{"report_id":"82820044-bb69-4997-8002-a998e27f23a5","version":6,"status":"done","tags":[],"date":"2026-02-25T10:30:12Z","url":{"schema":"http","addr":"tertv.com/","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":0,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"tertv.com/index/index/index/jumplang/en-cn.html","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"title":"tertv.com/index/index/index/jumplang/en-cn.html","dom":{"size":30381,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (758)","md5":"8adfc33d74d885c355964de8b59fa9f5","sha1":"1476cceff5b5afdb58be88890cb66d5f1c443e52","sha256":"87315b34d146b54ac62d3a4ec6dd120fb65a69343997f435fff63a64581407fa","sha512":"1669fa4a5aa8fef4ce5baf8be4611580bbb29e37063a51600f8f6e71035bd49d7651f7b10afc534a24ec30410cce27b955ed41d9bed6c5e3fcae5ff6b6ea4ce3","ssdeep":"384:FjJbIXMPZlT02Vvxi/JLqGQYnJQ24axbBcBVhi/qmY:FjJMXMPfT02VvcrQYnJQ24axVcBVhizY","tlshash":"6dd2003006ee2cb7005602e6a535276cacdf5e02d7139851f2ff4296a7cec947c5b5da","dom_hash":"domhash7903f664b1d5afb25af6562d184612ca","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"tertv.com/","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":0,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-01T10:30:12Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"tertv.com","ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":60,"request_count":60,"received_data":3249495,"sent_data":38377,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Zepto","description":"","website":"https://zeptojs.com","common_platform_enumeration":"","icon":"Zepto.png","categories":["JavaScript libraries"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}]},{"fqdn":"collect-v6.51.la","ip":{"addr":"43.159.107.113","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"domain_registered":"2005-01-17","domain_rank":348646,"first_seen":"2021-03-08T16:03:54Z","last_seen":"2026-02-23T03:22:40.854743Z","alert_count":0,"request_count":1,"received_data":354,"sent_data":459,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"tertv.com/image/common.js","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"bbaa3ba82eabac17365b789a50885a52","sha1":"72daa321d794ab876e580a3d74c8c93c7bf3ec91","sha256":"ce9f8f9bb4e5eef2462667de0e76e65bd65c6e670cef61b5e76ed47be6813cf9","sha512":"0004dc6643aa9a056edd186964e70964886558ad9dfd8208c8d8183faffb84a636728447817e5c89f2102cc0b5ef85aeceb6a64571b5562a84cbef7f2c4a312b","ssdeep":"","tlshash":"a4713098b34c912b10f673319abf1909d83ba5734103d408f95ca0853ff825eb3a6ee9","size":3807,"data":"","first_seen":"2024-03-03T07:44:42Z","last_seen":"2026-04-04T05:26:30.202071Z","times_seen":331,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"5287119092d8c95da9162bbed0babba7","sha1":"bda158f8be9dfd5dbbdbf76bcfed30cc7945910a","sha256":"a0a469204de956debdc163261a396fa914a6d9abd1ef9fc0f0a9552450b38846","sha512":"839654f741816975cac19ccb96d3fd93693b726d6b92d089a9ee55f5c411e4b7365e4bf547412836693f6c73b3f7a53da2a3a67e6e1b80c7a7e6fd371f02cb00","ssdeep":"","tlshash":"2111ed487bb665b5e057203ad5ff80c01f4e259bd14aa690feed54aa0f212d4b0b3a0f","size":996,"data":"","first_seen":"2023-03-07T16:38:18Z","last_seen":"2026-04-04T05:26:30.234448Z","times_seen":242,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/index/index/index/jumplang/en-cn.html","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"5287119092d8c95da9162bbed0babba7","sha1":"bda158f8be9dfd5dbbdbf76bcfed30cc7945910a","sha256":"a0a469204de956debdc163261a396fa914a6d9abd1ef9fc0f0a9552450b38846","sha512":"839654f741816975cac19ccb96d3fd93693b726d6b92d089a9ee55f5c411e4b7365e4bf547412836693f6c73b3f7a53da2a3a67e6e1b80c7a7e6fd371f02cb00","ssdeep":"","tlshash":"2111ed487bb665b5e057203ad5ff80c01f4e259bd14aa690feed54aa0f212d4b0b3a0f","size":996,"data":"","first_seen":"2023-03-07T16:38:18Z","last_seen":"2026-04-04T05:26:30.234448Z","times_seen":242,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/index/index/index/jumplang/en-cn.html","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"dca65718a358c2043b231194e58bd90c","sha1":"21fc2edfc5b44b4bb34b2d850a86a1ec456ac420","sha256":"ca4d955e34166a81edcaf60850b6510725342ead9bd476dbc1005888e44ab892","sha512":"7635576e2987aa62c07613fe21fa9705ba4dce1a89545dc916f9d8e847d5a30bf3a21ec3da03910747d880eafe39f207e9b924ef5aaba82fb4e45abea973ce2b","ssdeep":"","tlshash":"ef90020084f22601e0849628351a0fc120db48f0b0b79f4cf406404160c4428e9355c1","size":54,"data":"","first_seen":"2025-03-16T13:58:56.2975Z","last_seen":"2026-03-15T15:36:21.172029Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/weui.min.js","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b2d509279b32ca4e47fc1b9208f604f7","sha1":"9d5157bf10eb7e2a24593ec7168ae95289299899","sha256":"e292ce67ecbecc4ff34ee38d51c8dda6e71597f7ae44a2e9980f1da0be246c50","sha512":"3525e32a00a8f3b6f4c52e90143cd8811d04aa382e5c4fa85dda30d18e44a6c143627ac484c1a15fdc03b2b999b52b1e3f0ca19b3ee5822f66f5d3a7c4a79ca4","ssdeep":"384:CuQzFSVlyfFD364d7X7fhFuZgkmQUxXe8NcztGcpnGcu6O1/cbivDFA7B2a/RaVW:MjXZ7fNkmQU88Ncz1talRcbEDf+iD1O","tlshash":"a1f2d7983281b4e623d350b5443f560fb33a4c3a98077400b7b4d9e56fb89ea56b7f29","size":36806,"data":"","first_seen":"2023-03-07T16:38:18Z","last_seen":"2026-04-05T23:15:50.532673Z","times_seen":609,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/zepto.min.js","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2dd2e0f33e6b0fe9d4800aef6199e605","sha1":"50e5731db220ebef453bc8b45b0653faca6f8b99","sha256":"29fd5016efe08849f1124ff05b0658d6579e6826fda0569fc1b77598c0e56036","sha512":"c0c380eafa19ff621cc7d74fa8b782b28b7c8bb2e72d88a6887d0367f5710befe616b8d33903cec1cf4d671ef27f2e25ce58914b9cf770a4ddc48140a732f740","ssdeep":"384:WRWPO3mlNwpEiFT4wQpNWdkLSDei2uFHs0YB35FYQtoskIX9:jxlNwpjoERT2KHXYp5JkIX9","tlshash":"59d272ccb2c2b46707a7b1b8506f624bf23a6889380e4454f169e8e57c7890e9577f7c","size":29237,"data":"","first_seen":"2023-03-07T16:38:18Z","last_seen":"2026-04-05T23:15:50.544148Z","times_seen":706,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/jquery.min.js","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"397754ba49e9e0cf4e7c190da78dda05","sha1":"ae49e56999d82802727455f0ba83b63acd90a22b","sha256":"c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4","sha512":"8c64754f77507ab2c24a6fc818419b9dd3f0ceccc9065290e41afdbee0743f0da2cb13b2fbb00afa525c082f1e697cb3ffd76ef9b902cb81d7c41ca1c641dffb","ssdeep":"1536:dnu00HWWaRxkqJg09pYxoxDKMXJrg8hXXO4dK3kyfiLJBhdSZE+I+Qg7rbaN1RUx:ddkWgoBhcZRQgmW42qe","tlshash":"8c932bdd72d2b03257ab30bd106f540ff2361959280d8850f268d8f9bc79a49a277f6d","size":92629,"data":"","first_seen":"2023-03-07T01:02:08Z","last_seen":"2026-04-06T09:01:57.763545Z","times_seen":60874,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/layer3.1/layer.js","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d0c975e34297f3e44e99c9d83555ffc1","sha1":"7e465bd79e65428cf07e5991196cff512ce44a4b","sha256":"691aad750624d84b17f2fbb73a4982860edd18837f3000c5b660ac82bf408e82","sha512":"1d9dcd7e1afe695e5716ea55f9a5a3e3aa45852722b4e1a2653ebd3f3a85c8b7a34b15264751f5ee26ea56ee49c8683a00d771197d8b32d9ea53d842d6db3b79","ssdeep":"384:41xCih92A3igrLXSt/SdMrXqE6tGLxzAOTElH0jjhtjfs8:41EiV3i+WtXItqF13k8","tlshash":"56a2b66a754034976323906ad11fba0b31f21d24d7078128f22bb4ae1dbcd95a2b7f5f","size":22104,"data":"","first_seen":"2023-04-05T06:05:22Z","last_seen":"2026-04-06T08:34:09.078576Z","times_seen":5070,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/jquery.min.js","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"397754ba49e9e0cf4e7c190da78dda05","sha1":"ae49e56999d82802727455f0ba83b63acd90a22b","sha256":"c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4","sha512":"8c64754f77507ab2c24a6fc818419b9dd3f0ceccc9065290e41afdbee0743f0da2cb13b2fbb00afa525c082f1e697cb3ffd76ef9b902cb81d7c41ca1c641dffb","ssdeep":"1536:dnu00HWWaRxkqJg09pYxoxDKMXJrg8hXXO4dK3kyfiLJBhdSZE+I+Qg7rbaN1RUx:ddkWgoBhcZRQgmW42qe","tlshash":"8c932bdd72d2b03257ab30bd106f540ff2361959280d8850f268d8f9bc79a49a277f6d","size":92629,"data":"","first_seen":"2023-03-07T01:02:08Z","last_seen":"2026-04-06T09:01:57.763545Z","times_seen":60874,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/plugin/swiper/yy.js","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"05ed2352d599c6fbebbbf11feb5991d2","sha1":"b6d563caec0f9a8d45649ad9bcc08fd0c3b857b5","sha256":"6d8df9de53c93ee22a1079caf784d80da2fb435ac9d6ec196335004ef5aae438","sha512":"04d86028bc84e3eba9a93ddf308ec4d9e52328900e1faa94962f79dcb5de5cd63459d759eea3f4b701519c8daea7761aaf42de01cd412268d44bdfb3fc800493","ssdeep":"","tlshash":"ad318de69a769305526ae029579f3f2321b308771008e8947a4dc7086fed3cb061fbad","size":1745,"data":"","first_seen":"2024-06-02T21:14:46Z","last_seen":"2026-03-28T19:24:56.09936Z","times_seen":74,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/index/index/index/jumplang/en-cn.html","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"92a328a5cbddf300431e812a6a8fe405","sha1":"a6d7ea0ac0371ee697122fa6d6cbfc0e80897f81","sha256":"830a8e9973e2364d3d791485fc0a3bf976e9bb3c0fbef5f328db9e75b2e1a9de","sha512":"0e27632151f7dadcf5c276123db417178e19bf035cf84daad9b4a91ce1382b79c174cf0f111bf6aeef479f6423ee9fbf63ec87889a0dfe043db823bf94d4fdfc","ssdeep":"","tlshash":"8e014908e795195579b6304ecc7f3ec81e32a8033ec10c5a395c30f0bf9ba29e925e18","size":678,"data":"","first_seen":"2025-03-11T04:18:30.807446Z","last_seen":"2026-03-28T19:24:56.124555Z","times_seen":48,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/plugin/swiper/swiper-3.4.2.min.js","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"fb13ef3e875ca3497ede35d3774be9d3","sha1":"ab0743a89d522438c17ae7eaf5943fd4590ee3d0","sha256":"4a10219bee747aadeeda78f166d787adf32583f361f88d44b472f6f3da798083","sha512":"7b9fba1a93c724bc53e1dd4e27e59534430076346ddc73b24fcb71c9b7cb831321a70ffa38797185f7108ee64a18f1fa08cf2b7ccf2dbfc03e767b23187814c5","ssdeep":"1536:eyOkN3TklR3ZIFDJ+Y7n2L5ydUTq0tSQfCBTR:LTX73uTq/","tlshash":"0d93d66eb314f3e295d3214a675ac64122f21706b809dae870b54c4a68bcc5d03bffbd","size":96419,"data":"","first_seen":"2023-03-07T01:17:19Z","last_seen":"2026-04-06T08:01:40.298719Z","times_seen":3060,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/index/index/index/jumplang/en-cn.html","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"59ac69dbd041d7381e3a781c587b259f","sha1":"8b6ad5d7ef6dc30a354f104219e6531d4151f4f8","sha256":"11095bc26ca936d222434738da05ed801ee0a141e08efd4fa4f981883125fed4","sha512":"da1de957856c6823908aa481f6468f5e19c2b295b14daa017889aa2cd466306b1f34f05330cec57b62a9001b48235583abe56341513921ce42ce85b58750985a","ssdeep":"","tlshash":"4cd0a784530c343953b7cc65847ca2010e7c1944504bd4be40c18cc4c9e713507dad94","size":234,"data":"","first_seen":"2024-05-01T16:53:09Z","last_seen":"2026-03-28T19:24:56.125631Z","times_seen":86,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/plugin/swiper/yy.js","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"05ed2352d599c6fbebbbf11feb5991d2","sha1":"b6d563caec0f9a8d45649ad9bcc08fd0c3b857b5","sha256":"6d8df9de53c93ee22a1079caf784d80da2fb435ac9d6ec196335004ef5aae438","sha512":"04d86028bc84e3eba9a93ddf308ec4d9e52328900e1faa94962f79dcb5de5cd63459d759eea3f4b701519c8daea7761aaf42de01cd412268d44bdfb3fc800493","ssdeep":"","tlshash":"ad318de69a769305526ae029579f3f2321b308771008e8947a4dc7086fed3cb061fbad","size":1745,"data":"","first_seen":"2024-06-02T21:14:46Z","last_seen":"2026-03-28T19:24:56.09936Z","times_seen":74,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/weui.min.js","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b2d509279b32ca4e47fc1b9208f604f7","sha1":"9d5157bf10eb7e2a24593ec7168ae95289299899","sha256":"e292ce67ecbecc4ff34ee38d51c8dda6e71597f7ae44a2e9980f1da0be246c50","sha512":"3525e32a00a8f3b6f4c52e90143cd8811d04aa382e5c4fa85dda30d18e44a6c143627ac484c1a15fdc03b2b999b52b1e3f0ca19b3ee5822f66f5d3a7c4a79ca4","ssdeep":"384:CuQzFSVlyfFD364d7X7fhFuZgkmQUxXe8NcztGcpnGcu6O1/cbivDFA7B2a/RaVW:MjXZ7fNkmQU88Ncz1talRcbEDf+iD1O","tlshash":"a1f2d7983281b4e623d350b5443f560fb33a4c3a98077400b7b4d9e56fb89ea56b7f29","size":36806,"data":"","first_seen":"2023-03-07T16:38:18Z","last_seen":"2026-04-05T23:15:50.532673Z","times_seen":609,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/zepto.min.js","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2dd2e0f33e6b0fe9d4800aef6199e605","sha1":"50e5731db220ebef453bc8b45b0653faca6f8b99","sha256":"29fd5016efe08849f1124ff05b0658d6579e6826fda0569fc1b77598c0e56036","sha512":"c0c380eafa19ff621cc7d74fa8b782b28b7c8bb2e72d88a6887d0367f5710befe616b8d33903cec1cf4d671ef27f2e25ce58914b9cf770a4ddc48140a732f740","ssdeep":"384:WRWPO3mlNwpEiFT4wQpNWdkLSDei2uFHs0YB35FYQtoskIX9:jxlNwpjoERT2KHXYp5JkIX9","tlshash":"59d272ccb2c2b46707a7b1b8506f624bf23a6889380e4454f169e8e57c7890e9577f7c","size":29237,"data":"","first_seen":"2023-03-07T16:38:18Z","last_seen":"2026-04-05T23:15:50.544148Z","times_seen":706,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/common.js","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"bbaa3ba82eabac17365b789a50885a52","sha1":"72daa321d794ab876e580a3d74c8c93c7bf3ec91","sha256":"ce9f8f9bb4e5eef2462667de0e76e65bd65c6e670cef61b5e76ed47be6813cf9","sha512":"0004dc6643aa9a056edd186964e70964886558ad9dfd8208c8d8183faffb84a636728447817e5c89f2102cc0b5ef85aeceb6a64571b5562a84cbef7f2c4a312b","ssdeep":"","tlshash":"a4713098b34c912b10f673319abf1909d83ba5734103d408f95ca0853ff825eb3a6ee9","size":3807,"data":"","first_seen":"2024-03-03T07:44:42Z","last_seen":"2026-04-04T05:26:30.202071Z","times_seen":331,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sdk.51.la/js-sdk-pro.min.js","fqdn":"sdk.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8a41c9449b73e8ba0224c6be1f0b7e8","sha1":"33d79319d4110bcf5c44c36f7dd4a291972ac546","sha256":"52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565","sha512":"472d0395a65a3ade2d215559b196a88ffcdacde3ac0f573eb8663b524f201d72c9339bcacbc198d82452a0ac367c0efd407b12795943cdd2755d95a8cf71b977","ssdeep":"768:swetbD3SkE+a/l1jaKUiQU5eqEh9GMXBOXAA/EXBeJMlbJfuPT:BetbD3SVT/3+KUc5eqEh9GMXBYEXBeJ7","tlshash":"dbf23d9577c0317cc3c783ea362b501ae1a69e910059a8bcf345f6907d34e56a37fba8","size":36114,"data":"","first_seen":"2025-03-10T03:40:31.536734Z","last_seen":"2026-04-06T09:13:41.206773Z","times_seen":82201,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/layer3.1/layer.js","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d0c975e34297f3e44e99c9d83555ffc1","sha1":"7e465bd79e65428cf07e5991196cff512ce44a4b","sha256":"691aad750624d84b17f2fbb73a4982860edd18837f3000c5b660ac82bf408e82","sha512":"1d9dcd7e1afe695e5716ea55f9a5a3e3aa45852722b4e1a2653ebd3f3a85c8b7a34b15264751f5ee26ea56ee49c8683a00d771197d8b32d9ea53d842d6db3b79","ssdeep":"384:41xCih92A3igrLXSt/SdMrXqE6tGLxzAOTElH0jjhtjfs8:41EiV3i+WtXItqF13k8","tlshash":"56a2b66a754034976323906ad11fba0b31f21d24d7078128f22bb4ae1dbcd95a2b7f5f","size":22104,"data":"","first_seen":"2023-04-05T06:05:22Z","last_seen":"2026-04-06T08:34:09.078576Z","times_seen":5070,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"tertv.com/image/zepto.min.js","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tertv.com/","date":"2026-02-25T10:29:50.316Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/zepto.min.js HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:50 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 09 Dec 2021 13:13:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61b200e6-7235\"\r\nexpires: Wed, 25 Feb 2026 22:29:50 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":29237,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (29237), with no line terminators","md5":"2dd2e0f33e6b0fe9d4800aef6199e605","sha1":"50e5731db220ebef453bc8b45b0653faca6f8b99","sha256":"29fd5016efe08849f1124ff05b0658d6579e6826fda0569fc1b77598c0e56036","sha512":"c0c380eafa19ff621cc7d74fa8b782b28b7c8bb2e72d88a6887d0367f5710befe616b8d33903cec1cf4d671ef27f2e25ce58914b9cf770a4ddc48140a732f740","ssdeep":"384:WRWPO3mlNwpEiFT4wQpNWdkLSDei2uFHs0YB35FYQtoskIX9:jxlNwpjoERT2KHXYp5JkIX9","tlshash":"59d272ccb2c2b46707a7b1b8506f624bf23a6889380e4454f169e8e57c7890e9577f7c","first_seen":"2023-03-07T16:38:18Z","last_seen":"2026-04-05T23:15:50.544148Z","times_seen":706,"resource_available":true,"data":null}},"time_used":1231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1231,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/common.css","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.009Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/common.css HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:53 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 16 Dec 2023 08:35:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"657d616f-2292\"\r\nexpires: Wed, 25 Feb 2026 22:29:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8850,"size_decoded":0,"mime_type":"text/css","magic":"troff or preprocessor input, ASCII text","md5":"5efc94146d41959a0ed7be06f2557cc7","sha1":"2e03a6b70ae7fd2474771a2e14a6c78b985fc750","sha256":"6968ee2e91a3c244a1f4b86e168ec713219739e1104df3244a7aa316d64031d1","sha512":"6452172b442435d301b0f63993b953a8457f995e133487cea6dc7cb171f618fbe609544bf10025b75cc2f08fabeb7c8621a9816c53a3d15679393b0ab52c4bab","ssdeep":"96:epXQmxdt9YxYk6mC+rd++Zaj1Bjx6CNvxVUWxWR08uNwiSHrKi:eamhWOk6mC+c+mBj4QxVUWER08uNri","tlshash":"a4027429da162104f163f2fbbee5978a17298107d6130afdb5a43661db8e1dc04b3bcd","first_seen":"2024-08-20T01:27:55.762213Z","last_seen":"2026-03-28T19:24:56.098769Z","times_seen":85,"resource_available":false,"data":null}},"time_used":327,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":327,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/202311142.png","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.019Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/202311142.png HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 31 Dec 2023 10:35:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"659143dd-3f6d\"\r\nexpires: Fri, 27 Mar 2026 10:29:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16237,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 640x320, components 3","md5":"4d1fe6ab7c741f7f97fa4f9a8b12b154","sha1":"6cc39f5f1390174c06f77cb88c50a8b3d48ba0b8","sha256":"18379f1348f23ddbd4db662dffbe34488ce5e8ecb9650e8e0b649f9482839e2f","sha512":"4171dd3dce135edafbb5f0e13d762c3464b417ebce7e54cdcfc8d9ffcedd81b6dd5f4b462596c6fa6af1d52a2fa0e2c7d58d336bf59725f6e4043d157b514841","ssdeep":"384:KgqixN4KmQeerDVHp2VZT75KoFfaCZqG5e:KgB4KmfEDVoT75JauM","tlshash":"a472d0896b308337c6ecf074eba5c646f35f9e42da06dce44148a2f949a34d4dea16d1","first_seen":"2024-03-03T07:44:42Z","last_seen":"2026-03-28T19:24:56.089195Z","times_seen":135,"resource_available":false,"data":null}},"time_used":335,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":335,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/TRX-USDT.png","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.901Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/TRX-USDT.png HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25; __vtins__3KiEZkZFfBh9UuSO=%7B%22sid%22%3A%20%22670c1c34-492b-5508-8316-a696b368c0d2%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201772017193380%2C%20%22ct%22%3A%201772015393380%7D; __51uvsct__3KiEZkZFfBh9UuSO=1; __51vcke__3KiEZkZFfBh9UuSO=f0be80d2-9738-5972-bfd9-fb5b26094849; __51vuft__3KiEZkZFfBh9UuSO=1772015393385\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:54 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 06 Mar 2023 12:42:56 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6405dfd0-11b0\"\r\nexpires: Fri, 27 Mar 2026 10:29:54 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4528,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"1d77da93520c88008e6efc75e954edf3","sha1":"e2b795820521385e41a0bfaa0e12d208db8ebfa6","sha256":"324c88420af365a9424bc78e7f7092d27b9b36882e4c51ce2c6cf73512101b88","sha512":"1e1e0e2290ee8c98303bea2fd4b4a4ca243fee7c4de542e8e3377cb2739cfde020422322b739047609b6bbf1d8633f7d68a796d36fd442ddab69fcd29d27e588","ssdeep":"96:/Ar5oyIISYQlwwcZD/75QXlv27KkrwrCgevbvOtutIe98:/Ar5VIiQlwhzWXl2+CXvWq8","tlshash":"0c916c4b3402f30bbf35ee663129bb2c955a3c341fa0201f2699906adb0cb7da977056","first_seen":"2023-07-31T18:35:56Z","last_seen":"2026-03-28T19:24:56.083842Z","times_seen":163,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":307,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/weui.min.js","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tertv.com/","date":"2026-02-25T10:29:50.319Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/weui.min.js HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:50 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 09 Dec 2021 13:13:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61b200e6-8fc6\"\r\nexpires: Wed, 25 Feb 2026 22:29:50 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":36806,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (30581)","md5":"b2d509279b32ca4e47fc1b9208f604f7","sha1":"9d5157bf10eb7e2a24593ec7168ae95289299899","sha256":"e292ce67ecbecc4ff34ee38d51c8dda6e71597f7ae44a2e9980f1da0be246c50","sha512":"3525e32a00a8f3b6f4c52e90143cd8811d04aa382e5c4fa85dda30d18e44a6c143627ac484c1a15fdc03b2b999b52b1e3f0ca19b3ee5822f66f5d3a7c4a79ca4","ssdeep":"384:CuQzFSVlyfFD364d7X7fhFuZgkmQUxXe8NcztGcpnGcu6O1/cbivDFA7B2a/RaVW:MjXZ7fNkmQU88Ncz1talRcbEDf+iD1O","tlshash":"a1f2d7983281b4e623d350b5443f560fb33a4c3a98077400b7b4d9e56fb89ea56b7f29","first_seen":"2023-03-07T16:38:18Z","last_seen":"2026-04-05T23:15:50.532673Z","times_seen":609,"resource_available":true,"data":null}},"time_used":1230,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1230,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/common.js","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tertv.com/","date":"2026-02-25T10:29:50.322Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/common.js HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:50 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 16 Nov 2023 07:13:54 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6555c132-edf\"\r\nexpires: Wed, 25 Feb 2026 22:29:50 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3807,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"bbaa3ba82eabac17365b789a50885a52","sha1":"72daa321d794ab876e580a3d74c8c93c7bf3ec91","sha256":"ce9f8f9bb4e5eef2462667de0e76e65bd65c6e670cef61b5e76ed47be6813cf9","sha512":"0004dc6643aa9a056edd186964e70964886558ad9dfd8208c8d8183faffb84a636728447817e5c89f2102cc0b5ef85aeceb6a64571b5562a84cbef7f2c4a312b","ssdeep":"","tlshash":"a4713098b34c912b10f673319abf1909d83ba5734103d408f95ca0853ff825eb3a6ee9","first_seen":"2024-03-03T07:44:42Z","last_seen":"2026-04-04T05:26:30.202071Z","times_seen":331,"resource_available":true,"data":null}},"time_used":1229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1229,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/weui.min.js","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.004Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/weui.min.js HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:53 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 09 Dec 2021 13:13:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61b200e6-8fc6\"\r\nexpires: Wed, 25 Feb 2026 22:29:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":36806,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (30581)","md5":"b2d509279b32ca4e47fc1b9208f604f7","sha1":"9d5157bf10eb7e2a24593ec7168ae95289299899","sha256":"e292ce67ecbecc4ff34ee38d51c8dda6e71597f7ae44a2e9980f1da0be246c50","sha512":"3525e32a00a8f3b6f4c52e90143cd8811d04aa382e5c4fa85dda30d18e44a6c143627ac484c1a15fdc03b2b999b52b1e3f0ca19b3ee5822f66f5d3a7c4a79ca4","ssdeep":"384:CuQzFSVlyfFD364d7X7fhFuZgkmQUxXe8NcztGcpnGcu6O1/cbivDFA7B2a/RaVW:MjXZ7fNkmQU88Ncz1talRcbEDf+iD1O","tlshash":"a1f2d7983281b4e623d350b5443f560fb33a4c3a98077400b7b4d9e56fb89ea56b7f29","first_seen":"2023-03-07T16:38:18Z","last_seen":"2026-04-05T23:15:50.532673Z","times_seen":609,"resource_available":true,"data":null}},"time_used":327,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":327,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/nav_icon_4.png","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.027Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/nav_icon_4.png HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 31 Dec 2023 12:18:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65915c32-2fae\"\r\nexpires: Fri, 27 Mar 2026 10:29:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12206,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 450x375, components 3","md5":"fc3f80768c2e19a7603d79869a4e2256","sha1":"292ce293568486f8afe0187730c025bbfca10d6d","sha256":"eab0f5eda748f82ab0cf809c0b77353146840d28058321b01fdafedaa02d35dc","sha512":"c7cf6ba064f1e425a89d62777097ae90a641c8e89ccc610d988facf13bffe7508a67e3e4eeee2f83bd19107b1b38590aa49b57a7df28cefbeb68a6e0b4d98fa0","ssdeep":"192:I/fJdOoTx8VQD/Kkn0FFcqYuBJNI58x0KhU7MG0JictCrV1L7gnKhrdsJ3hqGJq:uhdHd8VQDW6i67+octCr/L7d/G0GQ","tlshash":"d042ad573b68563dda75693b066a0be83f823e4404306827e86be1d494ceb341ddf6d3","first_seen":"2024-03-03T07:44:43Z","last_seen":"2026-03-28T19:24:56.109508Z","times_seen":135,"resource_available":false,"data":null}},"time_used":608,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":608,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/en-cn.jpg","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.015Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/en-cn.jpg HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:53 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-04-06T09:10:32.203061Z","times_seen":480430,"resource_available":true,"data":null}},"time_used":613,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":613,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/202311141.png","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.020Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/202311141.png HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 08 Jan 2024 16:52:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"659c2846-2d355\"\r\nexpires: Fri, 27 Mar 2026 10:29:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":185173,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1080x720, components 3","md5":"b51ec5f591c32cb8729bd25ebf9bef3b","sha1":"8878c68006235349403c722024b53f93aa975970","sha256":"170e30d822d1efbe0f22f83ddcfb5f2308a95d17c817c3db4c299e03831559e0","sha512":"66c75a1676de4432803adbc4679709e0c539f65fcb82fd15795f388b2c1db9a6ea57bd5b35f8b0207978858a757fbfa3f2bbf3a9b8034cbee25ec69a54a7a173","ssdeep":"3072:fbe2H0uETlaTcIf9lBfNoFlQCkAXvhrwc7Gc4OBdYvTITXG3ia+X/bx/KbMj/Nrx:f6ZTlElOQCBkc7368DGyHbx/7jVrMCn","tlshash":"710423bd56dbc5dc599d45ebc90bccba0618c1dfc13923b0be46fd33a099ba424e0895","first_seen":"2024-03-03T07:44:43Z","last_seen":"2026-03-28T19:24:56.078211Z","times_seen":135,"resource_available":false,"data":null}},"time_used":336,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":336,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/BTC-USDT.png","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.878Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/BTC-USDT.png HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25; __vtins__3KiEZkZFfBh9UuSO=%7B%22sid%22%3A%20%22670c1c34-492b-5508-8316-a696b368c0d2%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201772017193380%2C%20%22ct%22%3A%201772015393380%7D; __51uvsct__3KiEZkZFfBh9UuSO=1; __51vcke__3KiEZkZFfBh9UuSO=f0be80d2-9738-5972-bfd9-fb5b26094849; __51vuft__3KiEZkZFfBh9UuSO=1772015393385\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:54 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 06 Mar 2023 12:26:44 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6405dc04-1376\"\r\nexpires: Fri, 27 Mar 2026 10:29:54 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4982,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"dce448708dbde74d8918b888de94c5ec","sha1":"6d567a4c470e21718e8448a50d88af49824f743e","sha256":"1a8495170f83ef4d9500d826134cbe44fa780e71e98d5246447e8e9ab7c9668f","sha512":"9183429b9d8002b6e3eb7418966231df222057e036214d4cdd7b01bb8b9e086e5e7850dc8590f9a270f7b82358aab565ae7e70b9737980346711a6e8cb43db5a","ssdeep":"96:QqmzEAvOLh8v+czzgs0wPYcGQjNMwEH4MeNU00RVp3ISeDpsEtPE7bx6K:OYRLaHzzwejNVEYMejYVOSeVFts7D","tlshash":"f2a17e8e830c6f35296705f31c1743ee157d8ea3dd6acbaf015997fa04086e94ea5f40","first_seen":"2023-07-31T18:35:57Z","last_seen":"2026-03-28T19:24:56.107192Z","times_seen":162,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":307,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/favicon.ico","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:54.315Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25; __vtins__3KiEZkZFfBh9UuSO=%7B%22sid%22%3A%20%22670c1c34-492b-5508-8316-a696b368c0d2%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201772017193380%2C%20%22ct%22%3A%201772015393380%7D; __51uvsct__3KiEZkZFfBh9UuSO=1; __51vcke__3KiEZkZFfBh9UuSO=f0be80d2-9738-5972-bfd9-fb5b26094849; __51vuft__3KiEZkZFfBh9UuSO=1772015393385\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:54 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-04-06T09:10:32.203061Z","times_seen":480430,"resource_available":true,"data":null}},"time_used":373,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":372,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/plugin/swiper/swiper-3.4.2.min.js","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tertv.com/","date":"2026-02-25T10:29:50.332Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /plugin/swiper/swiper-3.4.2.min.js HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:50 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 02 Sep 2020 09:36:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5f4f678e-178a3\"\r\nexpires: Wed, 25 Feb 2026 22:29:50 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":96419,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (31999)","md5":"fb13ef3e875ca3497ede35d3774be9d3","sha1":"ab0743a89d522438c17ae7eaf5943fd4590ee3d0","sha256":"4a10219bee747aadeeda78f166d787adf32583f361f88d44b472f6f3da798083","sha512":"7b9fba1a93c724bc53e1dd4e27e59534430076346ddc73b24fcb71c9b7cb831321a70ffa38797185f7108ee64a18f1fa08cf2b7ccf2dbfc03e767b23187814c5","ssdeep":"1536:eyOkN3TklR3ZIFDJ+Y7n2L5ydUTq0tSQfCBTR:LTX73uTq/","tlshash":"0d93d66eb314f3e295d3214a675ac64122f21706b809dae870b54c4a68bcc5d03bffbd","first_seen":"2023-03-07T01:17:19Z","last_seen":"2026-04-06T08:01:40.298719Z","times_seen":3060,"resource_available":true,"data":null}},"time_used":1222,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1222,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/iconfont.css","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.008Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/iconfont.css HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:53 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 19 Dec 2021 14:48:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61bf463c-63ce\"\r\nexpires: Wed, 25 Feb 2026 22:29:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25550,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (20698)","md5":"7636674a9cc00e0ab274c0118bf30792","sha1":"f27a0be01fbbbf273a89d3c422379aec2764e686","sha256":"9fa256777e1db1a122b57fc40c30257f8f850a678bed98019d471e6df77eef75","sha512":"d689560eb32216bc369b734a97df8a0fd12cb53dfd23f9c424cb44199fbf151e5eda7764c88b97a31009627931522b7608f2917153ab0aceb94bd5c62d7bd735","ssdeep":"384:LBCVGK9CWi1Frac1AzSvwRf/S6a4ukK0SlgOLkQ3PJv4IpQCKWPlNU3PLLg1UXav:to/V6mc1lHFkKdXvZ4KVKWdNsrav","tlshash":"87b23cf499bd5ca41306e4d53342a760ef0d66a48d8b4d5bf3a73c9cb7e32018186aec","first_seen":"2023-05-09T00:01:32Z","last_seen":"2026-04-05T23:15:50.542473Z","times_seen":492,"resource_available":false,"data":null}},"time_used":327,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":327,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/nav_icon_3.png","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.024Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/nav_icon_3.png HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 31 Dec 2023 12:18:57 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65915c31-1c4f\"\r\nexpires: Fri, 27 Mar 2026 10:29:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7247,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 450x450, components 3","md5":"4b4859e0e22787403478697c59363298","sha1":"6b1f35be403f9692cd3aaf23c83337f292f74a43","sha256":"05ecb8dbe9bd556cf96e70e2f18fd3719fdc831685edfae07fdca148ed7d8e2a","sha512":"4d2c1ba4ac3643049182bbba53edabf878f3e6988f2a991b5e61674c2a57dbdc336805044b0da6723fd1fc0b9a415646b892c273ece9da83561d89e01e521b52","ssdeep":"96:FIxXrpMMpBvnt2AvbjG7Bih/LUHQ0uO444emKKKnKKcJ8hKKQKK6KKKGKK4orDqI:gtdnXb+Bih/LUv444Lb4+vTSyz23","tlshash":"5ee1171ebf403066cb239bb51fa89b72ef16fe04845d9727d81504d38a8f2f26d1a9c1","first_seen":"2024-03-03T07:44:42Z","last_seen":"2026-03-28T19:24:56.111121Z","times_seen":139,"resource_available":false,"data":null}},"time_used":340,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":340,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/UNI-USDT.png","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.902Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/UNI-USDT.png HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25; __vtins__3KiEZkZFfBh9UuSO=%7B%22sid%22%3A%20%22670c1c34-492b-5508-8316-a696b368c0d2%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201772017193380%2C%20%22ct%22%3A%201772015393380%7D; __51uvsct__3KiEZkZFfBh9UuSO=1; __51vcke__3KiEZkZFfBh9UuSO=f0be80d2-9738-5972-bfd9-fb5b26094849; __51vuft__3KiEZkZFfBh9UuSO=1772015393385\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:54 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 06 Mar 2023 12:38:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6405dec0-18c3\"\r\nexpires: Fri, 27 Mar 2026 10:29:54 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6339,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"261fbb817252346260b9ce0b6f6f951c","sha1":"76b5c24ff99404da8d4e9135f256c86db0dfc814","sha256":"ca5848d2e54909c1045e562b08e3dda2e3ceff28c5acbcb171e7d7f66476ebfc","sha512":"d9f424bd7dda043c6be7bdf163291a9efe2d6e120fc9519ac37512e9fdebf0f1acf60a6460f695e8e302e9af866b06c525f59b7e15ce1be7ff0213cdd4573e8c","ssdeep":"96:TbcqH/sPEdDNRb5oyD7FECXcAQIPh+jpHELTFUeg1/MjWd4hNbYt0:TbRH/WEJ/H0OhIpH+iqGRK","tlshash":"41d1ae33b2bd16b4759e00e6e0ec70243ef1958857f3655e88b03cb7a58f07ba668865","first_seen":"2023-07-31T18:35:56Z","last_seen":"2026-03-28T19:24:56.075545Z","times_seen":159,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":307,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/jquery.min.js","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.003Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/jquery.min.js HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:53 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 09 Dec 2021 13:13:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61b200e6-169d5\"\r\nexpires: Wed, 25 Feb 2026 22:29:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":92629,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32089)","md5":"397754ba49e9e0cf4e7c190da78dda05","sha1":"ae49e56999d82802727455f0ba83b63acd90a22b","sha256":"c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4","sha512":"8c64754f77507ab2c24a6fc818419b9dd3f0ceccc9065290e41afdbee0743f0da2cb13b2fbb00afa525c082f1e697cb3ffd76ef9b902cb81d7c41ca1c641dffb","ssdeep":"1536:dnu00HWWaRxkqJg09pYxoxDKMXJrg8hXXO4dK3kyfiLJBhdSZE+I+Qg7rbaN1RUx:ddkWgoBhcZRQgmW42qe","tlshash":"8c932bdd72d2b03257ab30bd106f540ff2361959280d8850f268d8f9bc79a49a277f6d","first_seen":"2023-03-07T01:02:08Z","last_seen":"2026-04-06T09:01:57.763545Z","times_seen":60874,"resource_available":true,"data":null}},"time_used":327,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":327,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/common.js","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.007Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/common.js HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:53 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 16 Nov 2023 07:13:54 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6555c132-edf\"\r\nexpires: Wed, 25 Feb 2026 22:29:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3807,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"bbaa3ba82eabac17365b789a50885a52","sha1":"72daa321d794ab876e580a3d74c8c93c7bf3ec91","sha256":"ce9f8f9bb4e5eef2462667de0e76e65bd65c6e670cef61b5e76ed47be6813cf9","sha512":"0004dc6643aa9a056edd186964e70964886558ad9dfd8208c8d8183faffb84a636728447817e5c89f2102cc0b5ef85aeceb6a64571b5562a84cbef7f2c4a312b","ssdeep":"","tlshash":"a4713098b34c912b10f673319abf1909d83ba5734103d408f95ca0853ff825eb3a6ee9","first_seen":"2024-03-03T07:44:42Z","last_seen":"2026-04-04T05:26:30.202071Z","times_seen":331,"resource_available":true,"data":null}},"time_used":326,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":326,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/nav_icon_8.png","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.028Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/nav_icon_8.png HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 31 Dec 2023 12:19:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65915c35-19da\"\r\nexpires: Fri, 27 Mar 2026 10:29:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6618,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"42a23a8291ce089f5c7768230eb2dea0","sha1":"de9691aba3b82bcb53253267d897500125386860","sha256":"8b67eebad2e63b7ce2605bad392af06aa2abdc4aa0affeb87aef02f3ac849c43","sha512":"ee04d7154c5edc3286bbe2821e5fad2d9d6d3eacc8e24d96bcbd44f7201465b0e5fe8d198c20e8070c4a49e19c1e6d7bc509ba688cdbeee2c69ffa612cf6495c","ssdeep":"96:kbDlhpDd1XCiLTEu+Wn6BjNR6cHfEanzBKA6uz4wvo0myVltLC8fbBUZVFaKXi6O:6hpxNr61fFMWBKK/v1jND6ZCKX2QHc","tlshash":"c0d18d739b51a2396c483fa7607d632bda9e1852f7fd2f172c4cc9982700210196bb33","first_seen":"2024-03-03T07:44:43Z","last_seen":"2026-03-28T19:24:56.08821Z","times_seen":139,"resource_available":false,"data":null}},"time_used":608,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":608,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/ETH-USDT.png","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.881Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/ETH-USDT.png HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25; __vtins__3KiEZkZFfBh9UuSO=%7B%22sid%22%3A%20%22670c1c34-492b-5508-8316-a696b368c0d2%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201772017193380%2C%20%22ct%22%3A%201772015393380%7D; __51uvsct__3KiEZkZFfBh9UuSO=1; __51vcke__3KiEZkZFfBh9UuSO=f0be80d2-9738-5972-bfd9-fb5b26094849; __51vuft__3KiEZkZFfBh9UuSO=1772015393385\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:54 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 06 Mar 2023 12:41:40 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6405df84-d60\"\r\nexpires: Fri, 27 Mar 2026 10:29:54 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3424,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"0238fdc6d1d9ba2111134f8f53c27267","sha1":"a3628e2a0ea8736d9a3bfbae07222758a390e89d","sha256":"31862adaf2e2ac7b7636af6fa53d81d2dbbbc23668b8a922469edd7e1b55f952","sha512":"a49c894824687fd1fc2b8a7808a34a3e036f9ecb90dff68421fd87e1a1e55ff44f89d1357651e40785306b0b44fb23acb8aa725a87d13f49f0188c3b3f3329ed","ssdeep":"","tlshash":"46617d661f25a2f4e4751b184f18df31aad22c64c101f84fad8323e43d4d21245aefd4","first_seen":"2023-07-31T18:35:57Z","last_seen":"2026-03-28T19:24:56.087112Z","times_seen":156,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":307,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/ADA-USDT.png","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.899Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/ADA-USDT.png HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25; __vtins__3KiEZkZFfBh9UuSO=%7B%22sid%22%3A%20%22670c1c34-492b-5508-8316-a696b368c0d2%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201772017193380%2C%20%22ct%22%3A%201772015393380%7D; __51uvsct__3KiEZkZFfBh9UuSO=1; __51vcke__3KiEZkZFfBh9UuSO=f0be80d2-9738-5972-bfd9-fb5b26094849; __51vuft__3KiEZkZFfBh9UuSO=1772015393385\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:54 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 06 Mar 2023 12:42:44 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6405dfc4-14bd\"\r\nexpires: Fri, 27 Mar 2026 10:29:54 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5309,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"e5c101c65496e6dc77dfa8fb8e67af67","sha1":"277ac9fba0d01b62dc4baeb37c542d58365071df","sha256":"0e6079f8406dbf5ef1796f8f9729193e04533cec705b9139d22e05272f455722","sha512":"dfc6ba3782c721ebd4ff21d0a4332be7b147c0c52a86cd8487839404c7c33ec3f0a21c81934b9a140b2110d12895fdf14207f6d8cf083df6554aae7d5d08d320","ssdeep":"96:FfyiASh3QtDNDEz3p994XVRlhV8blURe4BC53Ty9714T9UG0crd:FfyeQ9NAuRlhVC+A3TQ14Z5d","tlshash":"bab18d6e204fcd5ee1554e56560334312ede7808e88bd37c2a32360a188677dbbb75b3","first_seen":"2023-07-31T18:35:56Z","last_seen":"2026-03-28T19:24:56.11067Z","times_seen":157,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":307,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/SOL-USDT.png","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.904Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/SOL-USDT.png HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25; __vtins__3KiEZkZFfBh9UuSO=%7B%22sid%22%3A%20%22670c1c34-492b-5508-8316-a696b368c0d2%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201772017193380%2C%20%22ct%22%3A%201772015393380%7D; __51uvsct__3KiEZkZFfBh9UuSO=1; __51vcke__3KiEZkZFfBh9UuSO=f0be80d2-9738-5972-bfd9-fb5b26094849; __51vuft__3KiEZkZFfBh9UuSO=1772015393385\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:54 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 06 Mar 2023 12:43:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6405dfde-1036\"\r\nexpires: Fri, 27 Mar 2026 10:29:54 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4150,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"9a764deaa696ddcae23b50878da2275b","sha1":"e50fcf53a6a257bd8c67dec07f82aeafa9b550d8","sha256":"b373e46d6f482af8a3f2f496ae07cb1ff98d45519b3d63cab03022821dc26503","sha512":"04c3e665cec122d3019da71291758b780cb7dfedc19e295381cd9358dd9cf3c56f20b08541d5cd89987c7d20417fbbe26e8ffa2bf35fa07199650027a7591952","ssdeep":"96:954fwDRa+Mt8RqN+fTqLnNjmRKsdj/UPqu4DCRuLIBeYH/Gn:954fwf487fTq5aRKsdbhrVLAeaGn","tlshash":"3f817dc4d7044d58217c2027a3b2ba7a82f25c33b654f0c2fdb618d5e925fe0a0a648b","first_seen":"2023-07-31T18:35:57Z","last_seen":"2026-03-28T19:24:56.105992Z","times_seen":163,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":307,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/layer3.1/layer.js","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tertv.com/","date":"2026-02-25T10:29:50.321Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /layer3.1/layer.js HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:50 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 05 Jun 2021 10:36:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60bb5394-5664\"\r\nexpires: Wed, 25 Feb 2026 22:29:50 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":22116,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (22020)","md5":"d0c975e34297f3e44e99c9d83555ffc1","sha1":"7e465bd79e65428cf07e5991196cff512ce44a4b","sha256":"691aad750624d84b17f2fbb73a4982860edd18837f3000c5b660ac82bf408e82","sha512":"1d9dcd7e1afe695e5716ea55f9a5a3e3aa45852722b4e1a2653ebd3f3a85c8b7a34b15264751f5ee26ea56ee49c8683a00d771197d8b32d9ea53d842d6db3b79","ssdeep":"384:41xCih92A3igrLXSt/SdMrXqE6tGLxzAOTElH0jjhtjfs8:41EiV3i+WtXItqF13k8","tlshash":"56a2b66a754034976323906ad11fba0b31f21d24d7078128f22bb4ae1dbcd95a2b7f5f","first_seen":"2023-04-05T06:05:22Z","last_seen":"2026-04-06T08:34:09.078576Z","times_seen":5070,"resource_available":true,"data":null}},"time_used":1229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1229,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/bootstrap.min.css","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.002Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/bootstrap.min.css HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:53 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 16 Dec 2021 08:15:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61baf5be-1da71\"\r\nexpires: Wed, 25 Feb 2026 22:29:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":121457,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65369)","md5":"7f89537eaf606bff49f5cc1a7c24dbca","sha1":"b0972fdcce82fd583d4c2ccc3f2e3df7404a19d0","sha256":"6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11","sha512":"0e8a7fbd6de23ad6b27ab95802a0a0915af6693af612bc304d83af445529ce5d95842309ca3405d10f538d45c8a3a261b8cff78b4bd512dd9effb4109a71d0ab","ssdeep":"768:rf7Gxw/Tc/hOWlJ+UtVIuiHlqAmQI4X8OAdXFxbv8KIf2BdU+JdOMx1iVvH1FS:sw/YGGIuiHlqAmO8l1bNXdOqT","tlshash":"0dc3c7a0f21031ea7333c55a71d0fd872219a153e6664eb7f22f25d88f846ca1673f1a","first_seen":"2023-03-07T12:03:40Z","last_seen":"2026-04-06T08:33:34.168941Z","times_seen":16582,"resource_available":false,"data":null}},"time_used":325,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":325,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/202311144.png","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.018Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/202311144.png HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 08 Jan 2024 16:26:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"659c223a-203fb\"\r\nexpires: Fri, 27 Mar 2026 10:29:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":132091,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1280x720, components 3","md5":"49eaa0c616649d483fb7dd743734e5eb","sha1":"9c14fba9384ab4bd7b14886990f977fbd5d28beb","sha256":"12046319753ef51b126145845ff46a66c87f49bdfd6414ae3080467b56ab01a6","sha512":"06f04d05ae73cc88f90af9a04a3776782c820ee2edf4237a7d86c1fcfcb6689d6982146839a5de891eeaf6fa4e7fdd1c3cc7775ad013cd11017d22998bd15779","ssdeep":"3072:tiIFwYOXtWAHPmlE9aniwjr0CLr4abHUgp88Py:tYYOXUUPmvniqrhRbHs86","tlshash":"58d312b2e58fb7751191d99882aaf43c7bc9742c943470ce2a25a253b1b95a4031fbcf","first_seen":"2024-03-03T07:44:43Z","last_seen":"2026-03-28T19:24:56.086289Z","times_seen":138,"resource_available":false,"data":null}},"time_used":332,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":332,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/BCH-USDT.png","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.892Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/BCH-USDT.png HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25; __vtins__3KiEZkZFfBh9UuSO=%7B%22sid%22%3A%20%22670c1c34-492b-5508-8316-a696b368c0d2%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201772017193380%2C%20%22ct%22%3A%201772015393380%7D; __51uvsct__3KiEZkZFfBh9UuSO=1; __51vcke__3KiEZkZFfBh9UuSO=f0be80d2-9738-5972-bfd9-fb5b26094849; __51vuft__3KiEZkZFfBh9UuSO=1772015393385\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:54 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 06 Mar 2023 12:42:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6405dfac-c04\"\r\nexpires: Fri, 27 Mar 2026 10:29:54 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3076,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"fcfb7466550d39410a0e2758aaf9ff2a","sha1":"26a356bee175ce6b7ef55c6ce470eff379217945","sha256":"bbc99d3b87bcf83df144951705c018abc5964a929e598311ee1e11728cf462c5","sha512":"41e7a27ea5cdefdd81bba731588a52e541c4abbb21a9d78e63973c8b910024763a632ed6ea7b3fb2d28c19398caa0d806fcdc2b1a023b767edc75e0792a6b39c","ssdeep":"","tlshash":"1c515dc6667a101e8e8e961f6d957276757359994804880ee08139466cf6d5380772d2","first_seen":"2023-07-31T18:35:57Z","last_seen":"2026-03-28T19:24:56.081311Z","times_seen":159,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":307,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-25T10:29:49.004Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:49 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nset-cookie: think_var=en-cn; path=/\nPHPSESSID=50m2n213npd7a677eqf2m82f25; path=/; HttpOnly\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Zepto","description":"","website":"https://zeptojs.com","common_platform_enumeration":"","icon":"Zepto.png","categories":["JavaScript libraries"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}],"data":{"size":8554,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators","md5":"308174f075f58e5c1091b294cf5e96d3","sha1":"a7a0fb2de98c676f52eac09022d792383d63d1dc","sha256":"7206734ae90dfd0e27ff6d908ac99c670bace2b048751b24aef10f75dd1060fb","sha512":"efa8667f30610b7f78aa305653bf36c3dc851e55c26dfc0b7289495331bf0415c3b6f48e221ff983794bc0f822e19efac6ed2c3a8baf652d147691a2482602d8","ssdeep":"192:iIDfZNE02VvxucMeoUWp9eHSO6VKZO8/lhUP:iIDfZNE02Vvxi/J4lhM","tlshash":"ea026524978d1da700131561b2396bdda47f6e02ca138910f1ff165bafe9ec4ac3b85b","first_seen":"2025-09-09T18:46:02.295717Z","last_seen":"2026-03-15T15:36:21.146151Z","times_seen":18,"resource_available":true,"data":null}},"time_used":1706,"timings":{"blocked":668,"dns":44,"connect":306,"send":0,"wait":371,"receive":0,"ssl":314},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/plugin/swiper/swiper-3.4.2.min.js","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.013Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /plugin/swiper/swiper-3.4.2.min.js HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:53 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 02 Sep 2020 09:36:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5f4f678e-178a3\"\r\nexpires: Wed, 25 Feb 2026 22:29:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":96419,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (31999)","md5":"fb13ef3e875ca3497ede35d3774be9d3","sha1":"ab0743a89d522438c17ae7eaf5943fd4590ee3d0","sha256":"4a10219bee747aadeeda78f166d787adf32583f361f88d44b472f6f3da798083","sha512":"7b9fba1a93c724bc53e1dd4e27e59534430076346ddc73b24fcb71c9b7cb831321a70ffa38797185f7108ee64a18f1fa08cf2b7ccf2dbfc03e767b23187814c5","ssdeep":"1536:eyOkN3TklR3ZIFDJ+Y7n2L5ydUTq0tSQfCBTR:LTX73uTq/","tlshash":"0d93d66eb314f3e295d3214a675ac64122f21706b809dae870b54c4a68bcc5d03bffbd","first_seen":"2023-03-07T01:17:19Z","last_seen":"2026-04-06T08:01:40.298719Z","times_seen":3060,"resource_available":true,"data":null}},"time_used":327,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":327,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/nav_icon_6.png","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.025Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/nav_icon_6.png HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 31 Dec 2023 12:18:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65915c33-2cda\"\r\nexpires: Fri, 27 Mar 2026 10:29:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11482,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 450x450, components 3","md5":"e322787468fe4f8c92fa5aecf763f271","sha1":"babd8bdb46bfa06658011d65beec581bdab2eda1","sha256":"efe609a452a95993d4fff47ec36c2c5fcb5bc15a0ba2a850c6a0347348c14640","sha512":"6d459477b07033b9aac4ad5b0bb7a98e1c39c55d919f09936af7b21969a7f4c7372936856e89a4eb5ec0b63fa03ea1817d5bd582d61f61094a97f5c98085ab39","ssdeep":"192:0YnUvmjXwyNA1ILIGUhhhhhhhCB68pGUI2vhiB1kdPByPG/QDrfOiAWWepuKQauY:0YUv2XZGILshhhhhhhCBP/hkOyPYQDiq","tlshash":"47328e7e364870a5d80199f7019493470f2ebf625868fbdd5591d2c747ecde428c288b","first_seen":"2024-03-03T07:44:42Z","last_seen":"2026-03-28T19:24:56.096815Z","times_seen":135,"resource_available":false,"data":null}},"time_used":608,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":608,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/weui.css","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tertv.com/","date":"2026-02-25T10:29:50.312Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/weui.css HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:50 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 19 Jan 2024 09:26:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65aa4030-c5296\"\r\nexpires: Wed, 25 Feb 2026 22:29:50 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":807574,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (786)","md5":"9ff14bfa1b8db0f075ef08c1d7fbc75b","sha1":"9aabe00c4282e3c48ab4891ce4e6d8da3fbef864","sha256":"a06eb942ce0197d887cbcf7da8f356c0898b67b7492ad2dcafa0bc73960d3d77","sha512":"02daadfec11b8613e04d49be034ad2cf59c32845f7c814a51659175db036dcbeaec672e8a27fb3d0fe34a9238423bd5806b357f6501845560e1126025cedd73d","ssdeep":"12288:PcNlDoIcChMhwlsssrAcE7WHsUbk2jsu2PIb2vO3+y6NdG7XzUftCFIJlpGn4hQF:PcNllcChMhkrG","tlshash":"bc053aef9e587605b41e570a71c3da5ba32b5543249261ce98ddf280cf3aacf72e052c","first_seen":"2024-05-01T16:53:09Z","last_seen":"2026-03-28T19:24:56.085485Z","times_seen":184,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/plugin/swiper/swiper-3.4.2.min.css","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.010Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /plugin/swiper/swiper-3.4.2.min.css HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:53 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 02 Sep 2020 09:36:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5f4f678e-455f\"\r\nexpires: Wed, 25 Feb 2026 22:29:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17759,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (17459)","md5":"6af34d0737ad0ca608111771cf74cc79","sha1":"15d0417baa08a741c6aee19fdfbf4813635f98f8","sha256":"47b0e7129add982c0e394f0dfa8d9621e6c9e4126859b26e1ad25c18def0d812","sha512":"74b738d66a9da306308153c683bfe1fc784bdf34166492eb4e76ea015c32bdf1f01c5f97a6c7eee5459c13b04e8dc63f7ffd20579e6808fed467e0896abe4baa","ssdeep":"192:bgG0GpaNCO8jrfg5WHmXgyXyzSHF68DJB0SwD:bgG52CXfgWHfyXyzSl68Pe","tlshash":"2982832c17002067f6324f1947c9e77c9715c893ae0368ef6650de48cbbb5a9227f796","first_seen":"2023-04-05T14:33:33Z","last_seen":"2026-04-06T08:01:40.306184Z","times_seen":4537,"resource_available":false,"data":null}},"time_used":327,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":327,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/layer3.1/theme/default/layer.css?v=3.1.1","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.388Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /layer3.1/theme/default/layer.css?v=3.1.1 HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25; __vtins__3KiEZkZFfBh9UuSO=%7B%22sid%22%3A%20%22670c1c34-492b-5508-8316-a696b368c0d2%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201772017193380%2C%20%22ct%22%3A%201772015393380%7D; __51uvsct__3KiEZkZFfBh9UuSO=1; __51vcke__3KiEZkZFfBh9UuSO=f0be80d2-9738-5972-bfd9-fb5b26094849; __51vuft__3KiEZkZFfBh9UuSO=1772015393385\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:53 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 05 Jun 2021 10:36:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60bb5394-381f\"\r\nexpires: Wed, 25 Feb 2026 22:29:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14367,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (14367), with no line terminators","md5":"3d2e0d91c5c0b96abb8dbdc2234aba77","sha1":"9d55e153b30fd7414fada5718e20918e9c7f65e7","sha256":"e3144d018a6a24f733c6fc2a2ee603fb583f0030585e9d4b71bec471b78e31fc","sha512":"42bf3eff281998d088ce012b9a5910f72951c91715595572bb968fbfc5fa2b1cddacef3ca683a1734eb41114b302b6a4dad8b7432c5877b3563a080a2547ae05","ssdeep":"96:mp+Ntha8qNEp+wRY1vUPXiK6nMLPD2OtLzXyPHL/LztJDzyv2OQ7KGx1jyd2/SWz:1WmLr2OtSrzzt42OQ7KGx1jCWR2b+RcU","tlshash":"2e5221e144811299b0278721d6dc7eba32f88d43e5630daef257381f874c6dba2b6647","first_seen":"2023-04-05T06:05:22Z","last_seen":"2026-04-06T08:42:54.787548Z","times_seen":5871,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":307,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/LTC-USDT.png","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.891Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/LTC-USDT.png HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25; __vtins__3KiEZkZFfBh9UuSO=%7B%22sid%22%3A%20%22670c1c34-492b-5508-8316-a696b368c0d2%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201772017193380%2C%20%22ct%22%3A%201772015393380%7D; __51uvsct__3KiEZkZFfBh9UuSO=1; __51vcke__3KiEZkZFfBh9UuSO=f0be80d2-9738-5972-bfd9-fb5b26094849; __51vuft__3KiEZkZFfBh9UuSO=1772015393385\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:54 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 06 Mar 2023 12:38:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6405deae-188b\"\r\nexpires: Fri, 27 Mar 2026 10:29:54 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6283,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"dca3baa74655281c8b110af414301239","sha1":"91270f66491c87379658135e36085e6135ec7711","sha256":"e7bff393a9638d5f5d6a705704dbf525179c17e79938cce1dbcf843834c0e319","sha512":"a84b5e9288569f2470edd56cdc285d442488b5b70e715c026cd459bc95e8804624fe13097d7637403d623b1595c916ddac0e0deba9580191f0ab4d6bb6867868","ssdeep":"192:CIHVMUsen10sEX6QcfbjVFyy1Fuazs5eilreriVN:CeuLenisEKp8UFuEi/VN","tlshash":"73d1ae11b2cfd571221b3e96f41282990f7a32398cc8aebf8a470514c40bd889e56f73","first_seen":"2023-07-31T18:35:56Z","last_seen":"2026-03-28T19:24:56.108338Z","times_seen":162,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":307,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/nav_icon_2.png","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.023Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/nav_icon_2.png HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 31 Dec 2023 12:18:55 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65915c2f-1252\"\r\nexpires: Fri, 27 Mar 2026 10:29:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4690,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"3c08c6452a2aa332ea43ca5a61ad823c","sha1":"55228e0c667594e5c7f185aeebb4b38aecdd61bb","sha256":"0f8ccc06f4a0bf3aa31379d887b8a85a6765d8b8de9cf4c709a243c6426f5cde","sha512":"af611f593568e5620a35fe0366035fed8482a135726e14448af29fc8963174e2c85a6e19a99d064aa7af63614859b0b5f93c8cb42ed82b0c9fee574ff30db3a0","ssdeep":"96:pLmm2om5GBPx82M4HfFHUfZOW4v4HIWPDeq0gRX/65cRdt:pGtIBPx82M4/csvcIGDDRX/zn","tlshash":"53a17c9b8b263b01042e41c62bdeeab6444984dccdd20806e14faca6b91ea9061f5c37","first_seen":"2024-03-03T07:44:42Z","last_seen":"2026-03-28T19:24:56.09623Z","times_seen":136,"resource_available":false,"data":null}},"time_used":340,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":340,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"collect-v6.51.la/v6/collect?dt=4","fqdn":"collect-v6.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"43.159.107.113","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.392Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.51.la","organization":"广州有啦网络科技有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 18 Mar 2025 04:08:22 GMT","end":"Sun, 19 Apr 2026 04:08:21 GMT"},"fingerprint":{"sha1":"AE:CB:32:71:EE:EE:E6:72:A4:88:B2:9F:4F:C4:E5:B5:A8:C2:73:6C","sha256":"7C:F1:09:2F:6A:8C:5B:F8:63:DF:D3:32:B0:F3:F8:E7:01:29:0E:F2:55:8B:4F:6C:58:55:8E:44:E9:EC:15:F4"}}},"request":{"raw":"POST /v6/collect?dt=4 HTTP/1.1\r\nHost: collect-v6.51.la\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Length: 271\r\nOrigin: https://tertv.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 212 No Reason Phrase\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://tertv.com\r\naccess-control-allow-credentials: true\r\nserver: TencentEdgeOne\r\ncontent-length: 0\r\ndate: Wed, 25 Feb 2026 10:29:53 GMT\r\neo-log-uuid: 12610012648438319079\r\neo-cache-status: MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"212","status_text":"No Reason Phrase","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T09:11:47.12615Z","times_seen":13415969,"resource_available":true,"data":null}},"time_used":1006,"timings":{"blocked":47,"dns":0,"connect":0,"send":0,"wait":946,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/index/okx/market/type/2.html","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.445Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"POST /index/okx/market/type/2.html HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nOrigin: https://tertv.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25; __vtins__3KiEZkZFfBh9UuSO=%7B%22sid%22%3A%20%22670c1c34-492b-5508-8316-a696b368c0d2%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201772017193380%2C%20%22ct%22%3A%201772015393380%7D; __51uvsct__3KiEZkZFfBh9UuSO=1; __51vcke__3KiEZkZFfBh9UuSO=f0be80d2-9738-5972-bfd9-fb5b26094849; __51vuft__3KiEZkZFfBh9UuSO=1772015393385\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:53 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17252,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"JSON text data","md5":"a0bb925c7bf7c93e10c335a8bd99cb76","sha1":"30f3746496e4f53e71e1b12b545fc67c04b9dab5","sha256":"cb4538232c3379f6897d6924b44c5e36bbb1d0441c3f89bafce7d762ea51d09f","sha512":"ab22cc849cc8d271cf8628d232e1b23edeb2e3bfb23faea54dbb8a5e48b31a604fa855cb156727492188993200adf6e5fcc2031b28c2f3d859519e4e9cabd8f0","ssdeep":"192:WaVWaViaV5aV3aVaaVUaVeaVkaVnaVLaVyaVNHaVzaVB:nnzAO7V/l+iDNe6B","tlshash":"5572223118beb113126643b85179277ebc43194ffb73590076abb359eb8dc04b98add8","first_seen":"2026-02-25T10:30:19.220753Z","last_seen":"2026-02-25T10:30:19.220753Z","times_seen":1,"resource_available":false,"data":null}},"time_used":517,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":517,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/AAVE-USDT.png","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.905Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/AAVE-USDT.png HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25; __vtins__3KiEZkZFfBh9UuSO=%7B%22sid%22%3A%20%22670c1c34-492b-5508-8316-a696b368c0d2%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201772017193380%2C%20%22ct%22%3A%201772015393380%7D; __51uvsct__3KiEZkZFfBh9UuSO=1; __51vcke__3KiEZkZFfBh9UuSO=f0be80d2-9738-5972-bfd9-fb5b26094849; __51vuft__3KiEZkZFfBh9UuSO=1772015393385\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:54 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 06 Mar 2023 12:42:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6405dfba-1680\"\r\nexpires: Fri, 27 Mar 2026 10:29:54 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5760,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"3493cff3bc1a5c0fab9e2b4e3d56d02d","sha1":"e59f811144da48fea79af0e88af77236d4db35b9","sha256":"1170e6b6853e8a1289dd1bc53e0d50ff051e01a0a85db14b7132962138de2904","sha512":"96f68a8d893eea9971c29500349552ddb92136d0808f6219727e54f774256ae13971d88be2aade654c7487e644469b291d5a8b1c879d5d072b28cb2f59cacf28","ssdeep":"96:iRnB+OYStZ8p72ZLMI4W5xdFccHdNVOrNj8+GrDSvf79JFKpgKdd0XrXnLjK2bN:e+OD8ZMLMI4WLf9LC4ZDSv5J4p/ojLNh","tlshash":"6cc18e8978d6beb7e0e59d144788f1f4b28021646873da7fda9cd3c624251373eb628c","first_seen":"2023-07-31T18:35:56Z","last_seen":"2026-03-28T19:24:56.106592Z","times_seen":158,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":307,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/jquery.min.js","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tertv.com/","date":"2026-02-25T10:29:50.317Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/jquery.min.js HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:50 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 09 Dec 2021 13:13:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61b200e6-169d5\"\r\nexpires: Wed, 25 Feb 2026 22:29:50 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":92629,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32089)","md5":"397754ba49e9e0cf4e7c190da78dda05","sha1":"ae49e56999d82802727455f0ba83b63acd90a22b","sha256":"c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4","sha512":"8c64754f77507ab2c24a6fc818419b9dd3f0ceccc9065290e41afdbee0743f0da2cb13b2fbb00afa525c082f1e697cb3ffd76ef9b902cb81d7c41ca1c641dffb","ssdeep":"1536:dnu00HWWaRxkqJg09pYxoxDKMXJrg8hXXO4dK3kyfiLJBhdSZE+I+Qg7rbaN1RUx:ddkWgoBhcZRQgmW42qe","tlshash":"8c932bdd72d2b03257ab30bd106f540ff2361959280d8850f268d8f9bc79a49a277f6d","first_seen":"2023-03-07T01:02:08Z","last_seen":"2026-04-06T09:01:57.763545Z","times_seen":60874,"resource_available":true,"data":null}},"time_used":1231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1231,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/plugin/swiper/yy.js","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.011Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /plugin/swiper/yy.js HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:53 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 02 Jun 2024 07:55:41 GMT\r\nvary: Accept-Encoding\r\netag: W/\"665c257d-6d1\"\r\nexpires: Wed, 25 Feb 2026 22:29:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1745,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"05ed2352d599c6fbebbbf11feb5991d2","sha1":"b6d563caec0f9a8d45649ad9bcc08fd0c3b857b5","sha256":"6d8df9de53c93ee22a1079caf784d80da2fb435ac9d6ec196335004ef5aae438","sha512":"04d86028bc84e3eba9a93ddf308ec4d9e52328900e1faa94962f79dcb5de5cd63459d759eea3f4b701519c8daea7761aaf42de01cd412268d44bdfb3fc800493","ssdeep":"","tlshash":"ad318de69a769305526ae029579f3f2321b308771008e8947a4dc7086fed3cb061fbad","first_seen":"2024-06-02T21:14:46Z","last_seen":"2026-03-28T19:24:56.09936Z","times_seen":74,"resource_available":true,"data":null}},"time_used":326,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":326,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/FIL-USDT.png","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.900Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/FIL-USDT.png HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25; __vtins__3KiEZkZFfBh9UuSO=%7B%22sid%22%3A%20%22670c1c34-492b-5508-8316-a696b368c0d2%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201772017193380%2C%20%22ct%22%3A%201772015393380%7D; __51uvsct__3KiEZkZFfBh9UuSO=1; __51vcke__3KiEZkZFfBh9UuSO=f0be80d2-9738-5972-bfd9-fb5b26094849; __51vuft__3KiEZkZFfBh9UuSO=1772015393385\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:54 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 06 Mar 2023 12:41:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6405df76-dae\"\r\nexpires: Fri, 27 Mar 2026 10:29:54 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3502,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"67a897eeeca6348fe248fbd96cf42e00","sha1":"a1fe7560b4286e14d95d9436797c01af7be49605","sha256":"8d236c01af163784f1a77c45a7127732fd2a6d6202b9c4f9dac99f60d9f1d313","sha512":"4a5ccafc16b5c016c3403d3138aec8a0f7136942a2b834b20ce24b9a1b1045ba7ab132474bf74713160af1bfac4b1032e31f5477818268db801cf0b6ae6cc7b3","ssdeep":"","tlshash":"04714ce25dfa87f62750f2120932e3314adab3244fda5cabcc3449279171e5478a8d98","first_seen":"2023-07-31T18:35:57Z","last_seen":"2026-03-28T19:24:56.101699Z","times_seen":159,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":307,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/zepto.min.js","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.002Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/zepto.min.js HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:53 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 09 Dec 2021 13:13:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61b200e6-7235\"\r\nexpires: Wed, 25 Feb 2026 22:29:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":29237,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (29237), with no line terminators","md5":"2dd2e0f33e6b0fe9d4800aef6199e605","sha1":"50e5731db220ebef453bc8b45b0653faca6f8b99","sha256":"29fd5016efe08849f1124ff05b0658d6579e6826fda0569fc1b77598c0e56036","sha512":"c0c380eafa19ff621cc7d74fa8b782b28b7c8bb2e72d88a6887d0367f5710befe616b8d33903cec1cf4d671ef27f2e25ce58914b9cf770a4ddc48140a732f740","ssdeep":"384:WRWPO3mlNwpEiFT4wQpNWdkLSDei2uFHs0YB35FYQtoskIX9:jxlNwpjoERT2KHXYp5JkIX9","tlshash":"59d272ccb2c2b46707a7b1b8506f624bf23a6889380e4454f169e8e57c7890e9577f7c","first_seen":"2023-03-07T16:38:18Z","last_seen":"2026-04-05T23:15:50.544148Z","times_seen":706,"resource_available":true,"data":null}},"time_used":325,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":325,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/layer3.1/layer.js","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.005Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /layer3.1/layer.js HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:53 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 05 Jun 2021 10:36:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60bb5394-5664\"\r\nexpires: Wed, 25 Feb 2026 22:29:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":22116,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (22020)","md5":"d0c975e34297f3e44e99c9d83555ffc1","sha1":"7e465bd79e65428cf07e5991196cff512ce44a4b","sha256":"691aad750624d84b17f2fbb73a4982860edd18837f3000c5b660ac82bf408e82","sha512":"1d9dcd7e1afe695e5716ea55f9a5a3e3aa45852722b4e1a2653ebd3f3a85c8b7a34b15264751f5ee26ea56ee49c8683a00d771197d8b32d9ea53d842d6db3b79","ssdeep":"384:41xCih92A3igrLXSt/SdMrXqE6tGLxzAOTElH0jjhtjfs8:41EiV3i+WtXItqF13k8","tlshash":"56a2b66a754034976323906ad11fba0b31f21d24d7078128f22bb4ae1dbcd95a2b7f5f","first_seen":"2023-04-05T06:05:22Z","last_seen":"2026-04-06T08:34:09.078576Z","times_seen":5070,"resource_available":true,"data":null}},"time_used":327,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":327,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/XRP-USDT.png","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.896Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/XRP-USDT.png HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25; __vtins__3KiEZkZFfBh9UuSO=%7B%22sid%22%3A%20%22670c1c34-492b-5508-8316-a696b368c0d2%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201772017193380%2C%20%22ct%22%3A%201772015393380%7D; __51uvsct__3KiEZkZFfBh9UuSO=1; __51vcke__3KiEZkZFfBh9UuSO=f0be80d2-9738-5972-bfd9-fb5b26094849; __51vuft__3KiEZkZFfBh9UuSO=1772015393385\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:54 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 06 Mar 2023 12:44:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6405e02e-eab\"\r\nexpires: Fri, 27 Mar 2026 10:29:54 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3755,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"336e89752e43f0420d730aba7079db57","sha1":"b3a07bf4a3ddb0fc9195f4f66418647f5e04acfb","sha256":"238a85ea6f23f3385103514d346a85b4fc4ba740617a7e8010ac1910bb6420c9","sha512":"ce626edbddc0589adae16de97c4d178b8a706d6f32c0f766e97c4edb183b81aa70a0607f88c3680e2bfb56b87b712805c2af7f66b7ed6ca7cd23e3f58cf9e244","ssdeep":"","tlshash":"72713ae99a674323ff1670c10abd0fb8ed3dc32546e529e82b1d2e84ef035c00a68884","first_seen":"2023-07-31T18:35:57Z","last_seen":"2026-03-28T19:24:56.082169Z","times_seen":164,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":307,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/LINK-USDT.png","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.903Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/LINK-USDT.png HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25; __vtins__3KiEZkZFfBh9UuSO=%7B%22sid%22%3A%20%22670c1c34-492b-5508-8316-a696b368c0d2%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201772017193380%2C%20%22ct%22%3A%201772015393380%7D; __51uvsct__3KiEZkZFfBh9UuSO=1; __51vcke__3KiEZkZFfBh9UuSO=f0be80d2-9738-5972-bfd9-fb5b26094849; __51vuft__3KiEZkZFfBh9UuSO=1772015393385\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:54 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 06 Mar 2023 12:39:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6405deea-aa4\"\r\nexpires: Fri, 27 Mar 2026 10:29:54 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2724,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"9d8794d5f0af4ba9cc148e220721efb4","sha1":"fc0834249a27b37715a8ec73d6311a128b342a97","sha256":"68f6bf170e0cc6f176a00bff0dad9765ef1479d1f57df702132a1c565d6aa80a","sha512":"242b297da1dd6b24f3fdd3c778b057cce8af59e43f91c10f3709f5c01ed5e2cc1ad7540ee11ae038623d50358a66514eac85b9f0ab5c50a3dc2aebce2bf40554","ssdeep":"","tlshash":"db516c43c60e16ec4a091417d6a7acffa7b1e903463c1ba36685ac3cac2b08d20d6688","first_seen":"2023-07-31T18:35:57Z","last_seen":"2026-03-28T19:24:56.102305Z","times_seen":161,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":307,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/plugin/swiper/yy.js","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tertv.com/","date":"2026-02-25T10:29:50.329Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /plugin/swiper/yy.js HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:50 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 02 Jun 2024 07:55:41 GMT\r\nvary: Accept-Encoding\r\netag: W/\"665c257d-6d1\"\r\nexpires: Wed, 25 Feb 2026 22:29:50 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1745,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"05ed2352d599c6fbebbbf11feb5991d2","sha1":"b6d563caec0f9a8d45649ad9bcc08fd0c3b857b5","sha256":"6d8df9de53c93ee22a1079caf784d80da2fb435ac9d6ec196335004ef5aae438","sha512":"04d86028bc84e3eba9a93ddf308ec4d9e52328900e1faa94962f79dcb5de5cd63459d759eea3f4b701519c8daea7761aaf42de01cd412268d44bdfb3fc800493","ssdeep":"","tlshash":"ad318de69a769305526ae029579f3f2321b308771008e8947a4dc7086fed3cb061fbad","first_seen":"2024-06-02T21:14:46Z","last_seen":"2026-03-28T19:24:56.09936Z","times_seen":74,"resource_available":true,"data":null}},"time_used":1224,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1224,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/index/index/index/lang/en-cn.html","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-25T10:29:51.952Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /index/index/index/lang/en-cn.html HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:52 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlocation: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nset-cookie: think_var=en-cn; path=/\r\ncache-control: no-cache,must-revalidate\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8554,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T09:11:47.12615Z","times_seen":13415969,"resource_available":true,"data":null}},"time_used":619,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":619,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/weui.css","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.000Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/weui.css HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:53 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 19 Jan 2024 09:26:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65aa4030-c5296\"\r\nexpires: Wed, 25 Feb 2026 22:29:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":807574,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (786)","md5":"9ff14bfa1b8db0f075ef08c1d7fbc75b","sha1":"9aabe00c4282e3c48ab4891ce4e6d8da3fbef864","sha256":"a06eb942ce0197d887cbcf7da8f356c0898b67b7492ad2dcafa0bc73960d3d77","sha512":"02daadfec11b8613e04d49be034ad2cf59c32845f7c814a51659175db036dcbeaec672e8a27fb3d0fe34a9238423bd5806b357f6501845560e1126025cedd73d","ssdeep":"12288:PcNlDoIcChMhwlsssrAcE7WHsUbk2jsu2PIb2vO3+y6NdG7XzUftCFIJlpGn4hQF:PcNllcChMhkrG","tlshash":"bc053aef9e587605b41e570a71c3da5ba32b5543249261ce98ddf280cf3aacf72e052c","first_seen":"2024-05-01T16:53:09Z","last_seen":"2026-03-28T19:24:56.085485Z","times_seen":184,"resource_available":false,"data":null}},"time_used":313,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":313,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/nav_icon_7.png","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.026Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/nav_icon_7.png HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 06 Nov 2023 09:43:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6548b546-12e0\"\r\nexpires: Fri, 27 Mar 2026 10:29:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4832,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"98c3a8d3c87360d7ffbd7580bb7c1ff1","sha1":"53ac23a821c9cffdeca7c0a16d5e63e14a7b2dd0","sha256":"66d47904f1e797c923fa05c70b363a77f511a090aceb13dbe50ca3c0f131debe","sha512":"4d8f916c82d9e8c420be03e7b8dff61f8fd9450f848373702f0a4c0db533e801e9a5af319b881d71c0e57f655060c6d53182d0b66716b201b19718c6bf499cf9","ssdeep":"96:HydQblafDjvSN4vff5dr4B4ENTesVckps6Ey2lr/L3zcekFBTL+p5:HydQRgXpXDoTesVNz2lDL04","tlshash":"8fa16c12bc2cfa17a32301d2be72013e5e767a9f26838a2541d5b46a66e7f224512b1c","first_seen":"2024-03-03T07:44:43Z","last_seen":"2026-03-28T19:24:56.095042Z","times_seen":139,"resource_available":false,"data":null}},"time_used":608,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":608,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/nav6.png","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.396Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/nav6.png HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25; __vtins__3KiEZkZFfBh9UuSO=%7B%22sid%22%3A%20%22670c1c34-492b-5508-8316-a696b368c0d2%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201772017193380%2C%20%22ct%22%3A%201772015393380%7D; __51uvsct__3KiEZkZFfBh9UuSO=1; __51vcke__3KiEZkZFfBh9UuSO=f0be80d2-9738-5972-bfd9-fb5b26094849; __51vuft__3KiEZkZFfBh9UuSO=1772015393385\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 14 Feb 2023 06:34:52 GMT\r\nvary: Accept-Encoding\r\netag: W/\"63eb2b8c-11c7\"\r\nexpires: Fri, 27 Mar 2026 10:29:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4551,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 26 x 26, 8-bit/color RGBA, non-interlaced","md5":"2b48a5119ae2577ba771b1a56255cf21","sha1":"4b76aa263b1500ebbdd664c57236c06aec5042da","sha256":"352d1d21f87dd1eb47b34b0355728f0d9a15cdda8c7ef5141115c09333896ae1","sha512":"e9292c7a2c1f75db0f3de77d7f287c57b67207d52c5b8910fc13a3638695149cd733df621046e9c59a6b4012d4b3a87a943dc995ad0e161e7ef2359de84e2319","ssdeep":"96:OSMllcHitlIxv9vk7C1+I4wWHLihk/x8TvsczDwULotvw5EQT9jb:OSHIIHUCD4waCrJB0tvhQJjb","tlshash":"a4916dcb8584459c10090a6d3467db4f9aa39554d3debf248ebd930e9111c72bc75bcf","first_seen":"2023-07-31T18:35:56Z","last_seen":"2026-04-04T05:26:30.212764Z","times_seen":276,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":307,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/index/okx/market/type/1.html","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.439Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"POST /index/okx/market/type/1.html HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nOrigin: https://tertv.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25; __vtins__3KiEZkZFfBh9UuSO=%7B%22sid%22%3A%20%22670c1c34-492b-5508-8316-a696b368c0d2%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201772017193380%2C%20%22ct%22%3A%201772015393380%7D; __51uvsct__3KiEZkZFfBh9UuSO=1; __51vcke__3KiEZkZFfBh9UuSO=f0be80d2-9738-5972-bfd9-fb5b26094849; __51vuft__3KiEZkZFfBh9UuSO=1772015393385\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:53 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7340,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"JSON text data","md5":"043ad3e6b5e56e6e52ea82b8c7edb2a8","sha1":"535382b2c3fde07e67a7591359fc9a9b981420dc","sha256":"e46dc0e4891a03367ee6e3d1264ba0aa695353a7693d38997f37e634b781d06f","sha512":"7c7c5dffa3ae7259c167cb80f715416c713da7d92f17429209ad0a3ec1e2a58466712b5746d99529b938ecac0be6d5abd8d58aea07a0b52796ce81cb72f60167","ssdeep":"48:YdX9C7cm1UGQcP13gc11rpq7cc1z+c21Ijcz1c777cV1Odcn1hYcx1cHcW1EHcms:/ruyj+pmfg7ADpi2HrQOQ","tlshash":"46e19332257bb1a3215387b521e93a3f7553884cfe33c76052e6b619e78dc08de61e68","first_seen":"2026-02-25T10:30:19.228583Z","last_seen":"2026-02-25T10:30:19.228583Z","times_seen":1,"resource_available":false,"data":null}},"time_used":430,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":430,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/ETC-USDT.png","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.898Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/ETC-USDT.png HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25; __vtins__3KiEZkZFfBh9UuSO=%7B%22sid%22%3A%20%22670c1c34-492b-5508-8316-a696b368c0d2%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201772017193380%2C%20%22ct%22%3A%201772015393380%7D; __51uvsct__3KiEZkZFfBh9UuSO=1; __51vcke__3KiEZkZFfBh9UuSO=f0be80d2-9738-5972-bfd9-fb5b26094849; __51vuft__3KiEZkZFfBh9UuSO=1772015393385\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:54 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 06 Mar 2023 12:37:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6405de8e-cbe\"\r\nexpires: Fri, 27 Mar 2026 10:29:54 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3262,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"1b20cac397cc00bc2bcbd9ffe6c5edd9","sha1":"e4ff0b671fb41c003c8c1854768c606ad16b2b69","sha256":"30316aed28b32e076a6366fab2e42431d26260ce847033086a873d7be9776b7d","sha512":"e5d0174251865febd4e3bd57726caf146d5ea2a4faad09b1b88c8cb74599be8072be20facecb7e9d25200b368c4e7ac79e04106b42a17a723b573fe713133918","ssdeep":"","tlshash":"83616d92f46d0c27446d43060eb0c3de7be16e738a525fd15d727000b16b0ce15764eb","first_seen":"2023-07-31T18:35:56Z","last_seen":"2026-03-28T19:24:56.110084Z","times_seen":160,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":307,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/iconfont.css","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tertv.com/","date":"2026-02-25T10:29:50.324Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/iconfont.css HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:50 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 19 Dec 2021 14:48:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61bf463c-63ce\"\r\nexpires: Wed, 25 Feb 2026 22:29:50 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25550,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (20698)","md5":"7636674a9cc00e0ab274c0118bf30792","sha1":"f27a0be01fbbbf273a89d3c422379aec2764e686","sha256":"9fa256777e1db1a122b57fc40c30257f8f850a678bed98019d471e6df77eef75","sha512":"d689560eb32216bc369b734a97df8a0fd12cb53dfd23f9c424cb44199fbf151e5eda7764c88b97a31009627931522b7608f2917153ab0aceb94bd5c62d7bd735","ssdeep":"384:LBCVGK9CWi1Frac1AzSvwRf/S6a4ukK0SlgOLkQ3PJv4IpQCKWPlNU3PLLg1UXav:to/V6mc1lHFkKdXvZ4KVKWdNsrav","tlshash":"87b23cf499bd5ca41306e4d53342a760ef0d66a48d8b4d5bf3a73c9cb7e32018186aec","first_seen":"2023-05-09T00:01:32Z","last_seen":"2026-04-05T23:15:50.542473Z","times_seen":492,"resource_available":false,"data":null}},"time_used":1226,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1226,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/common.css","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tertv.com/","date":"2026-02-25T10:29:50.325Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/common.css HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:50 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 16 Dec 2023 08:35:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"657d616f-2292\"\r\nexpires: Wed, 25 Feb 2026 22:29:50 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8850,"size_decoded":0,"mime_type":"text/css","magic":"troff or preprocessor input, ASCII text","md5":"5efc94146d41959a0ed7be06f2557cc7","sha1":"2e03a6b70ae7fd2474771a2e14a6c78b985fc750","sha256":"6968ee2e91a3c244a1f4b86e168ec713219739e1104df3244a7aa316d64031d1","sha512":"6452172b442435d301b0f63993b953a8457f995e133487cea6dc7cb171f618fbe609544bf10025b75cc2f08fabeb7c8621a9816c53a3d15679393b0ab52c4bab","ssdeep":"96:epXQmxdt9YxYk6mC+rd++Zaj1Bjx6CNvxVUWxWR08uNwiSHrKi:eamhWOk6mC+c+mBj4QxVUWER08uNri","tlshash":"a4027429da162104f163f2fbbee5978a17298107d6130afdb5a43661db8e1dc04b3bcd","first_seen":"2024-08-20T01:27:55.762213Z","last_seen":"2026-03-28T19:24:56.098769Z","times_seen":85,"resource_available":false,"data":null}},"time_used":1225,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1225,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/nav_icon_5.png","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.021Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/nav_icon_5.png HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 31 Dec 2023 12:18:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65915c32-10af\"\r\nexpires: Fri, 27 Mar 2026 10:29:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4271,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"54653dda2da5de0aeb60b829f9724e9b","sha1":"3b6c5b6fa622ee5ab61440daf134f44f0d865641","sha256":"751864391549cc69b9d70063c9fb14e6f012a9d31a3bf32f141f585a2143e73e","sha512":"462282e54bd4f08d68cd628ed8027316e9c6fb4d481a31a93daf2ebd7eb08ab2e2ecbdf29f95d52af803763bd33baf42870aff91930e7fcfcea8a8d1b6682059","ssdeep":"96:p/nqM3OA+Ca0PA4GqqYcOVTN/PdYARJ48dT7XKGwYQRrbB4:z34f0ozzPOVTZrRJ48dX3hQ9B4","tlshash":"fa914ac38f528db860f2ffe189f9e1a26961851d5ba4ae5c489cf8010007a76aac5e13","first_seen":"2024-03-03T07:44:42Z","last_seen":"2026-03-28T19:24:56.095642Z","times_seen":141,"resource_available":false,"data":null}},"time_used":341,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":341,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/nav6.png","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tertv.com/","date":"2026-02-25T10:29:50.334Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/nav6.png HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:50 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 14 Feb 2023 06:34:52 GMT\r\nvary: Accept-Encoding\r\netag: W/\"63eb2b8c-11c7\"\r\nexpires: Fri, 27 Mar 2026 10:29:50 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4551,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 26 x 26, 8-bit/color RGBA, non-interlaced","md5":"2b48a5119ae2577ba771b1a56255cf21","sha1":"4b76aa263b1500ebbdd664c57236c06aec5042da","sha256":"352d1d21f87dd1eb47b34b0355728f0d9a15cdda8c7ef5141115c09333896ae1","sha512":"e9292c7a2c1f75db0f3de77d7f287c57b67207d52c5b8910fc13a3638695149cd733df621046e9c59a6b4012d4b3a87a943dc995ad0e161e7ef2359de84e2319","ssdeep":"96:OSMllcHitlIxv9vk7C1+I4wWHLihk/x8TvsczDwULotvw5EQT9jb:OSHIIHUCD4waCrJB0tvhQJjb","tlshash":"a4916dcb8584459c10090a6d3467db4f9aa39554d3debf248ebd930e9111c72bc75bcf","first_seen":"2023-07-31T18:35:56Z","last_seen":"2026-04-04T05:26:30.212764Z","times_seen":276,"resource_available":false,"data":null}},"time_used":1221,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1221,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/index/index/index/jumplang/en-cn.html","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-25T10:29:52.577Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /index/index/index/jumplang/en-cn.html HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://tertv.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:52 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Zepto","description":"","website":"https://zeptojs.com","common_platform_enumeration":"","icon":"Zepto.png","categories":["JavaScript libraries"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":8554,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators","md5":"308174f075f58e5c1091b294cf5e96d3","sha1":"a7a0fb2de98c676f52eac09022d792383d63d1dc","sha256":"7206734ae90dfd0e27ff6d908ac99c670bace2b048751b24aef10f75dd1060fb","sha512":"efa8667f30610b7f78aa305653bf36c3dc851e55c26dfc0b7289495331bf0415c3b6f48e221ff983794bc0f822e19efac6ed2c3a8baf652d147691a2482602d8","ssdeep":"192:iIDfZNE02VvxucMeoUWp9eHSO6VKZO8/lhUP:iIDfZNE02Vvxi/J4lhM","tlshash":"ea026524978d1da700131561b2396bdda47f6e02ca138910f1ff165bafe9ec4ac3b85b","first_seen":"2025-09-09T18:46:02.295717Z","last_seen":"2026-03-15T15:36:21.146151Z","times_seen":18,"resource_available":true,"data":null}},"time_used":368,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":368,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/nav_icon_1.png","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.022Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/nav_icon_1.png HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 31 Dec 2023 12:18:54 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65915c2e-10e2\"\r\nexpires: Fri, 27 Mar 2026 10:29:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4322,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"243898897798afc237a02919dc231f87","sha1":"7fde85148bbc029b49bab5b22cc31f4a39984ef8","sha256":"d032cd3e3944ec6ddc59100c977ca8871cefc4ec99a921d9c8c7f90a96d6b45f","sha512":"9d05f7f1ba3112ba9c99c9ee401c4430b42cdc136d35731df15f6410c846fca958c17bdff794286dda1aae7cd4c0afc8511feb9d47f19435e318167192b71003","ssdeep":"96:2m0GptgO1FSyTWPdsCElMoxkV0+e4/DdEj8DlrUp:ftXXrCwlBxW0+e4pEcAp","tlshash":"c4917f5b0301cef0141ba277365742c331f72504055b3b44929f7eee9b9a69b31e87e6","first_seen":"2024-03-03T07:44:42Z","last_seen":"2026-03-28T19:24:56.089802Z","times_seen":136,"resource_available":false,"data":null}},"time_used":341,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":341,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/bootstrap.min.css","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tertv.com/","date":"2026-02-25T10:29:50.314Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/bootstrap.min.css HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:50 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 16 Dec 2021 08:15:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61baf5be-1da71\"\r\nexpires: Wed, 25 Feb 2026 22:29:50 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":121457,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65369)","md5":"7f89537eaf606bff49f5cc1a7c24dbca","sha1":"b0972fdcce82fd583d4c2ccc3f2e3df7404a19d0","sha256":"6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11","sha512":"0e8a7fbd6de23ad6b27ab95802a0a0915af6693af612bc304d83af445529ce5d95842309ca3405d10f538d45c8a3a261b8cff78b4bd512dd9effb4109a71d0ab","ssdeep":"768:rf7Gxw/Tc/hOWlJ+UtVIuiHlqAmQI4X8OAdXFxbv8KIf2BdU+JdOMx1iVvH1FS:sw/YGGIuiHlqAmO8l1bNXdOqT","tlshash":"0dc3c7a0f21031ea7333c55a71d0fd872219a153e6664eb7f22f25d88f846ca1673f1a","first_seen":"2023-03-07T12:03:40Z","last_seen":"2026-04-06T08:33:34.168941Z","times_seen":16582,"resource_available":false,"data":null}},"time_used":1232,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1232,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/plugin/swiper/swiper-3.4.2.min.css","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tertv.com/","date":"2026-02-25T10:29:50.327Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /plugin/swiper/swiper-3.4.2.min.css HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:50 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 02 Sep 2020 09:36:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5f4f678e-455f\"\r\nexpires: Wed, 25 Feb 2026 22:29:50 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17759,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (17459)","md5":"6af34d0737ad0ca608111771cf74cc79","sha1":"15d0417baa08a741c6aee19fdfbf4813635f98f8","sha256":"47b0e7129add982c0e394f0dfa8d9621e6c9e4126859b26e1ad25c18def0d812","sha512":"74b738d66a9da306308153c683bfe1fc784bdf34166492eb4e76ea015c32bdf1f01c5f97a6c7eee5459c13b04e8dc63f7ffd20579e6808fed467e0896abe4baa","ssdeep":"192:bgG0GpaNCO8jrfg5WHmXgyXyzSHF68DJB0SwD:bgG52CXfgWHfyXyzSl68Pe","tlshash":"2982832c17002067f6324f1947c9e77c9715c893ae0368ef6650de48cbbb5a9227f796","first_seen":"2023-04-05T14:33:33Z","last_seen":"2026-04-06T08:01:40.306184Z","times_seen":4537,"resource_available":false,"data":null}},"time_used":1224,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1224,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/202311143.png","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.017Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/202311143.png HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 08 Jan 2024 16:52:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"659c283a-2abe3\"\r\nexpires: Fri, 27 Mar 2026 10:29:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":175075,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1280x956, components 3","md5":"4d761e1f94a4db25fed48d4f08bc304b","sha1":"dbbe40388a2b4417eb3dfed3307ae8d6ae5913f2","sha256":"cd83bee4b58fee4bb5370776b92c83cb7e59e61e4d0364dc83a937142ab37f6a","sha512":"69b30d609338980b1408f0f8c65c2158d7660b25c82cccff7b7deaaaf42fb2f632980b321444832297d34b003b1a78a54ebb030f6f29f81221bcfca1c8199409","ssdeep":"3072:awQv2APqxleOWfTCteEdC/hQJZ9vbbUtpcBf2dO4p9tfSzwEqiYPxnA:awnKqGT4eEtpyzdOIVSzw3P2","tlshash":"9104128749ea4418cef13e3ce37924e3026ffe21605cd7d64aabfb2095279bc8579416","first_seen":"2024-03-03T07:44:43Z","last_seen":"2026-03-28T19:24:56.097393Z","times_seen":138,"resource_available":false,"data":null}},"time_used":327,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":327,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tertv.com/image/DOGE-USDT.png","fqdn":"tertv.com","domain":"tertv.com","tld":"com"},"ip":{"addr":"192.238.133.214","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tertv.com/index/index/index/jumplang/en-cn.html","date":"2026-02-25T10:29:53.887Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msdpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 07:05:27 GMT","end":"Sun, 15 Mar 2026 07:05:26 GMT"},"fingerprint":{"sha1":"2F:49:BB:92:DD:6E:5B:C7:10:24:4E:2C:5F:5C:99:30:35:68:E8:FA","sha256":"69:D4:A4:86:BE:2F:A7:1C:60:94:8C:ED:58:9F:B5:69:68:BB:14:F6:31:F3:33:CE:AB:DF:76:87:5D:67:61:38"}}},"request":{"raw":"GET /image/DOGE-USDT.png HTTP/1.1\r\nHost: tertv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tertv.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=50m2n213npd7a677eqf2m82f25; __vtins__3KiEZkZFfBh9UuSO=%7B%22sid%22%3A%20%22670c1c34-492b-5508-8316-a696b368c0d2%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201772017193380%2C%20%22ct%22%3A%201772015393380%7D; __51uvsct__3KiEZkZFfBh9UuSO=1; __51vcke__3KiEZkZFfBh9UuSO=f0be80d2-9738-5972-bfd9-fb5b26094849; __51vuft__3KiEZkZFfBh9UuSO=1772015393385\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Feb 2026 10:29:54 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 06 Mar 2023 12:39:50 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6405df16-1577\"\r\nexpires: Fri, 27 Mar 2026 10:29:54 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5495,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"eeca9e553e2b0bad66dd74237c2a152f","sha1":"3c4b7af63de3fb551ec51bb693543dbcefa140e1","sha256":"e021a9b4d08a84de4051a6d5e479b3da62327d650be0523b16086d5fd617cfc5","sha512":"cf0206e5c499adeaf3d046de83b5750229488576df767a16b30cbf006e1f778f52d44991b79358b1f4dff08dc37950c33f5b0e2906a7c55c4917096ad621381e","ssdeep":"96:wWdPZaIrmboZH77JLIxxSMJkV/EF8RG4vg6JORzQCqpGhZZRdrd+ZyCk:NjaImEZH7xYxSMJkVcOG4vbJUsmb+ZyJ","tlshash":"abb18e734563b2c40eaded86ae831569e221425d101364f98fe63ce58e85736c72886d","first_seen":"2023-07-31T18:35:56Z","last_seen":"2026-03-28T19:24:56.10776Z","times_seen":160,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":307,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"tertv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}