{"report_id":"87e7de48-e8b2-4b3d-9ca2-0002f01913a9","version":6,"status":"done","tags":[],"date":"2026-02-06T17:31:50Z","url":{"schema":"http","addr":"qn-cdn.233leyuan.com/online/0rSWkdgIOZDV1724922018221.zip","fqdn":"qn-cdn.233leyuan.com","domain":"233leyuan.com","tld":"com"},"ip":{"addr":"140.206.161.51","port":0,"asn":140979,"as":"China Unicom Shanghai FuTe IDC network","country":"China","country_code":"CN"},"final":{"url":{"schema":"about","addr":"about:privatebrowsing","fqdn":"","domain":"","tld":""},"title":"about:privatebrowsing","dom":{"size":3632,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"1a09a9af60dd82ef7c04e8a213b48fe6","sha1":"42e91f8e7378070cd71a388cec2e099e5b16001e","sha256":"7b0eda441e23902926905050a43d2379dbaa30027c3fe1b23fc519d2eda2e97f","sha512":"f1edc0fc86e93fb308ff9c4f144cf0d9483d1a679a89b073d60e5a7e7bd1ef72de3a9bdb1ecd42bca072c692ec870dbc4439d28764f71562eab96897c4a5884e","ssdeep":"","tlshash":"c57136a514f1552718a383a5dd817b1bdf827a07cf8d6a407b9e00f22f97d55887f20d","dom_hash":"domhash03f850468cad29251ed949292c202f85","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"qn-cdn.233leyuan.com/online/0rSWkdgIOZDV1724922018221.zip","fqdn":"qn-cdn.233leyuan.com","domain":"233leyuan.com","tld":"com"},"ip":{"addr":"140.206.161.51","port":0,"asn":140979,"as":"China Unicom Shanghai FuTe IDC network","country":"China","country_code":"CN"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-13T17:31:50Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"cb1bab43-qn-cdn-233leyuan-com.tliveapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null},"summary":[{"fqdn":"qn-cdn.233leyuan.com","ip":{"addr":"112.65.194.213","port":443,"asn":140979,"as":"China Unicom Shanghai FuTe IDC network","country":"China","country_code":"CN"},"domain_registered":"2019-02-22","domain_rank":6928088,"first_seen":"2024-08-29T11:56:16Z","last_seen":"2025-11-01T23:55:48.841785Z","alert_count":0,"request_count":1,"received_data":226,"sent_data":525,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cb1bab43-qn-cdn-233leyuan-com.tliveapp.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2022-10-18","domain_rank":0,"first_seen":"2026-02-06T17:31:50.88342Z","last_seen":"2026-02-06T17:31:50.88342Z","alert_count":2,"request_count":2,"received_data":139611,"sent_data":1010,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":[{"md5":"6f9dee5829cab79d6ce0f644fcf0c740","sha1":"2f8b79abb267c8c27683173509282927a1eecf32","sha256":"efb0f8994f1a920b03c8d1790d248a77a79ea441ad55a6598aa2a4abddeb850a","sha512":"bee4076774824e65305d6de44b4a1a3f61b053b800a2211814b198ef0b868ddf1a01a2bbb45ead8bdc664193f36fec9a1d2e1754ac34c437e281fbb2a8b7e870","magic":"Zip archive data, at least v2.0 to extract, compression method=deflate","size":138570,"url":{"schema":"http","addr":"cb1bab43-qn-cdn-233leyuan-com.tliveapp.com/online/0rSWkdgIOZDV1724922018221.zip","fqdn":"cb1bab43-qn-cdn-233leyuan-com.tliveapp.com","domain":"tliveapp.com","tld":"com"},"ip":{"addr":"116.153.76.58","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"archive":[{"path":"data.json","filename":"data.json","modified":"2024-07-30T13:17:17+08:00","Modified":"","magic":"JSON text data","size":9111,"md5":"31f06d514100d41bab7781229661121c","sha1":"3d9ba5e7a34790e3e0f628be4e405ba9598da090","sha256":"dc40eea55d3ea9761ef000d7581861d5b3c582e3da153efc482dd1e6a2c4fc83","sha512":"d2fb9da93e94924bd473f9dafc241faf9f56db8700314d4b5d489efc76302afd4d18dd66b85759de51a7c90dfdd79fae8f07751df767da1dd2cb50b8a5009473","alerts":{"urlquery":null,"analyzer":null}},{"path":"__MACOSX/._data.json","filename":"._data.json","modified":"2024-07-30T13:17:17+08:00","Modified":"","magic":"AppleDouble encoded Macintosh file","size":120,"md5":"f5c21766b185b5efb1e39025bf09e11e","sha1":"402b48f0b762f2e55c2ad45faa62437b5ba778de","sha256":"e21f12a36f9c280961dd81738573b56c29066a364a13788653c23b295709d7e4","sha512":"efdae831d5a62e7fe30ef519d16ed29ff986f5465d3298f925ab00e778675d173cde9e9957ba48e6be693825f4c1841d5dfcd2f950eeb2a9f748f6bf8a52786b","alerts":{"urlquery":null,"analyzer":null}},{"path":"images/btn.png","filename":"btn.png","modified":"2024-07-30T05:17:40+08:00","Modified":"","magic":"PNG image data, 616 x 616, 8-bit colormap, non-interlaced","size":44503,"md5":"0aa1961f3c8bfe4406a12b644750c981","sha1":"fa909e27495f6a1292802bc3babf8a56bb015525","sha256":"89189062cbe96f483beaa312ee5f3cadf47ff62ef1c8ffdaf8ed123241babbf7","sha512":"013be2c8859909480c000ef3457190ca33e3bfa5e3a63d9588c22a5a0a2ce069b5056c5c692e3982985fbbd5b6661903ae131383639af85bf4fcbc13954431c0","alerts":{"urlquery":null,"analyzer":null}},{"path":"__MACOSX/images/._btn.png","filename":"._btn.png","modified":"2024-07-30T05:17:40+08:00","Modified":"","magic":"AppleDouble encoded Macintosh file","size":212,"md5":"b47eedbb81267747bd020e9e4b6b702c","sha1":"fd5eb81c1bc622462bee6bcf7d84a119d7c80d7a","sha256":"41ba6354a32adde6988eb5dab088c64c8ada8db135aba24529d8c1edd47f4df0","sha512":"e42990d4fe7fbed9051d4c95354087d31b21c014da0a97d098558d850ae0d426d705af7e2326aa0529848fbfdef3381dff2b00b6b73167b3681f3ae331a1f1be","alerts":{"urlquery":null,"analyzer":null}},{"path":"images/____0_.png","filename":"____0_.png","modified":"2024-07-30T05:17:40+08:00","Modified":"","magic":"PNG image data, 478 x 586, 8-bit colormap, non-interlaced","size":43211,"md5":"e4f99be47a39c8292ef580a706a7e270","sha1":"fc8486f6f96ff51342e4eb9464a23f007fe84ece","sha256":"cb16670bb8677716cf46dafbf99b8629f935dcdd7edecbdd80a912aa3176a1d2","sha512":"946d28e05ea282e2493f7cbd42f3cee43a72280a36212ecbb2e00be744e8183a49be5263c7ee3ce49c0ecd50cf250c18e21b3154258399258295893dce1fe058","alerts":{"urlquery":null,"analyzer":null}},{"path":"__MACOSX/images/._____0_.png","filename":"._____0_.png","modified":"2024-07-30T05:17:40+08:00","Modified":"","magic":"AppleDouble encoded Macintosh file","size":212,"md5":"b47eedbb81267747bd020e9e4b6b702c","sha1":"fd5eb81c1bc622462bee6bcf7d84a119d7c80d7a","sha256":"41ba6354a32adde6988eb5dab088c64c8ada8db135aba24529d8c1edd47f4df0","sha512":"e42990d4fe7fbed9051d4c95354087d31b21c014da0a97d098558d850ae0d426d705af7e2326aa0529848fbfdef3381dff2b00b6b73167b3681f3ae331a1f1be","alerts":{"urlquery":null,"analyzer":null}},{"path":"images/fcc773ad-1beb-4cde-9b48-7b0b305cd8ba_suffix.png","filename":"fcc773ad-1beb-4cde-9b48-7b0b305cd8ba_suffix.png","modified":"2024-07-30T05:17:40+08:00","Modified":"","magic":"PNG image data, 298 x 298, 8-bit colormap, non-interlaced","size":7681,"md5":"420d8e81aa932a54e4cdf3ebf09b3c47","sha1":"73d6883135f72b9a75ad6c4ae315d2977dbc6c0b","sha256":"3c3ad6988169ced574a6360efd24f5086d5ae5e1973473177d9def1dfe2200b2","sha512":"612f2d7dc8297d652d9d5edde60a3cac5f50a82143565034dd5ed90100736d286603493d8e381f9362b04ab30e8dcec472ff6a61e3ea9269628bebfeb6a5a09a","alerts":{"urlquery":null,"analyzer":null}},{"path":"__MACOSX/images/._fcc773ad-1beb-4cde-9b48-7b0b305cd8ba_suffix.png","filename":"._fcc773ad-1beb-4cde-9b48-7b0b305cd8ba_suffix.png","modified":"2024-07-30T05:17:40+08:00","Modified":"","magic":"AppleDouble encoded Macintosh file","size":212,"md5":"b47eedbb81267747bd020e9e4b6b702c","sha1":"fd5eb81c1bc622462bee6bcf7d84a119d7c80d7a","sha256":"41ba6354a32adde6988eb5dab088c64c8ada8db135aba24529d8c1edd47f4df0","sha512":"e42990d4fe7fbed9051d4c95354087d31b21c014da0a97d098558d850ae0d426d705af7e2326aa0529848fbfdef3381dff2b00b6b73167b3681f3ae331a1f1be","alerts":{"urlquery":null,"analyzer":null}},{"path":"images/kai.png","filename":"kai.png","modified":"2024-07-30T05:17:40+08:00","Modified":"","magic":"PNG image data, 360 x 360, 8-bit colormap, non-interlaced","size":3698,"md5":"b12ef64c7f60efca348505f88b1560e2","sha1":"3bed64140befe26cea34c3e9958503062fe0900b","sha256":"1dc71dcef6cc4aee1dcae4be639e2e2552e64e1a58219854c4c9e41f53e06c7c","sha512":"06031bbae986e6bb7a986da3b42db05c00f0cc9a78ba40c782bc4c206f8cd07d6843d85c4f0fd3455b5f9c20523938f3404a998678cb49d9394d696deaa8ceae","alerts":{"urlquery":null,"analyzer":null}},{"path":"__MACOSX/images/._kai.png","filename":"._kai.png","modified":"2024-07-30T05:17:40+08:00","Modified":"","magic":"AppleDouble encoded Macintosh file","size":212,"md5":"b47eedbb81267747bd020e9e4b6b702c","sha1":"fd5eb81c1bc622462bee6bcf7d84a119d7c80d7a","sha256":"41ba6354a32adde6988eb5dab088c64c8ada8db135aba24529d8c1edd47f4df0","sha512":"e42990d4fe7fbed9051d4c95354087d31b21c014da0a97d098558d850ae0d426d705af7e2326aa0529848fbfdef3381dff2b00b6b73167b3681f3ae331a1f1be","alerts":{"urlquery":null,"analyzer":null}},{"path":"images/27f44e22-aca8-4d6f-b811-737cab6c17b0_suffix.png","filename":"27f44e22-aca8-4d6f-b811-737cab6c17b0_suffix.png","modified":"2024-07-30T05:17:40+08:00","Modified":"","magic":"PNG image data, 744 x 744, 4-bit colormap, non-interlaced","size":27693,"md5":"8275b558e5ea14af3d07c39fe02b9b4f","sha1":"e814cfdd16be740903d9c08c05d7e6f758eda961","sha256":"d6ba424d3deb52123d552c7c8e349449ff752703424c83f00696d4780de5e4fd","sha512":"4fb363a671a722a7d65399d94e6f8cc0c29fa1fe8c7cf82e3c1ae92115ee07c668bbf083e98711a85f124b9aebd7228905c75963ce477f26ad231bc1e886c225","alerts":{"urlquery":null,"analyzer":null}},{"path":"__MACOSX/images/._27f44e22-aca8-4d6f-b811-737cab6c17b0_suffix.png","filename":"._27f44e22-aca8-4d6f-b811-737cab6c17b0_suffix.png","modified":"2024-07-30T05:17:40+08:00","Modified":"","magic":"AppleDouble encoded Macintosh file","size":212,"md5":"b47eedbb81267747bd020e9e4b6b702c","sha1":"fd5eb81c1bc622462bee6bcf7d84a119d7c80d7a","sha256":"41ba6354a32adde6988eb5dab088c64c8ada8db135aba24529d8c1edd47f4df0","sha512":"e42990d4fe7fbed9051d4c95354087d31b21c014da0a97d098558d850ae0d426d705af7e2326aa0529848fbfdef3381dff2b00b6b73167b3681f3ae331a1f1be","alerts":{"urlquery":null,"analyzer":null}},{"path":"images/___.png","filename":"___.png","modified":"2024-07-30T05:17:40+08:00","Modified":"","magic":"PNG image data, 256 x 116, 8-bit colormap, non-interlaced","size":6764,"md5":"5046711b8f51ec91586ec38d37614a8c","sha1":"47eac591e66929f866c67b9aa5e899e8d74d0f91","sha256":"82e081a6d00029d407c388b43f346b05e6085c68977ea20a48f226e5549703a7","sha512":"61f4b07988165efb3c440704ab0605e2873388de613271f27958184f37741a4d65ef1311b255b19754023f7e5e4c4465c858294fa1ca71c74db089a39004b852","alerts":{"urlquery":null,"analyzer":null}},{"path":"__MACOSX/images/.____.png","filename":".____.png","modified":"2024-07-30T05:17:40+08:00","Modified":"","magic":"AppleDouble encoded Macintosh file","size":212,"md5":"b47eedbb81267747bd020e9e4b6b702c","sha1":"fd5eb81c1bc622462bee6bcf7d84a119d7c80d7a","sha256":"41ba6354a32adde6988eb5dab088c64c8ada8db135aba24529d8c1edd47f4df0","sha512":"e42990d4fe7fbed9051d4c95354087d31b21c014da0a97d098558d850ae0d426d705af7e2326aa0529848fbfdef3381dff2b00b6b73167b3681f3ae331a1f1be","alerts":{"urlquery":null,"analyzer":null}}],"alerts":{"urlquery":null,"analyzer":null}}],"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"qn-cdn.233leyuan.com/online/0rSWkdgIOZDV1724922018221.zip","fqdn":"qn-cdn.233leyuan.com","domain":"233leyuan.com","tld":"com"},"ip":{"addr":"112.65.194.213","port":443,"asn":140979,"as":"China Unicom Shanghai FuTe IDC network","country":"China","country_code":"CN"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-06T17:31:28.089Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.233leyuan.com","organization":"北京龙威互动科技有限公司"},"issuer":{"commonName":"GeoTrust G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 07 Jul 2025 00:00:00 GMT","end":"Fri, 07 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"59:2F:9B:2A:2E:04:8C:64:6A:E0:81:60:9B:1B:D7:EC:8D:C1:D5:57","sha256":"B6:78:95:36:EC:E6:E5:BC:3B:3E:39:04:D3:2B:CC:3B:C7:84:48:4D:83:14:A2:EF:4B:D6:C2:E9:6C:44:0A:C9"}}},"request":{"raw":"GET /online/0rSWkdgIOZDV1724922018221.zip HTTP/1.1\r\nHost: qn-cdn.233leyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\naccess-control-allow-origin: \r\nlocation: https://cb1bab43-qn-cdn-233leyuan-com.tliveapp.com/online/0rSWkdgIOZDV1724922018221.zip\r\ncontent-length: 0\r\ndate: Fri, 06 Feb 2026 17:31:30 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":4625,"timings":{"blocked":2177,"dns":934,"connect":269,"send":0,"wait":271,"receive":0,"ssl":970},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cb1bab43-qn-cdn-233leyuan-com.tliveapp.com/online/0rSWkdgIOZDV1724922018221.zip","fqdn":"cb1bab43-qn-cdn-233leyuan-com.tliveapp.com","domain":"tliveapp.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-06T17:31:30.543Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /online/0rSWkdgIOZDV1724922018221.zip HTTP/1.1\r\nHost: cb1bab43-qn-cdn-233leyuan-com.tliveapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":1521,"timings":{"blocked":0,"dns":1236,"connect":283,"send":0,"wait":0,"receive":0,"ssl":-1},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"cb1bab43-qn-cdn-233leyuan-com.tliveapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"cb1bab43-qn-cdn-233leyuan-com.tliveapp.com/online/0rSWkdgIOZDV1724922018221.zip","fqdn":"cb1bab43-qn-cdn-233leyuan-com.tliveapp.com","domain":"tliveapp.com","tld":"com"},"ip":{"addr":"116.153.76.58","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-06T17:31:32.614Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /online/0rSWkdgIOZDV1724922018221.zip HTTP/1.1\r\nHost: cb1bab43-qn-cdn-233leyuan-com.tliveapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 29 Aug 2024 09:00:18 GMT\r\nEtag: \"Fi-LeauyZ8jCdoMXNQkoKSeh7s8y\"\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 14:34:56 GMT\r\nContent-Type: application/x-zip-compressed\r\nAccess-Control-Expose-Headers: ETag,Content-Length,x-cos-request-id\r\nAccess-Control-Max-Age: 2592000\r\nContent-Disposition: inline; filename=\"0rSWkdgIOZDV1724922018221.zip\"; filename*=utf-8''0rSWkdgIOZDV1724922018221.zip\r\nContent-Md5: b53uWCnKt51s4PZE/PDHQA==\r\nContent-Transfer-Encoding: binary\r\nX-Log: X-Log\r\nX-M-Log: QNM:lf215;QNM3:48\r\nX-M-Reqid: rSoAANQrDg5yU4YY\r\nX-Qiniu-Zone: 1\r\nX-Qnm-Cache: Miss,MissFg\r\nX-Reqid: ngoAAAATHg5yU4YY\r\nX-Svr: IO\r\nOhc-Global-Saved-Time: Wed, 31 Dec 2025 14:34:13 GMT\r\nOhc-Cache-HIT: ly5ct57 [1], xaix218 [2]\r\nOhc-File-Size: 138570\r\nX-Cache-Status: MISS\r\nAccess-Control-Allow-Headers: POST,GET,OPTIONS\r\nCache-Control: public, max-age=31536000\r\nContent-Length: 138570\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 3996936702366014113\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":138570,"size_decoded":0,"mime_type":"application/x-zip-compressed","magic":"Zip archive data, at least v2.0 to extract, compression method=deflate","md5":"6f9dee5829cab79d6ce0f644fcf0c740","sha1":"2f8b79abb267c8c27683173509282927a1eecf32","sha256":"efb0f8994f1a920b03c8d1790d248a77a79ea441ad55a6598aa2a4abddeb850a","sha512":"bee4076774824e65305d6de44b4a1a3f61b053b800a2211814b198ef0b868ddf1a01a2bbb45ead8bdc664193f36fec9a1d2e1754ac34c437e281fbb2a8b7e870","ssdeep":"3072:li1ZY/l8+95ndGqqZ6VxFi7D/P6YH9i8tSdHnkIyULX157TAnTBRtzLWr/:W2l8+95Mq1LF4T6YdYdEIyUDP7TAnT/e","tlshash":"8ed312944fca3033d61c057726b73e5ebdf246a114c2d9616288def2d76a10e6ee2347","first_seen":"2026-02-06T17:31:57.672034Z","last_seen":"2026-02-06T17:31:57.672034Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1436,"timings":{"blocked":276,"dns":1,"connect":282,"send":0,"wait":285,"receive":592,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"cb1bab43-qn-cdn-233leyuan-com.tliveapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}