRlymI1yCoQDwVnfhjciwODoGxRCRzuEb1CfIZwZ:fmgyCoQ4gOD5C71Ct","tlshash":"a8c3131a572eb2a9f5dea487606edbe4f2f0e87ce8631d9b3d11708393814f0917055b","first_seen":"2026-04-26T07:43:10.309106Z","last_seen":"2026-05-11T10:34:25.056667Z","times_seen":1036,"resource_available":false,"data":null}},"time_used":1506,"timings":{"blocked":733,"dns":530,"connect":9,"send":0,"wait":9,"receive":16,"ssl":206},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2026-04-28/773f720a982f83b052fe3575f5afd845.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.189Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-28/773f720a982f83b052fe3575f5afd845.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 28 Apr 2026 10:39:29 GMT\r\nEtag: \"d5f3528883cb555453f8820a199eb7b2\"\r\nContent-Type: binary/octet-stream\r\nDate: Tue, 28 Apr 2026 10:39:39 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 38\r\nContent-Length: 269296\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 7406192716070084534\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":269296,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"d5f3528883cb555453f8820a199eb7b2","sha1":"48778240a9612cb7ae54ae3bd9ad570157f84d91","sha256":"d74379362158c37121b86fa625c4bab5b6e3638dcfd6e30a8b293df17ebc07fa","sha512":"1ba153a01b99e23e4853eb958f3486630330ad8e21a2f2ee94912dcee150e5ed7b75fda09810805320533d192a4adcd2c8cd9170eeb7c7e547b0ba76f338f194","ssdeep":"6144:zZKGw0Yvb+ZP0gzdHh3Z+spPZUWqrkFZOQE4o2cLt6hD:z0b0vZPfddgKxELl4o2xhD","tlshash":"22442387006ccc983075439665e9cd3e10f6b6ab24fd5a119db1dce40abbadb1d18bc7","first_seen":"2026-04-28T11:32:24.57542Z","last_seen":"2026-05-11T10:34:25.001034Z","times_seen":1071,"resource_available":false,"data":null}},"time_used":960,"timings":{"blocked":923,"dns":0,"connect":0,"send":0,"wait":28,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/images/zw.png?v=2","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:23:01.037Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/images/zw.png?v=2 HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _ga_P6HKH41365=GS2.1.s1778494980$o1$g0$t1778494980$j60$l0$h1428737922; _ga=GA1.1.1636593283.1778494980\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 955\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Fri, 10 Apr 2026 02:20:58 GMT\r\netag: \"69d85e8a-3b7\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: cx1-RheQ3N_BloR8V-nm-VBcOiCrNGvoY4mVj3hJ8u1jW1htMMgKQg==\r\nage: 1107\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":951,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 112 x 112, 4-bit colormap, non-interlaced","md5":"66058c44f8ec86ae8afe2b26fa5afe77","sha1":"11e33bf76694e2d3549c49406f41b767590c61f2","sha256":"ecbd34c21cc7580e6367269236c3c6d79d292925adfe6992bc7591f3778b8679","sha512":"1f879cdd609a33fe4541ec7ff7170b8fe3d60c32e85b372915dff43a36ce70eb73437ff770a3accb7f4fb7aa6c5c94a4f08257033361520423f4719e75cbfe12","ssdeep":"","tlshash":"4d11c8816730a5360a484c77c251b8b4ce32668a3331a142b34f9c0ff8b6c31466ab37","first_seen":"2026-04-10T03:52:30.245251Z","last_seen":"2026-05-11T10:34:24.961508Z","times_seen":1928,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/css/7.10.0/hot.png","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:23:01.066Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/hot.png HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4yvz2.crddgkmc.cc/usr/themes/Mirages/css/7.10.0/search.css?v=20260414\r\nCookie: _ga_P6HKH41365=GS2.1.s1778494980$o1$g0$t1778494980$j60$l0$h1428737922; _ga=GA1.1.1636593283.1778494980\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 951\r\ndate: Mon, 11 May 2026 10:05:40 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Fri, 21 Nov 2025 03:35:33 GMT\r\netag: \"691fde05-3b3\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: nFE3Cy_Oo-wwMeaUlZkIfJ0boUUAh1mLaTJXgemDvMGO-idXNhxZKg==\r\nage: 1040\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":947,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 42 x 42, 8-bit colormap, non-interlaced","md5":"60606d4e0f59fbdfbb8f5aa250984060","sha1":"6e1c590ce130c507335ec0c0dcea49778f73ad74","sha256":"9f7d99be622dd7e4cb5faa8518e99b4d0f3b7ed67c5407b0496532135707951f","sha512":"5679fa0685c1ee0e400c4647ef1ede417c69a3123a2c252255d4f7d1baed7189080874131ad2585ff6f5ad4a792e2083fb5b3036ba52b44cc95b5a2799ab4781","ssdeep":"","tlshash":"2b11c464bdea5db14e841e22436af245ac35b6ecd3332548da8f1040299f02abd817ae","first_seen":"2026-03-13T08:37:15.113735Z","last_seen":"2026-05-11T10:34:25.035641Z","times_seen":9552,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"region1.analytics.google.com/g/collect?v=2\u0026tid=G-P6HKH41365\u0026gtm=45je6562v867709946za200zd867709946\u0026_p=1778494978603\u0026_gaz=1\u0026gcd=13l3lPl2l1l1\u0026npa=1\u0026dma_cps=a\u0026dma=1\u0026ecid=1428737922\u0026_eu=AAAAAGAC\u0026cid=1636593283.1778494980\u0026frm=0\u0026pscdl=noapi\u0026rcb=1\u0026sr=1280x1024\u0026ul=en-us\u0026gaf=2\u0026_s=1\u0026tag_exp=0~115938465~115938469~118463261\u0026sid=1778494980\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2Fh4yvz2.crddgkmc.cc%2F\u0026dt=51%E5%90%83%E7%93%9C%E7%BD%91%20-%20%E5%90%83%E7%93%9C%E7%88%86%E6%96%99%E7%AC%AC%E4%B8%80%E7%AB%99%EF%BC%8C%E5%85%A8%E7%BD%91%E6%9C%80%E5%BF%AB%E6%9C%80%E5%85%A8%E7%9A%84%E5%90%83%E7%93%9C%E5%B9%B3%E5%8F%B0\u0026en=page_view\u0026_fv=1\u0026_nsi=1\u0026_ss=1\u0026_ee=1\u0026tfd=2450","fqdn":"region1.analytics.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.239.34.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:23:01.538Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 08:35:05 GMT","end":"Mon, 13 Jul 2026 08:35:04 GMT"},"fingerprint":{"sha1":"E7:E4:62:10:D0:4A:34:4C:52:81:20:8A:19:37:09:AC:CB:16:42:54","sha256":"08:43:11:5A:D2:42:9C:49:2D:21:51:4F:92:B8:9E:59:04:F2:2D:E8:0F:ED:E7:49:06:D8:6F:61:B9:41:A2:36"}}},"request":{"raw":"POST /g/collect?v=2\u0026tid=G-P6HKH41365\u0026gtm=45je6562v867709946za200zd867709946\u0026_p=1778494978603\u0026_gaz=1\u0026gcd=13l3lPl2l1l1\u0026npa=1\u0026dma_cps=a\u0026dma=1\u0026ecid=1428737922\u0026_eu=AAAAAGAC\u0026cid=1636593283.1778494980\u0026frm=0\u0026pscdl=noapi\u0026rcb=1\u0026sr=1280x1024\u0026ul=en-us\u0026gaf=2\u0026_s=1\u0026tag_exp=0~115938465~115938469~118463261\u0026sid=1778494980\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2Fh4yvz2.crddgkmc.cc%2F\u0026dt=51%E5%90%83%E7%93%9C%E7%BD%91%20-%20%E5%90%83%E7%93%9C%E7%88%86%E6%96%99%E7%AC%AC%E4%B8%80%E7%AB%99%EF%BC%8C%E5%85%A8%E7%BD%91%E6%9C%80%E5%BF%AB%E6%9C%80%E5%85%A8%E7%9A%84%E5%90%83%E7%93%9C%E5%B9%B3%E5%8F%B0\u0026en=page_view\u0026_fv=1\u0026_nsi=1\u0026_ss=1\u0026_ee=1\u0026tfd=2450 HTTP/1.1\r\nHost: region1.analytics.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: null\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\naccess-control-allow-origin: null\r\ndate: Mon, 11 May 2026 10:23:01 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:196:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:196:0\r\nreport-to: {\"group\":\"ascnsrsggc:196:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:196:0\"}],}\r\nserver: Golfe2\r\ncontent-length: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-11T12:02:54.547078Z","times_seen":15008011,"resource_available":true,"data":null}},"time_used":154,"timings":{"blocked":62,"dns":0,"connect":21,"send":0,"wait":30,"receive":0,"ssl":37},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2026-04-28/b0fccc8d38a6ebb302b969da3f397efd.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.085Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-28/b0fccc8d38a6ebb302b969da3f397efd.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 28 Apr 2026 10:36:21 GMT\r\nEtag: \"de4956a8be4994045b7453228152fa2e\"\r\nContent-Type: binary/octet-stream\r\nDate: Tue, 28 Apr 2026 10:47:00 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 114\r\nContent-Length: 311360\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 14559063365120144752\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":311360,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"de4956a8be4994045b7453228152fa2e","sha1":"d2e8b158ece060d3b8ef7beab02495a5d8988c12","sha256":"afa5da5cadd4681a718a3b5dd487723c531e9cda2594814fd9d968845331dc35","sha512":"9feac2e94265ec1e7995086563d3e114c39898e206c2b662633d96e89728463b65f5f3ef49043ed1bfa1219943df68469bad9233bc0d162ec734c0bc2e610669","ssdeep":"6144:SWeptn3tDCXHuJ39R9WRGmlRpFZEMwOcgR7pKgQsEQuaY8EfPiHnbri:2twOlgjmMwONRJAnSnHi","tlshash":"ed64237dfe726e9c9ba4fb13d40cc899b5e8b2948c1b471c47c804c46270aafad9516f","first_seen":"2026-04-28T11:17:39.30413Z","last_seen":"2026-05-11T10:34:25.102391Z","times_seen":958,"resource_available":false,"data":null}},"time_used":759,"timings":{"blocked":739,"dns":0,"connect":0,"send":0,"wait":12,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn//upload_01/xiao/20260506/2026050611451682406.jpeg","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.120Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET //upload_01/xiao/20260506/2026050611451682406.jpeg HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 06 May 2026 03:45:20 GMT\r\nEtag: \"c311cc75c05134f76721226516e44db0\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 06 May 2026 05:31:09 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 193\r\nContent-Length: 57648\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 14154795995802823127\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":57648,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"c311cc75c05134f76721226516e44db0","sha1":"c4948b2c7425da9b35a61521ebdc05fecf6f39df","sha256":"61c45c2b9331a4e6c821dc990dad9280ced0301c5a9f5706ba7080d49d9ef8b4","sha512":"2c3e936b2bba61cd90e675f20da283cc520c50a5108941879f67bf2b312f2f3697a597bb4163e79f959086126cd4c95974746bce1941955c03527f59309c9b21","ssdeep":"1536:ylr5gEDfqVTBUZy/8muSmxoys9q6cPK/yoWBmo7K+x96pUY:ylrxDfw6oUUmxneq6cWyoBUq5","tlshash":"eb43f19a2c32f97ab5ed0f408e435f0e05435891dddadb9cf7890a7b08e1a2ead51e50","first_seen":"2026-05-06T08:48:29.019248Z","last_seen":"2026-05-11T10:34:24.965717Z","times_seen":313,"resource_available":false,"data":null}},"time_used":875,"timings":{"blocked":851,"dns":0,"connect":0,"send":0,"wait":22,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/upload/xiao/20231025/2023102511321783155.png","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.291Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /upload/xiao/20231025/2023102511321783155.png HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 29 Dec 2023 00:08:40 GMT\r\nEtag: \"ad473bd0f40ea84076e2363e66e2243a\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 25 Jul 2025 17:52:19 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 63000\r\nContent-Length: 448\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 6542402337401161938\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":448,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"ad473bd0f40ea84076e2363e66e2243a","sha1":"c07cbfd2ff1f55c522953b9263c9b13e49385b48","sha256":"6090398a69e190aecc12c1a2a33838ff286c8530df40898d7fe2c6f5346b7452","sha512":"a2fc9a46dca25b7d169ebacc6f7ad1215ed47e2556a63f790b74aaf62b784f7b67d41480a96c46b9c1f5d51e5ebc25e18a4dc67fa00e21cff2ba3a90eafa3a6b","ssdeep":"","tlshash":"e9f02b343d29c0f1a0d1b53b9e54cd01d211724d3d7c41bfd235731607ac5574451163","first_seen":"2023-10-25T11:55:10Z","last_seen":"2026-05-11T10:34:25.120597Z","times_seen":23553,"resource_available":false,"data":null}},"time_used":1056,"timings":{"blocked":1034,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api-dc-prod-002.cyou/api/eventTracking/batchReport.json","fqdn":"api-dc-prod-002.cyou","domain":"api-dc-prod-002.cyou","tld":"cyou"},"ip":{"addr":"149.104.32.238","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:23:01.492Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api-dc-prod-002.cyou","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 13:55:49 GMT","end":"Tue, 28 Jul 2026 13:55:48 GMT"},"fingerprint":{"sha1":"E2:76:5B:F7:27:C9:73:D6:04:E5:F7:DC:A5:7A:C7:F6:7A:DA:3A:75","sha256":"8F:1F:6E:49:61:08:13:E9:B9:AD:27:2F:37:49:94:A0:AF:57:F5:EE:E3:DF:F6:AD:68:B8:29:20:47:C7:B6:F7"}}},"request":{"raw":"POST /api/eventTracking/batchReport.json HTTP/1.1\r\nHost: api-dc-prod-002.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 2\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2,"data":"[]"}},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 11 May 2026 10:23:01 GMT\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://h4yvz2.crddgkmc.cc\r\nAccess-Control-Expose-Headers: *\r\nAccess-Control-Allow-Credentials: true\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nx-request-id: 019e168f-c5a4-73a3-9fbe-e78a97fdc812\r\nServer: Xcdn\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":38,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"0ab94d0fc1ecb3477a682ada19ad817d","sha1":"e6311ec9ae74beb1f7461c0ae5e81c8f835e0f3a","sha256":"7f86129f0513b8495b7ecf4f1414314df859f22b58b45b9036f4d9e48df30074","sha512":"d2da24f6eda58fd1fa39d5f154744ec618de7a1f431f149104d745db588c59b65ce10f819cc611a7241aa1470d3053c3d69ca57709becdf95e54556d4f4789bb","ssdeep":"","tlshash":"a4800433141c04430501354c00053f04105c11534f100771cc5c4715c75c074f151410","first_seen":"2023-08-16T08:22:40Z","last_seen":"2026-05-11T10:59:04.954683Z","times_seen":2159,"resource_available":false,"data":null}},"time_used":336,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":335,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"api-dc-prod-002.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/css/7.10.0/fontawesome.min.css?v=20251204","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.583Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/fontawesome.min.css?v=20251204 HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-length: 25461\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Wed, 07 Aug 2024 14:34:37 GMT\r\netag: \"66b385fd-18f6f\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: Pat2EFORpBE6d7hjEBai1rrQ-VniumYb1UB0g_-WbsBNHUimsR7UOQ==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":102255,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (62333)","md5":"35c423c7a0a87e2e4f3646e582e2dd67","sha1":"aa640d874aaf84764c2a4c94290624166fa81d2b","sha256":"98e7ef32e76852a8a836cd1ca9efd953628a0cc8739f7d847ea87ca525db73ae","sha512":"d81bb1c55dfe6108d57f19f8aa37dc01f770ce9ccc16d0519710a1dfbcd0da6c9c71d85ca1a940aec83c81b5124aa2c6fb9ac0409517e38db02734300b006d8b","ssdeep":"1536:E6MnM+M8MMMtMFM/QS8EfluzvQrp6mQzsWdCENdA9tVg9:/pfluzYQmQzsn8dA9ti9","tlshash":"b4a339f8e48905e8a372c84fcb55b36c663afb70d5425c81f10f9a4d8ec2b5815dab2d","first_seen":"2024-08-12T04:36:20Z","last_seen":"2026-05-11T10:34:25.116144Z","times_seen":25171,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/css/7.10.0/fonts/fontawesome-webfont.woff2?v=4.7.0","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.978Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4yvz2.crddgkmc.cc/usr/themes/Mirages/css/7.10.0/mirages.min.css?v=20251218\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: font/woff2\r\ncontent-length: 77160\r\ndate: Mon, 11 May 2026 10:19:41 GMT\r\netag: \"64b11da3-12d68\"\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\naccept-ranges: bytes\r\nlast-modified: Fri, 14 Jul 2023 10:04:19 GMT\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: bh3K9NFh8L5mZ-Bv629rdvQ5GtE1RlehT3ysDZ0Gx2zrE3ef9p0mGQ==\r\nage: 197\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":77160,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 77160, version 4.459","md5":"af7ae505a9eed503f8b8e6982036873e","sha1":"d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c","sha256":"2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe","sha512":"838fefdbc14901f41edf995a78fdac55764cd4912ccb734b8bea4909194582904d8f2afdf2b6c428667912ce4d65681a1044d045d1bc6de2b14113f0315fc892","ssdeep":"1536:/MkbAPfd1vyBKwHz4kco36ZvIaBfRPlajyXUA2jVTc:L0nXnHdfRVEAS2","tlshash":"7d7302e63b6c4943e03d6460708abe9f104b3ab42fe057e5c876db7f2722992b71552c","first_seen":"2023-04-05T03:30:47Z","last_seen":"2026-05-11T12:00:17.249198Z","times_seen":462963,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn//upload_01/xiao/20260506/2026050620162025001.jpeg","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.104Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET //upload_01/xiao/20260506/2026050620162025001.jpeg HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 06 May 2026 12:16:25 GMT\r\nEtag: \"9b88a8ec941f494865577015ad636e76\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 06 May 2026 17:32:33 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 212\r\nContent-Length: 76112\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 6958606568852364170\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":76112,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"9b88a8ec941f494865577015ad636e76","sha1":"bd9f84d09553e3ae335b0e8e8453035763fd9a54","sha256":"2095575f8cbf54641fc8673a645ffe8d90fe8bcc86453274141b6627a6ad9f1f","sha512":"4c271b4464b2be63f33ce7a5e6857034f50a8c7dc6d9c5357137f43d71a61656ebfe59daa0b811ec52deb8655dc7bab2ecf36579a876c9ddeec875563d0a2146","ssdeep":"1536:lsrChXLkT5OOZJNYoQicrRnyiaVZl8UaXm8TWvmRjfbUnS9c+7deH8F3b7iF:lsrUXLFOZJV3cFny5VZl85d+mRsnS9ro","tlshash":"467302c5e8995afbb6fdc712ce7473ca6f5970879144200b43c5e724b6d4872b8328e9","first_seen":"2026-05-06T19:50:46.761423Z","last_seen":"2026-05-11T10:34:24.957826Z","times_seen":266,"resource_available":false,"data":null}},"time_used":796,"timings":{"blocked":774,"dns":0,"connect":0,"send":0,"wait":20,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2026-05-06/d17929fc283ef385514ee229733243bd.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.145Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-05-06/d17929fc283ef385514ee229733243bd.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 06 May 2026 09:18:59 GMT\r\nEtag: \"4f7e49bbd5cfb1ed7d3a767dbd45618c\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 06 May 2026 09:24:54 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 171\r\nContent-Length: 1589328\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 5015921607795911069\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1589328,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"9825c79d3a110e7a9a53672a97d12a76","sha1":"b5c2c1251b9fcf91535b1cc7a600c4163b63c7c2","sha256":"e20299574d3a8af4373d7bd505b5d77911b2b91d408df78846c9c949f124a14a","sha512":"0080624635eedb458909a126ff245f4cc71f43641ee32b018fa05b06a0cab860a675c2f794a6acbc43ca35dbdbbae76c1ac4dc5da761b0cf6ab975747e925004","ssdeep":"24576:EmnetxBzR5G6gx79lc3OtEcuenjCTGK/aF02PcVetJj:EmnMlbWlc+MGCTnFVetN","tlshash":"872533ec3ab1837ed968eb4609471a39c18ee9c14743e542ecf85668d700ea634ef75c","first_seen":"2026-05-06T09:58:13.957642Z","last_seen":"2026-05-11T10:34:24.978709Z","times_seen":307,"resource_available":false,"data":null}},"time_used":1429,"timings":{"blocked":904,"dns":0,"connect":0,"send":0,"wait":21,"receive":504,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2026-05-06/4a6f999324e03c4429d2dc9b0ac3709c.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.250Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-05-06/4a6f999324e03c4429d2dc9b0ac3709c.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 06 May 2026 09:19:35 GMT\r\nEtag: \"d30bb7a2c0373178f6c71ca555a9dfe3\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 06 May 2026 09:19:36 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 51\r\nContent-Length: 374736\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 2840431497221776673\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":374736,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"d30bb7a2c0373178f6c71ca555a9dfe3","sha1":"e707bfd3e9a27a5fdbb06456ff3e648e40485ccb","sha256":"cc6bd82929d0f238096877173bfec4165303bbc169287fa617e133335b0907e0","sha512":"c6e7f891836462a307bf46ff4c36391708c5c05c2cf7b3db341bd4180a8b72fdb7f4e973ffefb2fb3d869782156dda8fc407787eedda531fa40cb439249f9b52","ssdeep":"6144:+HZPYAfiLRNyc5fHJiPigZUf7O8WXKt0dOE5JBWsTgFMsuKyMdjQyubS:KZPiLvnMxZY7OjQS1JBfEKKyMCdbS","tlshash":"128423bf3a37f7b0edda50ac05e31880f57be02b9a6df257e41c96ad22001d1714866b","first_seen":"2026-05-06T09:58:14.003874Z","last_seen":"2026-05-11T10:59:04.956997Z","times_seen":336,"resource_available":false,"data":null}},"time_used":1014,"timings":{"blocked":982,"dns":0,"connect":0,"send":0,"wait":25,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn//upload_01/xiao/20260507/2026050718501932422.jpeg","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.053Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET //upload_01/xiao/20260507/2026050718501932422.jpeg HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 07 May 2026 10:50:23 GMT\r\nEtag: \"935fb59e5c7e59b985779f9eb1835c93\"\r\nContent-Type: binary/octet-stream\r\nDate: Thu, 07 May 2026 11:02:32 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 627\r\nContent-Length: 102640\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 6373421979471122354\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":102640,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"935fb59e5c7e59b985779f9eb1835c93","sha1":"8f0af85b9736a2c97d2231bf3e5501c6ae31a4ea","sha256":"8ecbd66de5fc5e88ec286ba186fb7f1029afc87eacb101945e5e38fb67af24b4","sha512":"725083c6b633c7a2f8c1b0bf3237f95669c14d7890d95e7ac1a0a6b5d1ea8998f301bfb202232aebed99d821764244a10ff0d76ab8d54943a1485fd737985ad1","ssdeep":"1536:0wPDc+npJpi2Hum5ZF4pYs7bRDQsIVHWCRj3Ki7TF5MITxe1RwDb2X:0sc+pJs+eZbRDjIUyj3Ki7sI4mv2X","tlshash":"a4a3122c28139e2412236b27d7ebfc95d3f2e9a58858c40a94a6c4195fff0f9365a703","first_seen":"2026-05-07T12:53:42.866421Z","last_seen":"2026-05-11T10:34:25.00846Z","times_seen":210,"resource_available":false,"data":null}},"time_used":1720,"timings":{"blocked":813,"dns":528,"connect":41,"send":0,"wait":34,"receive":29,"ssl":252},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2025-12-30/d17322eacc370df9d8c74917a4d81688.png","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.270Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2025-12-30/d17322eacc370df9d8c74917a4d81688.png HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 27 Jan 2026 14:10:23 GMT\r\nEtag: \"8e78105502fd4718f8c170301ef24f37\"\r\nContent-Type: binary/octet-stream\r\nDate: Tue, 27 Jan 2026 14:10:24 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 15\r\nContent-Length: 152560\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 4913824980874800535\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":152560,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"8e78105502fd4718f8c170301ef24f37","sha1":"99359fe1c90ca4f43885b194682566cdca7a2732","sha256":"0f233333867ea57405d816c09f33ae4474a9c274045e730233930f9e334943f4","sha512":"08fff58185fd6d81eafd8f5980ba8bfc2a7dd8da92fba6b707b7c862e055c02851fb9679d34fc988c7b4cb18ea007ad114dbb27deca0b3b182ca2dfede87b9d5","ssdeep":"3072:B0nNq9uJdr2tAenbIW2Q5Xh2qBFXNJ5d6cDlf9xttJ0MtSll:iNqogFIW2A/FXNJ5P9xltSll","tlshash":"0ae323fcfde77e30c6743ac6986500e65b82fb9d62063729ee148fd4087697a39e0548","first_seen":"2025-10-18T12:51:03.886963Z","last_seen":"2026-05-11T10:34:25.085125Z","times_seen":19094,"resource_available":false,"data":null}},"time_used":1047,"timings":{"blocked":1026,"dns":0,"connect":0,"send":0,"wait":12,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.54ads.com/zoC7eODqB70fh9qe_AiNdSYMN5wOPWxNQausklNJIaMt8Ozmz9EdE4EeJgA2HveqWWSTe7CuYHokfTvR85ECzlQ_YaLX4SbFre6GGhtj94DbB2xGgNQSkWTbQFk6OUnWzATPYsnSwxYVLT_2pn3YW4Ym7FOoau0PxGL9rVxnPazSy7xL33lKdk0NITJrmDX4N3rBWnIxBXc_en_xmwLISEt8KHlu7BdPjVwjaxu9upbTuUP0rTUuL2yT2Hp4-mFmHMBa_X5prLgoqAHPTbPX76fLWfkDAX1xmGn1VkX1AmrYh_Do59KSsOBaOowydWkY9HYKVkSQwCiZoHpLBe9k5b84Ex0BSKCq4PoNqD4j4iZPib3kuCynlU8NjVI-tloP6yy22ErbWfgzQBmQsINTybcrDt2IARJhzaqXHZtI-j-SeMB1v7tgdEgZ99XM_l13Ekjq3EtxnApSjTJD0OqtFP50G2jo?","fqdn":"code.54ads.com","domain":"54ads.com","tld":"com"},"ip":{"addr":"136.243.69.251","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.399Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"code.54ads.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Mar 2026 04:56:32 GMT","end":"Tue, 09 Jun 2026 04:56:31 GMT"},"fingerprint":{"sha1":"78:1E:97:ED:CA:F6:E7:9C:9D:DB:50:41:C7:CB:6B:2E:1D:04:4A:6C","sha256":"CC:C4:21:B1:12:D2:FF:F5:70:E7:DA:A9:B5:DE:55:F7:42:CC:C1:B2:0A:B4:2C:B2:30:BA:68:B5:BB:C6:5A:F3"}}},"request":{"raw":"POST /zoC7eODqB70fh9qe_AiNdSYMN5wOPWxNQausklNJIaMt8Ozmz9EdE4EeJgA2HveqWWSTe7CuYHokfTvR85ECzlQ_YaLX4SbFre6GGhtj94DbB2xGgNQSkWTbQFk6OUnWzATPYsnSwxYVLT_2pn3YW4Ym7FOoau0PxGL9rVxnPazSy7xL33lKdk0NITJrmDX4N3rBWnIxBXc_en_xmwLISEt8KHlu7BdPjVwjaxu9upbTuUP0rTUuL2yT2Hp4-mFmHMBa_X5prLgoqAHPTbPX76fLWfkDAX1xmGn1VkX1AmrYh_Do59KSsOBaOowydWkY9HYKVkSQwCiZoHpLBe9k5b84Ex0BSKCq4PoNqD4j4iZPib3kuCynlU8NjVI-tloP6yy22ErbWfgzQBmQsINTybcrDt2IARJhzaqXHZtI-j-SeMB1v7tgdEgZ99XM_l13Ekjq3EtxnApSjTJD0OqtFP50G2jo? HTTP/1.1\r\nHost: code.54ads.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: no-cache, no-store, must-revalidate\r\npragma: no-cache\r\nexpires: Thu, 01 Jan 1970 00:00:00 GMT\r\naccept-ch: sec-ch-ua,sec-ch-ua-full-version-list,sec-ch-ua-mobile,sec-ch-ua-model,sec-ch-ua-platform,sec-ch-ua-platform-version\r\np3p: CP=\"CAO PSA OUR\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://h4yvz2.crddgkmc.cc\r\nset-cookie: UUID=8b765359-edd1-5c8a-9867-ae225b688f1a; Max-Age=34560000; Expires=Tue, 15 Jun 2027 10:22:59 GMT; Domain=code.54ads.com; Path=/; Secure; SameSite=None\r\ncontent-type: application/json;charset=UTF-8\r\ncontent-length: 1304\r\ndate: Mon, 11 May 2026 10:22:59 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1304,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"1025b8d22766bedcca75c176c27ed232","sha1":"2a38b480a9a532fa34897d1af9d1a3fe8a085701","sha256":"b411569ccb40748601c87cdea4f5a8664445a47a03c745fd7f63b7496c589b76","sha512":"292c0854e90a03e985bd601a09995d14d4c0b66215c7641389fbac5cc69ea91addb4ddbe733b2fdae22d788d236d8b8d64d32d8f737648f36f297b55b7a10f41","ssdeep":"","tlshash":"b62153f30c90d98c8fb594a63c57bd79b516a00a8f8ae81adb80188891052b648576a5","first_seen":"2026-05-11T10:23:44.20439Z","last_seen":"2026-05-11T10:23:44.20439Z","times_seen":1,"resource_available":false,"data":null}},"time_used":196,"timings":{"blocked":-1,"dns":62,"connect":36,"send":0,"wait":49,"receive":1,"ssl":48},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/css/7.10.0/icon-delete@3x.png","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:23:01.062Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/icon-delete@3x.png HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4yvz2.crddgkmc.cc/usr/themes/Mirages/css/7.10.0/search.css?v=20260414\r\nCookie: _ga_P6HKH41365=GS2.1.s1778494980$o1$g0$t1778494980$j60$l0$h1428737922; _ga=GA1.1.1636593283.1778494980\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 593\r\ndate: Mon, 11 May 2026 10:05:40 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Thu, 05 Jun 2025 07:04:03 GMT\r\netag: \"68414163-24d\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: nDCH_iYmv_qEAvDc0X2ZTNSBTD1-A7Qeap4NjVoghs1p50PHtu1w4g==\r\nage: 1040\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":589,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 99 x 102, 4-bit colormap, non-interlaced","md5":"186ec31c3c1154addc6ec1fb8ebeaffd","sha1":"0f2e9a7e94ab44760f72705d02718e34697a7c0f","sha256":"9715ded51f20950c770eaec0f8eb8953163ce508df6e080d7a3b31660a21f1e3","sha512":"f441cb908e51513292262abaeaff1ea380a131dabbc5fb124e3a244845c8d6ee7b4ddfa7401c7b0e27ecf2abda4e6f38fbe4735121c421748b1e0bda39139ded","ssdeep":"","tlshash":"c0f0e141a9568ee4821d0c3a3c9bf4c4926f017ea09ce15d803b995954cbf9144d1ec2","first_seen":"2025-10-28T07:13:52.652764Z","last_seen":"2026-05-11T10:34:25.015885Z","times_seen":10581,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.54ads.com/zWWRrVYjuCJtK-B3RyAH31A-N48g_MLlyFwvBkMuXNcM9OOHWBq3fVBSn7gaxFqU4qz9v8-3v0XewzOci62eYVIsKh8Rwm2ODAVhqLiprgved8AzmbmWGd7uCPIzA1TLNtrF8FHCWdZQBlt8FJNwS6csfl2bJdpEY_VKbnOJmjvj-Ql-S05WYeyAqqTexkkrmd8qK79nKQba2-MdAD3_-OMc77oz4AP5dAa86kMI818JrpD3diI9DBjHQsJvm_gxi8zUObnri5FLr6WmxQFGXxCmfh6wo_xRxAMQLu8K8hU0sTp01BDJvrpsm_KXqzoeTh_O8TDCCTpwbM-yVarN89lXDmsO0mhFdAQNhOrQEJHzmYtdmvT2R7ey7KjcuhcbtZD6sd82yNCtU3uX6AEu-olaltBlZ1bIgtW9gMui5rURjewM0hXElFSdAW2NOw1BEezPHmkdzIvgOc4rMHFzHwGweBzoBpCjldQ?DC=HZ","fqdn":"code.54ads.com","domain":"54ads.com","tld":"com"},"ip":{"addr":"136.243.69.251","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:23:01.154Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"code.54ads.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Mar 2026 04:56:32 GMT","end":"Tue, 09 Jun 2026 04:56:31 GMT"},"fingerprint":{"sha1":"78:1E:97:ED:CA:F6:E7:9C:9D:DB:50:41:C7:CB:6B:2E:1D:04:4A:6C","sha256":"CC:C4:21:B1:12:D2:FF:F5:70:E7:DA:A9:B5:DE:55:F7:42:CC:C1:B2:0A:B4:2C:B2:30:BA:68:B5:BB:C6:5A:F3"}}},"request":{"raw":"GET /zWWRrVYjuCJtK-B3RyAH31A-N48g_MLlyFwvBkMuXNcM9OOHWBq3fVBSn7gaxFqU4qz9v8-3v0XewzOci62eYVIsKh8Rwm2ODAVhqLiprgved8AzmbmWGd7uCPIzA1TLNtrF8FHCWdZQBlt8FJNwS6csfl2bJdpEY_VKbnOJmjvj-Ql-S05WYeyAqqTexkkrmd8qK79nKQba2-MdAD3_-OMc77oz4AP5dAa86kMI818JrpD3diI9DBjHQsJvm_gxi8zUObnri5FLr6WmxQFGXxCmfh6wo_xRxAMQLu8K8hU0sTp01BDJvrpsm_KXqzoeTh_O8TDCCTpwbM-yVarN89lXDmsO0mhFdAQNhOrQEJHzmYtdmvT2R7ey7KjcuhcbtZD6sd82yNCtU3uX6AEu-olaltBlZ1bIgtW9gMui5rURjewM0hXElFSdAW2NOw1BEezPHmkdzIvgOc4rMHFzHwGweBzoBpCjldQ?DC=HZ HTTP/1.1\r\nHost: code.54ads.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nCookie: UUID=8b765359-edd1-5c8a-9867-ae225b688f1a\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\ncache-control: no-cache, no-store, must-revalidate\r\npragma: no-cache\r\nexpires: Thu, 01 Jan 1970 00:00:00 GMT\r\naccept-ch: sec-ch-ua,sec-ch-ua-full-version-list,sec-ch-ua-mobile,sec-ch-ua-model,sec-ch-ua-platform,sec-ch-ua-platform-version\r\np3p: CP=\"CAO PSA OUR\"\r\nset-cookie: ucv=87-NO-1778581381074-24--; Max-Age=31536000; Expires=Tue, 11 May 2027 10:23:01 GMT; Domain=code.54ads.com; Path=/; Secure; SameSite=None\r\naccept-ranges: bytes\r\netag: W/\"43-1777835230000\"\r\nlast-modified: Sun, 03 May 2026 19:07:10 GMT\r\ncontent-type: image/gif;charset=UTF-8\r\ncontent-length: 43\r\ndate: Mon, 11 May 2026 10:23:01 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43,"size_decoded":0,"mime_type":"image/gif; charset=UTF-8","magic":"GIF image data, version 89a, 1 x 1","md5":"b4491705564909da7f9eaf749dbbfbb1","sha1":"279315d507855c6a4351e1e2c2f39dd9cd2fccd8","sha256":"4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49","sha512":"b8d82d64ec656c63570b82215564929adad167e61643fd72283b94f3e448ef8ab0ad42202f3537a0da89960bbdc69498608fc6ec89502c6c338b6226c8bf5e14","ssdeep":"","tlshash":"c5900403d140d041c351c0300d0cc740174471304514030f70fc175dfc353510c13000","first_seen":"2023-04-05T09:54:56Z","last_seen":"2026-05-11T12:07:29.894407Z","times_seen":99502,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/images/icon-black.png","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.615Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/images/icon-black.png HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 243\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Tue, 22 Jul 2025 12:20:29 GMT\r\netag: \"687f820d-ef\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: KyVWeX9BTQlHCBzGnRT38wGsAUC3cmpUIRRiG_VU7mfgrXBJGISjuA==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":239,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 96, 4-bit colormap, non-interlaced","md5":"2b892c414e0a5db08d3f844bcf77536b","sha1":"ac2af64f80e53c7c19535e472458b4cb575ec5bb","sha256":"9b7c59b938d8eb51e01482d5701c27dbb41239e79ddc8445897d23484248f6fe","sha512":"e4125037093ebc4b9bfd69b1e7eae92bd24ed647522f3fc67f2a11499eb6af27ca73e3a4d409807bd7499d7999440d89d7a89f97af2b07f344ef155d02c90dda","ssdeep":"","tlshash":"40d0a7f2c6646c749aaad05603a960f0bc3771771034a15ebb1e40662a3e36a9395a47","first_seen":"2025-07-12T04:18:50.961651Z","last_seen":"2026-05-11T10:59:04.952583Z","times_seen":25553,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn//upload_01/xiao/20260510/2026051013583398455.jpeg","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.112Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET //upload_01/xiao/20260510/2026051013583398455.jpeg HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sun, 10 May 2026 05:58:38 GMT\r\nEtag: \"beae1e07a3f588d39378f008446c57fc\"\r\nContent-Type: binary/octet-stream\r\nDate: Sun, 10 May 2026 06:53:01 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 623\r\nContent-Length: 50368\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 12075411139188333684\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":50368,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"beae1e07a3f588d39378f008446c57fc","sha1":"8afd3d1725b5eaa663365d0cd500d04d046c77fc","sha256":"b9dbf3b9ad5340771c701a4cd70339137d5daf396ce999dae83c54bd164ac1ed","sha512":"b6bbe5e1029fa0f9dc95efdd1a4cacd0cf61f70e4a8a16d706286947a150148025253e233a3293aa53ee208ec6c249425a5283eb208b5f92f5e5b51041ebf26b","ssdeep":"768:wtv0sl0m+YrgBIChB4hBqTCjGssbVZ5M2ouGY4W3dyOTJ5ZvQ3PQ2xcczXQei3sM:wV0argBjxt5ZoOTQPQCLk31k4n","tlshash":"873302a042c14a7d3573a5d8c3b12b9163fdea806a87af61b73c227d624cb45b1bc1d5","first_seen":"2026-05-10T07:35:41.45873Z","last_seen":"2026-05-11T10:34:25.073706Z","times_seen":44,"resource_available":false,"data":null}},"time_used":859,"timings":{"blocked":817,"dns":0,"connect":0,"send":0,"wait":30,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2026-04-13/b457bc09ae4e40abe171999757c4446c.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.227Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-13/b457bc09ae4e40abe171999757c4446c.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 13 Apr 2026 03:24:54 GMT\r\nEtag: \"56e97081356b4cdbe834471cc492b95b\"\r\nContent-Type: binary/octet-stream\r\nDate: Mon, 13 Apr 2026 03:25:05 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 162\r\nContent-Length: 584704\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 8193475864425744146\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":584704,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"56e97081356b4cdbe834471cc492b95b","sha1":"d67ce5aa74e2a4251f44c63e447f99c1a3743db7","sha256":"1e4e7d73225028284447bf5f931e11ea3de9b9bb7a0be6ad221c19f330fe23d0","sha512":"59c8e2883b5962c00febe111abb951891b0768ad39ba0bea023b1b10a457900a997446804b57e811ba2679e3a8076bb906f347e1d529a08b9d661134c95f1c2b","ssdeep":"12288:8gBj1UC/hxPVvpJpEM6OZOShDr38rbs2Odol8ycvxiScSs+cZ0Fu:8gZJDvpJiXujdG+AjAcV","tlshash":"b6c4330457e5510b63aa0be1a78bf5c7df2768dcc826d0587caae3bb5149da3cf31460","first_seen":"2025-06-14T15:15:15.321259Z","last_seen":"2026-05-11T10:59:05.002178Z","times_seen":24420,"resource_available":false,"data":null}},"time_used":1024,"timings":{"blocked":973,"dns":0,"connect":0,"send":0,"wait":40,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn//upload_01/xiao/20260506/2026050614024083878.jpeg","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.057Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET //upload_01/xiao/20260506/2026050614024083878.jpeg HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 06 May 2026 06:02:43 GMT\r\nEtag: \"827e19db1b1b7e4ca594d3fa54d543df\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 06 May 2026 06:33:10 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 805\r\nContent-Length: 60864\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 7289523836587025155\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":60864,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"827e19db1b1b7e4ca594d3fa54d543df","sha1":"1b95275cff5a08e29dfb510484c7f907d9c171e1","sha256":"3d5177567d101ea1d1669f2b2d52d34bb50de3bbdea67fc38e38fb514f1a4aeb","sha512":"242c7969f14805bab13c9e5bcba2e2122b7216e5bf60b036bf09ec8c4fd704fb8663dd480f4c75d4dca3dcb35c4242117fe5cd5c5b680070e99b3544bfbc60ef","ssdeep":"1536:Qs7YNUS/crn4XQQ7fBhn3W3RCt/tpcgSuA:QcYNUKcrn457JhG68gSuA","tlshash":"d65302af6e01de98924772573bed12b305dd0423a98f0ae87dbdb16079be52845ca01c","first_seen":"2026-05-06T08:48:28.908012Z","last_seen":"2026-05-11T10:34:24.964813Z","times_seen":313,"resource_available":false,"data":null}},"time_used":730,"timings":{"blocked":719,"dns":0,"connect":0,"send":0,"wait":8,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn//upload_01/xiao/20260507/2026050714553045933.jpeg","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.136Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET //upload_01/xiao/20260507/2026050714553045933.jpeg HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 07 May 2026 06:55:35 GMT\r\nEtag: \"7bb932b26a39a77d905c3bd8c8b80e67\"\r\nContent-Type: binary/octet-stream\r\nDate: Thu, 07 May 2026 07:03:41 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 315\r\nContent-Length: 109328\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 11733314608953878604\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":109328,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"7bb932b26a39a77d905c3bd8c8b80e67","sha1":"ca3b7f34c854b2b80245a10cbed27f1b78e901e0","sha256":"26f51fd455485ff9fa0c8fe08fe029710948c67408ce77fe09da77e3f929859e","sha512":"690e6e7fc0762690f0f0f486ebc8031e397e31b0d050cb380aa6d8399fc976cdbde3e11b01552aa61c54831453ea5e8538c0baa78a2ce1eadd71c61dd8a2dd5c","ssdeep":"3072:iauEztIDuRimTMQ25Y2bQKQWYQhjfAMnkHE9oj:iSzQuNTMN5nQ+Idkuj","tlshash":"e7b31247de23aa3ffec9b17c531155aeda683049aa0136ded93010b3d6c2747929e0f6","first_seen":"2026-05-07T08:41:56.582816Z","last_seen":"2026-05-11T10:34:24.931522Z","times_seen":240,"resource_available":false,"data":null}},"time_used":932,"timings":{"blocked":878,"dns":0,"connect":0,"send":0,"wait":52,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn//upload_01/xiao/20260508/2026050815293342721.jpeg","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.141Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET //upload_01/xiao/20260508/2026050815293342721.jpeg HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 08 May 2026 07:29:37 GMT\r\nEtag: \"d50fc8310c6155f4b89ee333358a58e4\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 08 May 2026 09:00:48 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 857\r\nContent-Length: 156592\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 1588914470481771888\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":156592,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"d50fc8310c6155f4b89ee333358a58e4","sha1":"22c601640f915c37c2cb30d8cf44510d7743f58d","sha256":"05d9d9cbab760a78f96f351de26d5309d786a7975ffc23201a554f0ec02a2569","sha512":"8f8da600f165918f78b97c242e9f796291e996c6a9775cf8a3d314f64260eb48054db8c4e02da212564d938fdb3472ca214b12d3bacdcbca8438d655a9e1bb4e","ssdeep":"3072:z05OgVEKX/avx3gec3XEzkzsJZc2BAFUQFo8acjc8f:z+VhaJ3K3XEiEuvFVVca","tlshash":"07e3120b788ac291ee77071d1ba9c14f739079ed7812bf7e75891b53204c9a6f0ad0ad","first_seen":"2026-05-09T03:30:51.328578Z","last_seen":"2026-05-11T10:34:24.971855Z","times_seen":157,"resource_available":false,"data":null}},"time_used":925,"timings":{"blocked":896,"dns":0,"connect":0,"send":0,"wait":26,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.tflixziz.cc/","fqdn":"h4yvz2.tflixziz.cc","domain":"tflixziz.cc","tld":"cc"},"ip":{"addr":"43.230.114.210","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-11T10:22:57.657Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tflixziz.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Apr 2026 11:07:45 GMT","end":"Sun, 26 Jul 2026 12:05:24 GMT"},"fingerprint":{"sha1":"A3:36:DB:44:30:FB:A2:7F:BC:1E:4F:4F:9F:95:1E:84:ED:9A:26:B3","sha256":"6B:77:97:01:0C:CF:23:B3:4D:B6:11:CC:27:CD:5F:18:E0:00:BE:95:4F:C3:E9:15:95:9C:39:95:9F:D3:7D:B2"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: h4yvz2.tflixziz.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ndate: Mon, 11 May 2026 10:22:58 GMT\r\ncontent-type: text/html\r\nlocation: https://h4yvz2.crddgkmc.cc/\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2Fof0NK0CP5SZya%2BsG3jiUqYFwO1M0hO9tVDRHK0O9sVngGn2%2Fmid6NP0JpZ1psKB8X16gdA7NIeJdipVmaFagE%2Bqp7muVuzgy72GSsgELgCGoZDuR8zmLR%2FRrleNP%2Bc5V%2F5DskM%3D\"}]}\r\ncf-ray: 9fa0772a8ebc56a9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":292090,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-11T12:02:54.547078Z","times_seen":15008011,"resource_available":true,"data":null}},"time_used":467,"timings":{"blocked":31,"dns":14,"connect":1,"send":0,"wait":405,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"h4yvz2.tflixziz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"h4yvz2.tflixziz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"h4yvz2.tflixziz.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/fonts/OpenSans/400.woff2","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.016Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/fonts/OpenSans/400.woff2 HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: font/woff2\r\ncontent-length: 16644\r\ndate: Mon, 11 May 2026 10:19:24 GMT\r\netag: \"64b11d81-4104\"\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\naccept-ranges: bytes\r\nlast-modified: Fri, 14 Jul 2023 10:03:45 GMT\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: U2nKU_CHaekqExKgNO8Av1O2s_uxmyUYOHd0zGP1HYmFKr2RSFcX1A==\r\nage: 214\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16644,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16644, version 1.6554","md5":"6276351c3fd3053a0cab736572d6ced1","sha1":"326b281cbcf5070d140fadedc4b1354f1a5d916c","sha256":"43640ab0efbdbd50a1162047c1f62f338fb84de407411b98bfa6a1f8666ef0af","sha512":"c9885c9fa086350a150efae1c40c9ab22314db0baf47b457c3de4be5c7e609313b9fec4f9000b133a9f8b365c2d5d3703bbff579833a8b81195062e5f6bfe5e7","ssdeep":"384:JK4eVLUx4mqjtgI4cwDn/HnhbXOU7WYb+KFqEevY5:Y4edUqmBIkD/HhjHWYb+KFGvY5","tlshash":"bf72cf83f467d9f0f42836305db116e3b979ef357761ace0621445aa1232bd02e847dc","first_seen":"2023-05-08T23:10:23Z","last_seen":"2026-05-11T10:59:04.991959Z","times_seen":24895,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn//upload_01/xiao/20260508/2026050822544961271.jpeg","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.063Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET //upload_01/xiao/20260508/2026050822544961271.jpeg HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 08 May 2026 14:54:58 GMT\r\nEtag: \"340035d2a59eade62c9d7573d8c758ac\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 08 May 2026 15:12:27 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 305\r\nContent-Length: 52384\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 14812742392940099570\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":52384,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"340035d2a59eade62c9d7573d8c758ac","sha1":"da709a7c625581e06c2b355465f588768bfd37d2","sha256":"2362e52fd2b0d6bd2b275ab54f3b60d34541ce726bad3f50afa8e7a80b0b399f","sha512":"89d30e0b451cb02fd5cfdfcd3c3fba332f9f54df077a3c79c6f3d5d9b260273490526ededcc1aa401381cc51b81c2c57f8e0bd2049612b6cd1982e8becda37cf","ssdeep":"1536:ivUuqEZNP8VF8N0AWLuoDTrxIENh087ykV8T:vpuNPb0AWSWx7NS68T","tlshash":"7633f1190f6ac8c7cfc055e20fae946a58fd8875dd4944c987eaa4bfc26ec4357a3700","first_seen":"2026-05-08T18:57:09.583348Z","last_seen":"2026-05-11T10:34:25.117485Z","times_seen":172,"resource_available":false,"data":null}},"time_used":740,"timings":{"blocked":730,"dns":0,"connect":0,"send":0,"wait":8,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/plugins/FootMenu/assets/foot_menu.css?t=20231032","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.579Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/plugins/FootMenu/assets/foot_menu.css?t=20231032 HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-length: 836\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Wed, 28 May 2025 04:33:23 GMT\r\netag: \"68369213-bca\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: EnqDwh2Odp8CLoC63FYuyFOjh8mqumLpQdeq728Mtso-vMlSUll6zw==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":3018,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"38409875f4c2ac41817851ed5e5eee82","sha1":"0c26a3b9ed9b83c061dfd5fa77f814b9069736e0","sha256":"a5145cedc0d537b7340f185eb2d065cbf323a971819781fe6a9baf05b91d0697","sha512":"b2d8df27917759576bf1b2a360c66ba8c59f8bd6d0950078d386572987c230d14727a36fed8e2b055c81d7829f69a4295474e69b951a6c8958e0cd6d502d5fb6","ssdeep":"","tlshash":"b5518f2966b30e60b9634968bb994684b37ce2038d4dbd7ffd1913c48f8e494add134d","first_seen":"2025-05-28T05:10:55.041625Z","last_seen":"2026-05-11T10:34:25.085941Z","times_seen":24341,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/images/Search/search@3x.png","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.627Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/images/Search/search@3x.png HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 634\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Tue, 22 Jul 2025 12:20:43 GMT\r\netag: \"687f821b-276\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: mjmGC4jdWQqJRElTrCDeWoS3JdIfdPL9R-Qgp0Vo7SIan-WPT39XfA==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":630,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 4-bit colormap, non-interlaced","md5":"a4b5282346fb42d90c59fa556c76e8e0","sha1":"0a12261356eef879559d3bc1dae88cf08dc23a1e","sha256":"aa5da5e9cc04a263402c2c75dc6485c929de92186e8efb80ba3c7cd9604bf950","sha512":"c385c6f1f449891870f786d9fc9bf140cb4218633c39b09ce7895b0c8950ae918327a49036b63f793e58dfec8ba308050d2cef338caffc1b6c856eb31893e6ab","ssdeep":"","tlshash":"bdf00251822d7c9bb34b2916c0177762f858d915771113cfcf0aa83c59151d6c2fd209","first_seen":"2025-06-06T19:17:52.685678Z","last_seen":"2026-05-11T10:34:24.969249Z","times_seen":25598,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2026-04-17/95c79c3298475f2a620b09555dab3eb0.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.107Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-17/95c79c3298475f2a620b09555dab3eb0.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 17 Apr 2026 07:37:02 GMT\r\nEtag: \"83901493a764849955404722280291c9\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 17 Apr 2026 07:38:19 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 330\r\nContent-Length: 467904\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 1251782008690635534\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":467904,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"83901493a764849955404722280291c9","sha1":"0e2741c89ca493741ec62e6ee7ec19550df0b5ef","sha256":"79c0d29d1432edc5f07380ccee2a3b413267b81b6fbcb1fa4e9356c17421ccb0","sha512":"22496a3cb177d74a0d741b4ff66823791e5997b1e3d5d33d4ae6525673c227c43e888239551cdfca0f042d75adec03f84e66c5ebe8a47cd541fb2272319a1367","ssdeep":"12288:C7rC2d2JKJcFbM9fBS5VSkAGJjkFI818s6kbChdL6MKK3v:C7r3d2JKWtwf2VSkdeH8xkWhx6Q/","tlshash":"4ea4239d5f2827c11b8d7abc7d58da67afa43f14c3348901db0b61649a13ba346f482f","first_seen":"2026-04-17T08:09:25.572436Z","last_seen":"2026-05-11T10:34:25.071859Z","times_seen":1637,"resource_available":false,"data":null}},"time_used":832,"timings":{"blocked":805,"dns":0,"connect":0,"send":0,"wait":17,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2026-04-01/3fe7cbf54b558455ba3f6cceb89edb3e.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.209Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-01/3fe7cbf54b558455ba3f6cceb89edb3e.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 01 Apr 2026 10:44:33 GMT\r\nEtag: \"61b5d004bb8e2a9c005aa7180a66a8ed\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 01 Apr 2026 10:44:33 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P1\r\nAlt-Svc: h3=\":443\"; ma=86400\r\nAge: 1\r\nContent-Length: 150544\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 8474154348726650425\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":150544,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"61b5d004bb8e2a9c005aa7180a66a8ed","sha1":"611e02b138efebc908cf88097ec1628a9dd5fc85","sha256":"dd9d4a44a5baee8d26ab61ffbda1b70148fcf307b30fb6b6ecfcd512c102ad47","sha512":"c9fbee0b4a6c0861b4b595756469f2fb1f2d34cb26c431c59eb6438dc1f9bd3374ae0b64650e02a2dd5d64afd63a5041d6e12e425d6329ca8fedcf0fda1c6f4a","ssdeep":"3072:Cu4OHV4Qx6B8iM7fQLGUf+mIBWNAyqWD24IA1lJtFLE1T3mVRv:GOM/M7fQtftI0N/vVIilBpF","tlshash":"27e31328cf1b4d9126b7ef8ec08d1d009436e9c28b3f2dec25566756d1094b9f4cae6d","first_seen":"2026-04-01T11:04:29.203387Z","last_seen":"2026-05-11T10:59:04.975077Z","times_seen":9771,"resource_available":false,"data":null}},"time_used":995,"timings":{"blocked":967,"dns":0,"connect":0,"send":0,"wait":25,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2026-04-17/eb46722c3d8588b7db4c63efd6f52233.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.216Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-17/eb46722c3d8588b7db4c63efd6f52233.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 17 Apr 2026 07:39:19 GMT\r\nEtag: \"b3f1359853ac4a3795d1cca4b342c7bb\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 17 Apr 2026 07:39:36 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 9\r\nContent-Length: 470144\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 2848260298683420571\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":470144,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"b3f1359853ac4a3795d1cca4b342c7bb","sha1":"4e6f403e0a9978bdc3a9562fda9a2d1e40107225","sha256":"0d2e043d70ee8c8d46de8d2ca88caf1ed298a2244f44309f7cad0d5d8d5b9d9d","sha512":"2371c8489385fc27366b6dc3d873fd5dd5b0704bf6786695d49423627a3a90f83b0559c4e11dfa98e27f5fa120a4773f31f5914d6fdb4cd64442221023443aa9","ssdeep":"12288:DAN20W9GqW0oTQO3oxrRcIIhdAL75w7cu3anq0v:E2066T3ov6hy75Y7anxv","tlshash":"4aa423b4187e238ce59d8a96265a3cbdb970af4c7bf460f99ec59fd44c284044693f13","first_seen":"2026-04-17T08:09:25.618747Z","last_seen":"2026-05-11T10:59:05.005033Z","times_seen":1879,"resource_available":false,"data":null}},"time_used":998,"timings":{"blocked":961,"dns":0,"connect":0,"send":0,"wait":27,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/css/7.10.0/rank-1@3x.png","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:23:01.065Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/rank-1@3x.png HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4yvz2.crddgkmc.cc/usr/themes/Mirages/css/7.10.0/search.css?v=20260414\r\nCookie: _ga_P6HKH41365=GS2.1.s1778494980$o1$g0$t1778494980$j60$l0$h1428737922; _ga=GA1.1.1636593283.1778494980\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 2931\r\ndate: Mon, 11 May 2026 10:05:40 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Thu, 05 Jun 2025 07:04:06 GMT\r\netag: \"68414166-b71\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: 6KMFXSIaqV5P9r1cGxlLAHuDs9lsQqOTRlOr-OwZnxkmGvqX7Hl3fg==\r\nage: 1040\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":2929,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"abac25d37a9ac9344c49557ebfcccdb4","sha1":"83b9f56ec29cd0b56e34c938be11ad9bf1282c5c","sha256":"afe1b7a6d3f013b149bad9c96316fa9ab1bb259596d1fe5648e86f236115ac38","sha512":"ef44f375c46e4332861aff8d51407ea7297fe6b11c0f2b5a87f96f1ec3b72815ed608a052ad599147c271e1eace7ec85bd3f6fa523d0aaaac68dff00fb48ca19","ssdeep":"","tlshash":"4d515c8285ceb0f64b1ec36f4b51d4d9f0736c453982de95ada831c64bf1cb7d9816a0","first_seen":"2025-10-28T07:13:52.661811Z","last_seen":"2026-05-11T10:34:25.115487Z","times_seen":10581,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/images/icon-close@3x.png","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.637Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/images/icon-close@3x.png HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 541\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Tue, 22 Jul 2025 12:20:43 GMT\r\netag: \"687f821b-219\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: O6qlEHZU9j9hxYps1mRFBy2FVHl9eetaYI7_xaIaz8ac3VoqltaSoQ==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":537,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 156 x 153, 4-bit colormap, non-interlaced","md5":"ba62950af5049c3c88ef5fd0ec364fa1","sha1":"a6c5416ed6e9a40f7f637698d217f34b37bee260","sha256":"e0615fada85561a85c67f203cd404d52bc466b55032da71564c42c0f2a21a245","sha512":"0d57ac84b018219151809b99517a90879653a286e49d9f8e990a0d33c6da0cceab55b12290912fa7ec78cd1edf3e9d004fa02b02a3e0eda9b3b9dbc1ce7a20bb","ssdeep":"","tlshash":"96f0209e6e73bc38f18d0c11a1f39280788138506514651f6a01f9e8f5b72d18708a43","first_seen":"2025-07-12T04:18:50.926806Z","last_seen":"2026-05-11T10:34:25.112384Z","times_seen":23547,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/js/7.10.0/search.js?v=30","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.688Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/js/7.10.0/search.js?v=30 HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 7629\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Wed, 15 Apr 2026 02:53:11 GMT\r\netag: \"69defd97-8c0f\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: l2O4c3n4YgkFPprbCJIzRs-lNfJ_Nhsbol25OaoTbs1_AH2MaTIexA==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":35855,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"0627205faebf89591b2b8175d6564803","sha1":"8eae5406cc72dcd9e490b2f18467e5f667f334f3","sha256":"cbead04490fc56ef37f1e36ad9e0618e2f9497b352621cadecc15e7c10b58c1c","sha512":"108e1ae9164c2e98dc06ad1da0181796e76a7c2ff9a1703d7805de6441f2aeeb8c86b3d531e416a251399684a06272fd039a8e2a87acf25d10a66d594d1f5f11","ssdeep":"384:FEGVkJKd3+7K33Ew3oVNywa5qwRxBuWtXtTeEI+/L7ct4:hVkJKd3+7K33Ew3oV4wgxPot4","tlshash":"81f22f2624f204329db3f0a94be7ba45bf11d407e54ace487a4c8bc09fd1e25d6a37d9","first_seen":"2026-04-15T07:12:26.144783Z","last_seen":"2026-05-11T10:34:25.017547Z","times_seen":1660,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn//upload_01/xiao/20260509/2026050916131141022.jpeg","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.101Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET //upload_01/xiao/20260509/2026050916131141022.jpeg HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 09 May 2026 08:13:18 GMT\r\nEtag: \"ef0d20ebffcadb68701603034edfd5ee\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 09 May 2026 10:02:11 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 331\r\nContent-Length: 99584\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 5653451855977192821\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":99584,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"ef0d20ebffcadb68701603034edfd5ee","sha1":"77e0ab5bf035cf129f9d6065380cf02ce48743d6","sha256":"2916ff144aecb0f2e6d9f224da5751a974aa65bb43cfd4d7f8f4210fccf55ba1","sha512":"d6af668ac0cc497ccc882b400a922e6e704d1e9df02980bc7ce1d083afea4e830e90914b1be31ce68b1f97ebf6a1c0e0326d375e5234fabcc7fa41d9cc1712e7","ssdeep":"3072:h+tvICbwj0vioxmvsS4RJtCvvhbndycjGywW/M:hivvxTS4fWhtj4","tlshash":"7da302f1444e4b08738297a27f92ff11412702d9349bafa9b0b3cbc0cd96a5665de245","first_seen":"2026-05-09T14:25:40.007792Z","last_seen":"2026-05-11T10:34:25.092923Z","times_seen":106,"resource_available":false,"data":null}},"time_used":776,"timings":{"blocked":765,"dns":0,"connect":0,"send":0,"wait":8,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2026-04-19/6115a04c0fbc92a66706cb930e975294.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.173Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-19/6115a04c0fbc92a66706cb930e975294.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sun, 19 Apr 2026 08:19:19 GMT\r\nEtag: \"917dc5d5095c8e1ba0fe6d1fb8624f68\"\r\nContent-Type: binary/octet-stream\r\nDate: Sun, 19 Apr 2026 08:19:19 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 32\r\nContent-Length: 118672\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 4136362912935241079\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":118672,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"917dc5d5095c8e1ba0fe6d1fb8624f68","sha1":"0403c9417cdbe0d4e6d5a1b3a7bcbcfdc51b8c01","sha256":"efec17f60177055fa6437ea167daad43b3d2119e5972ea51f22e5b3c59a5aa4f","sha512":"e6c83a56fc3c191ebef2394431c40ac67dc5664087474c27284060c0b6daa48a2756d2d27a934250c85cddbca37f2731e45749f164154f755d20a5763b824294","ssdeep":"3072:fvvhYHagxjizjS3X/tQl9TOePBvmy8hTJWM7qy:nvq6Kj+lnWs2qy","tlshash":"d7c312e45ccfdffcb4e41296d88f6ea930b1c70a3c3a2c898591f1a9583d5878961f19","first_seen":"2026-04-19T08:44:06.083641Z","last_seen":"2026-05-11T10:59:04.990388Z","times_seen":1595,"resource_available":false,"data":null}},"time_used":910,"timings":{"blocked":896,"dns":0,"connect":0,"send":0,"wait":11,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2025-12-30/e8e1e023702cb2535fcc5b8dfc237932.png","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:23:00.945Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2025-12-30/e8e1e023702cb2535fcc5b8dfc237932.png HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 27 Jan 2026 14:12:51 GMT\r\nEtag: \"60af2c4d8abb6b3edfa7e5b3f0af2c90\"\r\nContent-Type: binary/octet-stream\r\nDate: Tue, 27 Jan 2026 14:12:52 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 216\r\nContent-Length: 139488\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 7139776445271223187\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":139488,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"60af2c4d8abb6b3edfa7e5b3f0af2c90","sha1":"ff01cec91d7ac12be695637f7f9bc1db1846b442","sha256":"33761d1d55e6319804742b0337b23716cfc9bdc57df7664750b11eb6b3b37976","sha512":"88283c6844b67a8bb6f85a933ba88699699caf084097ddd6fd536453892c7cd52f2e244807958a5fa597ddc43c4935cd286347d82fb65f446e8a3ca13df8060d","ssdeep":"3072:VW6g7V1QSflcmvjLY6EyrQatdxQbGxMLCBYIFDvdQpg/YR+rMToePvs:3gXl+CjLbrA5LCBYIFDvF/0+rMTrvs","tlshash":"76d312e10a29afb280c7534bb8925459dc02daf4c66fc66d0d923b1be67e73360945f3","first_seen":"2025-11-17T11:08:20.239469Z","last_seen":"2026-05-11T10:59:04.978669Z","times_seen":18905,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-11T10:22:58.107Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 45186\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\nx-server: web-node-13\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: gzip\r\nx-cache-status: hit\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: rOP-OkgOSrbkr-iAy_YNJVOXyO8fOFhHRvqvgPDPqmZRTsetXI5ajQ==\r\nage: 1104\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"jQuery:2.2.4","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Parsley.js","description":"Javascript forms validation script.","website":"https://parsleyjs.org","common_platform_enumeration":"","icon":"","categories":["JavaScript libraries"]},{"name":"Clipboard.js","description":"","website":"https://clipboardjs.com/","common_platform_enumeration":"","icon":"Clipboard.js.svg","categories":["JavaScript libraries"]}],"data":{"size":292090,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1116), with CRLF, LF line terminators","md5":"c7ff2b6e25981b4858e21e637cdaf790","sha1":"ab2c300dce3d8db962c9ef9e2ce6ae102281ebc4","sha256":"34faa124291c4b4fcf17f689759ad6cce1a1bad0ba8b6ac4a65224614fb0210c","sha512":"8a5f227e6a86db35ff52cddc99afe631d862f89a6db7e3d7915d3d4653792ad95d87f0de9c924c6ee08e4e601ec2fee1382bf0d3f641a54a54928bb31f6b74a5","ssdeep":"6144:4PTOT1wTVTdTGTOTZdvQ89eCY5VUHBCBQ3H8Db:QTOT1wTVTdTGTOTZdleCY5VUHBCBQ3Q","tlshash":"9b54f8516cf240b64293b0c6a9b2ab05fe41e007d94add05b3ac86c8bfc5ea7c5b375c","first_seen":"2026-05-11T10:23:44.23865Z","last_seen":"2026-05-11T10:23:44.23865Z","times_seen":1,"resource_available":true,"data":null}},"time_used":221,"timings":{"blocked":102,"dns":75,"connect":8,"send":0,"wait":9,"receive":8,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/js/7.10.0/swiper-bundle.min.js?v=1","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.603Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/js/7.10.0/swiper-bundle.min.js?v=1 HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 45534\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Thu, 29 Aug 2024 12:36:58 GMT\r\netag: \"66d06b6a-224ba\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: SZUssjg_s-HT-0b7swqh6AqaMxMq24ogyuTN752LgnVeebCJgjF_Lw==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":140474,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65282)","md5":"f9cadf6d58ee7c472ec17cc71a5cbe09","sha1":"1ff2760a4dbbcb6c9b5b7b5d614041f5ec0f9646","sha256":"ca14261d766828dfc9120faacc847fbafc086fb2948c5e219ac989403ba8ba2b","sha512":"f0fc4bef7db4a44d983ce101de96da366b94a0fd17d5fc8f721713f66f98cce0b602f570aa3134766d5501c86fd4f307bd31d0852b892e99d346a49f69980b4f","ssdeep":"3072:QJVnjuHkOVtuD6poy9v8cnWDkwV4y+6GEcTYEfBxK/Mxz:QJVniHkOVtuD6pl9v8cnWDpV4y+6GTcs","tlshash":"e6d3f8997320b1a552e3268b92a9c611e3b51400b409c4e871bd4c9b6d7e99c13ffffe","first_seen":"2023-03-09T03:55:40Z","last_seen":"2026-05-11T10:34:25.026277Z","times_seen":21453,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/images/Search/pc-nav-icon-qq@3x.png","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.642Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/images/Search/pc-nav-icon-qq@3x.png HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 712\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Tue, 22 Jul 2025 12:20:43 GMT\r\netag: \"687f821b-2c4\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: anVg605Euv2Deqx8t1LMVZH-5af4FTJSrwzOnJGfDzMDENkUAUtW6g==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":708,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 60 x 60, 8-bit colormap, non-interlaced","md5":"0032e13d45b2dc636e67e98a52d66792","sha1":"9cd222e4079d7ab780b2d4ac38d05fd968f3e85d","sha256":"45dcff2f7f3f48fdc5fd0a3a8720827db74347b89c41de15f215af07beb780f6","sha512":"caf32cbaf55c3efdfadc2f0c1aaea7e61b8a84aeba5338372cad9248bda6eb0a8782dd4a3568c6e8307a3f7b2310a576d6497c70ac038ffc94adf4398cce91a0","ssdeep":"","tlshash":"650188d2271f8ca48e0ccc1b4daad0c56c3456b72582f907b517d8676314b5dd3ea004","first_seen":"2025-07-12T04:18:50.988139Z","last_seen":"2026-05-11T10:34:25.100272Z","times_seen":23469,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/plugins/AiSuite/assets/common/index-ai.js?v=20260413","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/plugins/AiSuite/assets/common/index-ai.js?v=20260413 HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 11671\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Wed, 15 Apr 2026 02:53:11 GMT\r\netag: \"69defd97-a703\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: dGD5cIx16qMzk1tY_0cROHhexLqxpvZEBuX_XCDofRB9RyTT4hWOoQ==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":42755,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (306)","md5":"af16a626bae359731ca7af9d28f36c33","sha1":"7f43a4ed614d1f6dcda18ebc5a68ec6807cf6a3f","sha256":"544604fc234086de418787eb6ce6983f4aae7434b0bc32467615d6de011d6202","sha512":"2ab77763e976add11fe032238f9b76b9645b41568e54206239ef9833312501d300a83b029ea74f829fffa60d262deb5677e5d36123dd6609a937f1ca1ba70ce5","ssdeep":"384:IkSVlcz8cJPkBj/r5pRWSLFwzY18zkJsMNFCoGp5va6Tr6iIiep:MVqz8cJw/r5pRWSZuYRJ/NA7p5Prxep","tlshash":"0413a50a3afb74118567706a2befa0057630a0177209df087f4d87985fc652996e3bee","first_seen":"2026-04-15T07:12:26.065138Z","last_seen":"2026-05-11T10:34:24.922763Z","times_seen":1660,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/js/7.10.0/tjtag.3.2.3.js?v=1","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.696Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/js/7.10.0/tjtag.3.2.3.js?v=1 HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 15217\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Mon, 27 Apr 2026 14:15:03 GMT\r\netag: \"69ef6f67-ab7d\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: CTKLPJ8J-3rJY_m0v56m1-OB2yOGM8gnICdKNUccijCoSWLMFdiwlQ==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":43901,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (43213), with no line terminators","md5":"263dbd2bb380147d245bd459ad162367","sha1":"36c01341c6399b1310df76453b3737487e46d47d","sha256":"2ba7a2439464e510fa7143c8d20a5d135dafd36a492bad1c198e567f3be82844","sha512":"233e52a5a713146db77bb9e2864e12aea76eca2a136bd23ac82af3cb5e0d7b778beac021d7df17dbfe7a3987917f38d633e011e8f382f08d02cf6e2a009be908","ssdeep":"768:05wTDlS90GMy4GIeD/zL34Ox/YKI1KQAWJe6VKhOk5xOKh6DmTI/0TFItClZwCLJ:0wViTTTu5aPguW6D","tlshash":"0b13a2142ec07855234b1ffb732771f8c92e0cab3d45494fe405bca4a9a262bead6635","first_seen":"2026-04-27T19:30:05.789869Z","last_seen":"2026-05-11T10:34:25.076992Z","times_seen":1291,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn//upload_01/xiao/20260504/2026050423005916294.jpeg","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.116Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET //upload_01/xiao/20260504/2026050423005916294.jpeg HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 04 May 2026 15:01:03 GMT\r\nEtag: \"e3a62bee293ade64c445a364b45bd669\"\r\nContent-Type: binary/octet-stream\r\nDate: Mon, 04 May 2026 15:11:28 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 2612\r\nContent-Length: 65584\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 4852742488787821532\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":65584,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"e3a62bee293ade64c445a364b45bd669","sha1":"ff4e7e382ab764c1b5168dab1893bf0b5d04ba04","sha256":"5a5ce0443869f7767b861202d948bfc19d76e23173f840140351907adaa6afb6","sha512":"8da9ac1759b2cb9d11b4fd0f945ceb8ec2eac41e08c95bfcc98d6be754881713f73e9b1625dba2e6b7ebe15ccbfca495a391da35cbf507a0394ee22ec09148cc","ssdeep":"1536:Bz7RxtlAk4/5TBpBOjaM5hPPxS59nWoImtyWayWB2uK0Tnz:Bz7ZWz/5TBpBOz5hnxydWoX7ZSTz","tlshash":"e45312bc6da0e57d31ef63bd929ca8d2d071031112a42b9c5bd13e4bb58d106b02eb2e","first_seen":"2026-05-04T16:54:39.218423Z","last_seen":"2026-05-11T10:34:25.027256Z","times_seen":396,"resource_available":false,"data":null}},"time_used":860,"timings":{"blocked":834,"dns":0,"connect":0,"send":0,"wait":24,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2026-03-18/fcff7a5519c5585b84022fb22eb9b990.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.254Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-18/fcff7a5519c5585b84022fb22eb9b990.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 18 Mar 2026 11:14:20 GMT\r\nEtag: \"b623e1b55f0930c825f1f77ccf2aa695\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 18 Mar 2026 11:14:20 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 40\r\nContent-Length: 312944\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 3899492922787983710\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":312944,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"b623e1b55f0930c825f1f77ccf2aa695","sha1":"2a3fa46412096622bfbf0c8c804e3569563ab50d","sha256":"257c25438d69e04240ed40ad37b4a28caf7fd4aabf061e969ee9235a79f6ba91","sha512":"9640217cfc3e64b0b3f5d8e1c9dc97949071f55ad898a1d2299fb29fdf3e429aaba6a05d5d8c9f00cd6878ab95e5b84db7bdd41e9bf1ee5f72c3d70e5a76e638","ssdeep":"6144:TN11eIfw2XlBj5XN+lXYm2J0ytC/xxX8lTnOJ2xk3/qtXfD:h11eIPT54YCykpxwTnOJX3/wX7","tlshash":"a5642310949180eb15cad88a5ecf5a30a2afc993d7afb41af0d3974b50ec7e93311b57","first_seen":"2026-03-18T12:48:21.453772Z","last_seen":"2026-05-11T10:59:04.990933Z","times_seen":11332,"resource_available":false,"data":null}},"time_used":1033,"timings":{"blocked":997,"dns":0,"connect":0,"send":0,"wait":30,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/css/7.10.0/common.css?v=20260501","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.587Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/common.css?v=20260501 HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-length: 4266\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Sat, 02 May 2026 10:34:20 GMT\r\netag: \"69f5d32c-3bc2\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: 1NjKXWmhVj_GpTUlI3mnu2CgyP7RKrZ_wRyjCeOcLAK67HWZMuYJ4w==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":15298,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, Unicode text, UTF-8 text","md5":"20daefd1e629208d7e5cc492213c8760","sha1":"595511cd38cfec81c4d721115ce4269944559731","sha256":"c75713a78ed88fec3ef576776b8e84a97f267fec78b56062305fba00b967e036","sha512":"1e89a5801777014a1fdd96c3c078c5332fe4021937388f8158fee9ea2ae15e27930a748a62fb22db2d6ec78a1767e3d9dab11efbd2c7c2d8aaa84f7cc582a527","ssdeep":"384:Q6fY59F6C6YjvrDdcqYegaDbSAxB8M7dtqo27Jn:Q6fY59F6C6YjvrDdcqYegaDbSAxB8M7m","tlshash":"9862035e0563060069daa5655f6d2ac8166dc00bce0ad56d3edf728ccfce2d4f4e278d","first_seen":"2026-05-02T11:28:33.380155Z","last_seen":"2026-05-11T10:34:24.997592Z","times_seen":672,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2025-12-30/e8e1e023702cb2535fcc5b8dfc237932.png","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.970Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2025-12-30/e8e1e023702cb2535fcc5b8dfc237932.png HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 27 Jan 2026 14:12:51 GMT\r\nEtag: \"60af2c4d8abb6b3edfa7e5b3f0af2c90\"\r\nContent-Type: binary/octet-stream\r\nDate: Tue, 27 Jan 2026 14:12:52 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 216\r\nContent-Length: 139488\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 2871560648851429317\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":139488,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"60af2c4d8abb6b3edfa7e5b3f0af2c90","sha1":"ff01cec91d7ac12be695637f7f9bc1db1846b442","sha256":"33761d1d55e6319804742b0337b23716cfc9bdc57df7664750b11eb6b3b37976","sha512":"88283c6844b67a8bb6f85a933ba88699699caf084097ddd6fd536453892c7cd52f2e244807958a5fa597ddc43c4935cd286347d82fb65f446e8a3ca13df8060d","ssdeep":"3072:VW6g7V1QSflcmvjLY6EyrQatdxQbGxMLCBYIFDvdQpg/YR+rMToePvs:3gXl+CjLbrA5LCBYIFDvF/0+rMTrvs","tlshash":"76d312e10a29afb280c7534bb8925459dc02daf4c66fc66d0d923b1be67e73360945f3","first_seen":"2025-11-17T11:08:20.239469Z","last_seen":"2026-05-11T10:59:04.978669Z","times_seen":18905,"resource_available":false,"data":null}},"time_used":1952,"timings":{"blocked":937,"dns":575,"connect":41,"send":0,"wait":33,"receive":49,"ssl":298},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2026-04-21/b0f15084b506f4408e75a2196a19cbfe.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.103Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-21/b0f15084b506f4408e75a2196a19cbfe.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 21 Apr 2026 09:36:24 GMT\r\nEtag: \"862f8ebd41a563bd8d8cbdd2c64dab26\"\r\nContent-Type: binary/octet-stream\r\nDate: Tue, 21 Apr 2026 09:36:25 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 481\r\nContent-Length: 915040\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 1765035600670590027\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":915040,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"862f8ebd41a563bd8d8cbdd2c64dab26","sha1":"e0269ccf3971c9fdcb0d7dc89fa0b9a1893b77ff","sha256":"4f0727a758ff07b081c2bccaeb45d495298b50005dcb4fbc4135184dbbb9edf7","sha512":"9c2de764ddacadb0e358545b9cee3712f2b1e717065747357bb5d2cae19505ba3869d8daac05c1010f14d82e8ca62c9d41c7cea9ddbe448ae24222af084854d5","ssdeep":"24576:9f/xVSkVIwqmCQcPBZVjrusohEoF0sMtjyhfuNE:dbSkVIWaZNr3ZtjyhfN","tlshash":"d71533f5d3306125797eba8c93a93a091be72fa44fc3110b20280de17d95e7a5aef51c","first_seen":"2026-04-22T08:12:01.432381Z","last_seen":"2026-05-11T10:34:24.970996Z","times_seen":1326,"resource_available":false,"data":null}},"time_used":1071,"timings":{"blocked":763,"dns":0,"connect":0,"send":0,"wait":8,"receive":300,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2025-12-30/b0b6d72cb3831e4af86d892f5322f51f.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.264Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2025-12-30/b0b6d72cb3831e4af86d892f5322f51f.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 31 Dec 2025 11:30:36 GMT\r\nEtag: \"4d4782772c66197e7bb72273464acbcc\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 31 Dec 2025 11:30:36 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 182\r\nContent-Length: 266704\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 4987772817244943870\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":266704,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"4d4782772c66197e7bb72273464acbcc","sha1":"bb5180f3a210440991063df7c71a5f2a73235d66","sha256":"d1b7c5ceaec125a25f11bc63a88adefca0ebf8d4fd47586ac9e5e8c86d94c10a","sha512":"a9f581a25de284a7a4496c8d4f601f60b686cf7048ec0b9015e3131fbdef9e6a43af3c91fe84ba4e7335f516bfc38e28f07580bed9393be30a0943bd41ed2185","ssdeep":"6144:HZHcEA6bo7O9Do4nLk2E//R/+YFihoUDtUeZ7:HZ8EzSOhos4DWYFihoUBD","tlshash":"324423cb5875e0a1541ffa2ee80de01da06ad1fd46e4dda886adf2c53f13805c1f2a8d","first_seen":"2025-11-23T05:10:59.088648Z","last_seen":"2026-05-11T10:59:04.99148Z","times_seen":22785,"resource_available":false,"data":null}},"time_used":1050,"timings":{"blocked":1017,"dns":0,"connect":0,"send":0,"wait":23,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2026-04-20/09a839a5bcf7cadbff0a10e259234f0a.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.269Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-20/09a839a5bcf7cadbff0a10e259234f0a.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 20 Apr 2026 12:59:25 GMT\r\nEtag: \"a225e06e25664722ea8abdfba16a043b\"\r\nContent-Type: binary/octet-stream\r\nDate: Mon, 20 Apr 2026 12:59:31 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 167\r\nContent-Length: 535808\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 14682003417423508542\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":535808,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"a225e06e25664722ea8abdfba16a043b","sha1":"d30bdd721b7f3de1904210ad73316e2d6f928ec5","sha256":"e89b20d4ec54d5f63bb7b33675740ad2daff1782d166bd45d1ad41814e76f623","sha512":"43e503584ad5386d02958bc6f1529ea45ad365f6a5249e7bcfaa7dabe0867ad741c57150d687ac2b174d19ac4db08906744222631b704d12c24bb44e5d05baa7","ssdeep":"12288:2AimncDtFt9i2R3ZFow9AmHLlZCF04GhZ:2AimncDtFt9i8j5BAEZ","tlshash":"8db423ac67f0def8ba7619c5ef5480553113b256e62ad11b9b0fec548017b82a8db333","first_seen":"2026-04-20T13:05:19.140085Z","last_seen":"2026-05-11T10:59:04.955834Z","times_seen":1575,"resource_available":false,"data":null}},"time_used":1076,"timings":{"blocked":1027,"dns":0,"connect":0,"send":0,"wait":28,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/css/7.10.0/rank-2@3x.png","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:23:01.068Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/rank-2@3x.png HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4yvz2.crddgkmc.cc/usr/themes/Mirages/css/7.10.0/search.css?v=20260414\r\nCookie: _ga_P6HKH41365=GS2.1.s1778494980$o1$g0$t1778494980$j60$l0$h1428737922; _ga=GA1.1.1636593283.1778494980\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 2604\r\ndate: Mon, 11 May 2026 10:05:40 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Thu, 05 Jun 2025 07:04:03 GMT\r\netag: \"68414163-a28\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: r8umfNBcSOdUCSIOKeNDpdoItt_LfO5UUXPAZeT6S-BOgeBiWwL-Gw==\r\nage: 1040\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2600,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"3438e5aef62d0d9bebae0eb0b884de9e","sha1":"e1570b5c068b735a7367b83212a0524493913dfb","sha256":"490d481dc60eca11bff657185331c5a6ccc25f201b20bdf36c78ba833853293f","sha512":"104f434d690b6f3bf31d38487050c7d8e6b6a49ce380910313aeaed3dc0935c81898d917f9ba1a078af455a04ec4e0b2083b0acea69b04db762564f973873519","ssdeep":"","tlshash":"12514c68930cfcc6f060bde6017785a02af74e3b31b29acdde48ae206e79f84a4d1100","first_seen":"2025-10-28T07:13:52.634902Z","last_seen":"2026-05-11T10:34:24.990402Z","times_seen":10580,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4yvz2.crddgkmc.cc/usr/themes/Mirages/images/Search/pc-nav-icon-down@3x.png","fqdn":"h4yvz2.crddgkmc.cc","domain":"crddgkmc.cc","tld":"cc"},"ip":{"addr":"3.164.230.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:58.640Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.crddgkmc.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 11 May 2026 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:77:33:76:64:C0:56:0B:23:27:32:C8:55:FE:F1:7C:2F:7C:DD:EE","sha256":"D4:6B:0A:C4:55:92:74:71:F8:7C:7A:6B:50:CF:E1:EB:9D:F7:81:AA:97:C4:5A:68:4F:61:06:98:A5:16:EF:88"}}},"request":{"raw":"GET /usr/themes/Mirages/images/Search/pc-nav-icon-down@3x.png HTTP/1.1\r\nHost: h4yvz2.crddgkmc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4yvz2.crddgkmc.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 330\r\ndate: Mon, 11 May 2026 10:04:33 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Tue, 22 Jul 2025 12:20:29 GMT\r\netag: \"687f820d-146\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef955f95d080740af1e658b6929731ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: gWtnvwzBgjB3zqgvKAHsuRnlEvDpqwy2Cz3cbxNoS88bEJidDHqA_A==\r\nage: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":326,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 60 x 60, 4-bit colormap, non-interlaced","md5":"7023a802c4d373abf7342efe94fa3a98","sha1":"c24cecc5067dee2e5680fff5316cc6f3b940bba2","sha256":"c2197abaec128edeacd5e035178d85dfb36c2d07986033ae13cda8fc83c5e509","sha512":"87c87a9e5afc033f865d9bf4976f3d9c497842213bb653a75498057bdbadda64c1bf6809f76f5cee28a2e652ddb970d877fd71d5832dda033c7110f133bfd9ac","ssdeep":"","tlshash":"dfe0e7d2bfcfdd8c5f270d77c631504054153c62336190773504b4007537145c853291","first_seen":"2025-07-12T04:18:50.955771Z","last_seen":"2026-05-11T10:34:25.086604Z","times_seen":23525,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2025-12-30/abd51bbed55f025430536d4e75e4a27d.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.133Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2025-12-30/abd51bbed55f025430536d4e75e4a27d.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 31 Dec 2025 11:00:15 GMT\r\nEtag: \"70a375bcdfaa14189a1336bb44d43a3d\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 31 Dec 2025 11:03:12 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 96\r\nContent-Length: 222768\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 8554545958535974676\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":222768,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"70a375bcdfaa14189a1336bb44d43a3d","sha1":"9202eccdd3beacb9960d1ddcb77d9535e0823a2b","sha256":"2dfa9d0dd22a7d0bb2d1913c0fb967f63ba85bd04a0cbd56ef95c6621af10849","sha512":"9ec858e427ef1f8ec35c4d2c5681ad89c91d0772502cc41dea7821240c635f339b83e688badee19e9547bbc9a22fa845fd9f656283660009cb79655e2387da6b","ssdeep":"6144:ECyE6fRsUAqjCoN3lXMrMlHNbBzbWtuTky02m:EyU2XNOHNbBzKNy02m","tlshash":"8d242310ca7d9001ab8684d57cd6a4bcd133b730660c5b1f91b8abe269cf1b50e7b69b","first_seen":"2025-06-14T15:15:15.370117Z","last_seen":"2026-05-11T10:34:25.114776Z","times_seen":19254,"resource_available":false,"data":null}},"time_used":882,"timings":{"blocked":864,"dns":0,"connect":0,"send":0,"wait":11,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/hc237/uploads/default/other/2026-04-26/0b88d1204f62ddbaa3f1c9383a597e6a.gif","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.202Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-26/0b88d1204f62ddbaa3f1c9383a597e6a.gif HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sun, 26 Apr 2026 02:59:29 GMT\r\nEtag: \"22d74debcba2e9c3b11cb8aadabc97fa\"\r\nContent-Type: binary/octet-stream\r\nDate: Sun, 26 Apr 2026 02:59:29 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 65\r\nContent-Length: 485824\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 1149669324325581075\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":485824,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"22d74debcba2e9c3b11cb8aadabc97fa","sha1":"94dc0bbf2d9badf99ee41c1f05fd7626de09d870","sha256":"eb64172083389ecc7bba05441a76bfbae9431c132e04be348c67846885ad57ce","sha512":"27e54b3a04ba2ffb826ffd1fe286919f0bfc1cf6acff6e5f5a661dd7a780e51cfa189b890abe50868a781d0afa9e2ebf870c9ef3a11ad0bab9ef38c79bbbf002","ssdeep":"6144:GDa4+vI0iJJmYxzPWwFzgjvwW9kzl16JaAAtnf3LtpWLe0AXsyx8C/MVyl6PtgNN:EZ1JlPWwOjvwWU1qk3LtQXpV+G+Cju","tlshash":"30a42358140860938136504a36ddbdb74b4385f6d97b3fa539b8c22f962a43dc3ad8bf","first_seen":"2026-04-26T03:18:48.589644Z","last_seen":"2026-05-11T10:59:04.996249Z","times_seen":1463,"resource_available":false,"data":null}},"time_used":997,"timings":{"blocked":933,"dns":0,"connect":0,"send":0,"wait":48,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/upload/xiao/20240424/2024042420520686675.png","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.293Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /upload/xiao/20240424/2024042420520686675.png HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 24 Apr 2024 12:58:10 GMT\r\nEtag: \"c1c5802148acbf0d397636c2438864a3\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 25 Jul 2025 03:13:29 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Miss from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nContent-Length: 416\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 4608306935394390273\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":416,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"c1c5802148acbf0d397636c2438864a3","sha1":"207c403c808c2d35a96f91fc9c4ec3b4275e3ff2","sha256":"1d5f247c4e6ab24d88ad84444e958260cbcb8e401dae9ad61a6d5eda33fa7920","sha512":"cbcf189a7cd26d50b9b76ca36f8fdd5446ef21dc8c726850fa07fa99645df94ad28ecffb3194932e64747621b27c26cb39ab5655fd4b56e2fdd0ac4268255954","ssdeep":"","tlshash":"5be023187631010b65120d2c95700770c673c057577958991102d20de1c972542f9dc7","first_seen":"2024-05-03T10:06:21Z","last_seen":"2026-05-11T10:34:24.948489Z","times_seen":23503,"resource_available":false,"data":null}},"time_used":1075,"timings":{"blocked":1053,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.pqmdsl.cn/upload/xiao/20231026/2023102620184376167.png","fqdn":"pic.pqmdsl.cn","domain":"pqmdsl.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4yvz2.crddgkmc.cc/","date":"2026-05-11T10:22:59.299Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pqmdsl.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Fri, 08 May 2026 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FD:D8:A6:21:06:99:90:A0:83:F3:0E:2C:07:90:4D:09:31:83:E2:8C","sha256":"D3:EA:74:CB:48:10:6D:35:4C:31:DF:B1:00:BB:E7:D4:A0:7A:79:0D:CB:64:2F:CA:FE:5F:D4:81:47:A5:2F:8A"}}},"request":{"raw":"GET /upload/xiao/20231026/2023102620184376167.png HTTP/1.1\r\nHost: pic.pqmdsl.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4yvz2.crddgkmc.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 29 Dec 2023 10:47:00 GMT\r\nEtag: \"690d560840f8d9cee1ff120270fcbd88\"\r\nContent-Type: binary/octet-stream\r\nDate: Sun, 09 Nov 2025 17:45:05 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 25601\r\nContent-Length: 880\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 7654832721953685433\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":880,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"690d560840f8d9cee1ff120270fcbd88","sha1":"246376e425fdd500d98060cafdbd0117d8f6edf0","sha256":"2a040f5c1e9cc1a4a915caa5148db70d4677ac31b5170af578590b049cb42a55","sha512":"d1593fbeaf0721e39b02dcb9b6e6b1d0b40c0c5306f5b9189bc9638b02b76ddd4b6f71278c7b81a084f2237ead91af43241caaf8467810c6413e46953edb9b6d","ssdeep":"","tlshash":"3d1163c3c089449600bd12724efa62460e3707c2eedb32ee6158c39f9044e5b8ef4d6a","first_seen":"2023-11-12T15:49:18Z","last_seen":"2026-05-11T10:34:24.962389Z","times_seen":23465,"resource_available":false,"data":null}},"time_used":1069,"timings":{"blocked":1061,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}