{"report_id":"72db2415-1991-4fc7-89cf-5f6f25fe9e0e","version":6,"status":"done","tags":[],"date":"2025-12-17T13:17:21Z","url":{"schema":"http","addr":"ww38.yxy911.cc/","fqdn":"ww38.yxy911.cc","domain":"yxy911.cc","tld":"cc"},"ip":{"addr":"185.53.179.200","port":0,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"http","addr":"ww38.yxy911.cc/","fqdn":"ww38.yxy911.cc","domain":"yxy911.cc","tld":"cc"},"title":"yxy911.cc","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"ww38.yxy911.cc/","fqdn":"ww38.yxy911.cc","domain":"yxy911.cc","tld":"cc"},"ip":{"addr":"185.53.179.200","port":0,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-21T13:17:21Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-17T13:17:03Z","timestamp":1765977423,"ip_dst":{"addr":"172.18.0.20","port":58828,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"3.248.162.96","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"severity":"low","alert":"ET INFO Observed ZeroSSL SSL/TLS Certificate","source":"{\"timestamp\":\"2025-12-17T13:17:03.147736+0000\",\"flow_id\":344618198603721,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"3.248.162.96\",\"src_port\":443,\"dest_ip\":\"172.18.0.20\",\"dest_port\":58828,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2031231,\"rev\":3,\"signature\":\"ET INFO Observed ZeroSSL SSL/TLS Certificate\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2020_11_23\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_12_01\"]}},\"tls\":{\"subject\":\"CN=*.youstarsbuilding.com\",\"issuerdn\":\"C=AT, O=ZeroSSL, CN=ZeroSSL ECC Domain Secure Site CA\",\"serial\":\"70:FA:13:EE:FF:82:23:36:52:0A:5D:4D:41:EE:90:F5\",\"fingerprint\":\"1d:e0:7a:77:9e:39:3d:b5:85:c1:3d:30:3e:e7:35:c5:fe:d1:7e:38\",\"sni\":\"obseu.youstarsbuilding.com\",\"version\":\"TLS 1.2\",\"notbefore\":\"2025-12-03T00:00:00\",\"notafter\":\"2026-03-03T23:59:59\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"80d47c47e3ce91bc3bd0a026dbd1664d\",\"string\":\"771,49196,5-65281-16\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":6,\"bytes_toserver\":1219,\"bytes_toclient\":3921,\"start\":\"2025-12-17T13:17:03.038857+0000\"}}"}],"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-17","alert":"Sinkholed","trigger":"ww38.yxy911.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"ww38.yxy911.cc","ip":{"addr":"185.53.179.200","port":80,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":6,"request_count":6,"received_data":20545,"sent_data":3090,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"d38psrni17bvxu.cloudfront.net","ip":{"addr":"108.157.217.86","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2008-04-25","domain_rank":0,"first_seen":"2022-09-22T18:48:38Z","last_seen":"2025-12-17T04:14:31.673132Z","alert_count":0,"request_count":1,"received_data":11842,"sent_data":408,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}]},{"fqdn":"ep2.adtrafficquality.google","ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2023-11-17","domain_rank":3229,"first_seen":"2024-08-13T12:56:28Z","last_seen":"2025-12-15T00:14:30.531009Z","alert_count":0,"request_count":2,"received_data":34546,"sent_data":984,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.google.com","ip":{"addr":"216.58.207.196","port":80,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22,"first_seen":"2015-05-10T13:11:19Z","last_seen":"2025-12-14T22:21:29.619834Z","alert_count":0,"request_count":1,"received_data":134697,"sent_data":361,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ep1.adtrafficquality.google","ip":{"addr":"142.250.178.34","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2023-11-17","domain_rank":3093,"first_seen":"2024-07-24T04:17:49Z","last_seen":"2025-12-14T22:44:27.710821Z","alert_count":0,"request_count":1,"received_data":11295,"sent_data":527,"comment":"","tags":null,"fingerprints":null},{"fqdn":"euob.youstarsbuilding.com","ip":{"addr":"13.35.58.124","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2022-08-01","domain_rank":2095641,"first_seen":"2023-10-25T16:14:24Z","last_seen":"2025-12-12T14:23:03.592318Z","alert_count":0,"request_count":1,"received_data":120395,"sent_data":453,"comment":"","tags":null,"fingerprints":[{"name":"Caddy","description":"","website":"https://caddyserver.com","common_platform_enumeration":"cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*","icon":"caddy.svg","categories":["Web servers"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"obseu.youstarsbuilding.com","ip":{"addr":"3.248.162.96","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"domain_registered":"2022-08-01","domain_rank":1721811,"first_seen":"2023-11-07T16:47:12Z","last_seen":"2025-12-12T14:06:41.69384Z","alert_count":0,"request_count":7,"received_data":5421,"sent_data":9840,"comment":"","tags":null,"fingerprints":null},{"fqdn":"syndicatedsearch.goog","ip":{"addr":"142.250.178.110","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2023-04-14","domain_rank":5365,"first_seen":"2023-09-25T09:30:59Z","last_seen":"2025-12-14T22:30:59.059099Z","alert_count":0,"request_count":4,"received_data":153222,"sent_data":3819,"comment":"","tags":null,"fingerprints":[{"name":"Google Web Server","description":"","website":"https://en.wikipedia.org/wiki/Google_Web_Server","common_platform_enumeration":"cpe:2.3:a:google:web_server:*:*:*:*:*:*:*:*","icon":"Google.svg","categories":["Web servers"]}]},{"fqdn":"afs.googleusercontent.com","ip":{"addr":"142.250.74.33","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-11-17","domain_rank":65181,"first_seen":"2013-05-06T19:11:00Z","last_seen":"2025-12-14T22:36:21.107248Z","alert_count":0,"request_count":2,"received_data":2237,"sent_data":1005,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"ww38.yxy911.cc/","fqdn":"ww38.yxy911.cc","domain":"yxy911.cc","tld":"cc"},"ip":{"addr":"185.53.179.200","port":80,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"c77554570ae0fa8e4fb31747dc213058","sha1":"e989fbde07e6a68975c7a31e1d4df76afd90b96f","sha256":"c3f831fe1717c6d76a8950ac5e7dc88ceee7440d079b11584be5c6c5b3269e77","sha512":"130189a67dea3f0d7ba0591ffbff46f37993ae8b07409e84dfb571f6d31f1b20f97cf76b7cd0751450eec5f294906f95fd35f3dfa37d58bc80433f4c9b4064a9","ssdeep":"","tlshash":"171148b58c9b942f6b37592fa69a72816c41a1179c013a18b14cc7302fdc71d6470bf6","size":968,"data":"","first_seen":"2023-03-08T02:24:08Z","last_seen":"2026-01-15T16:13:58.011798Z","times_seen":181951,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww38.yxy911.cc/","fqdn":"ww38.yxy911.cc","domain":"yxy911.cc","tld":"cc"},"ip":{"addr":"185.53.179.200","port":80,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"5bd30806d20a31834f53f467b16da3ab","sha1":"dd8d8be907cea2b95bf766df4e7c0694c44c6a71","sha256":"68eee7639221412e379e5608c36fe85359bf068f0a47bc9075d1761ccb8983c8","sha512":"63c9e9ab8fc12c4db09f2ebed85e31e64d72888732895d03d7c4971665bcb203901de71a8d00286fa8cfa88b820c928c7d0bf59998b481c6ec55f648b1bac97f","ssdeep":"192:+n4te1FTaP88h9CV2V/Hi3DVcqTrIZ9eKD5edIyDJTee1F/V4Ye1Fl3pig:SS+2EM9A2V/HeDVcqTEZ9eKD5qb9Te+u","tlshash":"7612d8e25d4608328edfa20fda72901ef4aef76b98b62836b457c290235090ed5517bd","size":9235,"data":"","first_seen":"2025-12-17T13:17:29.587239Z","last_seen":"2025-12-17T13:17:29.587239Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/ads?sjk=yufBCPWCSBuTVcGK%2BGvDSg%3D%3D\u0026adtest=off\u0026psid=5837883959\u0026pcsa=false\u0026channel=000001%2Cbucket011\u0026client=dp-teaminternet09_3ph\u0026r=m\u0026hl=no\u0026ivt=0\u0026rpbu=http%3A%2F%2Fww38.yxy911.cc%2F%3Fts%3DeyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.0aD61NCzUJmtEBYneRQaFEx0qoLKyW2qpB7jeYrNTjqIGus9MtPPyw.SkEJKhIRet7mHEY67ct04w.O6CiwbMoqqqdq4jeE3iMJj3x5TPu0vzfsKRSP0mW0dIuFYt44Mxs62DodhmSeV7DKKoWt0wZgKb-kg3ggV36CSUbSIZo5hKhTA_5PlfX9yY-_3VrZqjA98azFkXrNQKVnt5z0I1oF5FeQ1sVWSpJA5zO26aI_hIg6qRmtj2hEgV8hJXl6L8FGLeMI5Ri8UqJHeyDYWaPq8xJxMWUSwM5qH4BJUaohYfEO6wihjHwKPcX3sXQ8q0uG5EXlQC5QFziZK9fZcvFir23HQQUL-kpeY5fkoU69rOtftUkPj0Pz8B1_qnjid36NjEVXFvK2CrElzQmhoyL-b2H7anb5yJih-tR34xVhFpEzbQoIbFOWHOQsu_GnuFYyPXQp3EB2JHAYY6bFDlj1Wiv5nILG_oyqW-Eh5Pd5880WYUnRCt97VVve8X6faV_uAYWLwhJqhtp4jNMxR6QMyldIeED6sxlcG5B90KwVCTBJaVsZSn82IeWT8ulzOslIhogmf8kmWTRikVjGTtqnuE6SsAPu0gAqRCaYuGW76SDvzylHDVrQHR74Llw-7jsgzGm5eT72ofC0bQbQ45Ds4tdZxhfWV_hSKyq3DGht1T59Tae9xUkzZs.fiI0VqtDIQ-6C2UXl4fbGA\u0026type=3\u0026swp=as-drid-2986208149972408\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717107\u0026format=r3%7Cs\u0026nocache=4971765977422668\u0026num=0\u0026output=afd_ads\u0026domain_name=ww38.yxy911.cc\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1765977422668\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=813\u0026frm=0\u0026uio=--\u0026cont=tc\u0026drt=0\u0026jsid=caf\u0026jsv=842209568\u0026rurl=http%3A%2F%2Fww38.yxy911.cc%2F","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"142.250.178.110","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"1820a5070ed13dab4e2c0a6888deab4b","sha1":"47ec0363626d92a7ca7a6a7d984eb705176c21d3","sha256":"9eebbab2bdc4af99bcd88dbc424385e14be4e93d3edbebbd87c0911f5920ffe5","sha512":"3c1c7b45f62dd4f78fd9336f0c999175b13cf2315a6d35858e64ec6828e0d023e5912ee77d7265366e824c5e949792a6a56b8a217cb21954c9ab929d0ff1ac8f","ssdeep":"","tlshash":"e801565208700732d5a706758a173bd0680d087202cb3640d85fe95e5479fee952c067","size":842,"data":"","first_seen":"2025-12-17T13:17:29.593775Z","last_seen":"2025-12-17T13:17:29.593775Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww38.yxy911.cc/","fqdn":"ww38.yxy911.cc","domain":"yxy911.cc","tld":"cc"},"ip":{"addr":"185.53.179.200","port":80,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"c1a08b2ed4c5c462ef2bc249605f8d36","sha1":"e8a74c9ca07c2d6679889a31c8cfe5439a291990","sha256":"68ae4462137f53cbaa1ca21e3b9217e05d588d4c1ef9fb389fd266a8f8f80039","sha512":"6accbdd6317bd6aa154547233e87f225b1b05dfea9fb9749f5454f7edc8a08ff33fb0f4f47157515760d15e5bb0782385ad7e5b691516ddb0ae6820deb82b638","ssdeep":"","tlshash":"292120d918ea002a4bb730ad4e0b880c70355d4f62c9db127c1d02803f7c7bae662b96","size":1258,"data":"","first_seen":"2025-12-17T13:17:29.595707Z","last_seen":"2025-12-17T13:17:29.595707Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww38.yxy911.cc/","fqdn":"ww38.yxy911.cc","domain":"yxy911.cc","tld":"cc"},"ip":{"addr":"185.53.179.200","port":80,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"65c8369b3607f59089ddd9f23b11f98c","sha1":"5a305680d67d825d8186fe1a52cb65e530301204","sha256":"e2508bc8b6eda959a5e887150cd18744f2aacb6eb98042b690f26443fc5b6d15","sha512":"7ce30bc944e8afd9c817174107ac9345a01537d5c76144f50040acc7d65a47d68276f7e9afe458e478cd1d088d19f0713c5d0f8196c04eb475cfbf82b4e0421b","ssdeep":"","tlshash":"c69004501411035735471404dc0d10c5cc14d1571350413d0353cc740141435fc01405","size":40,"data":"","first_seen":"2025-02-04T20:34:58.349606Z","last_seen":"2026-01-15T16:13:58.019084Z","times_seen":146939,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww38.yxy911.cc/","fqdn":"ww38.yxy911.cc","domain":"yxy911.cc","tld":"cc"},"ip":{"addr":"185.53.179.200","port":80,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"introduction_type":"eval","is_inline":false,"md5":"6559111e4eae643ce013ce0821e91a02","sha1":"fa1086c9aa2cb2d14f5c13bceefe21511bcdae5a","sha256":"d72255f7e5ea4dfdf9821df800356367d0bc7df07ecd103bb660018cb1e4f400","sha512":"a6e3e096076dc152b69e95709dad8925c9c2799c23ad226b9ce7b6ee78936bea7300b66c92821ea0728ce7433d4f53787f27f5e7101f97e4d882be0a461fc051","ssdeep":"","tlshash":"407000000380020020c80233a200882af228003c00030200c008888800a808002080c2","size":25,"data":"","first_seen":"2023-03-07T01:20:41Z","last_seen":"2026-04-05T06:47:35.970998Z","times_seen":333169,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2.js","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a8fe3ea2f81e289e6b14222e898086c5","sha1":"0e9a1227955675736e02c596906bee72bc33d7d6","sha256":"a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623","sha512":"3bd99998aa1b5d7543775769952adc52809f861ca023b6daadf6b7d23411411a6a9470d98c7b8543573e9a6047a24e14b5feaf45e14a22d98e64d0f019718670","ssdeep":"384:dxSMqC/d0d0lxDKyqdeWFy3Wxy9cT4nGllKnnk0TEYRWjfJtncu:i0qKlYyqdeWk3Z9w4G+tFWjfJtnZ","tlshash":"8892c6cab6d2f4624363b9b1a13f100ff13eaca9d84c5464a084e4e0bd759a94367f7c","size":19990,"data":"","first_seen":"2025-05-19T23:59:48.474751Z","last_seen":"2026-02-26T18:27:55.354921Z","times_seen":175417,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww38.yxy911.cc/","fqdn":"ww38.yxy911.cc","domain":"yxy911.cc","tld":"cc"},"ip":{"addr":"185.53.179.200","port":80,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"18f2edc58d8a7b9e6b82454e8658c157","sha1":"e5dfdd0fa61b3a5ef68dab382a0ba93e9e7b67fb","sha256":"2d9b07a0704d92dda4deae88bc582aeb659923c8d44d0e7362e13cb28d88d250","sha512":"21505594429d2550843f79a1b5aa1555f5f9cac9ae8c281ab5cf48bb5831e39075e826ce61837ad3d6a7ad9a1fb227963eae6e2186b388c9af611e35a0f46f92","ssdeep":"","tlshash":"88f0659805f622d326aa60584df6eb0375a09023a20555c4fa7ca3119f5bc5702ddb8a","size":483,"data":"","first_seen":"2024-01-04T10:26:15Z","last_seen":"2026-01-15T16:13:58.022487Z","times_seen":185093,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww38.yxy911.cc/","fqdn":"ww38.yxy911.cc","domain":"yxy911.cc","tld":"cc"},"ip":{"addr":"185.53.179.200","port":80,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"introduction_type":"eval","is_inline":false,"md5":"b326b5062b2f0e69046810717534cb09","sha1":"5ffe533b830f08a0326348a9160afafc8ada44db","sha256":"b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b","sha512":"9120cd5faef07a08e971ff024a3fcbea1e3a6b44142a6d82ca28c6c42e4f852595bcf53d81d776f10541045abdb7c37950629415d0dc66c8d86c64a5606d32de","ssdeep":"","tlshash":"5430000000000000000000000000300c00000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:44Z","last_seen":"2026-04-05T06:47:35.974999Z","times_seen":353935,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"euob.youstarsbuilding.com/sxp/i/224f85302aa2b6ec30aac9a85da2cbf9.js","fqdn":"euob.youstarsbuilding.com","domain":"youstarsbuilding.com","tld":"com"},"ip":{"addr":"13.35.58.124","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8029362628da964c8180dcd7ce5dee64","sha1":"c106143b645314d2ac38480568d6396f921aabcb","sha256":"4413059d59ca7cca178af3bbbc46eefc5a1e9f6f79fb54d475c308be87309d60","sha512":"215441c90181b9f91c827e1ce2c6eba4fbca697e409e9c0333a97ddca78a309e5eec907c8b357a7b6e0d7611a4b55dc55c8d9e5a4390ddc1edb0bd6de9ce0b02","ssdeep":"1536:Qu5y/b5E0bwM7sIo8L0SUs8LonlEzsjxM96nhXxwcTkYtsdlBnFIUtY0PVEWm/5c:QuQb7O8hzjnhGdhtNP8/kLP/VVZF","tlshash":"3cc3d79db2e27025439334a5157f410ae27b5e503c4b8294d27ee9d4ac7ce8e817bfac","size":119868,"data":"","first_seen":"2025-11-17T13:15:00.257414Z","last_seen":"2026-01-07T13:44:42.282578Z","times_seen":17041,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.google.com/adsense/domains/caf.js?abp=1\u0026adsdeli=true","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":80,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"226d8b922a47d1d01896328ac5f29080","sha1":"228b48495e20d50326164178f4e05c1df4c8e630","sha256":"f95fea007424808c54a06a6bd7a7e0297f46d00d9bdf134afa78245f7e3903fc","sha512":"da97c330d247dab15073920cde860a1491c147eb2ce02a1e917a6ffc6e7b5bbab681395d3a3e394685091a2956ca62a15b2704d32cc5a1d0caae25036c86149c","ssdeep":"1536:MzL751Jqc2HyP0SuRPmym0pO1s8dsR5qxyzT/ghgOKWYZjAartrvpD3pduCxAXtB:XuydkXiR5zzTq+bxpD3ZV4T","tlshash":"9bd33acdb3a1342643a3a5b5607f414fb139b8a5a40c88a4f199d8e87c74dad4237fbd","size":134027,"data":"","first_seen":"2025-12-11T16:42:36.25698Z","last_seen":"2026-01-07T19:22:29.46074Z","times_seen":14588,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"25e6119e62d1ba8afd52ec0f623a82bd","sha1":"5a880ff68e376984e4bcd6a646026c67438ecbac","sha256":"dec2ecd2607f2e892cd7041307752b509b1ea8db61ec38cc3a5bb9664ac48f62","sha512":"31ca39bd744be12fc88109f84a02d66290fb50829c5f41c31f938fabeb121eb2463366edfdf6ba4ef5898cc922b1bcda29658506e4162f4f3044428db4b5ca40","ssdeep":"","tlshash":"5911cbc577a2e441813615abd50f144bf575e47758acb410e6a1c4e4acb0abb443ab06","size":956,"data":"","first_seen":"2025-03-12T19:00:14.122018Z","last_seen":"2026-02-26T17:00:03.80743Z","times_seen":79470,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww38.yxy911.cc/","fqdn":"ww38.yxy911.cc","domain":"yxy911.cc","tld":"cc"},"ip":{"addr":"185.53.179.200","port":80,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"1b334e0123cf0cb113092022fb726782","sha1":"45abb42a6680499daa10d83d2859329de1843de2","sha256":"42591f96b9a41a7e2e5ecd0240dd7fecdcf03ef8454b57c68f08697474a4b579","sha512":"867e061d0f593815a87259d55d960e2000b776954b080157deabbf46850d7530b770d3d31abf6b901aee50bed5fa395be2ce4a6a075b703d07ff7c7c7b7d5cf6","ssdeep":"","tlshash":"6290040115134057505d05134375c101d5504c3f5005d531751c07435f1045f170075c","size":50,"data":"","first_seen":"2024-01-04T10:26:15Z","last_seen":"2026-01-15T16:13:58.023216Z","times_seen":184974,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww38.yxy911.cc/","fqdn":"ww38.yxy911.cc","domain":"yxy911.cc","tld":"cc"},"ip":{"addr":"185.53.179.200","port":80,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"introduction_type":"eval","is_inline":false,"md5":"889ca9e2c79a3ce7aaadbcdfd0ce4ef5","sha1":"b05c2c051bae71f80cb8c289e5a42d4f96d323fa","sha256":"6477acf082d26199b6ce8346b93149b1b999233d9fe76b0340ebf43317cf98f8","sha512":"122a494d50a5e8077cdda40e8d6edb442bb9d89fff078852aad7f84fe24f1c58fe693f0388ca6c9453d1b33036da0b9c4e9fb394a18268e254d306ffc2ca57a3","ssdeep":"","tlshash":"46a002d4b4ed8125564583390104d91cf936c934c0d5701873f0466ca6e700a53610b2","size":62,"data":"","first_seen":"2023-03-07T01:20:41Z","last_seen":"2026-04-05T06:47:35.969915Z","times_seen":333216,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww38.yxy911.cc/","fqdn":"ww38.yxy911.cc","domain":"yxy911.cc","tld":"cc"},"ip":{"addr":"185.53.179.200","port":80,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"introduction_type":"eval","is_inline":false,"md5":"e5d8c139688b25ef77b263d88ea99150","sha1":"7abc9c61c4966543f66d150c0155bfac575f86a7","sha256":"53e5f34ac520035c7f124076d1e68c70a85c83cf68a339fa713b872b54126148","sha512":"1cd4eb192d987ea1b21f3b553eea3881c807f8bf4a5299982675d57314a0eaa084db1722c38d02eb73178660ecb1ca3667a795a512527f843f2526dc0a99dc20","ssdeep":"","tlshash":"7440000000003000033c0000000000c0000c00000000000000000c00030000000c0000","size":7,"data":"","first_seen":"2023-03-07T01:20:41Z","last_seen":"2026-04-05T06:47:35.988398Z","times_seen":333269,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/adsense/domains/caf.js","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"142.250.178.110","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f00d4af2ff93432bab783a45f0491b73","sha1":"b455c722bb44aaf7409d10b5c08e620017ac8aed","sha256":"b7dd5d1f9fb9e43930c47cbc407306b14d0d6b37624d364a47149fb7b2552303","sha512":"08e63c56e98c4249b23a35bc7bf5a774b8ff5d9e38be6283a5cba1538be40158da7fde7792eb570945e2e99c8e745bc277048d62ed26322b3154c329e4ea1622","ssdeep":"1536:szL751Jqc2HyP0SuRPmym0pO1s8dsR5qxyzT/ghgOKWYZjAartrvpD3pduCxAXtB:3uydkXiR5zzTq+bxpD3ZV4T","tlshash":"f7d33acdb3a1342643a3a5b5607f414fb139b8a5a40c88a4f199d8e87c74dad4237fbd","size":134043,"data":"","first_seen":"2025-12-10T15:33:56.916944Z","last_seen":"2026-01-07T19:06:32.931594Z","times_seen":6309,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obseu.youstarsbuilding.com/ct?id=80705\u0026url=http%3A%2F%2Fww38.yxy911.cc%2F\u0026sf=0\u0026tpi=\u0026ch=AdsDeli%20-%20domain%20-%20landingpage\u0026uvid=124ab65b26954f492e48f070876992514e9fa6c7\u0026tsf=0\u0026tsfmi=\u0026tsfu=\u0026cb=1765977423022\u0026hl=2\u0026op=0\u0026ag=2881387774\u0026rand=031189581622921527875912208928055871208961062670080528012205750012912251681510382177162571\u0026fs=1280x1024\u0026fst=1280x1024\u0026np=win32\u0026nv=\u0026ref=\u0026ss=1280x1024\u0026nc=0\u0026at=\u0026di=W1siZWYiLDgwMDldLFsiYWJuY2giLDEyXSxbLTEsIkxpbnV4IHg4Nl82NCJdLFstNiwie1wid1wiOltcIjBcIixcInRjYmxvY2tcIixcInNlYXJjaGJveEJsb2NrXCIsXCJnZXRYTUxodHRwXCIsXCJmYWxsYmFja1JlZGlyZWN0XCIsXCJhamF4UXVlcnlcIixcImFqYXhCYWNrZmlsbFwiLFwibG9hZEZlZWRcIixcInhtbEh0dHBcIixcImdldExvYWRGZWVkQXJndW1lbnRzXCIsXCJOb3RpZnlQYWludEV2ZW50XCIsXCJfX2N0Y2dfY3RfODA3MDVfZXhlY1wiXSxcIm5cIjpbXSxcImRcIjpbXX0iXSxbLTEyLCJcIjFcIiJdLFstMTMsIi0iXSxbLTE2LCIwIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTI4MCwxMDI0LDEyODAsMTAyNCwxMjgwLDEwMjQsMTI4MCwxMDI0LDAsMCwwLDAsXCItXCIsXCItXCIsMTI4MCwxMDI0LG51bGxdIl0sWy0yMSwiLSJdLFstMjUsIi0iXSxbLTU5LCItIl0sWy03MywiRWhRPSJdLFstMzIsIjAiXSxbLTM2LCJbXCI1LzRcIixcIjUvNFwiXSJdLFstNDEsIi0iXSxbLTUwLCItIl0sWy02NiwiLSJdLFstNzIsIkV4VT0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJkZXNjcmlwdGlvblwiXX0iXSxbLTM3LCItIl0sWy0yLCI2LElzTjluR25XYkFZQUl4TmZRYU9xR0UwQ0ZBUXNjRzAwSW5oT2JZQkFLWVVPelFPNkVYMDIwSW1HTGN1NjJ1cmRQL2MyZDJwTm1WWkF3ZjMvLzh6NzlHckhhMVd1M09tWFBQdmUiXSxbLTQyLCI4ODMzOTkwMTYiXSxbLTUzLCIwMDEiXSxbLTYwLCItIl0sWy03MSwiYTAxMDAxMDExMDAxMDAxMDEwMDAxMDEwMDExMDExMDAwMDAwMTAiXSxbLTksIi0iXSxbLTMxLCJmYWxzZSJdLFstNCwiLSJdLFstNTEsIi0iXSxbLTYzLCItIl0sWy02NywiLSJdLFstNjgsIi0iXSxbLTgsIi0iXSxbLTE1LCItIl0sWy0xOCwiWzEsMCwwLDBdIl0sWy0yNywiLSJdLFstMjgsImVuLVVTLGVuIl0sWy0zOCwiaSwtMSwtMSwwLDAsMjAsMCwxLDMyLDkyLC0xLDAsLDI4NSw1OTMsNTkzIl0sWy0zOSwiW1wiMjAxMDAxMDFcIiwyLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDUsdHJ1ZSxmYWxzZSxudWxsLDAsZmFsc2UsZmFsc2UsZmFsc2UsZmFsc2VdIl0sWy00NSwiNzUyLDAsMCw3MTksMCwwLDc2MSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwIl0sWy02MiwiNTgiXSxbLTY1LCItIl0sWy03MCwiLSJdLFstNzQsIi0iXSxbLTE3LCI0OCJdLFstMjYsIi0iXSxbLTU3LCJTM2xSVFUxSlNnTVdGbHhNVmxzWFFGWk1TazFZUzBwYlRGQlZYVkJYWGhkYVZsUVdTa0ZKRmxBV0N3c05Yd0VNQ2drTFdGZ0xXdzljV2dvSldGaGFBRmdCREYxWUMxcGJYd0FYVTBvRENBTUJEd3NLQ2hVT0NBQVdUUmRjUVVsV1MwMUtGZ1Y1VVUxTlNVb0RGaFpjVEZaYkYwQldURXBOV0V0S1cweFFWVjFRVjE0WFdsWlVGa3BCU1JaUUZnc0xEVjhCREFvSkMxaFlDMXNQWEZvS0NWaFlXZ0JZQVF4ZFdBdGFXMThBRjFOS0F3Z0RBUThOQ2dnVlNseE5iVkJVWEZaTVRSbFJXRmRkVlZ4TEV3NElBQlpORjF4QlNWWkxUVW9XQlhsUlRVMUpTZ01XRmx4TVZsc1hRRlpNU2sxWVMwcGJURkJWWFZCWFhoZGFWbFFXU2c9PSJdLFstNTgsIi0iXSxbLTYxLCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy01LCItIl0sWy03LCItIl0sWy00NCwiMCw1LDAsNSJdLFstMTQsIi0iXSxbLTIzLCIrIl0sWy0yNCwiW10iXSxbLTI5LCItIl0sWy0zMywiLSJdLFstMzUsIlsxNzY1OTc3NDIyOTIxLDBdIl0sWy00MywiMDAwMDAwMDEwMDAwMDAwMDAwMTExMDAxMDAwMDAxMDAwMDAwMDAwMDAxIl0sWy01MiwiLSJdLFstNTUsIjAiXSxbLTY0LCItIl0sWzEyLCJ7XCJjdHhcIjpcIndlYmdsXCIsXCJ2XCI6XCJtZXNhXCIsXCJyXCI6XCJsbHZtcGlwZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNsIGVzIDEuMFwiLFwiZ3ZlclwiOlwid2ViZ2wgMS4wXCIsXCJndmVuXCI6XCJtb3ppbGxhXCIsXCJiZW5cIjo2MyxcIndnbFwiOjEsXCJncmVuXCI6XCJsbHZtcGlwZVwiLFwic2VmXCI6NDk0MTk1MDQzLFwic2VjXCI6XCJcIn0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy00NiwiMCJdLFstNDcsIlVUQyxlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTU2LCJsYW5kc2NhcGUtcHJpbWFyeSJdLFsiYm5jaCIsNDE5XSxbLTIwLCItIl0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCJdIl0sWy00OCwiW1wiLVwiLFwiLVwiLFwiLVwiLFwiLVwiLFwiLVwiXSJdLFstNDksIi0iXSxbLTY5LCJXaW4zMnx8fDQ4fC18LSJdLFstMTAsIi0iXSxbLTM0LCItIl0sWy00MCwiMzciXSxbLTU0LCJ7XCJoXCI6W1wiMzI5OTcyODQ1MlwiLFwiODIyODIzMTE5XCIsXCJfM1wiLFwiMjYzOTIyMjQ2OFwiXSxcImRcIjpbXSxcImJcIjpbXCJfMFwiLFwiMjY0NjAzODgyXCJdLFwic1wiOjF9Il0sWyJkZGIiLCIwLDcsMCwwLDAsMiwwLDAsMCwwLDAsMCwwLDAsMSwwLDEsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMSwwLDIsMCwwLDAsMSwwLDAsMCwwLDAsMSwxLDMsMzgsMCwyMSwwLDEsMCwwLDAsMCwxLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMSwwLDAsMCJdLFsiY2IiLCIwLDAsMCwwLDAsMCwwLDAsMCwzLDAsMCw2NSwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMywwLDAsMCwxLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMSwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDEsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXV0%3D\u0026dep=0\u0026pre=0\u0026sdd=\u0026cri=UNNM9EBqEO\u0026pto=867\u0026ver=65\u0026gac=-\u0026mei=\u0026ap=\u0026fe=1\u0026duid=1.1765977423.d5kdgsExCdqROzMt\u0026suid=1.1765977423.mvZfDBqO8cjMhaWJ\u0026tuid=1.1765977423.DCnb1Tmew4ldwnjm\u0026fbc=-\u0026gtm=-\u0026it=9%2C207%2C139\u0026fbcl=-\u0026gacl=-\u0026gacsd=-\u0026rtic=-\u0026rtict=-\u0026bgc=-\u0026spa=1\u0026urid=0\u0026ab=\u0026sck=-\u0026io=aGA2Og%3D%3D","fqdn":"obseu.youstarsbuilding.com","domain":"youstarsbuilding.com","tld":"com"},"ip":{"addr":"3.248.162.96","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"introduction_type":"scriptElement","is_inline":false,"md5":"4b901847fdf5f7d7be5886e233286f8d","sha1":"f30eaa99f3ebce12935df71bc21ef0f8398271d5","sha256":"cb11bbfaa1692f8997b1f3d16aa4cf1d9a61cd7fd2c752a25c108e4c62b57ad9","sha512":"882ed84f5e8d473eb62b1cbac7b53997c2a4d3c790dd9c32368bc5d30b2b69784111255afc6ed3aab684b06c201d82b818f72ebd5178bc25d7b31a90de790e37","ssdeep":"","tlshash":"6061d877d65acc86bfee1af7fb8894af17a582375a8fc815587766c5106b3844f21000","size":3297,"data":"","first_seen":"2025-12-17T13:17:29.58194Z","last_seen":"2025-12-17T13:17:29.58194Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"ww38.yxy911.cc/munin/a/tr/browserjs?domain=yxy911.cc\u0026toggle=browserjs\u0026uid=MTc2NTk3NzQyMi4yNjI6YTI5ZTg3NzAxYjRiYjQwMjgzMjFkMzk0ZGMyNGVmOGZmMDc4YzBmODdiZTA3NjE2YTA4NzNjYmIyODMxYWM5MDo2OTQyYWQ0ZTNmZjgz","fqdn":"ww38.yxy911.cc","domain":"yxy911.cc","tld":"cc"},"ip":{"addr":"185.53.179.200","port":80,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://ww38.yxy911.cc/","date":"2025-12-17T13:17:02.403Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /munin/a/tr/browserjs?domain=yxy911.cc\u0026toggle=browserjs\u0026uid=MTc2NTk3NzQyMi4yNjI6YTI5ZTg3NzAxYjRiYjQwMjgzMjFkMzk0ZGMyNGVmOGZmMDc4YzBmODdiZTA3NjE2YTA4NzNjYmIyODMxYWM5MDo2OTQyYWQ0ZTNmZjgz HTTP/1.1\r\nHost: ww38.yxy911.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww38.yxy911.cc/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Dec 2025 13:17:02 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 0\r\nConnection: keep-alive\r\nAccept-Ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile\r\nAccept-Ch-Lifetime: 30\r\nAccess-Control-Allow-Origin: *\r\nVia: 0.0 Caddy\r\nX-Custom-Track: browserjs\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T06:47:06.202855Z","times_seen":13363998,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-17","alert":"Sinkholed","trigger":"ww38.yxy911.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png","fqdn":"d38psrni17bvxu.cloudfront.net","domain":"d38psrni17bvxu.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"108.157.217.86","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ww38.yxy911.cc/","date":"2025-12-17T13:17:02.579Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /themes/cleanPeppermintBlack_657d9013/img/arrows.png HTTP/1.1\r\nHost: d38psrni17bvxu.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww38.yxy911.cc/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/png\r\nContent-Length: 11375\r\nConnection: keep-alive\r\nServer: nginx\r\nDate: Tue, 16 Dec 2025 17:44:56 GMT\r\nAccept-Ranges: bytes\r\nLast-Modified: Thu, 28 Aug 2025 17:42:07 GMT\r\nETag: \"dce8vhowlwqm8rz\"\r\nVary: Accept-Encoding\r\nX-Cache: Hit from cloudfront\r\nVia: 1.1 47df1466fb55fd6ccae35d2a1425deaa.cloudfront.net (CloudFront)\r\nX-Amz-Cf-Pop: ARN56-P1\r\nX-Amz-Cf-Id: UKMGTa-j8Th-33P00cjwDz0Ndux-JhVJmMVAaQ2oM_bRlmX3YVhm7w==\r\nAge: 70326\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":11375,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1500 x 600, 8-bit colormap, non-interlaced","md5":"0cb2e5165dc9324eb462199f04e1ffa9","sha1":"9e0f89847ec8a98d98a6020bc5c4ed32b7a48bf8","sha256":"67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865","sha512":"7a285c4a87b9f9093b7ba720d8fe08e0ad7e2ebde9ef8c8d11b70afa08245af8f8a7281c7b3fbe8bad21c3afde4f32634d3bd416822892aa47ba82c12f4b8191","ssdeep":"192:Wg3JLNIdFb540f7mqTiLHrBjcCTN1MbaJD/RBse6ogkORdLv2Ha/:vD4N54IsHVjdN1tD7lODL/","tlshash":"94329f86e207c9addc119cb16bd8e9384c673cc3c66925b748987669e4bb80475f049f","first_seen":"2023-04-05T14:20:44Z","last_seen":"2026-04-04T23:59:10.82837Z","times_seen":205149,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":4,"dns":14,"connect":8,"send":0,"wait":64,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww38.yxy911.cc/favicon.ico","fqdn":"ww38.yxy911.cc","domain":"yxy911.cc","tld":"cc"},"ip":{"addr":"185.53.179.200","port":80,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ww38.yxy911.cc/","date":"2025-12-17T13:17:02.583Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: ww38.yxy911.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww38.yxy911.cc/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Dec 2025 13:17:02 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 0\r\nLast-Modified: Wed, 16 Oct 2024 07:59:04 GMT\r\nConnection: keep-alive\r\nETag: \"670f7248-0\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/x-icon","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T06:47:06.202855Z","times_seen":13363998,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-17","alert":"Sinkholed","trigger":"ww38.yxy911.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obseu.youstarsbuilding.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126cebce32ed43889e9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d56118a6d2217071a10acf9f29f671f8a8ada5528691bf87f2604d333d86bcf073853219703520a3c045fc4bb631c77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebff079ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b226537a30ca946c75ca92560c7f47275109a0892f622f03a4f91d7a84aba62690b40a704c2ba9f2a4959c7febcfc248b5038e523d65cceb92a9e471d280f061856b4a95b9c3330751b06267b6d95c2de7d9fa6adc55e054ae964c975dc1ce63d67a60c7da7886779ad3e8f38de7ff0b79e425a4c5853b4d26eec16992a850f614540bd34148c78587cfd1ec8220887290defbc879e43c2374a77e3ab2939f45659faa75a60ee49841d438ed73414752c73aba1fdfc2a93ff6c734c408ec8adfcd6c83550435bd52541d3e4c7de6a268b349c2e78164fdde2abdde6cde82c8f07688bcf174603ed0a9110495f7195442acd5b166a43892f658f3fd2fb074bc2c965bd308caab3ac3063ae2ac927a2238610236165b16aefd916ad203da595c176ca1e05dd58a1912ffbfd9bfb56bc5e9e6ff98acaaaa1f187f8e0ff5e2180cfc09185fc57f4f3229af2fbd7c0bc3f5c0648c65de228caf2ecea650df1159555243031bcf9a99836d1c2f880457d19680efa2c0410480b1ba7b93c6747cdcd011221d8acf8b5745ea72c25bc34ea461c14fc9d401bafa64f091e3bf845520abb92969826ab4d9e1ef47e033674741cd371d32e4f406d0b206c09b87da0098c595390f3747bc35b717ea08e39363972e51611c6f3f6deb5b8e81315da57d80fab727d3cf519e2b30fc406e269ff4c35519bd24b79c1ac706330856ae646fd1edc562ca573e9a8213bdcd84a9d550d05c493044b1652f579c930c58a62ea5ba986b9dd9b24b0120be78794b7d8f650cb9cab5414fc7707b85c6db029c99\u0026cri=UNNM9EBqEO\u0026ts=242\u0026cb=1765977423265","fqdn":"obseu.youstarsbuilding.com","domain":"youstarsbuilding.com","tld":"com"},"ip":{"addr":"3.248.162.96","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ww38.yxy911.cc/","date":"2025-12-17T13:17:03.267Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.youstarsbuilding.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 03 Dec 2025 00:00:00 GMT","end":"Tue, 03 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"1D:E0:7A:77:9E:39:3D:B5:85:C1:3D:30:3E:E7:35:C5:FE:D1:7E:38","sha256":"3D:73:19:D6:DC:8A:75:98:72:2D:32:C1:65:DF:5C:3A:0D:71:99:BA:F5:6D:C8:11:D9:E4:02:85:DC:8D:75:25"}}},"request":{"raw":"GET /tracker/tc_imp.gif?e=37dfbd8ee84e00126cebce32ed43889e9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d56118a6d2217071a10acf9f29f671f8a8ada5528691bf87f2604d333d86bcf073853219703520a3c045fc4bb631c77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebff079ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b226537a30ca946c75ca92560c7f47275109a0892f622f03a4f91d7a84aba62690b40a704c2ba9f2a4959c7febcfc248b5038e523d65cceb92a9e471d280f061856b4a95b9c3330751b06267b6d95c2de7d9fa6adc55e054ae964c975dc1ce63d67a60c7da7886779ad3e8f38de7ff0b79e425a4c5853b4d26eec16992a850f614540bd34148c78587cfd1ec8220887290defbc879e43c2374a77e3ab2939f45659faa75a60ee49841d438ed73414752c73aba1fdfc2a93ff6c734c408ec8adfcd6c83550435bd52541d3e4c7de6a268b349c2e78164fdde2abdde6cde82c8f07688bcf174603ed0a9110495f7195442acd5b166a43892f658f3fd2fb074bc2c965bd308caab3ac3063ae2ac927a2238610236165b16aefd916ad203da595c176ca1e05dd58a1912ffbfd9bfb56bc5e9e6ff98acaaaa1f187f8e0ff5e2180cfc09185fc57f4f3229af2fbd7c0bc3f5c0648c65de228caf2ecea650df1159555243031bcf9a99836d1c2f880457d19680efa2c0410480b1ba7b93c6747cdcd011221d8acf8b5745ea72c25bc34ea461c14fc9d401bafa64f091e3bf845520abb92969826ab4d9e1ef47e033674741cd371d32e4f406d0b206c09b87da0098c595390f3747bc35b717ea08e39363972e51611c6f3f6deb5b8e81315da57d80fab727d3cf519e2b30fc406e269ff4c35519bd24b79c1ac706330856ae646fd1edc562ca573e9a8213bdcd84a9d550d05c493044b1652f579c930c58a62ea5ba986b9dd9b24b0120be78794b7d8f650cb9cab5414fc7707b85c6db029c99\u0026cri=UNNM9EBqEO\u0026ts=242\u0026cb=1765977423265 HTTP/1.1\r\nHost: obseu.youstarsbuilding.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww38.yxy911.cc/\r\nCookie: cg_uuid=f89cb4f067a0d879838f24abe900258c\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-type: image/gif\r\ndate: Wed, 17 Dec 2025 13:17:03 GMT\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\npragma: no-cache\r\ncontent-length: 43\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"db04c7b378cb2db912c3ba8a5a774ee3","sha1":"dee34bd86c3484d31002182aa2b7caa4699126b8","sha256":"98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a","sha512":"826225fc21717d8861a05b9d2f959539aad2d2b131b2afed75d88fbca535e1b0d5a0da8ac69713a0876a0d467848a37a0a7f926aeafad8cf28201382d16466ab","ssdeep":"","tlshash":"6490000bca888002caa2c0302b8883022b88b0320228832e80bc30a8ee3b3a20c02000","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-05T06:47:35.962643Z","times_seen":356328,"resource_available":true,"data":null}},"time_used":51,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":50,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2.js","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://ww38.yxy911.cc/","date":"2025-12-17T13:17:03.617Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adtrafficquality.google","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 24 Nov 2025 08:42:28 GMT","end":"Mon, 16 Feb 2026 08:42:27 GMT"},"fingerprint":{"sha1":"23:7B:6F:14:47:C1:9A:1D:37:09:B6:46:FC:44:E2:C3:17:77:4F:1F","sha256":"CB:48:1D:F9:BA:12:69:6F:18:7D:1B:B3:E8:27:01:C7:81:B0:15:61:75:98:8B:1A:91:AC:E5:AD:BF:F3:8E:AA"}}},"request":{"raw":"GET /sodar/sodar2.js HTTP/1.1\r\nHost: ep2.adtrafficquality.google\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww38.yxy911.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-type: text/javascript\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"adspam-signals-scs\"\r\nreport-to: {\"group\":\"adspam-signals-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs\"}]}\r\ncontent-length: 7188\r\ndate: Wed, 17 Dec 2025 13:17:03 GMT\r\nexpires: Wed, 17 Dec 2025 13:17:03 GMT\r\ncache-control: private, max-age=3000\r\netag: \"1747411493688989\"\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19990,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (1398)","md5":"a8fe3ea2f81e289e6b14222e898086c5","sha1":"0e9a1227955675736e02c596906bee72bc33d7d6","sha256":"a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623","sha512":"3bd99998aa1b5d7543775769952adc52809f861ca023b6daadf6b7d23411411a6a9470d98c7b8543573e9a6047a24e14b5feaf45e14a22d98e64d0f019718670","ssdeep":"384:dxSMqC/d0d0lxDKyqdeWFy3Wxy9cT4nGllKnnk0TEYRWjfJtncu:i0qKlYyqdeWk3Z9w4G+tFWjfJtnZ","tlshash":"8892c6cab6d2f4624363b9b1a13f100ff13eaca9d84c5464a084e4e0bd759a94367f7c","first_seen":"2025-05-19T23:59:48.474751Z","last_seen":"2026-02-26T18:27:55.354921Z","times_seen":175417,"resource_available":true,"data":null}},"time_used":130,"timings":{"blocked":51,"dns":0,"connect":15,"send":0,"wait":27,"receive":1,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/gen_204?client=dp-teaminternet09_3ph\u0026output=uds_ads_only\u0026zx=ajw3ca9z9hge\u0026cd_fexp=72717107\u0026aqid=Tq1CaZD6NOznjuwP9um86QI\u0026psid=5837883959\u0026pbt=bs\u0026adbx=375\u0026adby=185\u0026adbh=507\u0026adbw=530\u0026adbah=160%2C160%2C160\u0026adbn=master-1\u0026eawp=partner-dp-teaminternet09_3ph\u0026errv=842209568\u0026csala=6%7C0%7C357%7C67%7C172\u0026lle=0\u0026ifv=1\u0026hpt=1","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"142.250.178.110","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ww38.yxy911.cc/","date":"2025-12-17T13:17:04.770Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 24 Nov 2025 08:42:31 GMT","end":"Mon, 16 Feb 2026 08:42:30 GMT"},"fingerprint":{"sha1":"4B:B9:53:E2:E6:60:E4:AF:E2:4A:C3:11:06:83:27:D6:02:2C:D2:25","sha256":"F2:02:41:F0:1F:DF:CA:A3:22:24:58:94:E1:D8:DF:75:B3:F5:66:4A:1B:54:39:9F:CC:7D:36:3B:A3:EB:D4:87"}}},"request":{"raw":"GET /afs/gen_204?client=dp-teaminternet09_3ph\u0026output=uds_ads_only\u0026zx=ajw3ca9z9hge\u0026cd_fexp=72717107\u0026aqid=Tq1CaZD6NOznjuwP9um86QI\u0026psid=5837883959\u0026pbt=bs\u0026adbx=375\u0026adby=185\u0026adbh=507\u0026adbw=530\u0026adbah=160%2C160%2C160\u0026adbn=master-1\u0026eawp=partner-dp-teaminternet09_3ph\u0026errv=842209568\u0026csala=6%7C0%7C357%7C67%7C172\u0026lle=0\u0026ifv=1\u0026hpt=1 HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww38.yxy911.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 204 No Content\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-uMefyFqeLgJkL74Li7xIHA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/other\"}]}\r\ndate: Wed, 17 Dec 2025 13:17:04 GMT\r\nserver: gws\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Google Web Server","description":"","website":"https://en.wikipedia.org/wiki/Google_Web_Server","common_platform_enumeration":"cpe:2.3:a:google:web_server:*:*:*:*:*:*:*:*","icon":"Google.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T06:47:06.202855Z","times_seen":13363998,"resource_available":true,"data":null}},"time_used":40,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obseu.youstarsbuilding.com/mon","fqdn":"obseu.youstarsbuilding.com","domain":"youstarsbuilding.com","tld":"com"},"ip":{"addr":"3.248.162.96","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://ww38.yxy911.cc/","date":"2025-12-17T13:17:06.266Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.youstarsbuilding.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 03 Dec 2025 00:00:00 GMT","end":"Tue, 03 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"1D:E0:7A:77:9E:39:3D:B5:85:C1:3D:30:3E:E7:35:C5:FE:D1:7E:38","sha256":"3D:73:19:D6:DC:8A:75:98:72:2D:32:C1:65:DF:5C:3A:0D:71:99:BA:F5:6D:C8:11:D9:E4:02:85:DC:8D:75:25"}}},"request":{"raw":"POST /mon HTTP/1.1\r\nHost: obseu.youstarsbuilding.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 1701\r\nOrigin: http://ww38.yxy911.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww38.yxy911.cc/\r\nCookie: cg_uuid=f89cb4f067a0d879838f24abe900258c\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1701,"data":"e=37dfbd8ee84e00126cebce32ed43889e9225c24f567d43d6da1908be6245cad7bd70a976710ce60ed89373bfe70e9c20c1e53e8d56118a6d2217071a10acf9f29f671f8a8ada5528691bf87f2604d333d86bcf073853219703520a3c045fc4bb631c77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebff079ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b226537a30ca946c75ca92560c7f47275109a0892f622f03a4f91d7a84aba62690b40a704c2ba9f2a4959c7febcfc248b5038e523d65cceb92a9e471d280f061856b4a95b9c3330751b06267b6d95c2de7d9fa6adc55e054ae964c975dc1ce63d67a60c7da7886779ad3e8f38de7ff0b79e425a4c5853b4d26eec16992a850f614540bd34148c78587cfd1ec8220887290defbc879e43c2374a77e3ab2939f45659faa75a60ee49841d438ed73414752c73aba1fdfc2a93ff6c734c408ec8adfcd6c83550435bd52541d3e4c7de6a268b349c2e78164fdde2abdde6cde82c8f07688bcf174603ed0a9110495f7195442acd5b166a43892f658f3fd2fb074bc2c965bd308caab3ac3063ae2ac927a2238610236165b16aefd916ad203da595c176ca1e05dd58a1912ffbfd9bfb56bc5e9e6ff98acaaaa1f187f8e0ff5e2180cfc09185fc57f4f3229af2fbd7c0bc3f5c0648c65de228caf2ecea650df1159555243031bcf9a99836d1c2f880457d19680efa2c0410480b1ba7b93c6747cdcd011221d8acf8b5745ea72c25bc34ea461c14fc9d401bafa64f091e3bf845520abb92969826ab4d9e1ef47e033674741cd371d32e4f406d0b206c09b87da0098c595390f3747bc35b717ea08e39363972e51611c6f3f6deb5b8e81315da57d80fab727d3cf519e2b30fc406e269ff4c35519bd24b79c1ac706330856ae646fd1edc562ca573e9a8213bdcd84a9d550d05c493044b1652f579c930c58a62ea5ba986b9dd9b24b0120ef\u0026cri=UNNM9EBqEO\u0026sf=0\u0026dc=\u0026cp=3\u0026gtm=-\u0026gac=-\u0026uvid=124ab65b26954f492e48f070876992514e9fa6c7\u0026tb=1\u0026ich=0\u0026ws=1280x1024\u0026wos=1280x1024\u0026ver=13\u0026fi=\u0026ti=3005\u0026mo=0\u0026pn=4107\u0026spn=1103\u0026fp=285\u0026snt=1"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE\r\naccess-control-allow-origin: http://ww38.yxy911.cc\r\ncontent-type: application/json\r\ndate: Wed, 17 Dec 2025 13:17:06 GMT\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T06:47:06.202855Z","times_seen":13363998,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww38.yxy911.cc/","fqdn":"ww38.yxy911.cc","domain":"yxy911.cc","tld":"cc"},"ip":{"addr":"185.53.179.200","port":80,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-17T13:17:02.176Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: ww38.yxy911.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Dec 2025 13:17:02 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccept-Ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile\r\nAccept-Ch-Lifetime: 30\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nVia: 0.0 Caddy\r\nX-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_YkJ9hIskQDbn0upxWtwWxk/gOLe237tsRYhyppGxn0z6/PvAWx2ApeQe7OZ41QGWQOkr9aOZkgYblYHp/s/yRg==\r\nX-Buckets: bucket011\r\nX-Domain: yxy911.cc\r\nX-Language: norwegian\r\nX-Pcrew-Blocked-Reason: hosting network\r\nX-Pcrew-Ip-Organization: Blix Solutions\r\nX-Subdomain: ww38\r\nX-Template: tpl_CleanPeppermintBlack_twoclick\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18359,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (9275)","md5":"73b217c0b4e4a5c44d2b041e1f7d98a9","sha1":"ab27b6621e2ccd597baf37d249cbb8909cb87f62","sha256":"1f0c0f37b627451fa59c1bf2698b040c2b00cfbe882c40b1c9f1c605afbf6119","sha512":"31cb81ffe6a362aeaf50f1d0db10afd6feb1f4646990ce3aafb5dc73512d2536c150566f3e65d7842ff71ee3b047c8eb612dfd8470fe85d5b09a30796eacdef6","ssdeep":"384:Ti41YoHMfOKLIWpBS+2EM9A2V/HeDVcqTEZ9eKD5qb9Te+NF+Vpim/B6:Ti4zMfRzI+O9B/HSVcqTEZ9eKD5SJe+B","tlshash":"3f8219a21dd318375ddf600eceb2e109f49df217ca169839b48d93a41f84a4dd562bbc","first_seen":"2025-12-17T13:17:29.5702Z","last_seen":"2025-12-17T13:17:29.5702Z","times_seen":1,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":31,"dns":1,"connect":31,"send":0,"wait":91,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-17","alert":"Sinkholed","trigger":"ww38.yxy911.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"ww38.yxy911.cc/chronos?dune=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.3_MR1Nbdl127LsB5AWCL3LpUBTQdGqPMlBeJP3cKuKa9etxniKQlJQ.ygogE6aVjAXSLe5YwAXpug.p59ykHead4QqT7jEYF4jsn7La2NPc_t-f9B8zq1kJuBO9K3HAF2gfoiIYSkZZHKCaOThbTmagZ9nugjkUYw8VFy7zmNNjcprdIEk9SsFQz19JPMeAm-xEWNhPBnZAcC32u6U2bou0IF4YMxPr2gC9IaOnxOwxFxJ6OIegb3kxF0C3t1EdhRNU3ulo8aMuKEQ.XYX3-TGVhkMeLgnb27TchQ\u0026t=6942ad4e\u0026token=124ab65b26954f492e48f070876992514e9fa6c7","fqdn":"ww38.yxy911.cc","domain":"yxy911.cc","tld":"cc"},"ip":{"addr":"185.53.179.200","port":80,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://ww38.yxy911.cc/","date":"2025-12-17T13:17:02.445Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /chronos?dune=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.3_MR1Nbdl127LsB5AWCL3LpUBTQdGqPMlBeJP3cKuKa9etxniKQlJQ.ygogE6aVjAXSLe5YwAXpug.p59ykHead4QqT7jEYF4jsn7La2NPc_t-f9B8zq1kJuBO9K3HAF2gfoiIYSkZZHKCaOThbTmagZ9nugjkUYw8VFy7zmNNjcprdIEk9SsFQz19JPMeAm-xEWNhPBnZAcC32u6U2bou0IF4YMxPr2gC9IaOnxOwxFxJ6OIegb3kxF0C3t1EdhRNU3ulo8aMuKEQ.XYX3-TGVhkMeLgnb27TchQ\u0026t=6942ad4e\u0026token=124ab65b26954f492e48f070876992514e9fa6c7 HTTP/1.1\r\nHost: ww38.yxy911.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://ww38.yxy911.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nServer: nginx\r\nDate: Wed, 17 Dec 2025 13:17:02 GMT\r\nContent-Type: text/html\r\nContent-Length: 146\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"9fe3cb2b7313dc79bb477bc8fde184a7","sha1":"4d7b3cb41e90618358d0ee066c45c76227a13747","sha256":"32f2fa940d4b4fe19aca1e53a24e5aac29c57b7c5ee78588325b87f1b649c864","sha512":"c54ad4f5292784e50b4830a8210b0d4d4ee08b803f4975c9859e637d483b3af38cb0436ac501dea0c73867b1a2c41b39ef2c27dc3fb20f3f27519b719ea743db","ssdeep":"","tlshash":"2cc08c26351e2c0c96a322b402c36a50d092c3304c5a19004600420371c31168ac3315","first_seen":"2023-04-05T07:27:09Z","last_seen":"2026-04-05T06:46:55.544039Z","times_seen":75841,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-17","alert":"Sinkholed","trigger":"ww38.yxy911.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.google.com/adsense/domains/caf.js?abp=1\u0026adsdeli=true","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":80,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://ww38.yxy911.cc/","date":"2025-12-17T13:17:02.578Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /adsense/domains/caf.js?abp=1\u0026adsdeli=true HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww38.yxy911.cc/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Type: text/javascript; charset=UTF-8\r\nCross-Origin-Resource-Policy: cross-origin\r\nCross-Origin-Opener-Policy: same-origin; report-to=\"ads-afs-ui\"\r\nReport-To: {\"group\":\"ads-afs-ui\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/ads-afs-ui\"}]}\r\nDate: Wed, 17 Dec 2025 13:17:02 GMT\r\nExpires: Wed, 17 Dec 2025 13:17:02 GMT\r\nCache-Control: private, max-age=3600\r\nETag: \"12987528940678181325\"\r\nX-Content-Type-Options: nosniff\r\nLink: \u003chttps://syndicatedsearch.goog\u003e; rel=\"preconnect\"\r\nContent-Encoding: gzip\r\nTransfer-Encoding: chunked\r\nServer: sffe\r\nX-XSS-Protection: 0\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":134027,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2840)","md5":"226d8b922a47d1d01896328ac5f29080","sha1":"228b48495e20d50326164178f4e05c1df4c8e630","sha256":"f95fea007424808c54a06a6bd7a7e0297f46d00d9bdf134afa78245f7e3903fc","sha512":"da97c330d247dab15073920cde860a1491c147eb2ce02a1e917a6ffc6e7b5bbab681395d3a3e394685091a2956ca62a15b2704d32cc5a1d0caae25036c86149c","ssdeep":"1536:MzL751Jqc2HyP0SuRPmym0pO1s8dsR5qxyzT/ghgOKWYZjAartrvpD3pduCxAXtB:XuydkXiR5zzTq+bxpD3ZV4T","tlshash":"9bd33acdb3a1342643a3a5b5607f414fb139b8a5a40c88a4f199d8e87c74dad4237fbd","first_seen":"2025-12-11T16:42:36.25698Z","last_seen":"2026-01-07T19:22:29.46074Z","times_seen":14588,"resource_available":true,"data":null}},"time_used":52,"timings":{"blocked":5,"dns":2,"connect":8,"send":0,"wait":20,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/adsense/domains/caf.js","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"142.250.178.110","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://syndicatedsearch.goog/afs/ads?sjk=yufBCPWCSBuTVcGK%2BGvDSg%3D%3D\u0026adtest=off\u0026psid=5837883959\u0026pcsa=false\u0026channel=000001%2Cbucket011\u0026client=dp-teaminternet09_3ph\u0026r=m\u0026hl=no\u0026ivt=0\u0026rpbu=http%3A%2F%2Fww38.yxy911.cc%2F%3Fts%3DeyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.0aD61NCzUJmtEBYneRQaFEx0qoLKyW2qpB7jeYrNTjqIGus9MtPPyw.SkEJKhIRet7mHEY67ct04w.O6CiwbMoqqqdq4jeE3iMJj3x5TPu0vzfsKRSP0mW0dIuFYt44Mxs62DodhmSeV7DKKoWt0wZgKb-kg3ggV36CSUbSIZo5hKhTA_5PlfX9yY-_3VrZqjA98azFkXrNQKVnt5z0I1oF5FeQ1sVWSpJA5zO26aI_hIg6qRmtj2hEgV8hJXl6L8FGLeMI5Ri8UqJHeyDYWaPq8xJxMWUSwM5qH4BJUaohYfEO6wihjHwKPcX3sXQ8q0uG5EXlQC5QFziZK9fZcvFir23HQQUL-kpeY5fkoU69rOtftUkPj0Pz8B1_qnjid36NjEVXFvK2CrElzQmhoyL-b2H7anb5yJih-tR34xVhFpEzbQoIbFOWHOQsu_GnuFYyPXQp3EB2JHAYY6bFDlj1Wiv5nILG_oyqW-Eh5Pd5880WYUnRCt97VVve8X6faV_uAYWLwhJqhtp4jNMxR6QMyldIeED6sxlcG5B90KwVCTBJaVsZSn82IeWT8ulzOslIhogmf8kmWTRikVjGTtqnuE6SsAPu0gAqRCaYuGW76SDvzylHDVrQHR74Llw-7jsgzGm5eT72ofC0bQbQ45Ds4tdZxhfWV_hSKyq3DGht1T59Tae9xUkzZs.fiI0VqtDIQ-6C2UXl4fbGA\u0026type=3\u0026swp=as-drid-2986208149972408\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717107\u0026format=r3%7Cs\u0026nocache=4971765977422668\u0026num=0\u0026output=afd_ads\u0026domain_name=ww38.yxy911.cc\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1765977422668\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=813\u0026frm=0\u0026uio=--\u0026cont=tc\u0026drt=0\u0026jsid=caf\u0026jsv=842209568\u0026rurl=http%3A%2F%2Fww38.yxy911.cc%2F","date":"2025-12-17T13:17:03.018Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 24 Nov 2025 08:42:31 GMT","end":"Mon, 16 Feb 2026 08:42:30 GMT"},"fingerprint":{"sha1":"4B:B9:53:E2:E6:60:E4:AF:E2:4A:C3:11:06:83:27:D6:02:2C:D2:25","sha256":"F2:02:41:F0:1F:DF:CA:A3:22:24:58:94:E1:D8:DF:75:B3:F5:66:4A:1B:54:39:9F:CC:7D:36:3B:A3:EB:D4:87"}}},"request":{"raw":"GET /adsense/domains/caf.js HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://syndicatedsearch.goog/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-type: text/javascript; charset=UTF-8\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"ads-afs-ui\"\r\nreport-to: {\"group\":\"ads-afs-ui\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/ads-afs-ui\"}]}\r\ndate: Wed, 17 Dec 2025 13:17:03 GMT\r\nexpires: Wed, 17 Dec 2025 13:17:03 GMT\r\ncache-control: private, max-age=3600\r\netag: \"15781381272028092416\"\r\nx-content-type-options: nosniff\r\nlink: \u003chttps://syndicatedsearch.goog\u003e; rel=\"preconnect\"\r\ncontent-encoding: gzip\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":134043,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2840)","md5":"f00d4af2ff93432bab783a45f0491b73","sha1":"b455c722bb44aaf7409d10b5c08e620017ac8aed","sha256":"b7dd5d1f9fb9e43930c47cbc407306b14d0d6b37624d364a47149fb7b2552303","sha512":"08e63c56e98c4249b23a35bc7bf5a774b8ff5d9e38be6283a5cba1538be40158da7fde7792eb570945e2e99c8e745bc277048d62ed26322b3154c329e4ea1622","ssdeep":"1536:szL751Jqc2HyP0SuRPmym0pO1s8dsR5qxyzT/ghgOKWYZjAartrvpD3pduCxAXtB:3uydkXiR5zzTq+bxpD3ZV4T","tlshash":"f7d33acdb3a1342643a3a5b5607f414fb139b8a5a40c88a4f199d8e87c74dad4237fbd","first_seen":"2025-12-10T15:33:56.916944Z","last_seen":"2026-01-07T19:06:32.931594Z","times_seen":6309,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww38.yxy911.cc/munin/a/tr/answercheck/yes?domain=yxy911.cc\u0026caf=1\u0026toggle=answercheck\u0026answer=yes\u0026uid=MTc2NTk3NzQyMi4yNjI6YTI5ZTg3NzAxYjRiYjQwMjgzMjFkMzk0ZGMyNGVmOGZmMDc4YzBmODdiZTA3NjE2YTA4NzNjYmIyODMxYWM5MDo2OTQyYWQ0ZTNmZjgz","fqdn":"ww38.yxy911.cc","domain":"yxy911.cc","tld":"cc"},"ip":{"addr":"185.53.179.200","port":80,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://ww38.yxy911.cc/","date":"2025-12-17T13:17:03.219Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /munin/a/tr/answercheck/yes?domain=yxy911.cc\u0026caf=1\u0026toggle=answercheck\u0026answer=yes\u0026uid=MTc2NTk3NzQyMi4yNjI6YTI5ZTg3NzAxYjRiYjQwMjgzMjFkMzk0ZGMyNGVmOGZmMDc4YzBmODdiZTA3NjE2YTA4NzNjYmIyODMxYWM5MDo2OTQyYWQ0ZTNmZjgz HTTP/1.1\r\nHost: ww38.yxy911.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww38.yxy911.cc/\r\nCookie: _cq_duid=1.1765977423.d5kdgsExCdqROzMt; _cq_suid=1.1765977423.mvZfDBqO8cjMhaWJ\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Dec 2025 13:17:03 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 0\r\nConnection: keep-alive\r\nAccept-Ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile\r\nAccept-Ch-Lifetime: 30\r\nAccess-Control-Allow-Origin: *\r\nVia: 0.0 Caddy\r\nX-Custom-Track: answercheck\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T06:47:06.202855Z","times_seen":13363998,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-17","alert":"Sinkholed","trigger":"ww38.yxy911.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ep1.adtrafficquality.google/getconfig/sodar?sv=200\u0026tid=afs\u0026tv=1234567890\u0026st=env\u0026sjk=yufBCPWCSBuTVcGK+GvDSg==\u0026sde=1","fqdn":"ep1.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.178.34","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://ww38.yxy911.cc/","date":"2025-12-17T13:17:03.260Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adtrafficquality.google","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 24 Nov 2025 08:42:28 GMT","end":"Mon, 16 Feb 2026 08:42:27 GMT"},"fingerprint":{"sha1":"23:7B:6F:14:47:C1:9A:1D:37:09:B6:46:FC:44:E2:C3:17:77:4F:1F","sha256":"CB:48:1D:F9:BA:12:69:6F:18:7D:1B:B3:E8:27:01:C7:81:B0:15:61:75:98:8B:1A:91:AC:E5:AD:BF:F3:8E:AA"}}},"request":{"raw":"GET /getconfig/sodar?sv=200\u0026tid=afs\u0026tv=1234567890\u0026st=env\u0026sjk=yufBCPWCSBuTVcGK+GvDSg==\u0026sde=1 HTTP/1.1\r\nHost: ep1.adtrafficquality.google\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: http://ww38.yxy911.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww38.yxy911.cc/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\np3p: policyref=\"https://www.googleadservices.com/pagead/p3p.xml\", CP=\"NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC\"\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\ncontent-type: application/json; charset=UTF-8\r\nx-content-type-options: nosniff\r\ncontent-disposition: attachment; filename=\"f.txt\"\r\ncontent-encoding: br\r\ndate: Wed, 17 Dec 2025 13:17:03 GMT\r\nserver: cafe\r\ncontent-length: 8110\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10738,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"4c7c8f8cabf4e605b8004e4a09e825ed","sha1":"7a327facee1b27664de7017bbe7bce4b12fe8433","sha256":"1be0e7880dac3f7ae34c76e118777ed5bf092f7247981e50cb5c0eb88ea244fa","sha512":"377c234601fb79fca4f64c049b30e7303faf6ad3506528c3047c65d557ebc061ec34aac95dd7b97c1e2df67d2a8248141409c02e5bfeb262e249d815afd19584","ssdeep":"192:et2ekzI8ZnxrCyHd5pypffalSbeIAh4eQpfE9fbuGCSbrUGK32FiYAsapgjEarjb:et2nzI8LGyHd5Ipq2LG45yfCGZU92FiC","tlshash":"0422af760c767e9e7dbc6e15693b14528c2c4d302e5b8ff89f04b48f615e55222e1c2b","first_seen":"2025-12-17T13:17:29.576232Z","last_seen":"2025-12-17T13:17:29.576232Z","times_seen":1,"resource_available":false,"data":null}},"time_used":304,"timings":{"blocked":131,"dns":1,"connect":14,"send":0,"wait":41,"receive":1,"ssl":114},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff","fqdn":"afs.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.33","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://syndicatedsearch.goog/afs/ads?sjk=yufBCPWCSBuTVcGK%2BGvDSg%3D%3D\u0026adtest=off\u0026psid=5837883959\u0026pcsa=false\u0026channel=000001%2Cbucket011\u0026client=dp-teaminternet09_3ph\u0026r=m\u0026hl=no\u0026ivt=0\u0026rpbu=http%3A%2F%2Fww38.yxy911.cc%2F%3Fts%3DeyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.0aD61NCzUJmtEBYneRQaFEx0qoLKyW2qpB7jeYrNTjqIGus9MtPPyw.SkEJKhIRet7mHEY67ct04w.O6CiwbMoqqqdq4jeE3iMJj3x5TPu0vzfsKRSP0mW0dIuFYt44Mxs62DodhmSeV7DKKoWt0wZgKb-kg3ggV36CSUbSIZo5hKhTA_5PlfX9yY-_3VrZqjA98azFkXrNQKVnt5z0I1oF5FeQ1sVWSpJA5zO26aI_hIg6qRmtj2hEgV8hJXl6L8FGLeMI5Ri8UqJHeyDYWaPq8xJxMWUSwM5qH4BJUaohYfEO6wihjHwKPcX3sXQ8q0uG5EXlQC5QFziZK9fZcvFir23HQQUL-kpeY5fkoU69rOtftUkPj0Pz8B1_qnjid36NjEVXFvK2CrElzQmhoyL-b2H7anb5yJih-tR34xVhFpEzbQoIbFOWHOQsu_GnuFYyPXQp3EB2JHAYY6bFDlj1Wiv5nILG_oyqW-Eh5Pd5880WYUnRCt97VVve8X6faV_uAYWLwhJqhtp4jNMxR6QMyldIeED6sxlcG5B90KwVCTBJaVsZSn82IeWT8ulzOslIhogmf8kmWTRikVjGTtqnuE6SsAPu0gAqRCaYuGW76SDvzylHDVrQHR74Llw-7jsgzGm5eT72ofC0bQbQ45Ds4tdZxhfWV_hSKyq3DGht1T59Tae9xUkzZs.fiI0VqtDIQ-6C2UXl4fbGA\u0026type=3\u0026swp=as-drid-2986208149972408\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717107\u0026format=r3%7Cs\u0026nocache=4971765977422668\u0026num=0\u0026output=afd_ads\u0026domain_name=ww38.yxy911.cc\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1765977422668\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=813\u0026frm=0\u0026uio=--\u0026cont=tc\u0026drt=0\u0026jsid=caf\u0026jsv=842209568\u0026rurl=http%3A%2F%2Fww38.yxy911.cc%2F","date":"2025-12-17T13:17:03.295Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 24 Nov 2025 08:40:09 GMT","end":"Mon, 16 Feb 2026 08:40:08 GMT"},"fingerprint":{"sha1":"1D:34:D8:2B:6A:A6:2E:74:48:F4:AA:46:07:71:03:B1:70:B7:83:C2","sha256":"5E:E1:26:C9:4E:BE:8A:7F:77:18:35:C0:DC:5D:8C:04:80:D3:EB:DE:D4:A1:6E:59:8B:58:43:7E:5C:A8:F2:54"}}},"request":{"raw":"GET /ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff HTTP/1.1\r\nHost: afs.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://syndicatedsearch.goog/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncontent-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers\r\ncross-origin-opener-policy: same-origin; report-to=\"afs-native-asset-managers\"\r\nreport-to: {\"group\":\"afs-native-asset-managers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers\"}]}\r\ncontent-length: 270\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 17 Dec 2025 07:51:16 GMT\r\nexpires: Thu, 18 Dec 2025 06:51:16 GMT\r\ncache-control: public, max-age=82800\r\nage: 19547\r\nlast-modified: Thu, 20 Jul 2023 22:48:00 GMT\r\ncontent-type: image/svg+xml\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":391,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"8959ddcd9712196961d93f58064ed655","sha1":"62ab1e38e7e9fbf58a04381b76c2d96a9c829f24","sha256":"17c7a89bf169c2ee400e31b042cea68513f06b9cd7d1e8990dbec800f0d771c7","sha512":"5e9effa313c30b351345db963238b4afd0728ca302fd79a853c80c89f042266d44cc1d29492520fb0fa80b47135e54e6963dfc21972f6b236b84c1da2fad809d","ssdeep":"","tlshash":"2ae068fa82846d044a8543b0ee09a7a442fff076535d90bbc1e4e6fcb0489eaacd2745","first_seen":"2023-04-08T10:54:48Z","last_seen":"2026-01-21T15:14:27.461955Z","times_seen":243741,"resource_available":false,"data":null}},"time_used":256,"timings":{"blocked":116,"dns":1,"connect":25,"send":0,"wait":22,"receive":0,"ssl":86},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/ads?sjk=yufBCPWCSBuTVcGK%2BGvDSg%3D%3D\u0026adtest=off\u0026psid=5837883959\u0026pcsa=false\u0026channel=000001%2Cbucket011\u0026client=dp-teaminternet09_3ph\u0026r=m\u0026hl=no\u0026ivt=0\u0026rpbu=http%3A%2F%2Fww38.yxy911.cc%2F%3Fts%3DeyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.0aD61NCzUJmtEBYneRQaFEx0qoLKyW2qpB7jeYrNTjqIGus9MtPPyw.SkEJKhIRet7mHEY67ct04w.O6CiwbMoqqqdq4jeE3iMJj3x5TPu0vzfsKRSP0mW0dIuFYt44Mxs62DodhmSeV7DKKoWt0wZgKb-kg3ggV36CSUbSIZo5hKhTA_5PlfX9yY-_3VrZqjA98azFkXrNQKVnt5z0I1oF5FeQ1sVWSpJA5zO26aI_hIg6qRmtj2hEgV8hJXl6L8FGLeMI5Ri8UqJHeyDYWaPq8xJxMWUSwM5qH4BJUaohYfEO6wihjHwKPcX3sXQ8q0uG5EXlQC5QFziZK9fZcvFir23HQQUL-kpeY5fkoU69rOtftUkPj0Pz8B1_qnjid36NjEVXFvK2CrElzQmhoyL-b2H7anb5yJih-tR34xVhFpEzbQoIbFOWHOQsu_GnuFYyPXQp3EB2JHAYY6bFDlj1Wiv5nILG_oyqW-Eh5Pd5880WYUnRCt97VVve8X6faV_uAYWLwhJqhtp4jNMxR6QMyldIeED6sxlcG5B90KwVCTBJaVsZSn82IeWT8ulzOslIhogmf8kmWTRikVjGTtqnuE6SsAPu0gAqRCaYuGW76SDvzylHDVrQHR74Llw-7jsgzGm5eT72ofC0bQbQ45Ds4tdZxhfWV_hSKyq3DGht1T59Tae9xUkzZs.fiI0VqtDIQ-6C2UXl4fbGA\u0026type=3\u0026swp=as-drid-2986208149972408\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717107\u0026format=r3%7Cs\u0026nocache=4971765977422668\u0026num=0\u0026output=afd_ads\u0026domain_name=ww38.yxy911.cc\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1765977422668\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=813\u0026frm=0\u0026uio=--\u0026cont=tc\u0026drt=0\u0026jsid=caf\u0026jsv=842209568\u0026rurl=http%3A%2F%2Fww38.yxy911.cc%2F","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"142.250.178.110","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"http://ww38.yxy911.cc/","date":"2025-12-17T13:17:02.677Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 24 Nov 2025 08:42:31 GMT","end":"Mon, 16 Feb 2026 08:42:30 GMT"},"fingerprint":{"sha1":"4B:B9:53:E2:E6:60:E4:AF:E2:4A:C3:11:06:83:27:D6:02:2C:D2:25","sha256":"F2:02:41:F0:1F:DF:CA:A3:22:24:58:94:E1:D8:DF:75:B3:F5:66:4A:1B:54:39:9F:CC:7D:36:3B:A3:EB:D4:87"}}},"request":{"raw":"GET /afs/ads?sjk=yufBCPWCSBuTVcGK%2BGvDSg%3D%3D\u0026adtest=off\u0026psid=5837883959\u0026pcsa=false\u0026channel=000001%2Cbucket011\u0026client=dp-teaminternet09_3ph\u0026r=m\u0026hl=no\u0026ivt=0\u0026rpbu=http%3A%2F%2Fww38.yxy911.cc%2F%3Fts%3DeyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.0aD61NCzUJmtEBYneRQaFEx0qoLKyW2qpB7jeYrNTjqIGus9MtPPyw.SkEJKhIRet7mHEY67ct04w.O6CiwbMoqqqdq4jeE3iMJj3x5TPu0vzfsKRSP0mW0dIuFYt44Mxs62DodhmSeV7DKKoWt0wZgKb-kg3ggV36CSUbSIZo5hKhTA_5PlfX9yY-_3VrZqjA98azFkXrNQKVnt5z0I1oF5FeQ1sVWSpJA5zO26aI_hIg6qRmtj2hEgV8hJXl6L8FGLeMI5Ri8UqJHeyDYWaPq8xJxMWUSwM5qH4BJUaohYfEO6wihjHwKPcX3sXQ8q0uG5EXlQC5QFziZK9fZcvFir23HQQUL-kpeY5fkoU69rOtftUkPj0Pz8B1_qnjid36NjEVXFvK2CrElzQmhoyL-b2H7anb5yJih-tR34xVhFpEzbQoIbFOWHOQsu_GnuFYyPXQp3EB2JHAYY6bFDlj1Wiv5nILG_oyqW-Eh5Pd5880WYUnRCt97VVve8X6faV_uAYWLwhJqhtp4jNMxR6QMyldIeED6sxlcG5B90KwVCTBJaVsZSn82IeWT8ulzOslIhogmf8kmWTRikVjGTtqnuE6SsAPu0gAqRCaYuGW76SDvzylHDVrQHR74Llw-7jsgzGm5eT72ofC0bQbQ45Ds4tdZxhfWV_hSKyq3DGht1T59Tae9xUkzZs.fiI0VqtDIQ-6C2UXl4fbGA\u0026type=3\u0026swp=as-drid-2986208149972408\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717107\u0026format=r3%7Cs\u0026nocache=4971765977422668\u0026num=0\u0026output=afd_ads\u0026domain_name=ww38.yxy911.cc\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1765977422668\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=813\u0026frm=0\u0026uio=--\u0026cont=tc\u0026drt=0\u0026jsid=caf\u0026jsv=842209568\u0026rurl=http%3A%2F%2Fww38.yxy911.cc%2F HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww38.yxy911.cc/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-disposition: inline\r\ndate: Wed, 17 Dec 2025 13:17:02 GMT\r\nexpires: Wed, 17 Dec 2025 13:17:02 GMT\r\ncache-control: private, max-age=3600\r\ncontent-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-qBt2ym3HBpWVaQGCpbVqVQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/other\"}]}\r\ncontent-encoding: br\r\nserver: gws\r\ncontent-length: 3681\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Web Server","description":"","website":"https://en.wikipedia.org/wiki/Google_Web_Server","common_platform_enumeration":"cpe:2.3:a:google:web_server:*:*:*:*:*:*:*:*","icon":"Google.svg","categories":["Web servers"]}],"data":{"size":16358,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (15569)","md5":"6135b6658beeebb720642ee7ed6fbce4","sha1":"c8b802d9c58e865868e3afd26273118cbc66e7e2","sha256":"195f7c211a7d9e16a9df7d55db84df78fa6443b745455ef94cabce0d0919c95c","sha512":"9649f294d19de314d46e837e8a52f3ffd4f4a030d62ae6c7a89c42df78bcf71e2e51270eef5686e12d6b30053186f342f22ce0e66a8a47a56e14bf2724b200dd","ssdeep":"192:GE12iMpgb4LghA+4Wrze1FEfrVe1FE1Vbkie1FESmeX9koh:Gni02AJe+EfB+E/+ESmetkoh","tlshash":"3372953764a1172d49039c541b662f6ed291d43ac4ab35f848e35b25c7e7f82cfe228e","first_seen":"2025-12-17T13:17:29.579868Z","last_seen":"2025-12-17T13:17:29.579868Z","times_seen":1,"resource_available":false,"data":null}},"time_used":408,"timings":{"blocked":125,"dns":1,"connect":14,"send":0,"wait":157,"receive":1,"ssl":107},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obseu.youstarsbuilding.com/ct?id=80705\u0026url=http%3A%2F%2Fww38.yxy911.cc%2F\u0026sf=0\u0026tpi=\u0026ch=AdsDeli%20-%20domain%20-%20landingpage\u0026uvid=124ab65b26954f492e48f070876992514e9fa6c7\u0026tsf=0\u0026tsfmi=\u0026tsfu=\u0026cb=1765977423022\u0026hl=2\u0026op=0\u0026ag=2881387774\u0026rand=031189581622921527875912208928055871208961062670080528012205750012912251681510382177162571\u0026fs=1280x1024\u0026fst=1280x1024\u0026np=win32\u0026nv=\u0026ref=\u0026ss=1280x1024\u0026nc=0\u0026at=\u0026di=W1siZWYiLDgwMDldLFsiYWJuY2giLDEyXSxbLTEsIkxpbnV4IHg4Nl82NCJdLFstNiwie1wid1wiOltcIjBcIixcInRjYmxvY2tcIixcInNlYXJjaGJveEJsb2NrXCIsXCJnZXRYTUxodHRwXCIsXCJmYWxsYmFja1JlZGlyZWN0XCIsXCJhamF4UXVlcnlcIixcImFqYXhCYWNrZmlsbFwiLFwibG9hZEZlZWRcIixcInhtbEh0dHBcIixcImdldExvYWRGZWVkQXJndW1lbnRzXCIsXCJOb3RpZnlQYWludEV2ZW50XCIsXCJfX2N0Y2dfY3RfODA3MDVfZXhlY1wiXSxcIm5cIjpbXSxcImRcIjpbXX0iXSxbLTEyLCJcIjFcIiJdLFstMTMsIi0iXSxbLTE2LCIwIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTI4MCwxMDI0LDEyODAsMTAyNCwxMjgwLDEwMjQsMTI4MCwxMDI0LDAsMCwwLDAsXCItXCIsXCItXCIsMTI4MCwxMDI0LG51bGxdIl0sWy0yMSwiLSJdLFstMjUsIi0iXSxbLTU5LCItIl0sWy03MywiRWhRPSJdLFstMzIsIjAiXSxbLTM2LCJbXCI1LzRcIixcIjUvNFwiXSJdLFstNDEsIi0iXSxbLTUwLCItIl0sWy02NiwiLSJdLFstNzIsIkV4VT0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJkZXNjcmlwdGlvblwiXX0iXSxbLTM3LCItIl0sWy0yLCI2LElzTjluR25XYkFZQUl4TmZRYU9xR0UwQ0ZBUXNjRzAwSW5oT2JZQkFLWVVPelFPNkVYMDIwSW1HTGN1NjJ1cmRQL2MyZDJwTm1WWkF3ZjMvLzh6NzlHckhhMVd1M09tWFBQdmUiXSxbLTQyLCI4ODMzOTkwMTYiXSxbLTUzLCIwMDEiXSxbLTYwLCItIl0sWy03MSwiYTAxMDAxMDExMDAxMDAxMDEwMDAxMDEwMDExMDExMDAwMDAwMTAiXSxbLTksIi0iXSxbLTMxLCJmYWxzZSJdLFstNCwiLSJdLFstNTEsIi0iXSxbLTYzLCItIl0sWy02NywiLSJdLFstNjgsIi0iXSxbLTgsIi0iXSxbLTE1LCItIl0sWy0xOCwiWzEsMCwwLDBdIl0sWy0yNywiLSJdLFstMjgsImVuLVVTLGVuIl0sWy0zOCwiaSwtMSwtMSwwLDAsMjAsMCwxLDMyLDkyLC0xLDAsLDI4NSw1OTMsNTkzIl0sWy0zOSwiW1wiMjAxMDAxMDFcIiwyLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDUsdHJ1ZSxmYWxzZSxudWxsLDAsZmFsc2UsZmFsc2UsZmFsc2UsZmFsc2VdIl0sWy00NSwiNzUyLDAsMCw3MTksMCwwLDc2MSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwIl0sWy02MiwiNTgiXSxbLTY1LCItIl0sWy03MCwiLSJdLFstNzQsIi0iXSxbLTE3LCI0OCJdLFstMjYsIi0iXSxbLTU3LCJTM2xSVFUxSlNnTVdGbHhNVmxzWFFGWk1TazFZUzBwYlRGQlZYVkJYWGhkYVZsUVdTa0ZKRmxBV0N3c05Yd0VNQ2drTFdGZ0xXdzljV2dvSldGaGFBRmdCREYxWUMxcGJYd0FYVTBvRENBTUJEd3NLQ2hVT0NBQVdUUmRjUVVsV1MwMUtGZ1Y1VVUxTlNVb0RGaFpjVEZaYkYwQldURXBOV0V0S1cweFFWVjFRVjE0WFdsWlVGa3BCU1JaUUZnc0xEVjhCREFvSkMxaFlDMXNQWEZvS0NWaFlXZ0JZQVF4ZFdBdGFXMThBRjFOS0F3Z0RBUThOQ2dnVlNseE5iVkJVWEZaTVRSbFJXRmRkVlZ4TEV3NElBQlpORjF4QlNWWkxUVW9XQlhsUlRVMUpTZ01XRmx4TVZsc1hRRlpNU2sxWVMwcGJURkJWWFZCWFhoZGFWbFFXU2c9PSJdLFstNTgsIi0iXSxbLTYxLCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy01LCItIl0sWy03LCItIl0sWy00NCwiMCw1LDAsNSJdLFstMTQsIi0iXSxbLTIzLCIrIl0sWy0yNCwiW10iXSxbLTI5LCItIl0sWy0zMywiLSJdLFstMzUsIlsxNzY1OTc3NDIyOTIxLDBdIl0sWy00MywiMDAwMDAwMDEwMDAwMDAwMDAwMTExMDAxMDAwMDAxMDAwMDAwMDAwMDAxIl0sWy01MiwiLSJdLFstNTUsIjAiXSxbLTY0LCItIl0sWzEyLCJ7XCJjdHhcIjpcIndlYmdsXCIsXCJ2XCI6XCJtZXNhXCIsXCJyXCI6XCJsbHZtcGlwZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNsIGVzIDEuMFwiLFwiZ3ZlclwiOlwid2ViZ2wgMS4wXCIsXCJndmVuXCI6XCJtb3ppbGxhXCIsXCJiZW5cIjo2MyxcIndnbFwiOjEsXCJncmVuXCI6XCJsbHZtcGlwZVwiLFwic2VmXCI6NDk0MTk1MDQzLFwic2VjXCI6XCJcIn0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy00NiwiMCJdLFstNDcsIlVUQyxlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTU2LCJsYW5kc2NhcGUtcHJpbWFyeSJdLFsiYm5jaCIsNDE5XSxbLTIwLCItIl0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCJdIl0sWy00OCwiW1wiLVwiLFwiLVwiLFwiLVwiLFwiLVwiLFwiLVwiXSJdLFstNDksIi0iXSxbLTY5LCJXaW4zMnx8fDQ4fC18LSJdLFstMTAsIi0iXSxbLTM0LCItIl0sWy00MCwiMzciXSxbLTU0LCJ7XCJoXCI6W1wiMzI5OTcyODQ1MlwiLFwiODIyODIzMTE5XCIsXCJfM1wiLFwiMjYzOTIyMjQ2OFwiXSxcImRcIjpbXSxcImJcIjpbXCJfMFwiLFwiMjY0NjAzODgyXCJdLFwic1wiOjF9Il0sWyJkZGIiLCIwLDcsMCwwLDAsMiwwLDAsMCwwLDAsMCwwLDAsMSwwLDEsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMSwwLDIsMCwwLDAsMSwwLDAsMCwwLDAsMSwxLDMsMzgsMCwyMSwwLDEsMCwwLDAsMCwxLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMSwwLDAsMCJdLFsiY2IiLCIwLDAsMCwwLDAsMCwwLDAsMCwzLDAsMCw2NSwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMywwLDAsMCwxLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMSwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDEsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXV0%3D\u0026dep=0\u0026pre=0\u0026sdd=\u0026cri=UNNM9EBqEO\u0026pto=867\u0026ver=65\u0026gac=-\u0026mei=\u0026ap=\u0026fe=1\u0026duid=1.1765977423.d5kdgsExCdqROzMt\u0026suid=1.1765977423.mvZfDBqO8cjMhaWJ\u0026tuid=1.1765977423.DCnb1Tmew4ldwnjm\u0026fbc=-\u0026gtm=-\u0026it=9%2C207%2C139\u0026fbcl=-\u0026gacl=-\u0026gacsd=-\u0026rtic=-\u0026rtict=-\u0026bgc=-\u0026spa=1\u0026urid=0\u0026ab=\u0026sck=-\u0026io=aGA2Og%3D%3D","fqdn":"obseu.youstarsbuilding.com","domain":"youstarsbuilding.com","tld":"com"},"ip":{"addr":"3.248.162.96","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://ww38.yxy911.cc/","date":"2025-12-17T13:17:03.028Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.youstarsbuilding.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 03 Dec 2025 00:00:00 GMT","end":"Tue, 03 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"1D:E0:7A:77:9E:39:3D:B5:85:C1:3D:30:3E:E7:35:C5:FE:D1:7E:38","sha256":"3D:73:19:D6:DC:8A:75:98:72:2D:32:C1:65:DF:5C:3A:0D:71:99:BA:F5:6D:C8:11:D9:E4:02:85:DC:8D:75:25"}}},"request":{"raw":"GET /ct?id=80705\u0026url=http%3A%2F%2Fww38.yxy911.cc%2F\u0026sf=0\u0026tpi=\u0026ch=AdsDeli%20-%20domain%20-%20landingpage\u0026uvid=124ab65b26954f492e48f070876992514e9fa6c7\u0026tsf=0\u0026tsfmi=\u0026tsfu=\u0026cb=1765977423022\u0026hl=2\u0026op=0\u0026ag=2881387774\u0026rand=031189581622921527875912208928055871208961062670080528012205750012912251681510382177162571\u0026fs=1280x1024\u0026fst=1280x1024\u0026np=win32\u0026nv=\u0026ref=\u0026ss=1280x1024\u0026nc=0\u0026at=\u0026di=W1siZWYiLDgwMDldLFsiYWJuY2giLDEyXSxbLTEsIkxpbnV4IHg4Nl82NCJdLFstNiwie1wid1wiOltcIjBcIixcInRjYmxvY2tcIixcInNlYXJjaGJveEJsb2NrXCIsXCJnZXRYTUxodHRwXCIsXCJmYWxsYmFja1JlZGlyZWN0XCIsXCJhamF4UXVlcnlcIixcImFqYXhCYWNrZmlsbFwiLFwibG9hZEZlZWRcIixcInhtbEh0dHBcIixcImdldExvYWRGZWVkQXJndW1lbnRzXCIsXCJOb3RpZnlQYWludEV2ZW50XCIsXCJfX2N0Y2dfY3RfODA3MDVfZXhlY1wiXSxcIm5cIjpbXSxcImRcIjpbXX0iXSxbLTEyLCJcIjFcIiJdLFstMTMsIi0iXSxbLTE2LCIwIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTI4MCwxMDI0LDEyODAsMTAyNCwxMjgwLDEwMjQsMTI4MCwxMDI0LDAsMCwwLDAsXCItXCIsXCItXCIsMTI4MCwxMDI0LG51bGxdIl0sWy0yMSwiLSJdLFstMjUsIi0iXSxbLTU5LCItIl0sWy03MywiRWhRPSJdLFstMzIsIjAiXSxbLTM2LCJbXCI1LzRcIixcIjUvNFwiXSJdLFstNDEsIi0iXSxbLTUwLCItIl0sWy02NiwiLSJdLFstNzIsIkV4VT0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJkZXNjcmlwdGlvblwiXX0iXSxbLTM3LCItIl0sWy0yLCI2LElzTjluR25XYkFZQUl4TmZRYU9xR0UwQ0ZBUXNjRzAwSW5oT2JZQkFLWVVPelFPNkVYMDIwSW1HTGN1NjJ1cmRQL2MyZDJwTm1WWkF3ZjMvLzh6NzlHckhhMVd1M09tWFBQdmUiXSxbLTQyLCI4ODMzOTkwMTYiXSxbLTUzLCIwMDEiXSxbLTYwLCItIl0sWy03MSwiYTAxMDAxMDExMDAxMDAxMDEwMDAxMDEwMDExMDExMDAwMDAwMTAiXSxbLTksIi0iXSxbLTMxLCJmYWxzZSJdLFstNCwiLSJdLFstNTEsIi0iXSxbLTYzLCItIl0sWy02NywiLSJdLFstNjgsIi0iXSxbLTgsIi0iXSxbLTE1LCItIl0sWy0xOCwiWzEsMCwwLDBdIl0sWy0yNywiLSJdLFstMjgsImVuLVVTLGVuIl0sWy0zOCwiaSwtMSwtMSwwLDAsMjAsMCwxLDMyLDkyLC0xLDAsLDI4NSw1OTMsNTkzIl0sWy0zOSwiW1wiMjAxMDAxMDFcIiwyLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDUsdHJ1ZSxmYWxzZSxudWxsLDAsZmFsc2UsZmFsc2UsZmFsc2UsZmFsc2VdIl0sWy00NSwiNzUyLDAsMCw3MTksMCwwLDc2MSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwIl0sWy02MiwiNTgiXSxbLTY1LCItIl0sWy03MCwiLSJdLFstNzQsIi0iXSxbLTE3LCI0OCJdLFstMjYsIi0iXSxbLTU3LCJTM2xSVFUxSlNnTVdGbHhNVmxzWFFGWk1TazFZUzBwYlRGQlZYVkJYWGhkYVZsUVdTa0ZKRmxBV0N3c05Yd0VNQ2drTFdGZ0xXdzljV2dvSldGaGFBRmdCREYxWUMxcGJYd0FYVTBvRENBTUJEd3NLQ2hVT0NBQVdUUmRjUVVsV1MwMUtGZ1Y1VVUxTlNVb0RGaFpjVEZaYkYwQldURXBOV0V0S1cweFFWVjFRVjE0WFdsWlVGa3BCU1JaUUZnc0xEVjhCREFvSkMxaFlDMXNQWEZvS0NWaFlXZ0JZQVF4ZFdBdGFXMThBRjFOS0F3Z0RBUThOQ2dnVlNseE5iVkJVWEZaTVRSbFJXRmRkVlZ4TEV3NElBQlpORjF4QlNWWkxUVW9XQlhsUlRVMUpTZ01XRmx4TVZsc1hRRlpNU2sxWVMwcGJURkJWWFZCWFhoZGFWbFFXU2c9PSJdLFstNTgsIi0iXSxbLTYxLCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy01LCItIl0sWy03LCItIl0sWy00NCwiMCw1LDAsNSJdLFstMTQsIi0iXSxbLTIzLCIrIl0sWy0yNCwiW10iXSxbLTI5LCItIl0sWy0zMywiLSJdLFstMzUsIlsxNzY1OTc3NDIyOTIxLDBdIl0sWy00MywiMDAwMDAwMDEwMDAwMDAwMDAwMTExMDAxMDAwMDAxMDAwMDAwMDAwMDAxIl0sWy01MiwiLSJdLFstNTUsIjAiXSxbLTY0LCItIl0sWzEyLCJ7XCJjdHhcIjpcIndlYmdsXCIsXCJ2XCI6XCJtZXNhXCIsXCJyXCI6XCJsbHZtcGlwZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNsIGVzIDEuMFwiLFwiZ3ZlclwiOlwid2ViZ2wgMS4wXCIsXCJndmVuXCI6XCJtb3ppbGxhXCIsXCJiZW5cIjo2MyxcIndnbFwiOjEsXCJncmVuXCI6XCJsbHZtcGlwZVwiLFwic2VmXCI6NDk0MTk1MDQzLFwic2VjXCI6XCJcIn0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy00NiwiMCJdLFstNDcsIlVUQyxlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTU2LCJsYW5kc2NhcGUtcHJpbWFyeSJdLFsiYm5jaCIsNDE5XSxbLTIwLCItIl0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCJdIl0sWy00OCwiW1wiLVwiLFwiLVwiLFwiLVwiLFwiLVwiLFwiLVwiXSJdLFstNDksIi0iXSxbLTY5LCJXaW4zMnx8fDQ4fC18LSJdLFstMTAsIi0iXSxbLTM0LCItIl0sWy00MCwiMzciXSxbLTU0LCJ7XCJoXCI6W1wiMzI5OTcyODQ1MlwiLFwiODIyODIzMTE5XCIsXCJfM1wiLFwiMjYzOTIyMjQ2OFwiXSxcImRcIjpbXSxcImJcIjpbXCJfMFwiLFwiMjY0NjAzODgyXCJdLFwic1wiOjF9Il0sWyJkZGIiLCIwLDcsMCwwLDAsMiwwLDAsMCwwLDAsMCwwLDAsMSwwLDEsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMSwwLDIsMCwwLDAsMSwwLDAsMCwwLDAsMSwxLDMsMzgsMCwyMSwwLDEsMCwwLDAsMCwxLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMSwwLDAsMCJdLFsiY2IiLCIwLDAsMCwwLDAsMCwwLDAsMCwzLDAsMCw2NSwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMywwLDAsMCwxLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMSwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDEsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXV0%3D\u0026dep=0\u0026pre=0\u0026sdd=\u0026cri=UNNM9EBqEO\u0026pto=867\u0026ver=65\u0026gac=-\u0026mei=\u0026ap=\u0026fe=1\u0026duid=1.1765977423.d5kdgsExCdqROzMt\u0026suid=1.1765977423.mvZfDBqO8cjMhaWJ\u0026tuid=1.1765977423.DCnb1Tmew4ldwnjm\u0026fbc=-\u0026gtm=-\u0026it=9%2C207%2C139\u0026fbcl=-\u0026gacl=-\u0026gacsd=-\u0026rtic=-\u0026rtict=-\u0026bgc=-\u0026spa=1\u0026urid=0\u0026ab=\u0026sck=-\u0026io=aGA2Og%3D%3D HTTP/1.1\r\nHost: obseu.youstarsbuilding.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww38.yxy911.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/javascript\r\ndate: Wed, 17 Dec 2025 13:17:03 GMT\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\npragma: no-cache\r\nset-cookie: cg_uuid=f89cb4f067a0d879838f24abe900258c; Max-Age=29030400; Path=/; Expires=Wed, 18 Nov 2026 13:17:03 GMT; HttpOnly; Secure; SameSite=None\r\ntiming-allow-origin: http://ww38.yxy911.cc\r\ncontent-length: 1136\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3297,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (3297), with no line terminators","md5":"4b901847fdf5f7d7be5886e233286f8d","sha1":"f30eaa99f3ebce12935df71bc21ef0f8398271d5","sha256":"cb11bbfaa1692f8997b1f3d16aa4cf1d9a61cd7fd2c752a25c108e4c62b57ad9","sha512":"882ed84f5e8d473eb62b1cbac7b53997c2a4d3c790dd9c32368bc5d30b2b69784111255afc6ed3aab684b06c201d82b818f72ebd5178bc25d7b31a90de790e37","ssdeep":"","tlshash":"6061d877d65acc86bfee1af7fb8894af17a582375a8fc815587766c5106b3844f21000","first_seen":"2025-12-17T13:17:29.58194Z","last_seen":"2025-12-17T13:17:29.58194Z","times_seen":1,"resource_available":true,"data":null}},"time_used":292,"timings":{"blocked":121,"dns":12,"connect":35,"send":0,"wait":49,"receive":0,"ssl":71},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff","fqdn":"afs.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.33","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://syndicatedsearch.goog/afs/ads?sjk=yufBCPWCSBuTVcGK%2BGvDSg%3D%3D\u0026adtest=off\u0026psid=5837883959\u0026pcsa=false\u0026channel=000001%2Cbucket011\u0026client=dp-teaminternet09_3ph\u0026r=m\u0026hl=no\u0026ivt=0\u0026rpbu=http%3A%2F%2Fww38.yxy911.cc%2F%3Fts%3DeyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.0aD61NCzUJmtEBYneRQaFEx0qoLKyW2qpB7jeYrNTjqIGus9MtPPyw.SkEJKhIRet7mHEY67ct04w.O6CiwbMoqqqdq4jeE3iMJj3x5TPu0vzfsKRSP0mW0dIuFYt44Mxs62DodhmSeV7DKKoWt0wZgKb-kg3ggV36CSUbSIZo5hKhTA_5PlfX9yY-_3VrZqjA98azFkXrNQKVnt5z0I1oF5FeQ1sVWSpJA5zO26aI_hIg6qRmtj2hEgV8hJXl6L8FGLeMI5Ri8UqJHeyDYWaPq8xJxMWUSwM5qH4BJUaohYfEO6wihjHwKPcX3sXQ8q0uG5EXlQC5QFziZK9fZcvFir23HQQUL-kpeY5fkoU69rOtftUkPj0Pz8B1_qnjid36NjEVXFvK2CrElzQmhoyL-b2H7anb5yJih-tR34xVhFpEzbQoIbFOWHOQsu_GnuFYyPXQp3EB2JHAYY6bFDlj1Wiv5nILG_oyqW-Eh5Pd5880WYUnRCt97VVve8X6faV_uAYWLwhJqhtp4jNMxR6QMyldIeED6sxlcG5B90KwVCTBJaVsZSn82IeWT8ulzOslIhogmf8kmWTRikVjGTtqnuE6SsAPu0gAqRCaYuGW76SDvzylHDVrQHR74Llw-7jsgzGm5eT72ofC0bQbQ45Ds4tdZxhfWV_hSKyq3DGht1T59Tae9xUkzZs.fiI0VqtDIQ-6C2UXl4fbGA\u0026type=3\u0026swp=as-drid-2986208149972408\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717107\u0026format=r3%7Cs\u0026nocache=4971765977422668\u0026num=0\u0026output=afd_ads\u0026domain_name=ww38.yxy911.cc\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1765977422668\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=813\u0026frm=0\u0026uio=--\u0026cont=tc\u0026drt=0\u0026jsid=caf\u0026jsv=842209568\u0026rurl=http%3A%2F%2Fww38.yxy911.cc%2F","date":"2025-12-17T13:17:03.293Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 24 Nov 2025 08:40:09 GMT","end":"Mon, 16 Feb 2026 08:40:08 GMT"},"fingerprint":{"sha1":"1D:34:D8:2B:6A:A6:2E:74:48:F4:AA:46:07:71:03:B1:70:B7:83:C2","sha256":"5E:E1:26:C9:4E:BE:8A:7F:77:18:35:C0:DC:5D:8C:04:80:D3:EB:DE:D4:A1:6E:59:8B:58:43:7E:5C:A8:F2:54"}}},"request":{"raw":"GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1\r\nHost: afs.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://syndicatedsearch.goog/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncontent-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers\r\ncross-origin-opener-policy: same-origin; report-to=\"afs-native-asset-managers\"\r\nreport-to: {\"group\":\"afs-native-asset-managers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers\"}]}\r\ncontent-length: 174\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 17 Dec 2025 07:35:24 GMT\r\nexpires: Thu, 18 Dec 2025 06:35:24 GMT\r\ncache-control: public, max-age=82800\r\nage: 20499\r\nlast-modified: Thu, 02 Nov 2023 22:48:00 GMT\r\ncontent-type: image/svg+xml\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":200,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"11b3089d616633ca6b73b57aa877eeb4","sha1":"07632f63e06b30d9b63c97177d3a8122629bda9b","sha256":"809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1","sha512":"079b0e35b479dfdbe64a987661000f4a034b10688e26f2a5fe6aaa807e81ccc5593d40609b731ab3340e687d83dd08de4b8b1e01cdac9d4523a9f6bb3acfcba0","ssdeep":"","tlshash":"d9d02291c2182d28441e82e0c37c312600fab0a2634c00dcfa80e300b20c9abb861669","first_seen":"2023-04-06T23:53:06Z","last_seen":"2026-04-01T02:57:50.32115Z","times_seen":412182,"resource_available":false,"data":null}},"time_used":271,"timings":{"blocked":124,"dns":0,"connect":9,"send":0,"wait":22,"receive":1,"ssl":102},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"http://ww38.yxy911.cc/","date":"2025-12-17T13:17:03.713Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adtrafficquality.google","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 24 Nov 2025 08:42:28 GMT","end":"Mon, 16 Feb 2026 08:42:27 GMT"},"fingerprint":{"sha1":"23:7B:6F:14:47:C1:9A:1D:37:09:B6:46:FC:44:E2:C3:17:77:4F:1F","sha256":"CB:48:1D:F9:BA:12:69:6F:18:7D:1B:B3:E8:27:01:C7:81:B0:15:61:75:98:8B:1A:91:AC:E5:AD:BF:F3:8E:AA"}}},"request":{"raw":"GET /sodar/sodar2/237/runner.html HTTP/1.1\r\nHost: ep2.adtrafficquality.google\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww38.yxy911.cc/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"adspam-signals-scs\"\r\nreport-to: {\"group\":\"adspam-signals-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs\"}]}\r\ncontent-length: 5044\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 17 Dec 2025 13:14:19 GMT\r\nexpires: Wed, 17 Dec 2025 14:04:19 GMT\r\ncache-control: public, max-age=3000\r\nage: 164\r\nlast-modified: Tue, 13 May 2025 23:17:50 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13159,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (2024)","md5":"0120a1d624ff8fc3ec792d93a7133947","sha1":"1e3bd23df78ff2c60b187b40a0c6505be9ab889f","sha256":"14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966","sha512":"84286e299ebc6690ee904b5581cd6aaf6b59d06200b61156923301484d1b75fa517894167c4f4777553ba09c840a2d74a723e3ff112448f00514d910dfd172c5","ssdeep":"192:pl/6xS2OASROqI3wgh5MXDc9EAOaK3qzfaGDCiMgIcTa1mx:rz2NQJIVsTiMH3qzfcOIr1mx","tlshash":"4842a7ccbad2b0210353b4f1a13f400ff13ea8aae44c9954b181e8e17cb56a94667f7d","first_seen":"2025-05-19T23:59:48.478548Z","last_seen":"2026-02-26T18:27:55.136579Z","times_seen":169945,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":16,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obseu.youstarsbuilding.com/mon","fqdn":"obseu.youstarsbuilding.com","domain":"youstarsbuilding.com","tld":"com"},"ip":{"addr":"3.248.162.96","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://ww38.yxy911.cc/","date":"2025-12-17T13:17:04.264Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.youstarsbuilding.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 03 Dec 2025 00:00:00 GMT","end":"Tue, 03 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"1D:E0:7A:77:9E:39:3D:B5:85:C1:3D:30:3E:E7:35:C5:FE:D1:7E:38","sha256":"3D:73:19:D6:DC:8A:75:98:72:2D:32:C1:65:DF:5C:3A:0D:71:99:BA:F5:6D:C8:11:D9:E4:02:85:DC:8D:75:25"}}},"request":{"raw":"POST /mon HTTP/1.1\r\nHost: obseu.youstarsbuilding.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 2491\r\nOrigin: http://ww38.yxy911.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww38.yxy911.cc/\r\nCookie: cg_uuid=f89cb4f067a0d879838f24abe900258c\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2491,"data":"e=37dfbd8ee84e00126cebce32ed43889e9225c24f567d43d6da1908be6245cad7bd70a976710ce60ed89373bfe70e9c20c1e53e8d56118a6d2217071a10acf9f29f671f8a8ada5528691bf87f2604d333d86bcf073853219703520a3c045fc4bb631c77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebff079ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b226537a30ca946c75ca92560c7f47275109a0892f622f03a4f91d7a84aba62690b40a704c2ba9f2a4959c7febcfc248b5038e523d65cceb92a9e471d280f061856b4a95b9c3330751b06267b6d95c2de7d9fa6adc55e054ae964c975dc1ce63d67a60c7da7886779ad3e8f38de7ff0b79e425a4c5853b4d26eec16992a850f614540bd34148c78587cfd1ec8220887290defbc879e43c2374a77e3ab2939f45659faa75a60ee49841d438ed73414752c73aba1fdfc2a93ff6c734c408ec8adfcd6c83550435bd52541d3e4c7de6a268b349c2e78164fdde2abdde6cde82c8f07688bcf174603ed0a9110495f7195442acd5b166a43892f658f3fd2fb074bc2c965bd308caab3ac3063ae2ac927a2238610236165b16aefd916ad203da595c176ca1e05dd58a1912ffbfd9bfb56bc5e9e6ff98acaaaa1f187f8e0ff5e2180cfc09185fc57f4f3229af2fbd7c0bc3f5c0648c65de228caf2ecea650df1159555243031bcf9a99836d1c2f880457d19680efa2c0410480b1ba7b93c6747cdcd011221d8acf8b5745ea72c25bc34ea461c14fc9d401bafa64f091e3bf845520abb92969826ab4d9e1ef47e033674741cd371d32e4f406d0b206c09b87da0098c595390f3747bc35b717ea08e39363972e51611c6f3f6deb5b8e81315da57d80fab727d3cf519e2b30fc406e269ff4c35519bd24b79c1ac706330856ae646fd1edc562ca573e9a8213bdcd84a9d550d05c493044b1652f579c930c58a62ea5ba986b9dd9b24b0120ef\u0026cri=UNNM9EBqEO\u0026sf=0\u0026dc=KSElPS1aPSoqcCo9Kio9Klt2bXR0PSpbKS8rPSpbKyohLz0qWyEqKj0qWyEhLD0qWyAgKz0qWyEhKz0qWyAuIT0qWyg9KlspKT0qWykoLCo9KlspKCwqPS1cPispJT0vWj0qKm89Kio9K1kpLyo9Kls9KipwPSoqPStZLCo9Kls9Kip6Rz0qKj0rWSkqPS9cPi8pJT0vWj0qKnF2ez0qKj0rWSk9Kls9Kip6Rz0qKj0rWSg9L1w%2BKSwpJT0vWj0qKms9Kio9K1kpPSpbPSoqekc9Kio9K1koPS9cPiktISU9L1o9Kip9KD0qKj0rWT0qKms2f31sWnlsbH1qYT0qKHFrPSoodndsPSooeT0qKH5tdntscXd2PSoqPSpbPSoqekc9Kio9K1koPS9cPisqLiU9LVo9L1o9Kip6PSoqPStZKD0qWz0qKms9Kio9K1k9KiopPSoqPS9cPSpbPS9aPSoqej0qKj0rWSk9Kls9KiprPSoqPStZPSoqKT0qKj0vXD0tXD4tKiglPS9aPSoqaD0qKj0rWT0qKk9xdisqPSoqPSpbPSoqdD0qKj0rWT0tWj0qKn12NU1LPSoqPSpbPSoqfXY9Kio9LVw9Kls9Kipwez0qKj0rWSwgPSpbPSoqekc9Kio9K1kpKj0vXD4gLywlPS9aPSoqaz0qKj0rWSg9Kls9Kip9PSoqPStZPSoqSG16dHF7U31hW2p9fH12bHF5dD0qKHFrPSoodndsPSoofH1%2BcXZ9fD0qKj0qWz0qKnpHPSoqPStZKD0vXA%3D%3D\u0026cp=1\u0026gtm=-\u0026gac=-\u0026uvid=124ab65b26954f492e48f070876992514e9fa6c7\u0026tb=1\u0026ich=1\u0026ws=1280x1024\u0026wos=1280x1024\u0026ver=13\u0026fi=\u0026ti=1002\u0026mo=0\u0026pn=2105\u0026spn=1103\u0026fp=285"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE\r\naccess-control-allow-origin: http://ww38.yxy911.cc\r\ncontent-type: application/json\r\ndate: Wed, 17 Dec 2025 13:17:04 GMT\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T06:47:06.202855Z","times_seen":13363998,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"euob.youstarsbuilding.com/sxp/i/224f85302aa2b6ec30aac9a85da2cbf9.js","fqdn":"euob.youstarsbuilding.com","domain":"youstarsbuilding.com","tld":"com"},"ip":{"addr":"13.35.58.124","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://ww38.yxy911.cc/","date":"2025-12-17T13:17:02.401Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.youstarsbuilding.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 18 May 2025 00:00:00 GMT","end":"Tue, 16 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EA:29:53:45:CD:1F:37:FB:0A:5B:EE:BA:2B:10:20:63:7D:EE:AB:EB","sha256":"2F:1E:65:36:AB:FD:A7:A0:E2:EF:4F:B3:C2:81:B9:D4:40:D5:97:BE:7F:28:61:2C:32:1D:24:77:4B:21:66:37"}}},"request":{"raw":"GET /sxp/i/224f85302aa2b6ec30aac9a85da2cbf9.js HTTP/1.1\r\nHost: euob.youstarsbuilding.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww38.yxy911.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/javascript; charset=utf-8\r\ncontent-length: 44280\r\ncontent-encoding: gzip\r\nserver: Caddy\r\ndate: Wed, 17 Dec 2025 02:33:58 GMT\r\ncache-control: max-age=43200\r\nexpires: Wed, 17 Dec 2025 13:47:46 GMT\r\netag: \"1d43c-wQYUO2RTFNKsOEgFaNY5b5Iaq8s\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 e53a38d449135904e00f29f17c559950.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: FRA60-P10\r\nx-amz-cf-id: PW9dbtCM_kiqbmf2Al8KWUvMC9gjoyUwBMyQ_9Dyj7xjJvMBZ4dsCA==\r\nage: 41356\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Caddy","description":"","website":"https://caddyserver.com","common_platform_enumeration":"cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*","icon":"caddy.svg","categories":["Web servers"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":119868,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"data","md5":"8029362628da964c8180dcd7ce5dee64","sha1":"c106143b645314d2ac38480568d6396f921aabcb","sha256":"4413059d59ca7cca178af3bbbc46eefc5a1e9f6f79fb54d475c308be87309d60","sha512":"215441c90181b9f91c827e1ce2c6eba4fbca697e409e9c0333a97ddca78a309e5eec907c8b357a7b6e0d7611a4b55dc55c8d9e5a4390ddc1edb0bd6de9ce0b02","ssdeep":"1536:Qu5y/b5E0bwM7sIo8L0SUs8LonlEzsjxM96nhXxwcTkYtsdlBnFIUtY0PVEWm/5c:QuQb7O8hzjnhGdhtNP8/kLP/VVZF","tlshash":"3cc3d79db2e27025439334a5157f410ae27b5e503c4b8294d27ee9d4ac7ce8e817bfac","first_seen":"2025-11-17T13:15:00.257414Z","last_seen":"2026-01-07T13:44:42.282578Z","times_seen":17041,"resource_available":true,"data":null}},"time_used":165,"timings":{"blocked":61,"dns":15,"connect":19,"send":0,"wait":22,"receive":18,"ssl":26},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/gen_204?client=dp-teaminternet09_3ph\u0026output=uds_ads_only\u0026zx=pq9bt2e1ihzf\u0026cd_fexp=72717107\u0026aqid=Tq1CaZD6NOznjuwP9um86QI\u0026psid=5837883959\u0026pbt=bv\u0026adbx=375\u0026adby=185\u0026adbh=507\u0026adbw=530\u0026adbah=160%2C160%2C160\u0026adbn=master-1\u0026eawp=partner-dp-teaminternet09_3ph\u0026errv=842209568\u0026csala=6%7C0%7C357%7C67%7C172\u0026lle=0\u0026ifv=1\u0026hpt=1","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"142.250.178.110","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ww38.yxy911.cc/","date":"2025-12-17T13:17:04.772Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 24 Nov 2025 08:42:31 GMT","end":"Mon, 16 Feb 2026 08:42:30 GMT"},"fingerprint":{"sha1":"4B:B9:53:E2:E6:60:E4:AF:E2:4A:C3:11:06:83:27:D6:02:2C:D2:25","sha256":"F2:02:41:F0:1F:DF:CA:A3:22:24:58:94:E1:D8:DF:75:B3:F5:66:4A:1B:54:39:9F:CC:7D:36:3B:A3:EB:D4:87"}}},"request":{"raw":"GET /afs/gen_204?client=dp-teaminternet09_3ph\u0026output=uds_ads_only\u0026zx=pq9bt2e1ihzf\u0026cd_fexp=72717107\u0026aqid=Tq1CaZD6NOznjuwP9um86QI\u0026psid=5837883959\u0026pbt=bv\u0026adbx=375\u0026adby=185\u0026adbh=507\u0026adbw=530\u0026adbah=160%2C160%2C160\u0026adbn=master-1\u0026eawp=partner-dp-teaminternet09_3ph\u0026errv=842209568\u0026csala=6%7C0%7C357%7C67%7C172\u0026lle=0\u0026ifv=1\u0026hpt=1 HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww38.yxy911.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 204 No Content\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-RXhnOTKbCCFE_wpWK84SSg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/other\"}]}\r\ndate: Wed, 17 Dec 2025 13:17:04 GMT\r\nserver: gws\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Google Web Server","description":"","website":"https://en.wikipedia.org/wiki/Google_Web_Server","common_platform_enumeration":"cpe:2.3:a:google:web_server:*:*:*:*:*:*:*:*","icon":"Google.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T06:47:06.202855Z","times_seen":13363998,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obseu.youstarsbuilding.com/mon","fqdn":"obseu.youstarsbuilding.com","domain":"youstarsbuilding.com","tld":"com"},"ip":{"addr":"3.248.162.96","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://ww38.yxy911.cc/","date":"2025-12-17T13:17:08.269Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.youstarsbuilding.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 03 Dec 2025 00:00:00 GMT","end":"Tue, 03 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"1D:E0:7A:77:9E:39:3D:B5:85:C1:3D:30:3E:E7:35:C5:FE:D1:7E:38","sha256":"3D:73:19:D6:DC:8A:75:98:72:2D:32:C1:65:DF:5C:3A:0D:71:99:BA:F5:6D:C8:11:D9:E4:02:85:DC:8D:75:25"}}},"request":{"raw":"POST /mon HTTP/1.1\r\nHost: obseu.youstarsbuilding.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 1701\r\nOrigin: http://ww38.yxy911.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww38.yxy911.cc/\r\nCookie: cg_uuid=f89cb4f067a0d879838f24abe900258c\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1701,"data":"e=37dfbd8ee84e00126cebce32ed43889e9225c24f567d43d6da1908be6245cad7bd70a976710ce60ed89373bfe70e9c20c1e53e8d56118a6d2217071a10acf9f29f671f8a8ada5528691bf87f2604d333d86bcf073853219703520a3c045fc4bb631c77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebff079ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b226537a30ca946c75ca92560c7f47275109a0892f622f03a4f91d7a84aba62690b40a704c2ba9f2a4959c7febcfc248b5038e523d65cceb92a9e471d280f061856b4a95b9c3330751b06267b6d95c2de7d9fa6adc55e054ae964c975dc1ce63d67a60c7da7886779ad3e8f38de7ff0b79e425a4c5853b4d26eec16992a850f614540bd34148c78587cfd1ec8220887290defbc879e43c2374a77e3ab2939f45659faa75a60ee49841d438ed73414752c73aba1fdfc2a93ff6c734c408ec8adfcd6c83550435bd52541d3e4c7de6a268b349c2e78164fdde2abdde6cde82c8f07688bcf174603ed0a9110495f7195442acd5b166a43892f658f3fd2fb074bc2c965bd308caab3ac3063ae2ac927a2238610236165b16aefd916ad203da595c176ca1e05dd58a1912ffbfd9bfb56bc5e9e6ff98acaaaa1f187f8e0ff5e2180cfc09185fc57f4f3229af2fbd7c0bc3f5c0648c65de228caf2ecea650df1159555243031bcf9a99836d1c2f880457d19680efa2c0410480b1ba7b93c6747cdcd011221d8acf8b5745ea72c25bc34ea461c14fc9d401bafa64f091e3bf845520abb92969826ab4d9e1ef47e033674741cd371d32e4f406d0b206c09b87da0098c595390f3747bc35b717ea08e39363972e51611c6f3f6deb5b8e81315da57d80fab727d3cf519e2b30fc406e269ff4c35519bd24b79c1ac706330856ae646fd1edc562ca573e9a8213bdcd84a9d550d05c493044b1652f579c930c58a62ea5ba986b9dd9b24b0120ef\u0026cri=UNNM9EBqEO\u0026sf=0\u0026dc=\u0026cp=5\u0026gtm=-\u0026gac=-\u0026uvid=124ab65b26954f492e48f070876992514e9fa6c7\u0026tb=1\u0026ich=0\u0026ws=1280x1024\u0026wos=1280x1024\u0026ver=13\u0026fi=\u0026ti=5007\u0026mo=0\u0026pn=6110\u0026spn=1103\u0026fp=285\u0026snt=1"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE\r\naccess-control-allow-origin: http://ww38.yxy911.cc\r\ncontent-type: application/json\r\ndate: Wed, 17 Dec 2025 13:17:08 GMT\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T06:47:06.202855Z","times_seen":13363998,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obseu.youstarsbuilding.com/mon","fqdn":"obseu.youstarsbuilding.com","domain":"youstarsbuilding.com","tld":"com"},"ip":{"addr":"3.248.162.96","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://ww38.yxy911.cc/","date":"2025-12-17T13:17:13.274Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.youstarsbuilding.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 03 Dec 2025 00:00:00 GMT","end":"Tue, 03 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"1D:E0:7A:77:9E:39:3D:B5:85:C1:3D:30:3E:E7:35:C5:FE:D1:7E:38","sha256":"3D:73:19:D6:DC:8A:75:98:72:2D:32:C1:65:DF:5C:3A:0D:71:99:BA:F5:6D:C8:11:D9:E4:02:85:DC:8D:75:25"}}},"request":{"raw":"POST /mon HTTP/1.1\r\nHost: obseu.youstarsbuilding.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 1704\r\nOrigin: http://ww38.yxy911.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww38.yxy911.cc/\r\nCookie: cg_uuid=f89cb4f067a0d879838f24abe900258c\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1704,"data":"e=37dfbd8ee84e00126cebce32ed43889e9225c24f567d43d6da1908be6245cad7bd70a976710ce60ed89373bfe70e9c20c1e53e8d56118a6d2217071a10acf9f29f671f8a8ada5528691bf87f2604d333d86bcf073853219703520a3c045fc4bb631c77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebff079ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b226537a30ca946c75ca92560c7f47275109a0892f622f03a4f91d7a84aba62690b40a704c2ba9f2a4959c7febcfc248b5038e523d65cceb92a9e471d280f061856b4a95b9c3330751b06267b6d95c2de7d9fa6adc55e054ae964c975dc1ce63d67a60c7da7886779ad3e8f38de7ff0b79e425a4c5853b4d26eec16992a850f614540bd34148c78587cfd1ec8220887290defbc879e43c2374a77e3ab2939f45659faa75a60ee49841d438ed73414752c73aba1fdfc2a93ff6c734c408ec8adfcd6c83550435bd52541d3e4c7de6a268b349c2e78164fdde2abdde6cde82c8f07688bcf174603ed0a9110495f7195442acd5b166a43892f658f3fd2fb074bc2c965bd308caab3ac3063ae2ac927a2238610236165b16aefd916ad203da595c176ca1e05dd58a1912ffbfd9bfb56bc5e9e6ff98acaaaa1f187f8e0ff5e2180cfc09185fc57f4f3229af2fbd7c0bc3f5c0648c65de228caf2ecea650df1159555243031bcf9a99836d1c2f880457d19680efa2c0410480b1ba7b93c6747cdcd011221d8acf8b5745ea72c25bc34ea461c14fc9d401bafa64f091e3bf845520abb92969826ab4d9e1ef47e033674741cd371d32e4f406d0b206c09b87da0098c595390f3747bc35b717ea08e39363972e51611c6f3f6deb5b8e81315da57d80fab727d3cf519e2b30fc406e269ff4c35519bd24b79c1ac706330856ae646fd1edc562ca573e9a8213bdcd84a9d550d05c493044b1652f579c930c58a62ea5ba986b9dd9b24b0120ef\u0026cri=UNNM9EBqEO\u0026sf=0\u0026dc=\u0026cp=10\u0026gtm=-\u0026gac=-\u0026uvid=124ab65b26954f492e48f070876992514e9fa6c7\u0026tb=1\u0026ich=0\u0026ws=1280x1024\u0026wos=1280x1024\u0026ver=13\u0026fi=\u0026ti=10012\u0026mo=0\u0026pn=11116\u0026spn=1103\u0026fp=285\u0026snt=1"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE\r\naccess-control-allow-origin: http://ww38.yxy911.cc\r\ncontent-type: application/json\r\ndate: Wed, 17 Dec 2025 13:17:13 GMT\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T06:47:06.202855Z","times_seen":13363998,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obseu.youstarsbuilding.com/mon","fqdn":"obseu.youstarsbuilding.com","domain":"youstarsbuilding.com","tld":"com"},"ip":{"addr":"3.248.162.96","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://ww38.yxy911.cc/","date":"2025-12-17T13:17:18.280Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.youstarsbuilding.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 03 Dec 2025 00:00:00 GMT","end":"Tue, 03 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"1D:E0:7A:77:9E:39:3D:B5:85:C1:3D:30:3E:E7:35:C5:FE:D1:7E:38","sha256":"3D:73:19:D6:DC:8A:75:98:72:2D:32:C1:65:DF:5C:3A:0D:71:99:BA:F5:6D:C8:11:D9:E4:02:85:DC:8D:75:25"}}},"request":{"raw":"POST /mon HTTP/1.1\r\nHost: obseu.youstarsbuilding.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 1704\r\nOrigin: http://ww38.yxy911.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww38.yxy911.cc/\r\nCookie: cg_uuid=f89cb4f067a0d879838f24abe900258c\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1704,"data":"e=37dfbd8ee84e00126cebce32ed43889e9225c24f567d43d6da1908be6245cad7bd70a976710ce60ed89373bfe70e9c20c1e53e8d56118a6d2217071a10acf9f29f671f8a8ada5528691bf87f2604d333d86bcf073853219703520a3c045fc4bb631c77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebff079ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b226537a30ca946c75ca92560c7f47275109a0892f622f03a4f91d7a84aba62690b40a704c2ba9f2a4959c7febcfc248b5038e523d65cceb92a9e471d280f061856b4a95b9c3330751b06267b6d95c2de7d9fa6adc55e054ae964c975dc1ce63d67a60c7da7886779ad3e8f38de7ff0b79e425a4c5853b4d26eec16992a850f614540bd34148c78587cfd1ec8220887290defbc879e43c2374a77e3ab2939f45659faa75a60ee49841d438ed73414752c73aba1fdfc2a93ff6c734c408ec8adfcd6c83550435bd52541d3e4c7de6a268b349c2e78164fdde2abdde6cde82c8f07688bcf174603ed0a9110495f7195442acd5b166a43892f658f3fd2fb074bc2c965bd308caab3ac3063ae2ac927a2238610236165b16aefd916ad203da595c176ca1e05dd58a1912ffbfd9bfb56bc5e9e6ff98acaaaa1f187f8e0ff5e2180cfc09185fc57f4f3229af2fbd7c0bc3f5c0648c65de228caf2ecea650df1159555243031bcf9a99836d1c2f880457d19680efa2c0410480b1ba7b93c6747cdcd011221d8acf8b5745ea72c25bc34ea461c14fc9d401bafa64f091e3bf845520abb92969826ab4d9e1ef47e033674741cd371d32e4f406d0b206c09b87da0098c595390f3747bc35b717ea08e39363972e51611c6f3f6deb5b8e81315da57d80fab727d3cf519e2b30fc406e269ff4c35519bd24b79c1ac706330856ae646fd1edc562ca573e9a8213bdcd84a9d550d05c493044b1652f579c930c58a62ea5ba986b9dd9b24b0120ef\u0026cri=UNNM9EBqEO\u0026sf=0\u0026dc=\u0026cp=15\u0026gtm=-\u0026gac=-\u0026uvid=124ab65b26954f492e48f070876992514e9fa6c7\u0026tb=1\u0026ich=0\u0026ws=1280x1024\u0026wos=1280x1024\u0026ver=13\u0026fi=\u0026ti=15018\u0026mo=0\u0026pn=16122\u0026spn=1103\u0026fp=285\u0026snt=1"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE\r\naccess-control-allow-origin: http://ww38.yxy911.cc\r\ncontent-type: application/json\r\ndate: Wed, 17 Dec 2025 13:17:18 GMT\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T06:47:06.202855Z","times_seen":13363998,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww38.yxy911.cc/","fqdn":"ww38.yxy911.cc","domain":"yxy911.cc","tld":"cc"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-17T13:16:58.926Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: ww38.yxy911.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T06:47:06.202855Z","times_seen":13363998,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-17","alert":"Sinkholed","trigger":"ww38.yxy911.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}