{"report_id":"780aae54-9655-4702-9f7c-fad471ab5cc6","version":6,"status":"done","tags":[],"date":"2025-10-16T16:23:02Z","url":{"schema":"http","addr":"dm-cn.aliyuncs.com/trace/v1/report?bid=1\u0026env=2360577436\u0026mac=265527\u0026mf=dorothy@slurpmail.net\u0026msgid=1677779331@wheat\u0026sac=0\u0026tag=prod\u0026tid=\u0026to=joe.r@edlpackaging.com\u0026tpl=\u0026ts=1760577232\u0026type=0\u0026url=https://tinyurl.com/ytteywv5/track.php?event=click\u0026emailId=1677779331\u0026token=eyJlbnYiOiJwcm8iLCJlbWFpbElkIjoiMTY3Nzc3OTMzMSIsInVybCI6Imh0dHBzOlwvXC8zZDVkZTlhNS1jNzhkLTQ1NjItZDk5MC02N2Q4ZmYwZDAxNmUuc2l0ZS41MXdoZWF0c2VhcmNoLmNvbVwvcHJvZHVjdD9saXN0SWQ9MTQ3MzgmaWQ9OTIyOTAmdG9rZW49ZXlKbGJuWWlPaUp3Y204aUxDSmxiV0ZwYkVsa0lqb2lNVFkzTnpjM09UTXpNU0lzSW5SNWNHVWlPaUpsWkcwaWZRIn0\u0026v=1.0\u0026sign=YmlkPTEmZW52PTIzNjA1Nzc0MzYmbWFjPTI2NTUyNyZtZj1kb3JvdGh5JTQwbHZqbHhici5jbiZtc2dpZD0xNjc3Nzc5MzMxJTQwd2hlYXQmc2FjPTAmdGFnPXByb2QmdGlkPSZ0bz1qb2UuciU0MGVkbHBhY2thZ2luZy5jb20mdHBsPSZ0cz0xNzYwNTc3MjMyJnR5cGU9MCZ1cmw9aHR0cHMlM0ElMkYlMkZ0aW55dXJsLmNvbSUyRnl0dGV5d3Y1JTJGdHJhY2sucGhwJTNGZXZlbnQlM0RjbGljayUyNmVtYWlsSWQlM0QxNjc3Nzc5MzMxJTI2dG9rZW4lM0RleUpsYm5ZaU9pSndjbThpTENKbGJXRnBiRWxrSWpvaU1UWTNOemMzT1RNek1TSXNJblZ5YkNJNkltaDBkSEJ6T2x3dlhDOHpaRFZrWlRsaE5TMWpOemhrTFRRMU5qSXRaRGs1TUMwMk4yUTRabVl3WkRBeE5tVXVjMmwwWlM0MU1YZG9aV0YwYzJWaGNtTm9MbU52YlZ3dmNISnZaSFZqZEQ5c2FYTjBTV1E5TVRRM016Z21hV1E5T1RJeU9UQW1kRzlyWlc0OVpYbEtiR0p1V1dsUGFVcDNZMjA0YVV4RFNteGlWMFp3WWtWc2EwbHFiMmxOVkZrelRucGpNMDlVVFhwTlUwbHpTVzVTTldOSFZXbFBhVXBzV2tjd2FXWlJJbjAmdj0xLjAmdXJsdHM9MTc2MDU3NzIzMg==\u0026urlts=1760577232","fqdn":"dm-cn.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"106.11.226.208","port":0,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"final":{"url":{"schema":"https","addr":"track.vekgiie.cn/track.php?event=click","fqdn":"track.vekgiie.cn","domain":"vekgiie.cn","tld":"cn"},"title":"track.vekgiie.cn/track.php?event=click"},"submit":{"url":{"schema":"http","addr":"dm-cn.aliyuncs.com/trace/v1/report?bid=1\u0026env=2360577436\u0026mac=265527\u0026mf=dorothy@slurpmail.net\u0026msgid=1677779331@wheat\u0026sac=0\u0026tag=prod\u0026tid=\u0026to=joe.r@edlpackaging.com\u0026tpl=\u0026ts=1760577232\u0026type=0\u0026url=https://tinyurl.com/ytteywv5/track.php?event=click\u0026emailId=1677779331\u0026token=eyJlbnYiOiJwcm8iLCJlbWFpbElkIjoiMTY3Nzc3OTMzMSIsInVybCI6Imh0dHBzOlwvXC8zZDVkZTlhNS1jNzhkLTQ1NjItZDk5MC02N2Q4ZmYwZDAxNmUuc2l0ZS41MXdoZWF0c2VhcmNoLmNvbVwvcHJvZHVjdD9saXN0SWQ9MTQ3MzgmaWQ9OTIyOTAmdG9rZW49ZXlKbGJuWWlPaUp3Y204aUxDSmxiV0ZwYkVsa0lqb2lNVFkzTnpjM09UTXpNU0lzSW5SNWNHVWlPaUpsWkcwaWZRIn0\u0026v=1.0\u0026sign=YmlkPTEmZW52PTIzNjA1Nzc0MzYmbWFjPTI2NTUyNyZtZj1kb3JvdGh5JTQwbHZqbHhici5jbiZtc2dpZD0xNjc3Nzc5MzMxJTQwd2hlYXQmc2FjPTAmdGFnPXByb2QmdGlkPSZ0bz1qb2UuciU0MGVkbHBhY2thZ2luZy5jb20mdHBsPSZ0cz0xNzYwNTc3MjMyJnR5cGU9MCZ1cmw9aHR0cHMlM0ElMkYlMkZ0aW55dXJsLmNvbSUyRnl0dGV5d3Y1JTJGdHJhY2sucGhwJTNGZXZlbnQlM0RjbGljayUyNmVtYWlsSWQlM0QxNjc3Nzc5MzMxJTI2dG9rZW4lM0RleUpsYm5ZaU9pSndjbThpTENKbGJXRnBiRWxrSWpvaU1UWTNOemMzT1RNek1TSXNJblZ5YkNJNkltaDBkSEJ6T2x3dlhDOHpaRFZrWlRsaE5TMWpOemhrTFRRMU5qSXRaRGs1TUMwMk4yUTRabVl3WkRBeE5tVXVjMmwwWlM0MU1YZG9aV0YwYzJWaGNtTm9MbU52YlZ3dmNISnZaSFZqZEQ5c2FYTjBTV1E5TVRRM016Z21hV1E5T1RJeU9UQW1kRzlyWlc0OVpYbEtiR0p1V1dsUGFVcDNZMjA0YVV4RFNteGlWMFp3WWtWc2EwbHFiMmxOVkZrelRucGpNMDlVVFhwTlUwbHpTVzVTTldOSFZXbFBhVXBzV2tjd2FXWlJJbjAmdj0xLjAmdXJsdHM9MTc2MDU3NzIzMg==\u0026urlts=1760577232","fqdn":"dm-cn.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"106.11.226.208","port":0,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-20T16:23:02Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":0}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-16T16:22:36Z","timestamp":1760631756,"ip_dst":{"addr":"106.11.226.208","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"ip_src":{"addr":"172.18.0.2","port":51620,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2025-10-16T16:22:36.859350+0000\",\"flow_id\":408355219485563,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.2\",\"src_port\":51620,\"dest_ip\":\"106.11.226.208\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"dm-cn.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":753,\"bytes_toclient\":7690,\"start\":\"2025-10-16T16:22:36.373627+0000\"}}"}],"analyzer":null,"urlquery":null},"summary":[{"fqdn":"track.vekgiie.cn","ip":{"addr":"8.220.212.37","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"South Korea","country_code":"KR"},"domain_registered":"2025-06-12","domain_rank":0,"first_seen":"2025-08-07T09:34:48.970539Z","last_seen":"2025-10-14T01:37:27.605796Z","alert_count":0,"request_count":2,"received_data":2360,"sent_data":966,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"dm-cn.aliyuncs.com","ip":{"addr":"106.11.226.208","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"domain_registered":"2012-04-01","domain_rank":1887993,"first_seen":"2023-09-14T11:03:21Z","last_seen":"2025-10-15T06:37:47.837259Z","alert_count":0,"request_count":1,"received_data":185,"sent_data":1819,"comment":"","tags":null,"fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}]},{"fqdn":"tinyurl.com","ip":{"addr":"104.17.112.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2002-01-27","domain_rank":340,"first_seen":"2012-05-20T23:08:16Z","last_seen":"2025-10-13T13:24:12.56837Z","alert_count":0,"request_count":1,"received_data":1291,"sent_data":510,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-16T16:22:36Z","timestamp":1760631756,"ip_dst":{"addr":"106.11.226.208","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"ip_src":{"addr":"172.18.0.2","port":51620,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2025-10-16T16:22:36.859350+0000\",\"flow_id\":408355219485563,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.2\",\"src_port\":51620,\"dest_ip\":\"106.11.226.208\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"dm-cn.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":753,\"bytes_toclient\":7690,\"start\":\"2025-10-16T16:22:36.373627+0000\"}}"}]}],"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"track.vekgiie.cn/track.php?event=click","fqdn":"track.vekgiie.cn","domain":"vekgiie.cn","tld":"cn"},"ip":{"addr":"8.220.212.37","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"South Korea","country_code":"KR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-16T16:22:37.484Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"vekgiie.cn","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Oct 2025 18:04:18 GMT","end":"Sat, 03 Jan 2026 18:04:17 GMT"},"fingerprint":{"sha1":"EC:94:75:BC:32:7F:5C:FF:8C:D4:36:4E:18:58:DE:B5:6A:10:BB:7B","sha256":"62:36:E0:54:9F:09:4E:5D:A5:88:8D:16:99:AE:FA:24:C7:76:66:B8:86:8E:A3:AA:6B:77:02:A0:FC:EA:77:FB"}}},"request":{"raw":"GET /track.php?event=click HTTP/1.1\r\nHost: track.vekgiie.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 16 Oct 2025 16:22:38 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET,POST,PUT,DELETE,HEAD,OPTIONS,PATCH\r\naccess-control-allow-headers: X-CUSTOM-HEADER,X-Requested-With,X-Sequence,Authorization,Ms-Device-Code,Content-Type,Accept,Accept-Ranges,Cache-Control,Range,Content-MD5,CORS\r\naccess-control-expose-headers: Content-MD5,Server,Date,Latency,Content-Disposition\r\naccess-control-max-age: 86400\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T18:31:03.533086Z","times_seen":13299059,"resource_available":true,"data":null}},"time_used":1897,"timings":{"blocked":814,"dns":1,"connect":267,"send":0,"wait":267,"receive":0,"ssl":545},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"track.vekgiie.cn/favicon.ico","fqdn":"track.vekgiie.cn","domain":"vekgiie.cn","tld":"cn"},"ip":{"addr":"8.220.212.37","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://track.vekgiie.cn/track.php?event=click","date":"2025-10-16T16:22:38.923Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"vekgiie.cn","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Oct 2025 18:04:18 GMT","end":"Sat, 03 Jan 2026 18:04:17 GMT"},"fingerprint":{"sha1":"EC:94:75:BC:32:7F:5C:FF:8C:D4:36:4E:18:58:DE:B5:6A:10:BB:7B","sha256":"62:36:E0:54:9F:09:4E:5D:A5:88:8D:16:99:AE:FA:24:C7:76:66:B8:86:8E:A3:AA:6B:77:02:A0:FC:EA:77:FB"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: track.vekgiie.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://track.vekgiie.cn/track.php?event=click\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 16 Oct 2025 16:22:39 GMT\r\ncontent-type: image/x-icon\r\nlast-modified: Sat, 08 Mar 2025 12:48:51 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67cc3cb3-47e\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET,POST,PUT,DELETE,HEAD,OPTIONS,PATCH\r\naccess-control-allow-headers: X-CUSTOM-HEADER,X-Requested-With,X-Sequence,Authorization,Ms-Device-Code,Content-Type,Accept,Accept-Ranges,Cache-Control,Range,Content-MD5,CORS\r\naccess-control-expose-headers: Content-MD5,Server,Date,Latency,Content-Disposition\r\naccess-control-max-age: 86400\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1150,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel","md5":"649b4167c82e49699dbd8c1aadddee50","sha1":"e96d95611fb76d4dfe822f8e15e32676d48952a9","sha256":"3502b793a81350be145b3f49c9f9f71dd7af5db2bff216649871dc7d46c25005","sha512":"2e7b5e94d8bb29ead6e3d0acf71feea62780e3035db75e7c5991c07dd653b113a5e52e3a707caef6d5c79475fca430184f81533debb4958392f9737ccf62675e","ssdeep":"","tlshash":"3021f1ef270da460f37943705b2e4ac998376bd22358051d83ea4502ebfb71002336a3","first_seen":"2025-03-06T23:20:30.328777Z","last_seen":"2026-04-02T12:54:16.443528Z","times_seen":15555,"resource_available":false,"data":null}},"time_used":267,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":267,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dm-cn.aliyuncs.com/trace/v1/report?bid=1\u0026env=2360577436\u0026mac=265527\u0026mf=dorothy@slurpmail.net\u0026msgid=1677779331@wheat\u0026sac=0\u0026tag=prod\u0026tid=\u0026to=joe.r@edlpackaging.com\u0026tpl=\u0026ts=1760577232\u0026type=0\u0026url=https://tinyurl.com/ytteywv5/track.php?event=click\u0026emailId=1677779331\u0026token=eyJlbnYiOiJwcm8iLCJlbWFpbElkIjoiMTY3Nzc3OTMzMSIsInVybCI6Imh0dHBzOlwvXC8zZDVkZTlhNS1jNzhkLTQ1NjItZDk5MC02N2Q4ZmYwZDAxNmUuc2l0ZS41MXdoZWF0c2VhcmNoLmNvbVwvcHJvZHVjdD9saXN0SWQ9MTQ3MzgmaWQ9OTIyOTAmdG9rZW49ZXlKbGJuWWlPaUp3Y204aUxDSmxiV0ZwYkVsa0lqb2lNVFkzTnpjM09UTXpNU0lzSW5SNWNHVWlPaUpsWkcwaWZRIn0\u0026v=1.0\u0026sign=YmlkPTEmZW52PTIzNjA1Nzc0MzYmbWFjPTI2NTUyNyZtZj1kb3JvdGh5JTQwbHZqbHhici5jbiZtc2dpZD0xNjc3Nzc5MzMxJTQwd2hlYXQmc2FjPTAmdGFnPXByb2QmdGlkPSZ0bz1qb2UuciU0MGVkbHBhY2thZ2luZy5jb20mdHBsPSZ0cz0xNzYwNTc3MjMyJnR5cGU9MCZ1cmw9aHR0cHMlM0ElMkYlMkZ0aW55dXJsLmNvbSUyRnl0dGV5d3Y1JTJGdHJhY2sucGhwJTNGZXZlbnQlM0RjbGljayUyNmVtYWlsSWQlM0QxNjc3Nzc5MzMxJTI2dG9rZW4lM0RleUpsYm5ZaU9pSndjbThpTENKbGJXRnBiRWxrSWpvaU1UWTNOemMzT1RNek1TSXNJblZ5YkNJNkltaDBkSEJ6T2x3dlhDOHpaRFZrWlRsaE5TMWpOemhrTFRRMU5qSXRaRGs1TUMwMk4yUTRabVl3WkRBeE5tVXVjMmwwWlM0MU1YZG9aV0YwYzJWaGNtTm9MbU52YlZ3dmNISnZaSFZqZEQ5c2FYTjBTV1E5TVRRM016Z21hV1E5T1RJeU9UQW1kRzlyWlc0OVpYbEtiR0p1V1dsUGFVcDNZMjA0YVV4RFNteGlWMFp3WWtWc2EwbHFiMmxOVkZrelRucGpNMDlVVFhwTlUwbHpTVzVTTldOSFZXbFBhVXBzV2tjd2FXWlJJbjAmdj0xLjAmdXJsdHM9MTc2MDU3NzIzMg==\u0026urlts=1760577232","fqdn":"dm-cn.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"106.11.226.208","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-16T16:22:36.373Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mail.aliyun.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 08 Aug 2025 05:42:02 GMT","end":"Mon, 31 Aug 2026 07:21:01 GMT"},"fingerprint":{"sha1":"7D:79:00:51:91:20:14:7B:33:DA:0A:B9:D3:2D:4B:D3:69:3C:DA:8B","sha256":"E2:7B:BF:96:23:CC:FF:92:6B:EB:4C:12:66:E4:F8:9A:4B:0E:E0:3C:25:17:28:6D:97:C8:10:AC:5D:66:88:FF"}}},"request":{"raw":"GET /trace/v1/report?bid=1\u0026env=2360577436\u0026mac=265527\u0026mf=dorothy@slurpmail.net\u0026msgid=1677779331@wheat\u0026sac=0\u0026tag=prod\u0026tid=\u0026to=joe.r@edlpackaging.com\u0026tpl=\u0026ts=1760577232\u0026type=0\u0026url=https://tinyurl.com/ytteywv5/track.php?event=click\u0026emailId=1677779331\u0026token=eyJlbnYiOiJwcm8iLCJlbWFpbElkIjoiMTY3Nzc3OTMzMSIsInVybCI6Imh0dHBzOlwvXC8zZDVkZTlhNS1jNzhkLTQ1NjItZDk5MC02N2Q4ZmYwZDAxNmUuc2l0ZS41MXdoZWF0c2VhcmNoLmNvbVwvcHJvZHVjdD9saXN0SWQ9MTQ3MzgmaWQ9OTIyOTAmdG9rZW49ZXlKbGJuWWlPaUp3Y204aUxDSmxiV0ZwYkVsa0lqb2lNVFkzTnpjM09UTXpNU0lzSW5SNWNHVWlPaUpsWkcwaWZRIn0\u0026v=1.0\u0026sign=YmlkPTEmZW52PTIzNjA1Nzc0MzYmbWFjPTI2NTUyNyZtZj1kb3JvdGh5JTQwbHZqbHhici5jbiZtc2dpZD0xNjc3Nzc5MzMxJTQwd2hlYXQmc2FjPTAmdGFnPXByb2QmdGlkPSZ0bz1qb2UuciU0MGVkbHBhY2thZ2luZy5jb20mdHBsPSZ0cz0xNzYwNTc3MjMyJnR5cGU9MCZ1cmw9aHR0cHMlM0ElMkYlMkZ0aW55dXJsLmNvbSUyRnl0dGV5d3Y1JTJGdHJhY2sucGhwJTNGZXZlbnQlM0RjbGljayUyNmVtYWlsSWQlM0QxNjc3Nzc5MzMxJTI2dG9rZW4lM0RleUpsYm5ZaU9pSndjbThpTENKbGJXRnBiRWxrSWpvaU1UWTNOemMzT1RNek1TSXNJblZ5YkNJNkltaDBkSEJ6T2x3dlhDOHpaRFZrWlRsaE5TMWpOemhrTFRRMU5qSXRaRGs1TUMwMk4yUTRabVl3WkRBeE5tVXVjMmwwWlM0MU1YZG9aV0YwYzJWaGNtTm9MbU52YlZ3dmNISnZaSFZqZEQ5c2FYTjBTV1E5TVRRM016Z21hV1E5T1RJeU9UQW1kRzlyWlc0OVpYbEtiR0p1V1dsUGFVcDNZMjA0YVV4RFNteGlWMFp3WWtWc2EwbHFiMmxOVkZrelRucGpNMDlVVFhwTlUwbHpTVzVTTldOSFZXbFBhVXBzV2tjd2FXWlJJbjAmdj0xLjAmdXJsdHM9MTc2MDU3NzIzMg==\u0026urlts=1760577232 HTTP/1.1\r\nHost: dm-cn.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 303 See Other\r\nServer: Tengine\r\nDate: Thu, 16 Oct 2025 16:22:37 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nlocation: https://tinyurl.com/ytteywv5/track.php?event=click\r\n\r\n","headers":null,"cookies":null,"status_code":"303","status_text":"See Other","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T18:31:03.533086Z","times_seen":13299059,"resource_available":true,"data":null}},"time_used":1720,"timings":{"blocked":738,"dns":1,"connect":241,"send":0,"wait":244,"receive":0,"ssl":494},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tinyurl.com/ytteywv5/track.php?event=click","fqdn":"tinyurl.com","domain":"tinyurl.com","tld":"com"},"ip":{"addr":"104.17.112.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-16T16:22:37.375Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tinyurl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 14 Sep 2025 20:54:46 GMT","end":"Sat, 13 Dec 2025 21:43:33 GMT"},"fingerprint":{"sha1":"5C:4B:97:D8:7F:B1:C9:7F:50:24:BD:B3:3A:06:26:F9:FC:23:08:63","sha256":"0B:7E:19:8D:74:FC:C1:67:69:EF:53:B0:56:08:D0:61:5A:C8:08:57:C8:AC:C7:FC:24:DD:08:A2:DD:DC:0D:6F"}}},"request":{"raw":"GET /ytteywv5/track.php?event=click HTTP/1.1\r\nHost: tinyurl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ndate: Thu, 16 Oct 2025 16:22:37 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlocation: https://track.vekgiie.cn/track.php?event=click\r\ncf-ray: 98f8e5642add0b59-OSL\r\nreferrer-policy: unsafe-url\r\nx-robots-tag: noindex\r\nx-tinyurl-redirect-type: redirect\r\ncache-control: max-age=0, must-revalidate, no-cache, no-store, private\r\nx-tinyurl-redirect: eyJpdiI6Iko2cUNObUVoK2ZtdHFTSmJBQnZrVUE9PSIsInZhbHVlIjoiMHBDbVR3NWVGbmg2QjJvaEFmM25MaGVSK0trSDg2c2xQb3ErNy9LK2NMZEM4SkM0MjhiNkJTSHBLODdvT2o5ZTdSRVhYM1p6UFdiT3VyZlpMdGNjUmc9PSIsIm1hYyI6IjE3ZDc2MTExOGQyNDUzOTkyYTBkYmU1ZGU1YzE2NTI1OGE1ZGEyMjRjNjM5ODkyYjQzYWQ0ZjNkN2QyYWY3ZGYiLCJ0YWciOiIifQ==\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: HIT\r\nage: 58\r\nset-cookie: __cf_bm=lz5xD1JAZFgxCs1VDQjR0DPmNycxQUuVtzwb.0ev.zY-1760631757-1.0.1.1-np7zBObY9zEXtqntuXfdC_UWpbBE3xIc9qGz3upjuNv9jve0U0dGiXeTez6.E0yT_h8QvE_8qMMGkbeuTnoR5Tr_izi_nGwnm3FjUL7Ray8; path=/; expires=Thu, 16-Oct-25 16:52:37 GMT; domain=.tinyurl.com; HttpOnly; Secure; SameSite=None\r\nserver-timing: cfCacheStatus;desc=\"HIT\", cfOrigin;dur=0,cfEdge;dur=14\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T18:31:03.533086Z","times_seen":13299059,"resource_available":true,"data":null}},"time_used":188,"timings":{"blocked":86,"dns":1,"connect":1,"send":0,"wait":16,"receive":0,"ssl":82},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}