{"report_id":"8db38fd6-b2e6-4d39-8d06-beb24535ba8d","version":6,"status":"done","tags":[],"date":"2026-02-19T03:32:31Z","url":{"schema":"http","addr":"o4u.jingkenengyuan.com/","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":0,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"final":{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"title":"每日大赛 - 每日大赛在线 - 每日大赛今日大赛 - 每日大赛国内 - 黑料网每日大赛 - 黑料吃瓜每日大赛","dom":{"size":87693,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (47073)","md5":"14dbf5719e7308ae567e41e5dbeaf0e9","sha1":"f3438b7e829f044458756cfdd563d3406e9f5ec1","sha256":"2e238b54c3a9fb91960421468d4e67e41249e830b40b40d18f7684ac97f22876","sha512":"ba0f4c2baefbd65319e4021091320d3b088f30ebe1503f3ab54df322986c06105c43b624affa9a5474ae711821b074fac891d321233d8c5b317af87a28a3eee0","ssdeep":"768:uHTDybZNQI2xSYF6GdBl4B02Kg38q2MZV1b6XaS:uHTm32SY4B6g38q2EV1b6XaS","tlshash":"7283c6b5deb481b7926784e460a5fb4c50e1b36ec4638b09f2ff8bac07d9da46907310","dom_hash":"domhash5dac805e67575dea29b9157a040270cb","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"o4u.jingkenengyuan.com/","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":0,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-26T03:32:31Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"misterio777.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null},"summary":[{"fqdn":"misterio777.vip","ip":{"addr":"172.67.132.83","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-08-16","domain_rank":0,"first_seen":"2026-01-27T08:53:24.233862Z","last_seen":"2026-02-12T21:09:17.501436Z","alert_count":1,"request_count":1,"received_data":6044,"sent_data":431,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"afe.qr7gax.top","ip":{"addr":"149.104.35.77","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"domain_registered":"2026-02-07","domain_rank":0,"first_seen":"2026-02-19T03:32:34.069262Z","last_seen":"2026-02-19T03:32:34.069262Z","alert_count":0,"request_count":17,"received_data":646791,"sent_data":7961,"comment":"","tags":null,"fingerprints":[{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"Nuxt.js","description":"Nuxt is a Vue framework for developing modern web applications.","website":"https://nuxt.com","common_platform_enumeration":"","icon":"Nuxt.js.svg","categories":["JavaScript frameworks","Web frameworks","Web servers","Static site generator"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}]},{"fqdn":"collect-v6.51.la","ip":{"addr":"43.159.107.113","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"domain_registered":"2005-01-17","domain_rank":348646,"first_seen":"2021-03-08T16:03:54Z","last_seen":"2026-02-16T03:21:06.298707Z","alert_count":0,"request_count":2,"received_data":724,"sent_data":954,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.nvhcdn.top","ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"domain_registered":"2025-03-13","domain_rank":0,"first_seen":"2025-04-16T04:25:55.087542Z","last_seen":"2026-01-27T08:07:40.896051Z","alert_count":0,"request_count":1,"received_data":17133,"sent_data":442,"comment":"","tags":null,"fingerprints":null},{"fqdn":"o4u.jingkenengyuan.com","ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"domain_registered":"2024-12-03","domain_rank":0,"first_seen":"2026-02-19T03:32:34.066944Z","last_seen":"2026-02-19T03:32:34.066944Z","alert_count":46,"request_count":46,"received_data":1165771,"sent_data":23503,"comment":"","tags":null,"fingerprints":[{"name":"Infinite Scroll","description":"jQuery plugin for infinite scrolling.","website":"https://infinite-scroll.com/","common_platform_enumeration":"","icon":"Infinite Scroll.svg","categories":["JavaScript libraries"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"api.tongjiniao.com","ip":{"addr":"43.248.142.44","port":443,"asn":23650,"as":"AS Number for CHINANET jiangsu province backbone","country":"China","country_code":"CN"},"domain_registered":"2022-12-22","domain_rank":2882232,"first_seen":"2023-02-01T17:01:19Z","last_seen":"2026-02-14T05:04:51.321222Z","alert_count":0,"request_count":2,"received_data":12145,"sent_data":992,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"d6ii9agw2wrlt.cloudfront.net","ip":{"addr":"54.230.245.215","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2008-04-25","domain_rank":0,"first_seen":"2025-12-25T14:56:01.362893Z","last_seen":"2026-02-14T09:36:30.205515Z","alert_count":0,"request_count":21,"received_data":3354221,"sent_data":10143,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/theme/Jz52_ylz/script/custom.js?v1.1.1","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"scriptElement","is_inline":false,"md5":"671b310c039c11c83b138065fb3996eb","sha1":"00cc40011ac773ba76ab6f55da6b56882726f2cf","sha256":"fc4b56ef0aba2a89a7ea79b21be77e10d21a1ed4106c4a72f5be159c41d3ecf6","sha512":"185a87ca26e1a8a4006b3d8198aaf79633bc21fd748fd194874a4672a27f1db28040ddd63a346c4005c2e16ca04ea569148e6879e19b30dbe0274622fd76e3d9","ssdeep":"768:bsDtpbBaN7ljWy68YDVVwtcLz7+AJZG89FW7401EVew2JXLsnuWDxYAjpNhkNkVE:YXSstYWob46qOn0helS1N3EwjXrlwF","tlshash":"cd034fc1b7c5bc4706476bbb331b72f2e82aadd5658488caf104bc54f09d622fae4971","size":40821,"data":"","first_seen":"2025-12-07T08:27:51.86532Z","last_seen":"2026-02-28T05:20:03.623437Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.tongjiniao.com/c?_=792091619582492672","fqdn":"api.tongjiniao.com","domain":"tongjiniao.com","tld":"com"},"ip":{"addr":"43.248.142.44","port":443,"asn":23650,"as":"AS Number for CHINANET jiangsu province backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"9efcac68b5665f5c1c3270cdf11584a6","sha1":"6e835621a4c136d23ed62ffcfe782afa43a95e99","sha256":"8b820464030feb008a2a65344f12473b0f2670fed0280b94f1c4a11402190740","sha512":"0262587e6e6e97fd4007a19e275ea33c16319806ad1ec4b6a9c6cdd2c4909c159fc9177e84c25f0c40751d5000180f9ca02a54564d031f0614451796caba91aa","ssdeep":"192:Tld8QTMR7c5EP72qoqt8xevp4oougOpZVQ9ZKKkTGK9cANDyilWvsDgwuUp5KG1j:xuYMxc1xwon+Vi1i+wuUvvA1k","tlshash":"5132424d5da12162a673337f9a0a9508fa335037600e9516fd7ca4902f74a28d3fafe8","size":11366,"data":"","first_seen":"2026-02-19T03:33:08.698111Z","last_seen":"2026-02-19T03:33:08.698111Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"Function","is_inline":false,"md5":"1c862db5f2555377c2dc1e62ed7b3981","sha1":"c29e6dc25c08a70995127ec13ded6f80d9a36174","sha256":"27d373a6961f797edf69a80f7f24877ef85c2fc4f9f770b2540b1bf5e66823ac","sha512":"31143265b96385ef4b575b72591775139057dff85891be61591e3d55259b6d1dc95d86a0feec40c801d38e64278cfbe50c3c2a16757f986ad40f716935bf2bb2","ssdeep":"","tlshash":"2580008a208820008aa323a0002b2c8800a000b028808c808080e8a20ca2030220baac","size":26,"data":"","first_seen":"2023-04-11T21:13:06Z","last_seen":"2026-04-05T14:44:06.851597Z","times_seen":266100,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.nvhcdn.top/static/js/matomo.js?t=1771471929","fqdn":"www.nvhcdn.top","domain":"nvhcdn.top","tld":"top"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"scriptElement","is_inline":false,"md5":"f8cc69a7afa26977824abe555bff23ff","sha1":"0ee143869c44aef209ddac9983529fda4e84c663","sha256":"bb0bc60872f207c90121d5dfacf79e138c66ab2ebc110eeea43f9a4c64f11794","sha512":"26c077041c48db4fef404e53aac838641b263efcd3500287a33e762bca38051081e1642ca6e72a0c4d33e331c1fb6e819a417c0d2201a9c014ee59b4d84dbd3e","ssdeep":"384:s4SDZ7MAoCDE1z5ZivSLgG95h9eMqwyMlfkBAqQb+rFwSw8bTEX1BqniGl7RibkW:s4SDZ7MAlAOQgkh9eMqwyMpkBpQb+rFY","tlshash":"ae720894b2c07ae117076bfb7f23b0c4e45ec87b7461085ad550fc8c7a90626e6f2ab4","size":16604,"data":"","first_seen":"2026-02-19T03:33:08.738051Z","last_seen":"2026-02-19T09:49:00.341243Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"afe.qr7gax.top/?v=1771471931842","fqdn":"afe.qr7gax.top","domain":"qr7gax.top","tld":"top"},"ip":{"addr":"149.104.35.77","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"f6c16dc313480e4b8bbcc45b7f09309a","sha1":"34f48a47a24f8d833755e8674882c13b236f3f67","sha256":"51ff60b0c8a75129dce6676de8e54cdfb6b3f52e19faefca55d2c4d501daf6b3","sha512":"3dcc87a166392a62eb087171ba8c904cfca277f91d6ff847347e77137ea520431b32e8a06a85ae5885c8efe8336c00f78756513c9ff4837663d5343de25bcbf1","ssdeep":"","tlshash":"5bf0d46f6841b16516d2359d5babd648c09f0064500ecc07b5d6c4cd7c38fc8082134c","size":491,"data":"","first_seen":"2025-06-17T01:28:59.798514Z","last_seen":"2026-03-07T13:24:56.742589Z","times_seen":282,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"afe.qr7gax.top/_nuxt/Dmk0oD0K.js","fqdn":"afe.qr7gax.top","domain":"qr7gax.top","tld":"top"},"ip":{"addr":"149.104.35.77","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f6b1fd01d2f1f43bc84e4859d0e508a3","sha1":"236f3737ea838f59dd0fa3e177226b1d942973b9","sha256":"6c35788a05cf926bab7a8777a27470301664ce4758ecb201d22aec34854a42a9","sha512":"5ca1516aaab7fd4c8bb041b05ba1d4bc67de71eb401e216072e4f8b081f6e83babf777809e591967d6cca7a1045f930ab19ce8078de7e2be78d931363091180e","ssdeep":"6144:fzfmMqjt5UlmCEFtMj5ftYHVw36hPqvsjdgudaxXtAG:fzfXeUgxFSdft0Vw3+qludAXtT","tlshash":"e98429d532e6b46143e668e4003f110af23a2919744dd0ecf69ddcea7c7984a927bf78","size":373490,"data":"","first_seen":"2025-12-16T18:41:57.702948Z","last_seen":"2026-03-07T13:24:56.706163Z","times_seen":265,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"afe.qr7gax.top/_nuxt/BHxy9OVn.js","fqdn":"afe.qr7gax.top","domain":"qr7gax.top","tld":"top"},"ip":{"addr":"149.104.35.77","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e06a507d1958490d06a8ba5aaa00e230","sha1":"2036d657cdd2e560227ded8b727cb129508d7aa0","sha256":"463bd7c7eca2c55a5a56bfac3d93366663162ffbac511aae38c2a873450730c0","sha512":"8ce159d0f748003ba7c25082ccac170d47ee758614570984aeda9577fe50a0e35dd89a6335d86ebb95f3d722e0b98ea5bd140864c3486b2fca9d1d332b53f143","ssdeep":"768:/vJNE7Qp0dZmfzppzl4KE/86+29BqWysVrz7fS/UzdvOOJ2jvRAAOJO4NccME4/I:kMGgYgyDZKvXlcTnor74","tlshash":"06332ad8b3e7e2f6a2f75ef1803e0001f119af596069c4a8f17c8fa61ed68056136736","size":51396,"data":"","first_seen":"2025-12-16T18:41:57.772634Z","last_seen":"2026-03-07T13:24:56.704195Z","times_seen":264,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"misterio777.vip/list.js?t=1771471929","fqdn":"misterio777.vip","domain":"misterio777.vip","tld":"vip"},"ip":{"addr":"172.67.132.83","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2aba4d73835baa93cd680497fb51994b","sha1":"a98e7f5cefde6bf288bdcfe96e47f7d126797e8a","sha256":"9145e72f07bf6c66bdebe0ce17e043dc84aca0868efac4460410d5b0ab5dc79e","sha512":"b52ad77278172120db8947e8dd931e5e6ba9acacabd1f05c5e7060a487bd70f8a1bbc38c398abd1d814cea3d33cf0e71da1474efc32bc50c2211e7fcffdf11c8","ssdeep":"96:BahOrMo6cW0j6MR00dC4S/b5/X4IBcQ4vQdZe1qtt2vMm5rTMi:BacrMElhdJo5/X5BcxoUqD2vMm5rf","tlshash":"cda185e4b6a9457005b624ee223bd38072b5021bbc429649f46d8ec49f78f4792f2dad","size":4952,"data":"","first_seen":"2026-02-19T03:33:08.689538Z","last_seen":"2026-02-19T09:49:00.357768Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_system/script/jquery-2.2.4.min.js","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"scriptElement","is_inline":false,"md5":"710458dd559c957714ac4a8e95357eb5","sha1":"f694238d616f579a0690001f37984af430c19963","sha256":"b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365","sha512":"282d65828a43bfe50fe0f9aea8bca3838ac1b5250e7c7c359c066e0428aa723f001d31c2463681b2ad6816a49a8571bf9f3ae29b2dc53adf1bbd7d5c4471322b","ssdeep":"1536:fYE1JVoiB9JqZdXXe2pD3PgoIiulrUn6Z6a4tfOR7WpfWBZPBJda4w9W3qG9a98N:u4J+rlfOhWpgCW6G9a98Hrp","tlshash":"3583c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","size":85582,"data":"","first_seen":"2023-03-07T01:03:07Z","last_seen":"2026-04-05T14:34:04.865537Z","times_seen":11398,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"scriptElement","is_inline":true,"md5":"24e949d6f943c7359084666d6273d9c7","sha1":"171c9a42950e2fe69a6a7f9f93165092fdc241ae","sha256":"1a8b0ea27bb83acb4def4e30d6b4262290759a32bc3e7a839ac8c13f789cba74","sha512":"1747f21c6fb59046580ba6e3374575505726bdd30769470351a4b098d03dd306e5af6b8adc710aa613b264dbf62a2dbd2ebfb97e2c7e71574fcb5bdebd82ca65","ssdeep":"","tlshash":"1690020c80c284028b870b00831033f1289d4350009bc086144d706d28e26a26385199","size":54,"data":"","first_seen":"2025-07-18T04:39:57.655814Z","last_seen":"2026-03-22T05:35:10.032869Z","times_seen":81,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/theme/Jz52_ylz/script/jquery.superslide.js","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"scriptElement","is_inline":false,"md5":"77f98c696d0ddc085fb7a949e8b40276","sha1":"ad4492970d5d6614a93306b875308e14cc686295","sha256":"8df27e08f0c547b8cca2491a71e11c8356d77635811c465ebd72685f98e3aa3e","sha512":"362c64ba29dc227785df06e3f22ea328aa6636eb11f41743f0c5fc0ba789d8452e40544ca2b25bc2025f34af8789fb9dfd7712b90f775a1f16c10e31e7494294","ssdeep":"192:B+WKvMoHPHsgGuuauF56tpE9Er5MYB5c3TXP3ZO/mpUhClGS5OHxImISLTNSfYXU:B+1vMUsgGuvlMYXcjfRUCESKREcS3Ku/","tlshash":"7842c64fb56775de56a7b3f0107f940c232715a5fcca8c60b1748390adb9a1c212bead","size":12153,"data":"","first_seen":"2025-12-07T08:27:51.740922Z","last_seen":"2026-02-28T05:20:03.590326Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/theme/Jz52_ylz/script/qrcode.min.js","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"scriptElement","is_inline":false,"md5":"6a1385bd2c4f09da24427299811e8314","sha1":"22ab90f17512c9cd9c24a857391151930e34b8dd","sha256":"50115e24427d5c0811f5c5a243d9ffa54da07e45755fcb93cfdf2effaa12f913","sha512":"1bdf0b1beacb7a24eb4dbc04705a958bbf0eb39a458c64e6d69d4b4fba0ddf38f3425c25596e55fd6538b8b9b780e2eb7a6bc7db5164ffd82d4bc7bb77b4cbc6","ssdeep":"384:WRQ2kvcAAdTRhQLThP2yO9/9G84U5xOiKQYHHHsglDep9m1yfB8dKLMyA+LyUyy0:xThP2V/9N4U/gQYPXa8CAPLyro","tlshash":"dd92c7e4f36542f6915e6cd4283f104b64a0a4636c1490acbfb5c1e6a9f8fe0647af74","size":19929,"data":"","first_seen":"2023-03-07T15:34:37Z","last_seen":"2026-03-28T14:56:13.145395Z","times_seen":85,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sdk.51.la/js-sdk-pro.min.js","fqdn":"sdk.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8a41c9449b73e8ba0224c6be1f0b7e8","sha1":"33d79319d4110bcf5c44c36f7dd4a291972ac546","sha256":"52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565","sha512":"472d0395a65a3ade2d215559b196a88ffcdacde3ac0f573eb8663b524f201d72c9339bcacbc198d82452a0ac367c0efd407b12795943cdd2755d95a8cf71b977","ssdeep":"768:swetbD3SkE+a/l1jaKUiQU5eqEh9GMXBOXAA/EXBeJMlbJfuPT:BetbD3SVT/3+KUc5eqEh9GMXBYEXBeJ7","tlshash":"dbf23d9577c0317cc3c783ea362b501ae1a69e910059a8bcf345f6907d34e56a37fba8","size":36114,"data":"","first_seen":"2025-03-10T03:40:31.536734Z","last_seen":"2026-04-05T14:50:49.050651Z","times_seen":81897,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_system/script/zblogphp.js","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"scriptElement","is_inline":false,"md5":"5e8d86eb2c5abc94804fd6176a35b281","sha1":"921d2cc4615a58a094ddbcc6366437a94508fc5f","sha256":"11b10a45b9fc3622b9a8eaf5181e0bd403af74ecfbbc9541cdce396a8e47b332","sha512":"6504e48f68d98800228db18dc63711b216c299dad8d95e57d0f014c18a24a2ffbc62f6cfe98f5d0152d06da577efb550c20bc947c08101ea3c94d659f572ea17","ssdeep":"192:msL4JVH9jIULy46KgHlQGwH0Dx5qjplLO:m/jIUkHlQGwH0Kt9O","tlshash":"2fe1315cf5c476a103ab30b4088f028a64fb17ae6011d998d264e4e46fbdf8b5623f3c","size":7204,"data":"","first_seen":"2023-03-07T23:31:01Z","last_seen":"2026-04-05T13:49:45.736527Z","times_seen":1835,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/theme/Jz52_ylz/xtiper/xtiper.min.js","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"scriptElement","is_inline":false,"md5":"15701f4d8642dcf13ba284d1c897ee23","sha1":"8179c9a6f12d5f693803387e28168b9136a58a8a","sha256":"afcf9570e11b45aec5654ea6f47448e0bb4d846b9f10336e2048311b90761df3","sha512":"0e926c525f3158e476c3e8436c17ece393f38ba8b2dabb9431b174564086e10848c6a09df003b168f5ddcee713d78deb1c11013d8505e0797ccf518075679bf6","ssdeep":"768:g6MC4gX1/hO2YdKYz1NEYnEW4EW5+LBrT+hdg4omlEn4fYbqraJt/2GodzBVglCz:g6L4gF/hO2KKYJNE2ENEW5+LBrT+hy4B","tlshash":"e503c69b7348383743eb0a48544f8b847922db734b89a925d570fc1a96b4fc1a936fcd","size":39533,"data":"","first_seen":"2025-06-18T19:58:40.613303Z","last_seen":"2026-03-31T11:56:58.196619Z","times_seen":46,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/plugin/UEditor/third-party/prism/prism.js","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"scriptElement","is_inline":false,"md5":"c7f5de9550d59ae9c59c630b391f788d","sha1":"e82a30d6a62fd25b945c2b4f630acb40ba11d221","sha256":"a10023d127b7cf3d73fabd89902888569abff4dfa7c87ab7e68ebe158a49ff3d","sha512":"3eb7636dd867a7ba348ad4bd861c35f9c3b9c10e132ea739cc88d8fe8e828cea808da2b70792cbede47a434c35d208e84e0dba8de8b870e361b9c12090904262","ssdeep":"","tlshash":"771132867e45f444b901376c20aff0021e3fc7a44a88d1a48238883c88b63dd0a26b7a","size":1000,"data":"","first_seen":"2025-04-19T03:36:33.33479Z","last_seen":"2026-02-19T03:33:08.778287Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/theme/Jz52_ylz/script/sidebar-right.js","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"scriptElement","is_inline":false,"md5":"35d81d74fe157e95619f3b47c54db1e3","sha1":"ea926176572c3ae09b439729fc2bd81d4637fd90","sha256":"93518ad7d50b1d53eeca1efcf57a8f4f649df589fe6c6a716d823f997bbd7f5c","sha512":"d96135c9ff613f0dc791e17c5b0cdb76c5132b4361229e5110d3a7947a4249ca5d1eec9234b8eb602f9ac290b6c1c5f6c7a2ba1b9b59f3c4f64bde116486186c","ssdeep":"96:zGlJ9Ls2+zo1dGc7X8+OqBaexXFEgsFf1eCNCEyNAR2rKrS0pdm:zOJ9QAu/Ff1VYEGSS0G","tlshash":"57d1635b2b51be34a49ab4cb91ff6079922d4cb70fc48024592c96fadc5773540dbec8","size":6185,"data":"","first_seen":"2025-05-29T20:05:46.771102Z","last_seen":"2026-03-22T05:35:10.004027Z","times_seen":64,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/theme/Jz52_ylz/script/infinite-scroll.pkgd.min.js","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"scriptElement","is_inline":false,"md5":"4dd9a5c6d0be090b107ed878587f0039","sha1":"c91cf6169d0dcb5e52ab0a48f430b9b6d7bd5620","sha256":"f3bb8b08d88d8c2aecdcc22d44304bb5011631ed25f7b92ef36e834392cd227b","sha512":"f4832b4925a1154875be23a16d78c67ab8be08ce9520476127c2363b0605297d835b5e60be33bcb3569829460a54e39de481e3ba33211fd054375efc0f145748","ssdeep":"768:QixOG8Q8XnQWF4dE1RrrrdNCqKuUdxfu7XjqIV807:Dxz8cKbeuUdxfu7XWIt","tlshash":"31c2a58db292752252dba0b4e51f070f7133587a6606409cf568ecf8acb8d5ea133f75","size":25819,"data":"","first_seen":"2023-03-07T01:40:51Z","last_seen":"2026-04-05T14:23:24.070486Z","times_seen":1926,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"afe.qr7gax.top/?v=1771471931842","fqdn":"afe.qr7gax.top","domain":"qr7gax.top","tld":"top"},"ip":{"addr":"149.104.35.77","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"c9b945c29bdca7e1adf6996ee5d8580c","sha1":"4217a57324cdeb5f8d8135cf72133352643c68aa","sha256":"541633deec45384981cc700ac3ae2b4ba80aded6f3acf9e9d2ae8f79680fab4e","sha512":"5ab4674a85d333a496d5d832e655b822b7740d6224a6744dbff9ce0de8886bbcd916b02ef47b61fa521e8ee74cdb78014f02553c8873bd4a57d7ae38c9e23115","ssdeep":"","tlshash":"40d09720a23e040c18f01c0ebea217095462803ad00c097cb1f220289c07613ee13282","size":233,"data":"","first_seen":"2025-12-16T18:41:57.779135Z","last_seen":"2026-03-01T21:33:12.650455Z","times_seen":261,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"afe.qr7gax.top/_nuxt/DlAUqK2U.js","fqdn":"afe.qr7gax.top","domain":"qr7gax.top","tld":"top"},"ip":{"addr":"149.104.35.77","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"25e3a5dcaf00fb2b1ba0c8ecea6d2560","sha1":"7850b3fd4aeb69387bdb5a60025d15c41351d5eb","sha256":"cb85b0f263dbe24e857338301c0627076592e9f1f1a5662929f86d2c126444aa","sha512":"2e5cc9b53d5641147f68c73e5db0442d93fb6a64da45cfc051da5550a2fad07e912e651bd730e54325ef74eb706be0c5df612355c1dca144ab6e9cc8c4ecc73b","ssdeep":"","tlshash":"1fb012c81cc3e078939818d47738c15844380448310742b0808c0943e2c20809797c1d","size":91,"data":"","first_seen":"2023-03-08T16:39:49Z","last_seen":"2026-04-05T15:11:06.45567Z","times_seen":17509,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_system/script/c_html_js_add.php","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"scriptElement","is_inline":false,"md5":"6f40b236c2a337da878870ca4f3440cf","sha1":"4260197ae75ed920ae4d9395c30dc85a6499ace5","sha256":"c527900f4b8146842ec09186d92a38b0945c66b81720172cc07fb1a8e750e85f","sha512":"3431aa3963d46f6bb6007d639ebc82b724db6ce34972548f720fa6a4781b5eaea24cafb06b7b3b48fd9445217b52507cda8c6692a2da82983a7049fc892b460e","ssdeep":"96:6hkV06qZuiMRd1BhXJnbZ2THKrp2iMMKDg8E:6+vf1BhXJnNAHk2iMNDLE","tlshash":"5591d858595651a7143723b7d8af1508feb21aab0414cc26fe7c54682f32f949123fbe","size":4600,"data":"","first_seen":"2026-02-19T03:33:08.740563Z","last_seen":"2026-02-19T03:33:08.740563Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"424cd9540f4828db9f46f4b5769bcb23","sha1":"1ef692e4f7eac3e5352a0c31cb026c4136379bae","sha256":"025a124a7c922c54fda89fc5076fd32079c8feaaa0078edfe3733d9e9a405ae3","sha512":"8d379e2739a9dc37b83f1ce5d6b7d39dcc8662de5080fe46b3630af47907e46771d46e88d526bacea982292667e891102182700927d42edc35047b7d669237dc","ssdeep":"","tlshash":"6fd0a5570c0fe1dc02352f41d914ac5dd9419d841dbdcc6cc5f74839544b67d860b728","size":258,"data":"","first_seen":"2026-02-19T03:33:08.780958Z","last_seen":"2026-02-19T03:33:08.780958Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/upload/water/2025-06-18/68523c8259051.jpeg","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:10.015Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/upload/water/2025-06-18/68523c8259051.jpeg HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:13 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Wed, 18 Jun 2025 04:11:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\netag: \"68523c82-63c1\"\r\nexpires: Sat, 21 Mar 2026 03:32:13 GMT\r\ncache-control: max-age=2592000\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-8ec0-76b3-af40-2e832489176b\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":25537,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 499x278, components 3","md5":"6fe18b3d60ae15d2bcd36bcd4068bdbe","sha1":"05d72091f22988e47b2c6b1a6411d7ee64a90f97","sha256":"dbbc2e4ff14e7b439a5a5719765931004e9574fa84a33f1b5b4ff58ab97ebf30","sha512":"4ea51f89b5161a9f8db85cf3c1ee5e5dc125787f96003c1b946dd26cd0beb85f89da26c71eabcdf373b297e9937576c9dabf03a7f4678c1c415a89fd1fe98985","ssdeep":"768:G2odtrpaTZVOqFsii1cwpqYruMJpMWvcKeGpRaJzPdZ:ZAtrpa1kvXpqIPJphcdJzPdZ","tlshash":"1eb2e08572b1dd9187739da26d690ad320dc34ca58ea8335b9da648ae9c4cfcdb4030b","first_seen":"2025-08-22T05:22:51.688858Z","last_seen":"2026-02-28T05:20:03.612972Z","times_seen":11,"resource_available":false,"data":null}},"time_used":3227,"timings":{"blocked":3013,"dns":0,"connect":0,"send":0,"wait":212,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.tongjiniao.com/r?t=1771472328\u0026p=882952699905200128","fqdn":"api.tongjiniao.com","domain":"tongjiniao.com","tld":"com"},"ip":{"addr":"43.248.142.44","port":443,"asn":23650,"as":"AS Number for CHINANET jiangsu province backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:13.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tongjiniao.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 23 Nov 2025 15:13:03 GMT","end":"Sat, 21 Feb 2026 15:13:02 GMT"},"fingerprint":{"sha1":"31:D8:A0:14:B5:2A:1C:FC:26:AA:6A:A8:00:FC:7D:35:63:BB:40:BB","sha256":"BC:CA:17:13:6E:9B:35:D2:32:60:88:D1:86:FB:F4:B5:0A:9A:75:18:58:F7:45:B0:E8:13:D0:1F:74:CA:C8:AF"}}},"request":{"raw":"POST /r?t=1771472328\u0026p=882952699905200128 HTTP/1.1\r\nHost: api.tongjiniao.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 794\r\nOrigin: https://o4u.jingkenengyuan.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":794,"data":"cid=249590100\u0026u=b2.WnZiUa59qcmhoZJZkYmZtkmVsb2luYWdrkZI=\u0026ref=\u0026href=https://o4u.jingkenengyuan.com/\u0026scw=1280\u0026sch=1024\u0026webX=0\u0026webY=0\u0026webTitle=%E6%AF%8F%E6%97%A5%E5%A4%A7%E8%B5%9B%20-%20%E6%AF%8F%E6%97%A5%E5%A4%A7%E8%B5%9B%E5%9C%A8%E7%BA%BF%20-%20%E6%AF%8F%E6%97%A5%E5%A4%A7%E8%B5%9B%E4%BB%8A%E6%97%A5%E5%A4%A7%E8%B5%9B%20-%20%E6%AF%8F%E6%97%A5%E5%A4%A7%E8%B5%9B%E5%9B%BD%E5%86%85%20-%20%E9%BB%91%E6%96%99%E7%BD%91%E6%AF%8F\u0026sColor=24\u0026cN=48\u0026cT=Mesa\u0026g=llvmpipe\u0026mT=3\u0026cD=\u0026o=703\u0026plat=win32\u0026hi=2\u0026cct=\u0026uA=Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\u0026sid=pZbXqc.jnqzKwW1pY3JtZJttbWtkmmKVYmZimQ==\u0026lan=en-US\u0026sg=tFvSh5tqm5ZvbmqYbm.bYZZlkmiUY29cU9GGb2KcYlmtW5yWmGmUmG1ra5RtYoSVg22ZcZVhcGFnk51qaZVqcGtvmZeNVNiGcHBsk2dtl2eVaZhom2JnaWaYnGFTxFhxW1vf\u0026rid=\u0026hSL=43792\u0026lN=585\u0026oCN=4"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 19 Feb 2026 03:38:51 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 42\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: DNT,Keep-Alive,User-Agent,Cache-Control,Content-Type,Authorization\r\ncache-control: no-cache,no-store, no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":42,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"f6f0534758356f644786f03d9912b271","sha1":"de49a584515e2637c727595652f99c78386ff7d4","sha256":"7ee2a3a5e4b1e50bb31b22d8399f9917073e0421d56c5da3699371ec79af2082","sha512":"564aff1087a3edc46825899a0f978846fb74abbdb77ef591e383398db99cee6d54d3da1b741ff118bf95802627924e08f7bed2b0b9f54f29679686f26e8cbb70","ssdeep":"","tlshash":"979004011d145c547f0334c1350f154411d43140c1401111cc5c513ccf00534f043d34","first_seen":"2023-09-16T15:51:15Z","last_seen":"2026-04-05T06:31:05.594109Z","times_seen":631,"resource_available":false,"data":null}},"time_used":1295,"timings":{"blocked":519,"dns":1,"connect":257,"send":0,"wait":257,"receive":0,"ssl":257},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d6ii9agw2wrlt.cloudfront.net/system/202602/e01be968100944a38e00f2191b7e70ff","fqdn":"d6ii9agw2wrlt.cloudfront.net","domain":"d6ii9agw2wrlt.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.230.245.215","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://afe.qr7gax.top/?v=1771471931842","date":"2026-02-19T03:32:17.075Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /system/202602/e01be968100944a38e00f2191b7e70ff HTTP/1.1\r\nHost: d6ii9agw2wrlt.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://afe.qr7gax.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/base64.jpg\r\ncontent-length: 132179\r\nx-amz-replication-status: COMPLETED\r\nlast-modified: Thu, 12 Feb 2026 06:11:11 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: GBKA_NxFXv2cNEGK2pyy5_85eqWA6N9t\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Thu, 19 Feb 2026 00:29:46 GMT\r\netag: \"4e9eddb008c5cc569f07e31b6088290f\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: fx7rTpKX5Ufq_LC-g6THX5UwImZoEI-EoD9maeRla6Tbw_FujsLxzw==\r\nage: 76793\r\nvary: accept-encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":132179,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 150 x 150","md5":"4e9eddb008c5cc569f07e31b6088290f","sha1":"17e82021069fef5dc42b303fb032d31fed2b6055","sha256":"f841039420659b347038c42995447ee7cb7822a27a31706898bdbde3e586f80a","sha512":"a93135390a236e5323b336caed95d520b701d22900fc10a11e9ea54aa01c54f02306229dce8c5d6e236dd57ec7a6b5cb2917312e5de02489cd54fb799e0d1ae2","ssdeep":"3072:6Nq0000bcq6eBneBMaHNmXIqXIqgZururururmK:6kcs4zydmZururururZ","tlshash":"28d3f2cbe8fada2203e74cbd50ff8951b9da49f0c319a99294b036414e94b5ee433167","first_seen":"2026-02-12T12:09:55.489065Z","last_seen":"2026-03-22T11:37:23.99418Z","times_seen":164,"resource_available":false,"data":null}},"time_used":227,"timings":{"blocked":87,"dns":10,"connect":4,"send":0,"wait":42,"receive":3,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d6ii9agw2wrlt.cloudfront.net/system/202602/1d9f74ce5b594a3d987a419ecea3bb47","fqdn":"d6ii9agw2wrlt.cloudfront.net","domain":"d6ii9agw2wrlt.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.230.245.215","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://afe.qr7gax.top/?v=1771471931842","date":"2026-02-19T03:32:17.079Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /system/202602/1d9f74ce5b594a3d987a419ecea3bb47 HTTP/1.1\r\nHost: d6ii9agw2wrlt.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://afe.qr7gax.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/base64.jpg\r\ncontent-length: 133003\r\nx-amz-replication-status: COMPLETED\r\nlast-modified: Sun, 08 Feb 2026 10:51:24 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: vI6EUFAVrM0P9_F0hTfLnOcZ7R8NcrOP\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Thu, 19 Feb 2026 00:29:46 GMT\r\netag: \"6233125de1774fe457f3bc182df56785\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: MXy0sl4DSsL8wTHQB4ckkuPmXvtYB9fH6N0DtYjpRVOLTvLHqHko1A==\r\nage: 72380\r\nvary: accept-encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":133003,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 200 x 200","md5":"6233125de1774fe457f3bc182df56785","sha1":"640e4db6df7bdc1015fc70e51fa54e38954ece66","sha256":"b1f4e7e64bc31904b37cecf936a7bd156bbd2428533f8027e21fc4244e3fa45b","sha512":"ad1e592b9bb830ccfeab571e0fbd89cc297717314f87425e2c686a731122d8fdeb07ca274486a82dbef6ef43a420a3157bc1d0d07415092ae6fbf3825c13e3d8","ssdeep":"3072:Z22s6QJkUnr4Mau/yiJXtUnr4MauMJXthEvqXex18:4z6QSg49u/ykdg49uGdsqP","tlshash":"8ad302a4f4bf5e04c45237e46e071452dab374d139b1ec127eb5fee1e296e02b726812","first_seen":"2026-02-08T11:43:42.04183Z","last_seen":"2026-04-04T15:48:44.584702Z","times_seen":138,"resource_available":false,"data":null}},"time_used":62,"timings":{"blocked":27,"dns":0,"connect":0,"send":0,"wait":30,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d6ii9agw2wrlt.cloudfront.net/system/202512/1551d1fc0bbd410bad49a71bf5ccd473","fqdn":"d6ii9agw2wrlt.cloudfront.net","domain":"d6ii9agw2wrlt.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.230.245.215","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://afe.qr7gax.top/?v=1771471931842","date":"2026-02-19T03:32:17.085Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /system/202512/1551d1fc0bbd410bad49a71bf5ccd473 HTTP/1.1\r\nHost: d6ii9agw2wrlt.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://afe.qr7gax.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/base64.jpg\r\ncontent-length: 77927\r\nx-amz-replication-status: COMPLETED\r\nlast-modified: Mon, 15 Dec 2025 08:21:38 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: SSDeWNwXea7FcJ2My8_acOr9IitPyKTv\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Thu, 19 Feb 2026 03:32:17 GMT\r\netag: \"35181863c01350e82024c5e0d5fbfdae\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: YssVJOYL2sG0dGwuAzV28YykTAklp-KlCOOTazqiGHqH6fnR2oTIrA==\r\nage: 4014\r\nvary: accept-encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":77927,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 959x959, components 3","md5":"35181863c01350e82024c5e0d5fbfdae","sha1":"55933d061590183557d5205a8ac89817c4cabe37","sha256":"f4e337dcf4f1f4c9001f5eb0c1bbdcb48da228c4abfde3a88ddfedff52a022f1","sha512":"ce6df68509459e4b4063537e56df7fec4a17ab48dac25214fea29a3eb6ab570b547697bb7d9b28556b2a9f2198afa975c667f165ebec6dce9b980cd76b80edf2","ssdeep":"1536:4UuA5vZcACM6MeX8ILk/GoFMo8O2/U61NFg9RjO0vdgqlCERMNgM5Ow7pSS3J:49A5hL6WILk/5651XFg7hzCEiNgfwwG","tlshash":"13730233bd8ab31f8a228d802329415c1a14da809d575bf33485927c4d77aa7d66bf2f","first_seen":"2025-12-16T18:41:57.764343Z","last_seen":"2026-03-07T13:24:56.691763Z","times_seen":208,"resource_available":false,"data":null}},"time_used":103,"timings":{"blocked":24,"dns":0,"connect":0,"send":0,"wait":76,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/theme/Jz52_ylz/style/css/rubik.css","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:10.137Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/theme/Jz52_ylz/style/css/rubik.css HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/zb_users/theme/Jz52_ylz/style/style.css?v1.1.1\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:10 GMT\r\nContent-Type: text/css\r\nLast-Modified: Tue, 22 Apr 2025 08:04:09 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\netag: \"68074d79-2b066\"\r\nexpires: Thu, 19 Feb 2026 15:32:10 GMT\r\ncache-control: max-age=43200\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-862c-7ad3-8544-c82e945ec381\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":176230,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65499)","md5":"7aefca13ff11c71cd95ae2cdbf6942be","sha1":"e1de0f4fb30dded2891388c31aa4e8a2fdb26340","sha256":"d448ccc31cb00d80311f65ab14c9a43721c76fa4f53576a946ccbf444c8b3943","sha512":"610400bbf7585e8b526c51826c780163a679e497cc782b5aef791ee8dd52c4ba6a32e6cf921a70a2f4392d09181783f4c43666441320b8826cbe2b13cf6ee291","ssdeep":"3072:h19KpCatdqiIe9mcrmAtWiDNBdyPY4hySVkb9YSOsbYq5/DgT5nOm0:tACW1IescvdyPFhbkbOj8Yk/UVr0","tlshash":"f2047c73664bfe8337f93b00156e3a548c5c6c4b7228e559f888679eb4de8b07b2c518","first_seen":"2023-06-17T12:46:21Z","last_seen":"2026-03-08T14:28:17.854056Z","times_seen":20,"resource_available":false,"data":null}},"time_used":1151,"timings":{"blocked":694,"dns":0,"connect":0,"send":0,"wait":244,"receive":213,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"misterio777.vip/list.js?t=1771471929","fqdn":"misterio777.vip","domain":"misterio777.vip","tld":"vip"},"ip":{"addr":"172.67.132.83","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:09.947Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misterio777.vip","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sun, 11 Jan 2026 16:14:00 GMT","end":"Sat, 11 Apr 2026 16:22:42 GMT"},"fingerprint":{"sha1":"DD:7C:9E:17:2F:00:ED:FD:3E:59:97:B0:54:D5:65:C5:64:EB:EF:AA","sha256":"B5:7A:A6:CB:E7:CB:F1:53:0A:47:67:64:2D:00:13:32:22:D6:A0:E7:C0:09:2E:05:C2:19:CC:81:A9:08:B6:81"}}},"request":{"raw":"GET /list.js?t=1771471929 HTTP/1.1\r\nHost: misterio777.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 19 Feb 2026 03:32:11 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 2411\r\naccess-control-allow-origin: https://misterio777.vip\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Authorization, Content-Type, Content-Disposition, X-WP-Nonce, Content-MD5\r\naccess-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS\r\naccess-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link\r\nlast-modified: Tue, 17 Feb 2026 08:51:34 GMT\r\netag: \"1358-64b012db9ffd1-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\ncontent-security-policy: frame-ancestors *\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=onxObWQXkFfiPuQIxEJX2UvwNmxPPjXXY95z4TX6azmSZ%2FP%2BB%2BjVLC3g8cfBPati1G4iQZ%2Febl3I7TGprA3M0GgEwv%2BcG9REFgKdlwA6FA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d02b20a7ff4a0f0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4952,"size_decoded":0,"mime_type":"text/javascript","magic":"Unicode text, UTF-8 text, with very long lines (2804)","md5":"2aba4d73835baa93cd680497fb51994b","sha1":"a98e7f5cefde6bf288bdcfe96e47f7d126797e8a","sha256":"9145e72f07bf6c66bdebe0ce17e043dc84aca0868efac4460410d5b0ab5dc79e","sha512":"b52ad77278172120db8947e8dd931e5e6ba9acacabd1f05c5e7060a487bd70f8a1bbc38c398abd1d814cea3d33cf0e71da1474efc32bc50c2211e7fcffdf11c8","ssdeep":"96:BahOrMo6cW0j6MR00dC4S/b5/X4IBcQ4vQdZe1qtt2vMm5rTMi:BacrMElhdJo5/X5BcxoUqD2vMm5rf","tlshash":"cda185e4b6a9457005b624ee223bd38072b5021bbc429649f46d8ec49f78f4792f2dad","first_seen":"2026-02-19T03:33:08.689538Z","last_seen":"2026-02-19T09:49:00.357768Z","times_seen":3,"resource_available":true,"data":null}},"time_used":1875,"timings":{"blocked":51,"dns":34,"connect":1,"send":0,"wait":1732,"receive":0,"ssl":53},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"misterio777.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_system/script/zblogphp.js","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:09.971Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_system/script/zblogphp.js HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:10 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 30 Sep 2021 03:48:34 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\netag: \"61553392-1c24\"\r\nexpires: Thu, 19 Feb 2026 15:32:10 GMT\r\ncache-control: max-age=43200\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-848e-7bb0-b1ff-4ce1eb27d008\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7204,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (7204), with no line terminators","md5":"5e8d86eb2c5abc94804fd6176a35b281","sha1":"921d2cc4615a58a094ddbcc6366437a94508fc5f","sha256":"11b10a45b9fc3622b9a8eaf5181e0bd403af74ecfbbc9541cdce396a8e47b332","sha512":"6504e48f68d98800228db18dc63711b216c299dad8d95e57d0f014c18a24a2ffbc62f6cfe98f5d0152d06da577efb550c20bc947c08101ea3c94d659f572ea17","ssdeep":"192:msL4JVH9jIULy46KgHlQGwH0Dx5qjplLO:m/jIUkHlQGwH0Kt9O","tlshash":"2fe1315cf5c476a103ab30b4088f028a64fb17ae6011d998d264e4e46fbdf8b5623f3c","first_seen":"2023-03-07T23:31:01Z","last_seen":"2026-04-05T13:49:45.736527Z","times_seen":1835,"resource_available":true,"data":null}},"time_used":1240,"timings":{"blocked":446,"dns":54,"connect":210,"send":0,"wait":285,"receive":1,"ssl":236},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/upload/water/2025-12-13/693ceef1e74e4.jpeg","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:09.986Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/upload/water/2025-12-13/693ceef1e74e4.jpeg HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:12 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Sat, 13 Dec 2025 04:43:29 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\netag: \"693ceef1-37c0\"\r\nexpires: Sat, 21 Mar 2026 03:32:12 GMT\r\ncache-control: max-age=2592000\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-8c06-7752-9cf9-a42c866a7650\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14272,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 341x191, components 3","md5":"f39b6e72ab0f40f6f3714146033e0cb0","sha1":"3c572d2932d04075998e43fa9b6fab425dc609fb","sha256":"9b7f44090eb3a4a22999345297367336fe5ea08f6733d833cd6a2da4f639c5ab","sha512":"77c01ca59a1695a9e59df236af3e1a326ed8abc8027bc3317b24910db9570ee3dadc28dc19155938a649c42f52fc0011bfad0b3f833f10d62f73115728afd6dd","ssdeep":"384:G6fv6cIZQgO/XPkJi+bRksacwYilRKv09BUvw3Xf:G6ac5j/XD9BzKv09++v","tlshash":"dc52d1b2818e05c4bfd52939b1b87de412c090dd5286993d3a63c2c60151df3b2cab6c","first_seen":"2026-01-27T08:07:56.395255Z","last_seen":"2026-02-28T05:20:03.599405Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2801,"timings":{"blocked":2344,"dns":0,"connect":0,"send":0,"wait":246,"receive":211,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/upload/water/2025-12-13/693ceba2dabd2.jpeg","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:09.992Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/upload/water/2025-12-13/693ceba2dabd2.jpeg HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:11 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Sat, 13 Dec 2025 04:29:22 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\netag: \"693ceba2-6562\"\r\nexpires: Sat, 21 Mar 2026 03:32:11 GMT\r\ncache-control: max-age=2592000\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-89ee-7ec2-9734-35dc2aa98a24\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":25954,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 500x248, components 3","md5":"4249a50ca6369fb205c1371b0adf7d94","sha1":"1f6812d2caf902078852e3c214a41e8cb237851c","sha256":"d2f70b841be98f125aa3bb379b5060c98f3735d7f48987a6f82e157dd7348815","sha512":"0f2aaab833870856181bcb030e1e148e937bba245c23a26e95ddb9348484ec06ee0a67890d0ffc257785c195634eb290a009a0d7b103d567ba302031812853c5","ssdeep":"384:GsC7yDTnP2LCjuK9K0SzFfIgZrBUdHs97/VfwAdHgPkKUUKeWB4wqBnERhW9uWEN:GsC7qlSzOgZUs7VdHwsyCI9uWM","tlshash":"84c2d02a4c4f081cef4ca0bd6e8711fcd28b765622d9e46a17749db96667df2e00e1c8","first_seen":"2026-01-27T08:07:56.364926Z","last_seen":"2026-02-28T05:20:03.620239Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2047,"timings":{"blocked":1802,"dns":0,"connect":0,"send":0,"wait":243,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/upload/water/2025-12-13/693cead375c49.jpeg","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:09.995Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/upload/water/2025-12-13/693cead375c49.jpeg HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:12 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Sat, 13 Dec 2025 04:25:55 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\netag: \"693cead3-65bd\"\r\nexpires: Sat, 21 Mar 2026 03:32:12 GMT\r\ncache-control: max-age=2592000\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-8df4-7201-a36c-32e7c42eb966\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":26045,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 498x264, components 3","md5":"49affc99365d28ae3cb6dc6194d4ee23","sha1":"56638b7abe1faa7ff5045b26a5385256a70b2d3e","sha256":"a443bc1c4fc302d90cd12ba5f3b74687e3a79fd1f1d53dad64c7a6eb1f0b3719","sha512":"2f3f844ce3103c8798003dbb35fe556a980f162e36a2c21386d2273eb46a3c21d3a109d4662477e1094870f179b62de3053eed99ab0950ae8a984be914092584","ssdeep":"768:Gxz+clCBuB6SvkmD8ywumzuZQvrhP7W4irfC1:mzPCBuESvkmDwumzrvpiro","tlshash":"94c2e1ba4ec127c127973460c3db7c98c01e269a605a1e3a9743d5eeeb07d75cc9ec58","first_seen":"2026-01-27T08:07:56.374914Z","last_seen":"2026-02-28T05:20:03.588666Z","times_seen":5,"resource_available":false,"data":null}},"time_used":3074,"timings":{"blocked":2828,"dns":0,"connect":0,"send":0,"wait":244,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.tongjiniao.com/c?_=792091619582492672","fqdn":"api.tongjiniao.com","domain":"tongjiniao.com","tld":"com"},"ip":{"addr":"43.248.142.44","port":443,"asn":23650,"as":"AS Number for CHINANET jiangsu province backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:09.977Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tongjiniao.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 23 Nov 2025 15:13:03 GMT","end":"Sat, 21 Feb 2026 15:13:02 GMT"},"fingerprint":{"sha1":"31:D8:A0:14:B5:2A:1C:FC:26:AA:6A:A8:00:FC:7D:35:63:BB:40:BB","sha256":"BC:CA:17:13:6E:9B:35:D2:32:60:88:D1:86:FB:F4:B5:0A:9A:75:18:58:F7:45:B0:E8:13:D0:1F:74:CA:C8:AF"}}},"request":{"raw":"GET /c?_=792091619582492672 HTTP/1.1\r\nHost: api.tongjiniao.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 19 Feb 2026 03:38:48 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 11366\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: DNT,Keep-Alive,User-Agent,Cache-Control,Content-Type,Authorization\r\ncache-control: no-cache,no-store, no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11366,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"9efcac68b5665f5c1c3270cdf11584a6","sha1":"6e835621a4c136d23ed62ffcfe782afa43a95e99","sha256":"8b820464030feb008a2a65344f12473b0f2670fed0280b94f1c4a11402190740","sha512":"0262587e6e6e97fd4007a19e275ea33c16319806ad1ec4b6a9c6cdd2c4909c159fc9177e84c25f0c40751d5000180f9ca02a54564d031f0614451796caba91aa","ssdeep":"192:Tld8QTMR7c5EP72qoqt8xevp4oougOpZVQ9ZKKkTGK9cANDyilWvsDgwuUp5KG1j:xuYMxc1xwon+Vi1i+wuUvvA1k","tlshash":"5132424d5da12162a673337f9a0a9508fa335037600e9516fd7ca4902f74a28d3fafe8","first_seen":"2026-02-19T03:33:08.698111Z","last_seen":"2026-02-19T03:33:08.698111Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1258,"timings":{"blocked":-1,"dns":225,"connect":262,"send":0,"wait":501,"receive":1,"ssl":267},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/theme/Jz52_ylz/script/sidebar-right.js","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:10.026Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/theme/Jz52_ylz/script/sidebar-right.js HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:10 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Tue, 22 Apr 2025 08:04:09 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\netag: \"68074d79-1829\"\r\nexpires: Thu, 19 Feb 2026 15:32:10 GMT\r\ncache-control: max-age=43200\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-85ab-7743-b6b9-cfb5de7caeb4\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6185,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6036), with CRLF line terminators","md5":"35d81d74fe157e95619f3b47c54db1e3","sha1":"ea926176572c3ae09b439729fc2bd81d4637fd90","sha256":"93518ad7d50b1d53eeca1efcf57a8f4f649df589fe6c6a716d823f997bbd7f5c","sha512":"d96135c9ff613f0dc791e17c5b0cdb76c5132b4361229e5110d3a7947a4249ca5d1eec9234b8eb602f9ac290b6c1c5f6c7a2ba1b9b59f3c4f64bde116486186c","ssdeep":"96:zGlJ9Ls2+zo1dGc7X8+OqBaexXFEgsFf1eCNCEyNAR2rKrS0pdm:zOJ9QAu/Ff1VYEGSS0G","tlshash":"57d1635b2b51be34a49ab4cb91ff6079922d4cb70fc48024592c96fadc5773540dbec8","first_seen":"2025-05-29T20:05:46.771102Z","last_seen":"2026-03-22T05:35:10.004027Z","times_seen":64,"resource_available":true,"data":null}},"time_used":925,"timings":{"blocked":677,"dns":0,"connect":0,"send":0,"wait":247,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/theme/Jz52_ylz/images/top1.svg","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:10.005Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/theme/Jz52_ylz/images/top1.svg HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:11 GMT\r\nContent-Type: image/svg+xml\r\nLast-Modified: Tue, 22 Apr 2025 08:04:09 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\netag: \"68074d79-9e9\"\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-89ef-7ae1-8fcf-ce9b970f6022\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2537,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1e06a43fd86ca0b2c38fcf360666887b","sha1":"fea92145c37f9807ecb39c7bf00b1b10b8982950","sha256":"1e8928f666f86113f86d2088dbe4c78e23884c2e96451708caeb6ec0d851d27c","sha512":"4d61f78677e8fe6ed656cae0c4563b7c000df1133b27448678d2724f086ec57df6afe8a621b2c0d94212f03ec452c44a7fd18f1696ca85ac779c7e6439908219","ssdeep":"","tlshash":"4e51f2b70208a7a90941d7c0cbe6b59e336d5187f2f590d8abe31aa32c165fbc27c940","first_seen":"2025-12-07T08:27:51.855544Z","last_seen":"2026-02-28T05:20:03.621344Z","times_seen":8,"resource_available":false,"data":null}},"time_used":2073,"timings":{"blocked":1790,"dns":0,"connect":0,"send":0,"wait":283,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/upload/water/2025-06-18/68523af35d742.jpeg","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:10.009Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/upload/water/2025-06-18/68523af35d742.jpeg HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:12 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Wed, 18 Jun 2025 04:05:07 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\netag: \"68523af3-8dbc\"\r\nexpires: Sat, 21 Mar 2026 03:32:12 GMT\r\ncache-control: max-age=2592000\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-8c06-7752-9cf9-a3d2bedc54ed\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":36284,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 440x400, components 3","md5":"b02a5acb500b52a171f2c9b2f99f4e1a","sha1":"182b7c565ab9bc7fb1384529d7e54eb241380808","sha256":"2b9e4c26dd11689fd391a409eb087de2610cd1b0718b3815a83474845c4e1daa","sha512":"365f18f95d264512b2c69a828a82a7e99d1953ec8bbe03c87ea4e7cf71dc98122c5faa99610fcb1931c5c876067f724c1acebc575d3b3314f731d9c4d1f0c9b5","ssdeep":"768:GrCF5/QJFxCioznZwXr/H6wFmSZubN+TgSJAnjz3Zm:8ffxRoznZOr/awMSZu5Q3JKm","tlshash":"57f2f2453435c49b2f2ef19869151ab7ac6c1c97f4e17230b8b7bb2ed340dba089dd88","first_seen":"2025-07-23T11:45:37.788524Z","last_seen":"2026-02-28T05:20:03.595711Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2774,"timings":{"blocked":2321,"dns":0,"connect":0,"send":0,"wait":244,"receive":209,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/upload/water/2025-06-18/68523963a0456.jpeg","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:10.017Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/upload/water/2025-06-18/68523963a0456.jpeg HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:13 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Wed, 18 Jun 2025 03:58:27 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\netag: \"68523963-4425\"\r\nexpires: Sat, 21 Mar 2026 03:32:13 GMT\r\ncache-control: max-age=2592000\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-8ec2-7490-a117-edfe2c2414d0\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17445,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 499x289, components 3","md5":"f0cda5915bf04d42ea39407664931fa0","sha1":"6163cf2ec7773d86d143c3fa1b2a0af415bea824","sha256":"70f1f5ae90b00a6f616ba2ae7033ca9a8af5cf32256e1d1b8f57aa33a58235ad","sha512":"6eec55f27e06fb0b095a377a394456527a23e61922282c46789461a7e4c15f9163d663da6edf204af1d609a6791f6c334b426f752ccc54550bfcabfec5169d2a","ssdeep":"384:GlF+RQH+cqm2vebN7PbCmBLMA3S+B/kBTHJ1uaKpy6VnPU65idr6:GlFMQH+jDebpTBLMKTB/kTHSalqPUq","tlshash":"fb72d01b16444220af9e6a5f3eb42d497764c9007ef14ff532a869b7bbcde360088342","first_seen":"2025-07-23T11:45:37.556721Z","last_seen":"2026-02-28T05:20:03.608556Z","times_seen":18,"resource_available":false,"data":null}},"time_used":3259,"timings":{"blocked":3013,"dns":0,"connect":0,"send":0,"wait":245,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/theme/Jz52_ylz/style/css/fonts/icomoon.ttf?b2bfcw","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:12.506Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/theme/Jz52_ylz/style/css/fonts/icomoon.ttf?b2bfcw HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/zb_users/theme/Jz52_ylz/style/css/style.css\r\nCookie: __vtins__KqbVaD2ZBOe4Q1Bs=%7B%22sid%22%3A%20%22689c4108-bcda-501f-b3f7-d62745b68df9%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201771473732418%2C%20%22ct%22%3A%201771471932418%7D; __51uvsct__KqbVaD2ZBOe4Q1Bs=1; __51vcke__KqbVaD2ZBOe4Q1Bs=f06b53c7-54ac-5343-a1e3-b3b4308d298e; __51vuft__KqbVaD2ZBOe4Q1Bs=1771471932422\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:12 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 40508\r\nLast-Modified: Tue, 22 Apr 2025 08:04:09 GMT\r\nConnection: keep-alive\r\nETag: \"68074d79-9e3c\"\r\nAccept-Ranges: bytes\r\nx-request-id: 019c73f4-8cf9-7ba2-99ad-c0dded676b22\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40508,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 11 tables, 1st \"OS/2\", 14 names, Macintosh, type 1 string, icomoon    ","md5":"1a158924520a2dd1d5bd2044278a2495","sha1":"3328b15316646e8247bc86627202e9fb57d8e2af","sha256":"47c9c09521465ed96d4408d32ab0b95864c57a0929723e9dcd3e22ed5b1d8cbb","sha512":"2a6312b2e29666c3d2b6d7862d647edc314ebbb02084d88f9fa1aa216b27b460956e43ac4e4933b7ebc9a19dd07dc76c1785a10b4b1a6e8064827c411d202fc5","ssdeep":"768:Z92hsu+0o/uTVev2+1LGFcNeyLMGt2UsderVCTTwj/lMQ4laLecwoIdlWMkAxoFo:uhKQVev2+sOMGtfsdACTTwDlT4Q5w6Oj","tlshash":"9e037d1bcb97db6de802db75489393615dfcd526823ee3c750872c909028af88d3c68e","first_seen":"2025-10-04T14:34:00.618417Z","last_seen":"2026-03-08T14:28:17.872153Z","times_seen":19,"resource_available":false,"data":null}},"time_used":285,"timings":{"blocked":67,"dns":0,"connect":0,"send":0,"wait":212,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"afe.qr7gax.top/_nuxt/Dmk0oD0K.js","fqdn":"afe.qr7gax.top","domain":"qr7gax.top","tld":"top"},"ip":{"addr":"149.104.35.77","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://afe.qr7gax.top/?v=1771471931842","date":"2026-02-19T03:32:15.347Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qr7gax.top","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 18 Feb 2026 00:00:00 GMT","end":"Tue, 19 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2B:95:02:91:5E:E8:74:F1:2F:A1:7D:00:BC:2F:5B:30:E9:49:01:22","sha256":"05:06:DA:14:AB:0F:96:26:40:F9:26:18:C1:BC:BF:76:A4:F3:80:62:9A:5E:06:EC:9B:74:BE:EB:EE:AF:CB:CF"}}},"request":{"raw":"GET /_nuxt/Dmk0oD0K.js HTTP/1.1\r\nHost: afe.qr7gax.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://afe.qr7gax.top/?v=1771471931842\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:15 GMT\r\nContent-Type: text/javascript; charset=utf-8\r\nContent-Length: 373490\r\nConnection: keep-alive\r\nKeep-Alive: timeout=120\r\ncache-control: public, max-age=31536000, immutable\r\nVary: Accept-Encoding\r\nETag: \"5b2f2-I283N+qDj1ndD6PhdyJrHZQpc7k\"\r\nLast-Modified: Mon, 15 Dec 2025 08:51:44 GMT\r\nx-request-id: 019c73f4-98ef-7ca3-938a-205164e9a15a\r\nAge: 1259\r\nX-Cache-Status: hit\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":373490,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (36346)","md5":"f6b1fd01d2f1f43bc84e4859d0e508a3","sha1":"236f3737ea838f59dd0fa3e177226b1d942973b9","sha256":"6c35788a05cf926bab7a8777a27470301664ce4758ecb201d22aec34854a42a9","sha512":"5ca1516aaab7fd4c8bb041b05ba1d4bc67de71eb401e216072e4f8b081f6e83babf777809e591967d6cca7a1045f930ab19ce8078de7e2be78d931363091180e","ssdeep":"6144:fzfmMqjt5UlmCEFtMj5ftYHVw36hPqvsjdgudaxXtAG:fzfXeUgxFSdft0Vw3+qludAXtT","tlshash":"e98429d532e6b46143e668e4003f110af23a2919744dd0ecf69ddcea7c7984a927bf78","first_seen":"2025-12-16T18:41:57.702948Z","last_seen":"2026-03-07T13:24:56.706163Z","times_seen":265,"resource_available":true,"data":null}},"time_used":1271,"timings":{"blocked":296,"dns":0,"connect":0,"send":0,"wait":208,"receive":767,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/theme/Jz52_ylz/style/style.css?v1.1.1","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:09.950Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/theme/Jz52_ylz/style/style.css?v1.1.1 HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:10 GMT\r\nContent-Type: text/css\r\nLast-Modified: Tue, 22 Apr 2025 08:04:09 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\netag: \"68074d79-120d7\"\r\nexpires: Thu, 19 Feb 2026 15:32:10 GMT\r\ncache-control: max-age=43200\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-8290-76b0-b7f7-b351a28b563a\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":73943,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"9880ab15efa7b07772dd24127bec98b5","sha1":"140c742c435d1043cddbf95e3811e54cafdec299","sha256":"7ac793f0dd1ec38cc5aa5a97720702658bbb8731046f98e5b4450057c2b62451","sha512":"5349f9af56f211a9e5ccd7e56da1ccf9e9288d1ff9b4f83223c75a64131d92a751bbe3057256ba16e28e063407fc99542dc50a4ea45d731fa7ca1c2a2efb1269","ssdeep":"768:z4TPPWsg6mxgVIETpBfcvg8Nsl+xs+zy7nonqCv0sL5qdPF1iPtMkKxN9NBrBuTl:z4TPus8L5qdPzGtM7tx+aa","tlshash":"b7736faceb0012046637dbb977925b66bfad40a29b03027dbff43159a386e5d4131fc9","first_seen":"2025-12-07T08:27:51.848772Z","last_seen":"2026-02-28T05:20:03.619714Z","times_seen":8,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":213,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/theme/Jz52_ylz/xtiper/xtiper.css","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:09.961Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/theme/Jz52_ylz/xtiper/xtiper.css HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:10 GMT\r\nContent-Type: text/css\r\nLast-Modified: Tue, 22 Apr 2025 08:04:09 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\netag: \"68074d79-5f90\"\r\nexpires: Thu, 19 Feb 2026 15:32:10 GMT\r\ncache-control: max-age=43200\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-8366-7c13-a6b4-10c3dcd77cee\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24464,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3045)","md5":"3f933fb9fa64fb0066a0cf9cd0942f4a","sha1":"e097c15d5848ab82f2f915992f3021cf1c2501ef","sha256":"202bced2713edda20f1688f44d09eb70d9af656cc0061df6c0a31b60fdeb9900","sha512":"e3ba95d36400a4bf3ad6a3570f5a111581b9fab6c103d13f47d0ea2246cb8ec87fa79164df1c557b65431b590940ce5afcdc143c018912427432a977d9ec5463","ssdeep":"384:wPHPeM4aFVQ2M/EYsfKX9KfiE9/8giv01QxyxdyBHAe:wPHPujnXwKEV/ijxKy5Ae","tlshash":"d2b2a65ee3033228f44b8326789165ec223e82dab5d227aed2357d70e1750e457b8dde","first_seen":"2023-05-10T05:18:24Z","last_seen":"2026-03-31T11:56:58.172379Z","times_seen":52,"resource_available":false,"data":null}},"time_used":373,"timings":{"blocked":160,"dns":0,"connect":0,"send":0,"wait":212,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/theme/Jz52_ylz/style/images/loading.svg","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:10.000Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/theme/Jz52_ylz/style/images/loading.svg HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:13 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 334\r\nLast-Modified: Tue, 22 Apr 2025 08:04:09 GMT\r\nConnection: keep-alive\r\netag: \"68074d79-14e\"\r\nAccept-Ranges: bytes\r\nx-request-id: 019c73f4-8f9a-7d80-8a3f-adf4a8dd1786\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":334,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"5a4a17dee441ad7d9f90557f1dcd8820","sha1":"8b0f1d45979a0a60e7ddfc4e6c8f7f4b5d561352","sha256":"3c7f89ac43e15b837ae8b9bef1343866314591ee5dec13f4dd2d85afea9adc4d","sha512":"fdb9acefdcf3e236cba46d7323141976714d81c2901dde1f863a9005c65bef7f6ee13f997bb2ce7949a6f28a0f9a9e0c22f9b9ef2ded97c7991540666735f78e","ssdeep":"","tlshash":"45e026fbc61e84eb0999e3006ad026638a65b2abe2ad00f967d3177b14244c756784e1","first_seen":"2023-05-10T05:18:24Z","last_seen":"2026-04-04T07:46:00.159601Z","times_seen":203,"resource_available":false,"data":null}},"time_used":3493,"timings":{"blocked":3245,"dns":0,"connect":0,"send":0,"wait":247,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/theme/Jz52_ylz/script/infinite-scroll.pkgd.min.js","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:10.002Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/theme/Jz52_ylz/script/infinite-scroll.pkgd.min.js HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:10 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Tue, 22 Apr 2025 08:04:09 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\netag: \"68074d79-64db\"\r\nexpires: Thu, 19 Feb 2026 15:32:10 GMT\r\ncache-control: max-age=43200\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-8492-7ec2-adab-d6c2a488a6d2\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":25819,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (25581)","md5":"4dd9a5c6d0be090b107ed878587f0039","sha1":"c91cf6169d0dcb5e52ab0a48f430b9b6d7bd5620","sha256":"f3bb8b08d88d8c2aecdcc22d44304bb5011631ed25f7b92ef36e834392cd227b","sha512":"f4832b4925a1154875be23a16d78c67ab8be08ce9520476127c2363b0605297d835b5e60be33bcb3569829460a54e39de481e3ba33211fd054375efc0f145748","ssdeep":"768:QixOG8Q8XnQWF4dE1RrrrdNCqKuUdxfu7XjqIV807:Dxz8cKbeuUdxfu7XWIt","tlshash":"31c2a58db292752252dba0b4e51f070f7133587a6606409cf568ecf8acb8d5ea133f75","first_seen":"2023-03-07T01:40:51Z","last_seen":"2026-04-05T14:23:24.070486Z","times_seen":1926,"resource_available":true,"data":null}},"time_used":1211,"timings":{"blocked":420,"dns":51,"connect":217,"send":0,"wait":282,"receive":1,"ssl":238},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"d6ii9agw2wrlt.cloudfront.net/system/202602/f91c216bbcf545f3a67b5bbf397333bb","fqdn":"d6ii9agw2wrlt.cloudfront.net","domain":"d6ii9agw2wrlt.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.230.245.215","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://afe.qr7gax.top/?v=1771471931842","date":"2026-02-19T03:32:17.076Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /system/202602/f91c216bbcf545f3a67b5bbf397333bb HTTP/1.1\r\nHost: d6ii9agw2wrlt.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://afe.qr7gax.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/base64.jpg\r\ncontent-length: 102939\r\nx-amz-replication-status: COMPLETED\r\nlast-modified: Thu, 12 Feb 2026 06:12:51 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: 8DM1oFWwx33j.c_9IbGeAuCLCPQCKl5W\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Thu, 19 Feb 2026 00:29:46 GMT\r\netag: \"796501ef7d7e917fab89548466ef8909\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: 6V6MYmSRxpxzGc9Yr4ggrGiuHsjO4U-ZuT4LhA8Kki6tIHpmUagoDg==\r\nage: 76727\r\nvary: accept-encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":102939,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 150 x 150","md5":"796501ef7d7e917fab89548466ef8909","sha1":"5cae15b924845d1d45330904ac8a4b6e6855a936","sha256":"a427d4d6db5945551c83bd775b8c1472d822c2fcf7346005d47e557550e1328a","sha512":"44d7754f70b7337e5624fee44067c8e7617b0f1a81beed12a0945ec4842acc0839052304fa0e6919d5724c33272afdbba404f35415cfd9b5ba725199c19b3865","ssdeep":"1536:JfmPx6XwOiXQ2xHXaVklCZKZMu27Sy5/12eE5Sy5/v35zrlPqPdZtI1gvVoDn9re:NM3K2PZJyyAyJsZBvMhXLV3L9Ut3L9Uy","tlshash":"0aa302a296258061ae251f76f3fd4c5ee0f1863076e9615f2c94caeae1e403cb2d17cc","first_seen":"2026-02-12T12:09:55.472528Z","last_seen":"2026-04-05T07:13:15.502593Z","times_seen":216,"resource_available":false,"data":null}},"time_used":230,"timings":{"blocked":87,"dns":11,"connect":5,"send":0,"wait":44,"receive":2,"ssl":42},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d6ii9agw2wrlt.cloudfront.net/system/202602/7272946f9fc046219e3de0fc4ea6ce94","fqdn":"d6ii9agw2wrlt.cloudfront.net","domain":"d6ii9agw2wrlt.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.230.245.215","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://afe.qr7gax.top/?v=1771471931842","date":"2026-02-19T03:32:17.083Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /system/202602/7272946f9fc046219e3de0fc4ea6ce94 HTTP/1.1\r\nHost: d6ii9agw2wrlt.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://afe.qr7gax.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/base64.jpg\r\ncontent-length: 123576\r\nx-amz-replication-status: COMPLETED\r\nlast-modified: Fri, 13 Feb 2026 09:01:17 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: lQzW5eRYsoWz2MDvMlQxxZXeuaxFS_31\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Thu, 19 Feb 2026 00:29:46 GMT\r\netag: \"da25ab11cda703290b472cc0ae7f75cd\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: kR-HUmNDSLDKLhn-icccvPZD2sUY5uveyyD9JdAZq_OM3ZN1sME0MA==\r\nage: 66609\r\nvary: accept-encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":123576,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 300 x 300","md5":"da25ab11cda703290b472cc0ae7f75cd","sha1":"606143746876aac638853ada725ba0a4ebb2d59f","sha256":"8ed27a9fcbebc7e166d8dfab907d1c4c12ef0bec998699191d620977a85ea866","sha512":"b69506886a505e5f525ec3e89351ec64d5a65a9e3afc6d94ad8da523eee8c03fac00ac163e0a744f955791b7530e71b935d32c7f953c63bde2b0333859a29a70","ssdeep":"1536:lusVSfLti+gc4aEw1ExXVia5UGpbq1Vp5iXT87NJ/jnuAcxNylJZT0pGsUCgXb0t:5wnx10XV+GMniXTY7nu5ywErLO4rPDM","tlshash":"92c31299a30d24c503907c58ccebf3f41e0905a3eac76cff245ab51d8db6a2a303a5d8","first_seen":"2025-09-28T03:06:13.066868Z","last_seen":"2026-03-22T18:01:16.12921Z","times_seen":161,"resource_available":false,"data":null}},"time_used":71,"timings":{"blocked":23,"dns":0,"connect":0,"send":0,"wait":44,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d6ii9agw2wrlt.cloudfront.net/system/202512/0272f7f34a8741aa8dff8e36fd767e9a","fqdn":"d6ii9agw2wrlt.cloudfront.net","domain":"d6ii9agw2wrlt.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.230.245.215","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://afe.qr7gax.top/?v=1771471931842","date":"2026-02-19T03:32:17.084Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /system/202512/0272f7f34a8741aa8dff8e36fd767e9a HTTP/1.1\r\nHost: d6ii9agw2wrlt.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://afe.qr7gax.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/base64.jpg\r\ncontent-length: 17771\r\nx-amz-replication-status: COMPLETED\r\nlast-modified: Mon, 15 Dec 2025 08:15:37 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: pJbfMq07Mtyw_S1NXPaFYWAA7JUfp3MK\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Thu, 19 Feb 2026 00:29:46 GMT\r\netag: \"418e2930c0ec0a9cd08c9627c2f5e68d\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: FbM2SZ8mTlK-2Nybs4JNgb9Q12lHc5dfhaU4dC1W3QGJtTT-YzaXDg==\r\nage: 63185\r\nvary: accept-encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":17771,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 400x400, components 3","md5":"418e2930c0ec0a9cd08c9627c2f5e68d","sha1":"81721b3d47edb8c5e1bba51251b62468cbff3a8c","sha256":"b5d77e9fed2518a5c8306ffc832074b740fa32d393c22ca156612c7732b7bc56","sha512":"fec5f28164533f2c395ecbfb9c5d3d517921a871425ab72a00b4eadaaebb3fa08f3153b4192d388947e374c55ff1f8db4e0c62ce7d6b0d0a901f902ac1317294","ssdeep":"384:LLAY4jvOJcwDkqcfAuS3LI/w3l+tyh4zTh5cBznz6BXxaP:LLATahkqZdbvlgyYNuN2BXxaP","tlshash":"4682d0ad58b3423a8d96dd935c80d3a7dacde390c15a8a1f36ff23051bc9504a3cda6d","first_seen":"2025-12-16T18:41:57.75158Z","last_seen":"2026-03-07T13:24:56.723235Z","times_seen":210,"resource_available":false,"data":null}},"time_used":66,"timings":{"blocked":22,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/upload/water/2025-12-13/693ce94357d46.jpeg","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:09.998Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/upload/water/2025-12-13/693ce94357d46.jpeg HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:11 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Sat, 13 Dec 2025 04:19:15 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\netag: \"693ce943-4b3e\"\r\nexpires: Sat, 21 Mar 2026 03:32:11 GMT\r\ncache-control: max-age=2592000\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-89ef-7ae1-8fcf-ceca9e47dcdb\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19262,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 310x211, components 3","md5":"667a3b54d8c69557edaf77b9c6ce5953","sha1":"3db46c6fe589a37966f183b56263459db735fb74","sha256":"5773f66ba62dc3d3a20a0b2e981ef3d350fe14658193fff059dd766580fa8b8b","sha512":"67b242a6be450d9266b3267aa0a957defa98eacc61fbae506f919b6e5c9e55ad70b688bbf6d0957f2ff30456c95e321c7296e5aaa05da8b1b9b841948c747ac2","ssdeep":"384:GZB0lMdkVjdvQ66Oi/7Qu7EivjI0/+OJm0f69B28sm/dFQmGy0Jr4M5jtANa99N:GZcVjdvQ66Oi/Eu7Et0Gum0UB23m/HNQ","tlshash":"6b82c033e74463128f4364a1652f02fbe8ed06d00bddef38174998ac8da4db64d09dab","first_seen":"2026-01-27T08:07:56.357415Z","last_seen":"2026-02-28T05:20:03.591832Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2287,"timings":{"blocked":1797,"dns":0,"connect":0,"send":0,"wait":280,"receive":210,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/upload/water/2025-12-11/693a914a5d809.jpeg","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:09.999Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/upload/water/2025-12-11/693a914a5d809.jpeg HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:11 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Thu, 11 Dec 2025 09:39:22 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\netag: \"693a914a-827e\"\r\nexpires: Sat, 21 Mar 2026 03:32:11 GMT\r\ncache-control: max-age=2592000\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-89ef-7ae1-8fcf-ced63e38a706\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":33406,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 360x640, components 3","md5":"32a506aeb18b0658d7884fffc3b527ea","sha1":"5e324f00b054b1ef0b6f1ce157710c07300f75a2","sha256":"8f4f67287da3ef535393a0f8d9dea972ec3d35346a46e42a82a9d54db435eaf1","sha512":"57c726ea873fb6f4ddcc309c32686ac74a19029e9eed2305feea65f34aea365ac52a4ebf8e905320e829140533dfff161a9e6aedaff6472beb2c57f0d4fadfab","ssdeep":"768:G6DrkX8005NHHnwF0ChpO0DKMuFqhu4i/p9//Nh283P:xDrkX800/HHnwZbO0vy/p9N8y","tlshash":"08e2f1d33c0bc9630fdfa6a2cd6245a9308615642fff677e2643acf4a058d98261895f","first_seen":"2026-01-27T08:07:56.389318Z","last_seen":"2026-02-28T05:20:03.606269Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2289,"timings":{"blocked":1796,"dns":0,"connect":0,"send":0,"wait":279,"receive":214,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/theme/Jz52_ylz/script/qrcode.min.js","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:10.024Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/theme/Jz52_ylz/script/qrcode.min.js HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:10 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Tue, 22 Apr 2025 08:04:09 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\netag: \"68074d79-4dd9\"\r\nexpires: Thu, 19 Feb 2026 15:32:10 GMT\r\ncache-control: max-age=43200\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-8512-78a1-870f-8bf461233072\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19929,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (19927), with CRLF line terminators","md5":"6a1385bd2c4f09da24427299811e8314","sha1":"22ab90f17512c9cd9c24a857391151930e34b8dd","sha256":"50115e24427d5c0811f5c5a243d9ffa54da07e45755fcb93cfdf2effaa12f913","sha512":"1bdf0b1beacb7a24eb4dbc04705a958bbf0eb39a458c64e6d69d4b4fba0ddf38f3425c25596e55fd6538b8b9b780e2eb7a6bc7db5164ffd82d4bc7bb77b4cbc6","ssdeep":"384:WRQ2kvcAAdTRhQLThP2yO9/9G84U5xOiKQYHHHsglDep9m1yfB8dKLMyA+LyUyy0:xThP2V/9N4U/gQYPXa8CAPLyro","tlshash":"dd92c7e4f36542f6915e6cd4283f104b64a0a4636c1490acbfb5c1e6a9f8fe0647af74","first_seen":"2023-03-07T15:34:37Z","last_seen":"2026-03-28T14:56:13.145395Z","times_seen":85,"resource_available":true,"data":null}},"time_used":771,"timings":{"blocked":525,"dns":0,"connect":0,"send":0,"wait":245,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/theme/Jz52_ylz/style/css/too.css","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:10.136Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/theme/Jz52_ylz/style/css/too.css HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/zb_users/theme/Jz52_ylz/style/style.css?v1.1.1\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:10 GMT\r\nContent-Type: text/css\r\nLast-Modified: Tue, 22 Apr 2025 08:04:09 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\netag: \"68074d79-471\"\r\nexpires: Thu, 19 Feb 2026 15:32:10 GMT\r\ncache-control: max-age=43200\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-8608-7121-8aa5-a0b65a496ab2\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1137,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"e2c5ab071a98eedd530e8b986bc59822","sha1":"b3fc329818d63ce95e3d74be140a2e9700675686","sha256":"e6bfe39909e4f9fee9f248b5dfd4ec718a21a5923970f80a81fb9e51780049a0","sha512":"d5bee9043f6b103c0e3d81be1d5c5f764a9735938603a8525e74a7cd21dca2cf8b471eb8babf3d06e4dc74e6cd55eb79e5a5df04362fc04a1bcc9603ebe82c75","ssdeep":"","tlshash":"aa21e1d0e8fc158182548cd433e72e353b1c60f902422ea4efaa7a1c6eef754829678d","first_seen":"2025-12-07T08:27:51.770847Z","last_seen":"2026-02-28T05:20:03.594651Z","times_seen":8,"resource_available":false,"data":null}},"time_used":905,"timings":{"blocked":659,"dns":0,"connect":0,"send":0,"wait":245,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/theme/Jz52_ylz/style/css/fonts/tool.ttf?nqe0dq","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:12.532Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/theme/Jz52_ylz/style/css/fonts/tool.ttf?nqe0dq HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/zb_users/theme/Jz52_ylz/style/css/too.css\r\nCookie: __vtins__KqbVaD2ZBOe4Q1Bs=%7B%22sid%22%3A%20%22689c4108-bcda-501f-b3f7-d62745b68df9%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201771473732418%2C%20%22ct%22%3A%201771471932418%7D; __51uvsct__KqbVaD2ZBOe4Q1Bs=1; __51vcke__KqbVaD2ZBOe4Q1Bs=f06b53c7-54ac-5343-a1e3-b3b4308d298e; __51vuft__KqbVaD2ZBOe4Q1Bs=1771471932422\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:12 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 2904\r\nLast-Modified: Tue, 22 Apr 2025 08:04:09 GMT\r\nConnection: keep-alive\r\nETag: \"68074d79-b58\"\r\nAccept-Ranges: bytes\r\nx-request-id: 019c73f4-8cfa-7111-8b3d-6d8da2f02ff6\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2904,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 11 tables, 1st \"OS/2\", 14 names, Macintosh, type 1 string, tool       ","md5":"337272e8649770ca87c5be67e3528477","sha1":"6efa31020acbe84e23c89aae585b2001612b8cfa","sha256":"6ab734eeb510faff4dc90f6e45366ae5f3c5ad4cb71f54032b336535a348e9de","sha512":"fb11049241c49e13d8811e1c0acbe36271f5258afb34228dad4a99853b3a5abeffee68b4f4be35760521d04b017dc611846a1789ca21b2ef819dcf19c6102e07","ssdeep":"","tlshash":"a8519624c338dd54c503af78f26aab2113b8e808513ab74f74461e49fc595ea8c38b4d","first_seen":"2025-12-07T08:27:51.900743Z","last_seen":"2026-02-28T05:20:03.596784Z","times_seen":8,"resource_available":false,"data":null}},"time_used":285,"timings":{"blocked":42,"dns":0,"connect":0,"send":0,"wait":242,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"d6ii9agw2wrlt.cloudfront.net/system/202602/335780f08f704de9b2be4413a4bb67f8","fqdn":"d6ii9agw2wrlt.cloudfront.net","domain":"d6ii9agw2wrlt.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.230.245.215","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://afe.qr7gax.top/?v=1771471931842","date":"2026-02-19T03:32:17.073Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /system/202602/335780f08f704de9b2be4413a4bb67f8 HTTP/1.1\r\nHost: d6ii9agw2wrlt.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://afe.qr7gax.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/base64.jpg\r\ncontent-length: 107501\r\nx-amz-replication-status: COMPLETED\r\nlast-modified: Thu, 12 Feb 2026 09:28:09 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: ihUql8R_qTy9uhpORN_5KnlaNIDmp_0u\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Thu, 19 Feb 2026 00:29:46 GMT\r\netag: \"ebf164121af8db8a254341b046375d11\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: P_NoJg7Il2-Io-OePqR49au6XX21uXu7qtrzd_uTYWyZyZcuEcQehg==\r\nage: 75409\r\nvary: accept-encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":107501,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 150 x 150","md5":"ebf164121af8db8a254341b046375d11","sha1":"4ae64825afa7ca0e0bd484c80b022985e1bdbe96","sha256":"2f26f95679ac7ed1a38b6d032c2f568efaaf8f9d14e080fcedfa967677f9762a","sha512":"387aa8579ec7bdff980ff9105aca68b5a2ffbcb1f82db19aeb52f0e9a72f5395e575b4449b633a82b6436d86af068d474f674fea53d2936b8dab9ba817e32b6e","ssdeep":"1536:P6eQwNUj13unMSLE+/zAh7zDMBT5JjsPYPYeMSsm/LbLlLnwWOosF5DxQQJc:nNUBaLEw8tIBTFa0DHtnUosF5xbJc","tlshash":"92b3024f097b99896dd9983dc68a1c60661d4f9be3b881dbdef9374b3b46872e044303","first_seen":"2026-01-17T16:57:36.509335Z","last_seen":"2026-04-05T06:15:32.168426Z","times_seen":217,"resource_available":false,"data":null}},"time_used":220,"timings":{"blocked":84,"dns":9,"connect":4,"send":0,"wait":33,"receive":3,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d6ii9agw2wrlt.cloudfront.net/system/202512/6d237aa191604d5fa631663f9f40cf6e","fqdn":"d6ii9agw2wrlt.cloudfront.net","domain":"d6ii9agw2wrlt.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.230.245.215","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://afe.qr7gax.top/?v=1771471931842","date":"2026-02-19T03:32:17.087Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /system/202512/6d237aa191604d5fa631663f9f40cf6e HTTP/1.1\r\nHost: d6ii9agw2wrlt.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://afe.qr7gax.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/base64.jpg\r\ncontent-length: 18761\r\nx-amz-replication-status: COMPLETED\r\nlast-modified: Mon, 15 Dec 2025 08:23:58 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: xr0TBLNr1NLipMRD0XlF7M37pzEyyYv3\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Thu, 19 Feb 2026 00:29:46 GMT\r\netag: \"7ab121cced3a3a337d1fa42066ecdc1f\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: o4_NlwQpAYgbpgpjrDsNnx4CnzFzjbRRuocWuB5mXvwT_jiCVD8l8A==\r\nage: 54385\r\nvary: accept-encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":18761,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 400x400, components 3","md5":"7ab121cced3a3a337d1fa42066ecdc1f","sha1":"1af72cd41f956b253b05e4a75859a121c091cec4","sha256":"b9639235b6bd1603c1c3eee69f13a08ea93c8314648516ede0524f2be6040d58","sha512":"c48cb23840ec4bd22c3324fef0f49580ea1d9777233f450bfd1d9ead04493c5684fe7088d80a7e824075676c5b987e71558327387fef3fbf679de6961e03a09b","ssdeep":"384:qBxwaP/BPPotrsAJvy6+7zqbIG8Z+7Xd2YDQrg637RWS3TKW64KP:qBxwe8JyG7Xd2YDQrxjTKX4K","tlshash":"3c82d00fe113a66ba01831307ccdbb578705ec1e816a1289ef45ac3a55bac5c7fdd318","first_seen":"2025-12-16T18:41:57.747237Z","last_seen":"2026-03-07T13:24:56.696945Z","times_seen":208,"resource_available":false,"data":null}},"time_used":69,"timings":{"blocked":25,"dns":0,"connect":0,"send":0,"wait":43,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/upload/water/2025-06-18/68523a2bd11e5.jpeg","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:10.006Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/upload/water/2025-06-18/68523a2bd11e5.jpeg HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:13 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Wed, 18 Jun 2025 04:01:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\netag: \"68523a2b-3600\"\r\nexpires: Sat, 21 Mar 2026 03:32:13 GMT\r\ncache-control: max-age=2592000\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-8ec0-76b3-af40-2e7ad9b0da0e\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13824,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 298x219, components 3","md5":"7984f8c8abc22d40c818a5d4b075c27c","sha1":"fdd3422361b17240437748747ae616c49f339c80","sha256":"bbacbbf111f5153fd5853399748caf073e7c63d9c05b4ff486a5fe0ba98db029","sha512":"46f88c59e7a42b3ba2871a1e777590c635634054c93ac3b32e3be131139e24abd0ef9d7eb0162b594eae5fadff089118bb3477aa2008a80359fb21300497e1ff","ssdeep":"384:Gl5fQD9+4SpIJp5s3dzvFGRo4YFdWHdSGhTn:GlSJXSCH4lvr4mTGTn","tlshash":"1e52b0047f885ad4bb0153eccbd610bf475c2a4ca4081d78ae67873b6f65f32685a1a5","first_seen":"2025-08-22T05:22:51.743083Z","last_seen":"2026-02-28T05:20:03.617506Z","times_seen":14,"resource_available":false,"data":null}},"time_used":3269,"timings":{"blocked":3022,"dns":0,"connect":0,"send":0,"wait":246,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/theme/Jz52_ylz/script/jquery.superslide.js","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:10.025Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/theme/Jz52_ylz/script/jquery.superslide.js HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:10 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Tue, 22 Apr 2025 08:04:09 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\netag: \"68074d79-3047\"\r\nexpires: Thu, 19 Feb 2026 15:32:10 GMT\r\ncache-control: max-age=43200\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-85a4-7461-9cce-3f51d5bd4d50\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12359,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (11261), with CRLF line terminators","md5":"77f98c696d0ddc085fb7a949e8b40276","sha1":"ad4492970d5d6614a93306b875308e14cc686295","sha256":"8df27e08f0c547b8cca2491a71e11c8356d77635811c465ebd72685f98e3aa3e","sha512":"362c64ba29dc227785df06e3f22ea328aa6636eb11f41743f0c5fc0ba789d8452e40544ca2b25bc2025f34af8789fb9dfd7712b90f775a1f16c10e31e7494294","ssdeep":"192:B+WKvMoHPHsgGuuauF56tpE9Er5MYB5c3TXP3ZO/mpUhClGS5OHxImISLTNSfYXU:B+1vMUsgGuvlMYXcjfRUCESKREcS3Ku/","tlshash":"7842c64fb56775de56a7b3f0107f940c232715a5fcca8c60b1748390adb9a1c212bead","first_seen":"2025-12-07T08:27:51.740922Z","last_seen":"2026-02-28T05:20:03.590326Z","times_seen":8,"resource_available":true,"data":null}},"time_used":883,"timings":{"blocked":671,"dns":0,"connect":0,"send":0,"wait":211,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/theme/Jz52_ylz/style/css/style.css","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:10.134Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/theme/Jz52_ylz/style/css/style.css HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/zb_users/theme/Jz52_ylz/style/style.css?v1.1.1\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:10 GMT\r\nContent-Type: text/css\r\nLast-Modified: Tue, 22 Apr 2025 08:04:09 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\netag: \"68074d79-2886\"\r\nexpires: Thu, 19 Feb 2026 15:32:10 GMT\r\ncache-control: max-age=43200\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-85ad-7640-b1d8-28e30d8a6bab\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10374,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"359eeebbf69693bf4d6d909a889482d7","sha1":"cd221532bb762afb8c745a7e26f25e51bb9d4639","sha256":"89e12a478fc9d77de611b5c68323476a26cc0a55b58078283199413825228610","sha512":"24566bf602bf93bb642b57121c166048492d6730edeb095a7afb0ab0a48bb78817a3b734950053af1ca557aae398f670752239d8180a49fe508f51e8ae4210b8","ssdeep":"96:Q+7SOrO8Q+OrMYGFfQXiU2bOwWff9rgkhBvaAlLCSg7XWFGE2w2wF8e63r:Q+7PQIYtrqOwWff9rgkBns7GFGK8vb","tlshash":"bc22d0ec95be18c09781d4d123432631a71ca7f89df62c55daf2788eb5e23e0e1922dc","first_seen":"2025-10-04T14:34:00.616181Z","last_seen":"2026-03-08T14:28:17.871535Z","times_seen":19,"resource_available":false,"data":null}},"time_used":820,"timings":{"blocked":571,"dns":0,"connect":0,"send":0,"wait":248,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"afe.qr7gax.top/images/logo_17cg.png","fqdn":"afe.qr7gax.top","domain":"qr7gax.top","tld":"top"},"ip":{"addr":"149.104.35.77","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://afe.qr7gax.top/?v=1771471931842","date":"2026-02-19T03:32:15.359Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qr7gax.top","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 18 Feb 2026 00:00:00 GMT","end":"Tue, 19 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2B:95:02:91:5E:E8:74:F1:2F:A1:7D:00:BC:2F:5B:30:E9:49:01:22","sha256":"05:06:DA:14:AB:0F:96:26:40:F9:26:18:C1:BC:BF:76:A4:F3:80:62:9A:5E:06:EC:9B:74:BE:EB:EE:AF:CB:CF"}}},"request":{"raw":"GET /images/logo_17cg.png HTTP/1.1\r\nHost: afe.qr7gax.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://afe.qr7gax.top/?v=1771471931842\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:16 GMT\r\nContent-Type: image/png\r\nContent-Length: 8257\r\nConnection: keep-alive\r\nKeep-Alive: timeout=120\r\nVary: Accept-Encoding\r\nETag: \"2041-S5B7B6HLvonjxYrSvB/umVMQA4Y\"\r\nLast-Modified: Mon, 15 Dec 2025 08:51:44 GMT\r\nx-request-id: 019c73f4-9bfc-78a3-97f0-c2b61d0647f3\r\nAge: 1260\r\nX-Cache-Status: hit\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8257,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 197 x 200, 8-bit colormap, non-interlaced","md5":"d5ecc8c9b87c712950d9d7dd223e43b0","sha1":"4b907b07a1cbbe89e3c58ad2bc1fee9953100386","sha256":"a0a0804b0481d138e4b5d4d20f2c9537958afbc7caeea568b0f56900cbf3825f","sha512":"1856fb6b7ff66e9b64b544ba0034c5cc2af7797513c2d1375358b04a3c842690a3a011def84894eb10747530b09748e63856bd7be6334785478b72cfe645fe1d","ssdeep":"192:5G6DcoW+z7JDYO3EkAkG2/fd9Rz2pbNidooKKfC8mE+InzkvKQq5:5angEOJAkG2/Bz2p5i6oKn8mAzUKr","tlshash":"ee02bf9bf26d6010d1d6fb237235cd97c3757792f063e10a953d958aec90836c0a83b9","first_seen":"2025-12-16T18:41:57.722309Z","last_seen":"2026-03-07T13:24:56.727354Z","times_seen":268,"resource_available":false,"data":null}},"time_used":2351,"timings":{"blocked":1065,"dns":630,"connect":211,"send":0,"wait":212,"receive":1,"ssl":227},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d6ii9agw2wrlt.cloudfront.net/system/202512/2361e69eeeef46ae9aafb44103021730","fqdn":"d6ii9agw2wrlt.cloudfront.net","domain":"d6ii9agw2wrlt.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.230.245.215","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://afe.qr7gax.top/?v=1771471931842","date":"2026-02-19T03:32:17.087Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /system/202512/2361e69eeeef46ae9aafb44103021730 HTTP/1.1\r\nHost: d6ii9agw2wrlt.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://afe.qr7gax.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/base64.jpg\r\ncontent-length: 23074\r\nx-amz-replication-status: COMPLETED\r\nlast-modified: Mon, 15 Dec 2025 08:25:14 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: 0Sw57CNVDtxGXpFEbcT6UlezkiNqWwL_\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Thu, 19 Feb 2026 03:32:17 GMT\r\netag: \"06fbaf86495bdb81e0aad7b798648008\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: gE6BdhMY0h3F5yE8Si89_Pprm1TX3VbSNaBnNSSJ3JxvnVdREw0IrQ==\r\nage: 4014\r\nvary: accept-encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":23074,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 400x400, components 3","md5":"06fbaf86495bdb81e0aad7b798648008","sha1":"27415c7438a642491afa249d0c44bf320fe0fbd8","sha256":"97c176a6d61acfd0853bf1501ec72b30b43bd227532033d34ed8467f285c6027","sha512":"143c830e118faec371bf0e3956183edc9f996c8fefe94a3595721b2519c51103ccc19b4aa6ccf093bf249c2dc7e4b654780d3e430e267227f4c02be3bedb9f68","ssdeep":"384:0w5GR2LTr13ulxo4WP2I7wBSqYMefKDCYX0dOSCYRTm40vDudbUD8rUtoLv/QNoC:x5W2Z3ulxouIuYMnDC20dCmmwdbLIWH2","tlshash":"3aa2d02ad27a6620d42fa2b801a8a715925c7534992f8db103e6ff617c7549b1f2e03d","first_seen":"2025-12-16T18:41:57.716517Z","last_seen":"2026-03-07T13:24:56.718296Z","times_seen":209,"resource_available":false,"data":null}},"time_used":102,"timings":{"blocked":45,"dns":0,"connect":0,"send":0,"wait":56,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/upload/water/2025-12-13/693ced3fb42cb.jpeg","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:09.988Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/upload/water/2025-12-13/693ced3fb42cb.jpeg HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:12 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Sat, 13 Dec 2025 04:36:15 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\netag: \"693ced3f-55f9\"\r\nexpires: Sat, 21 Mar 2026 03:32:12 GMT\r\ncache-control: max-age=2592000\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-8db1-7a33-8661-85f58b3b7b43\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":22009,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 350x494, components 3","md5":"9ad1e811479c1bc3e7f31d980cfc2e59","sha1":"ca64b14dc6238f4d034149dfafe0f3bd6c68724c","sha256":"493706902c9ce6b6747cdfa9a4a296f2b11b12ff7ee4fd4c89d4f138f1546acc","sha512":"8e57ec9c32de8af6535d3cdf4eda4883908eb937cda3155c5def023c46c906859419f7393d9527b41d1a109c7d39e9445eddca538004ca22be13292c37053fad","ssdeep":"384:GnlIFJxs9K69gdLaz2qHKCSZu5lSjU4//KXNENklH/w5QHrX69puUE:GnuFb49gd220KnZrjX//xKl45QHopO","tlshash":"12a2d075ad470113bb16a88e5e4ff4641dccbc42bf453572f03a6247da6aef39538806","first_seen":"2026-01-27T08:07:56.363818Z","last_seen":"2026-02-28T05:20:03.616925Z","times_seen":5,"resource_available":false,"data":null}},"time_used":3038,"timings":{"blocked":2768,"dns":0,"connect":0,"send":0,"wait":269,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/upload/water/2025-06-04/683f42276eb54.jpeg","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:10.004Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/upload/water/2025-06-04/683f42276eb54.jpeg HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:11 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Tue, 03 Jun 2025 18:42:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\netag: \"683f4227-4b60\"\r\nexpires: Sat, 21 Mar 2026 03:32:11 GMT\r\ncache-control: max-age=2592000\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-89ef-7ae1-8fcf-ceac71325220\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19296,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 496x280, components 3","md5":"3e98cb2c1c8729c7f3c94d03528f42b7","sha1":"09ca45471cb67cc5718105e0463e237a0bb05caf","sha256":"18c838648d3c6ffeaff64508161ce9c72823b84db7e3488fd4e30aa1ef425efb","sha512":"4941028eed515f7e0439e32a3c01cb7061f339fbd50cbb3f3a3a0d1eb33af9f3f3d61a60163b707cc88e19a9c867c9046a1fce6b15342b339bc9f4691ed76b1a","ssdeep":"384:GrMar2ER8TDSGSzlgLG3kDJHIqOOp26hFeK2z1Mehz/dYotWoS0qb4qYWNia:GrBtRvGSzSLGGOO1Fixv/dbtqbjYWNia","tlshash":"d282e132c0c1f50cea2ad3836661b864636088e83a783d7cfa542df5dd64d7c0acd2d9","first_seen":"2025-06-22T05:18:11.783543Z","last_seen":"2026-03-22T05:35:10.024486Z","times_seen":35,"resource_available":false,"data":null}},"time_used":2282,"timings":{"blocked":1791,"dns":0,"connect":0,"send":0,"wait":279,"receive":212,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/theme/Jz52_ylz/images/mtop3.svg","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:10.020Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/theme/Jz52_ylz/images/mtop3.svg HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:13 GMT\r\nContent-Type: image/svg+xml\r\nLast-Modified: Tue, 22 Apr 2025 08:04:09 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\netag: \"68074d79-540\"\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-8f96-7f73-9815-171ed297b4e4\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1344,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"14407f0b18c6e8d010d1176c4ae906fe","sha1":"5758d703afe840ce0c4b7fb13b1ef5007e0344f0","sha256":"6ed5fde14c377ec5c93800e37d429789b29afd0645c79f69e76580621f13a877","sha512":"3142999a403960c427fe0ab0af616f32bbb3d29cc10540e663701c708f177b67749a007df7c0c9025b781b7dd56dd4dea349d0fc3726292f2771a99b74dbb24b","ssdeep":"","tlshash":"0321e53a031a8b6a07428754dba56cad0398a723f1f9a1ecefe325131c198f74578872","first_seen":"2025-12-07T08:27:51.878269Z","last_seen":"2026-02-28T05:20:03.584366Z","times_seen":8,"resource_available":false,"data":null}},"time_used":3466,"timings":{"blocked":3221,"dns":0,"connect":0,"send":0,"wait":244,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"afe.qr7gax.top/images/logo_xz.png","fqdn":"afe.qr7gax.top","domain":"qr7gax.top","tld":"top"},"ip":{"addr":"149.104.35.77","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://afe.qr7gax.top/?v=1771471931842","date":"2026-02-19T03:32:15.360Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qr7gax.top","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 18 Feb 2026 00:00:00 GMT","end":"Tue, 19 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2B:95:02:91:5E:E8:74:F1:2F:A1:7D:00:BC:2F:5B:30:E9:49:01:22","sha256":"05:06:DA:14:AB:0F:96:26:40:F9:26:18:C1:BC:BF:76:A4:F3:80:62:9A:5E:06:EC:9B:74:BE:EB:EE:AF:CB:CF"}}},"request":{"raw":"GET /images/logo_xz.png HTTP/1.1\r\nHost: afe.qr7gax.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://afe.qr7gax.top/?v=1771471931842\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:16 GMT\r\nContent-Type: image/png\r\nContent-Length: 385\r\nConnection: keep-alive\r\nKeep-Alive: timeout=120\r\nVary: Accept-Encoding\r\nETag: \"181-UlvfI9I+wWhe2vavdYVQD+EfUd0\"\r\nLast-Modified: Mon, 15 Dec 2025 08:51:44 GMT\r\nx-request-id: 019c73f4-9cbf-7591-94d6-08e66cbad24b\r\nAge: 1260\r\nX-Cache-Status: hit\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":385,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 66 x 66, 8-bit colormap, non-interlaced","md5":"f18a28f004f01753c4561a0ee19a8739","sha1":"525bdf23d23ec1685edaf6af7585500fe11f51dd","sha256":"9b399a51511a01f86eb3f12547a8dfce636ada3c52202f7fe5e682354384ed64","sha512":"4b79cc1b87ae8a0be7e64e05501228a49acaac330f47cad43c188db882c8a4a3593946d222bb8e50b29afed9fa2388ce65a327ae8733da070afe558dfde0c0b1","ssdeep":"","tlshash":"7ce0c0ca63e01c0881a0493ca67e12a5db34be328565c0100083b4259fb1202885e020","first_seen":"2025-08-19T22:12:06.078061Z","last_seen":"2026-03-07T13:24:56.713982Z","times_seen":280,"resource_available":false,"data":null}},"time_used":1466,"timings":{"blocked":1258,"dns":0,"connect":0,"send":0,"wait":208,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"afe.qr7gax.top/images/g-right.png","fqdn":"afe.qr7gax.top","domain":"qr7gax.top","tld":"top"},"ip":{"addr":"149.104.35.77","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://afe.qr7gax.top/?v=1771471931842","date":"2026-02-19T03:32:15.453Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qr7gax.top","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 18 Feb 2026 00:00:00 GMT","end":"Tue, 19 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2B:95:02:91:5E:E8:74:F1:2F:A1:7D:00:BC:2F:5B:30:E9:49:01:22","sha256":"05:06:DA:14:AB:0F:96:26:40:F9:26:18:C1:BC:BF:76:A4:F3:80:62:9A:5E:06:EC:9B:74:BE:EB:EE:AF:CB:CF"}}},"request":{"raw":"GET /images/g-right.png HTTP/1.1\r\nHost: afe.qr7gax.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://afe.qr7gax.top/?v=1771471931842\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:16 GMT\r\nContent-Type: image/png\r\nContent-Length: 2022\r\nConnection: keep-alive\r\nKeep-Alive: timeout=120\r\nVary: Accept-Encoding\r\nETag: \"7e6-4fJTErHD1x4uVNNh+yKf/XzaHOo\"\r\nLast-Modified: Mon, 15 Dec 2025 08:51:44 GMT\r\nx-request-id: 019c73f4-9da8-7df3-a8f9-64cff8128f72\r\nAge: 1260\r\nX-Cache-Status: hit\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2022,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 158 x 36, 8-bit colormap, non-interlaced","md5":"e874417f1fc642c666b304462be4e97f","sha1":"e1f25312b1c3d71e2e54d361fb229ffd7cda1cea","sha256":"856a343212e5f7cf956c2401db5298c20bc6ad8df56930f0dfd46a3733d21785","sha512":"06d93e363871a6d88a7823d79bdd1fdad369901238b2b462a3476e36d112d3b16d7ed180b0f95330316103ba25c130085689bfe6d50c07a1fd2001b0400fd0f0","ssdeep":"","tlshash":"b5412aeffe3a48bceb08a8bb023d57474526341c2101588588de08d2a0f4e1d07b4372","first_seen":"2024-08-01T20:11:44Z","last_seen":"2026-04-04T22:06:01.01538Z","times_seen":263,"resource_available":false,"data":null}},"time_used":1609,"timings":{"blocked":1399,"dns":0,"connect":0,"send":0,"wait":209,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d6ii9agw2wrlt.cloudfront.net/system/202601/0394a2c4467c4925a6cb25316b0d861a","fqdn":"d6ii9agw2wrlt.cloudfront.net","domain":"d6ii9agw2wrlt.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.230.245.215","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://afe.qr7gax.top/?v=1771471931842","date":"2026-02-19T03:32:17.077Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /system/202601/0394a2c4467c4925a6cb25316b0d861a HTTP/1.1\r\nHost: d6ii9agw2wrlt.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://afe.qr7gax.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/base64.jpg\r\ncontent-length: 48160\r\nx-amz-replication-status: COMPLETED\r\nlast-modified: Sat, 10 Jan 2026 10:55:52 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: Ul1PETSG1PZ7zyrZzC58poU6gHy8fNrl\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Thu, 19 Feb 2026 00:29:46 GMT\r\netag: \"5fe7686b2630c65550d233c5c3b7218f\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: 5ELYGVZl85M6Znr2biA4Gnctj6-x4NzOqX9xOaX-b3b-n5vsyxR7KA==\r\nage: 63186\r\nvary: accept-encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":48160,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 200 x 200","md5":"5fe7686b2630c65550d233c5c3b7218f","sha1":"538a48914663d311d1c5d924128ebc69f15e1f7c","sha256":"bff3d28ce3634d4a2036000ac2b3556bb50607fdebc88e853e32cb5e7bdedd70","sha512":"7925ccee8521b1dc1507cd3f03233c7a7a0470c107db7375b72f48e68675d22cfa97c9aac7f3aa953285a8b7878d1642d4dd0713f525522f02c3cb7672231c70","ssdeep":"768:rf0QnD4M8wuxHloAvsf0QnD4M8wuFHlowuxuAzkAnsVggUtFdb3VTKfLCQjusVgw:IsD4TwuBloAJsD4TwuNlow+uAzkUsVgG","tlshash":"b723d1dac023f601e3af7af88d58f7bb4b2819f66f15a06402537896090bfa6c53945d","first_seen":"2026-01-11T08:32:16.866595Z","last_seen":"2026-03-05T09:41:20.317125Z","times_seen":310,"resource_available":false,"data":null}},"time_used":57,"timings":{"blocked":28,"dns":0,"connect":0,"send":0,"wait":27,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d6ii9agw2wrlt.cloudfront.net/system/202512/63fca31dff2144c4aa99a40cc5a6a0d5","fqdn":"d6ii9agw2wrlt.cloudfront.net","domain":"d6ii9agw2wrlt.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.230.245.215","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://afe.qr7gax.top/?v=1771471931842","date":"2026-02-19T03:32:17.082Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /system/202512/63fca31dff2144c4aa99a40cc5a6a0d5 HTTP/1.1\r\nHost: d6ii9agw2wrlt.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://afe.qr7gax.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/base64.jpg\r\ncontent-length: 706149\r\nx-amz-replication-status: COMPLETED\r\nlast-modified: Thu, 18 Dec 2025 12:59:31 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: Ni8AzcON.Pr7Va79b53xhXYz10e..mtg\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Thu, 19 Feb 2026 03:32:17 GMT\r\netag: \"60647575d5114de43077f57726273993\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: hGbVLgl2j1Z16_EHF_anYxXkecVSKpNheoUu6db-p_-JxPkTo2Ir3g==\r\nage: 4031\r\nvary: accept-encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":706149,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 200 x 200","md5":"60647575d5114de43077f57726273993","sha1":"b74c9a5c2ef680b66be6c2d2c6981aec6f6ac7b4","sha256":"f321441ac22b0b6b5e48f3577052fc36c0a67d241a67052c22a856e65a8ad584","sha512":"201ea24386597b7fb45e8ed749069879232dd6383770450d97e8d969fb3ca1d54775a93083f220065db8e075674270fefd527adb58d5fadcdaf5a7f932363ec4","ssdeep":"12288:f/4uOM/VmCo6aRJDm21nS9jPB4PvitdQ2JpUgauyO7E6DF8MqSp7hQf3vl+IemD:NVmCoZmC0jeStmWpUEBYHuhQf/llD","tlshash":"18e423f3e9f5879ad88ef84798594affcc3201a17ca5c257093db03651f84a8ab45f06","first_seen":"2025-12-18T19:18:56.293663Z","last_seen":"2026-04-05T06:15:32.16961Z","times_seen":690,"resource_available":false,"data":null}},"time_used":101,"timings":{"blocked":24,"dns":0,"connect":0,"send":0,"wait":58,"receive":19,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/theme/Jz52_ylz/ran/0.jpg","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:10.003Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/theme/Jz52_ylz/ran/0.jpg HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:11 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Tue, 22 Apr 2025 08:04:09 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\netag: \"68074d79-3b9c\"\r\nexpires: Sat, 21 Mar 2026 03:32:11 GMT\r\ncache-control: max-age=2592000\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-89ef-7ae1-8fcf-ce8220cd406f\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15260,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 210x140, components 3","md5":"6960122d6a29a187feb1fd3b8eba0b8a","sha1":"72cf4aa8403c99482dbf51bc331ea8f0626c4228","sha256":"48e9a3d04fcd6895d53f6d946a22cfbd7c0c4a8d86f9cfad210915695fb3b821","sha512":"e9a9eb03f57b05245fc06f8ede9269df18afd2cedc19d1e5e9f3f7815b29226b660c4e47f6d09e6a1dabe8caf62b71c86f8399e80ff5cbb6168302d6041a413d","ssdeep":"192:J4hGFp73OmeW/uLcmkQ3YneuvBtgOupe0mLkdsS3+wLcvBt21BpOHHlZAT9WRrYC:J3dL0kPnbLn2BakdsG+wCBtCO7cPK","tlshash":"1c62d09daac65b1acab9f3ddae720d6bb44641b0f083e301c977e54b24c10e17a7108d","first_seen":"2025-06-18T23:14:04.494757Z","last_seen":"2026-03-09T02:42:34.464995Z","times_seen":32,"resource_available":false,"data":null}},"time_used":2253,"timings":{"blocked":1792,"dns":0,"connect":0,"send":0,"wait":250,"receive":211,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"collect-v6.51.la/v6/collect?dt=4","fqdn":"collect-v6.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"43.159.107.113","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:12.430Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.51.la","organization":"广州有啦网络科技有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 18 Mar 2025 04:08:22 GMT","end":"Sun, 19 Apr 2026 04:08:21 GMT"},"fingerprint":{"sha1":"AE:CB:32:71:EE:EE:E6:72:A4:88:B2:9F:4F:C4:E5:B5:A8:C2:73:6C","sha256":"7C:F1:09:2F:6A:8C:5B:F8:63:DF:D3:32:B0:F3:F8:E7:01:29:0E:F2:55:8B:4F:6C:58:55:8E:44:E9:EC:15:F4"}}},"request":{"raw":"POST /v6/collect?dt=4 HTTP/1.1\r\nHost: collect-v6.51.la\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Length: 426\r\nOrigin: https://o4u.jingkenengyuan.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 210 No Reason Phrase\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://o4u.jingkenengyuan.com\r\naccess-control-allow-credentials: true\r\nserver: TencentEdgeOne\r\ncontent-length: 0\r\ndate: Thu, 19 Feb 2026 03:32:12 GMT\r\neo-log-uuid: 6767484822633428443\r\neo-cache-status: MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"210","status_text":"No Reason Phrase","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":351,"timings":{"blocked":95,"dns":0,"connect":0,"send":0,"wait":256,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"afe.qr7gax.top/images/logo_18av.png","fqdn":"afe.qr7gax.top","domain":"qr7gax.top","tld":"top"},"ip":{"addr":"149.104.35.77","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://afe.qr7gax.top/?v=1771471931842","date":"2026-02-19T03:32:15.361Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qr7gax.top","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 18 Feb 2026 00:00:00 GMT","end":"Tue, 19 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2B:95:02:91:5E:E8:74:F1:2F:A1:7D:00:BC:2F:5B:30:E9:49:01:22","sha256":"05:06:DA:14:AB:0F:96:26:40:F9:26:18:C1:BC:BF:76:A4:F3:80:62:9A:5E:06:EC:9B:74:BE:EB:EE:AF:CB:CF"}}},"request":{"raw":"GET /images/logo_18av.png HTTP/1.1\r\nHost: afe.qr7gax.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://afe.qr7gax.top/?v=1771471931842\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:16 GMT\r\nContent-Type: image/png\r\nContent-Length: 4033\r\nConnection: keep-alive\r\nKeep-Alive: timeout=120\r\nVary: Accept-Encoding\r\nETag: \"fc1-nhjeu/zdjBp/1y8chRU4j/k3Kow\"\r\nLast-Modified: Mon, 15 Dec 2025 08:51:44 GMT\r\nx-request-id: 019c73f4-9cc7-71f2-92b1-2498f7b1435a\r\nAge: 1260\r\nX-Cache-Status: hit\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4033,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit colormap, non-interlaced","md5":"8eefaee217393efe75ac2bc19b2913b2","sha1":"9e18debbfcdd8c1a7fd72f1c8515388ff9372a8c","sha256":"de1066330298b8834096b9b68ed3a7fb363c233991ea08845bc38da4682466a8","sha512":"142fe6d060ec9cd5f0d747921197bf72692ac8e04b0055997512db2daa23c13e6eb7140f046387154d8cdd7b5c84a6b7a750971217ecd6ed99ed528341371155","ssdeep":"","tlshash":"64818ddb99f922d728880e7009ae879027b003e47e6c1d1e9625cbd9639502643fe9c3","first_seen":"2025-08-19T22:12:06.101723Z","last_seen":"2026-03-07T13:24:56.731795Z","times_seen":281,"resource_available":false,"data":null}},"time_used":1491,"timings":{"blocked":1266,"dns":0,"connect":0,"send":0,"wait":209,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d6ii9agw2wrlt.cloudfront.net/system/202512/b392a00afa5d487a9d18cae2a22e6c55","fqdn":"d6ii9agw2wrlt.cloudfront.net","domain":"d6ii9agw2wrlt.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.230.245.215","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://afe.qr7gax.top/?v=1771471931842","date":"2026-02-19T03:32:17.068Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /system/202512/b392a00afa5d487a9d18cae2a22e6c55 HTTP/1.1\r\nHost: d6ii9agw2wrlt.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://afe.qr7gax.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/base64.jpg\r\ncontent-length: 302337\r\nx-amz-replication-status: COMPLETED\r\nlast-modified: Fri, 26 Dec 2025 15:45:09 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: KWpRC50lQ_dgaznvKu3SbmMBBnvQmNcB\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Thu, 19 Feb 2026 03:32:17 GMT\r\netag: \"23f76955413d6defc4d962310a2d14e7\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: tBIEInoXcQkMYy__UsdSRrov25WM7FC2MlDW2uBgn9N4YpH6UVkB1Q==\r\nage: 4031\r\nvary: accept-encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":302337,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 686 x 330","md5":"23f76955413d6defc4d962310a2d14e7","sha1":"491a4818119cf5022695194ee0b0e624800db571","sha256":"f7d7544d4a445cb0ebaf478781f2ef92a056dbfb565221d0984b340370d17983","sha512":"c6013672c808ef6e8741137e9be83138cbcb0ff1094c07812b2e78ff525eece7da883f8d74d253741f99e11c0c511f5f1d64f4bf934130505f486375e9dc5326","ssdeep":"6144:feIfQYmuKWJ465G4D2NdQirdgbaZRwlLXI+Z3vVkdGi7GzqX50Gra:1aWJt5XD20wAamXIWVIB7CsRu","tlshash":"6d542383cee01ed341eac2853ed3b0e5856d62a112e31609da74f0265be2dbf549cb76","first_seen":"2025-12-27T02:15:04.030598Z","last_seen":"2026-03-07T13:24:56.710477Z","times_seen":169,"resource_available":false,"data":null}},"time_used":131,"timings":{"blocked":67,"dns":0,"connect":0,"send":0,"wait":54,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"afe.qr7gax.top/member/cluser/c/user/mac/login","fqdn":"afe.qr7gax.top","domain":"qr7gax.top","tld":"top"},"ip":{"addr":"149.104.35.77","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://afe.qr7gax.top/?v=1771471931842","date":"2026-02-19T03:32:17.964Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qr7gax.top","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 18 Feb 2026 00:00:00 GMT","end":"Tue, 19 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2B:95:02:91:5E:E8:74:F1:2F:A1:7D:00:BC:2F:5B:30:E9:49:01:22","sha256":"05:06:DA:14:AB:0F:96:26:40:F9:26:18:C1:BC:BF:76:A4:F3:80:62:9A:5E:06:EC:9B:74:BE:EB:EE:AF:CB:CF"}}},"request":{"raw":"POST /member/cluser/c/user/mac/login HTTP/1.1\r\nHost: afe.qr7gax.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://afe.qr7gax.top/?v=1771471931842\r\ncontent-type: application/json;charset=utf-8\r\nlanguage: en_US\r\nmacct: sf888\r\nos: 2\r\nver: 1.0\r\nContent-Length: 358\r\nOrigin: https://afe.qr7gax.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":358,"data":"{\"encrypt\":\"c8/i8d2aVNmKY+l8oDWi6klTJCkac000SOL9Regzqc5bzcQcHoIBA3u57btr1xSgyoUIs1Y1OACzPvUR5eoASWpw5HnZ2YDnwqssqQEaWDAmnhgyg8/a6wi5uw8iSNLrfN8tAkfdS27vwMquvC6gS/+kyh8StsUVG0PXNRd9jvxlA7ztt0OXKFnt7zr0rGz/QUhqSD6YXUPuh4+fFDaxuW0UupEqxAr2RjSNZho4md+x7t9Ruigs1PC0MTbNkCLJUY6Jkyssn8c+5YPg4nvUGzmXTWNGtti3Y6Ty7WTYtMSBlSyqtEnLoHnOnegmtu6QW+w3IYesTTqjmCXrW5VCCg==\"}"}},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:18 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nKeep-Alive: timeout=120\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-a200-7021-b6b1-73c37bc5a087\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1474,"size_decoded":0,"mime_type":"application/json","magic":"ASCII text, with very long lines (1474), with no line terminators","md5":"735c691b9e0e3ff03771ae05b5e80350","sha1":"e04526bacbec6b536dcc1bc557fbfee8d30b4c0c","sha256":"794ea695b404357120bb7130bd488b566b296054fc3a519eb48483986d8a6fc5","sha512":"93dd1733c42455a15631e8fb1d1bd192eecb2c94ed03fc225d19b6320614e579ee44a9e1003d12f4bd6245c242d75f395a6bc6a2582ac2e181546dec11a8bec7","ssdeep":"","tlshash":"5c31190be02043f5ae28cf801c6b8886f4c4421238e0fc8649a9272cca5d2fef71d281","first_seen":"2026-02-19T03:33:08.736497Z","last_seen":"2026-02-19T03:33:08.736497Z","times_seen":1,"resource_available":false,"data":null}},"time_used":381,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":380,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.nvhcdn.top/static/js/matomo.js?t=1771471929","fqdn":"www.nvhcdn.top","domain":"nvhcdn.top","tld":"top"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:09.938Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.nvhcdn.top","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 05:31:14 GMT","end":"Sat, 25 Apr 2026 05:31:13 GMT"},"fingerprint":{"sha1":"34:75:1D:24:E6:F7:00:60:BB:8D:C2:70:7F:BB:5A:82:03:E2:10:4B","sha256":"7C:37:B4:10:D3:67:71:27:AF:A6:1C:BF:7C:16:5B:B0:2A:48:DE:05:7C:61:F7:7F:E4:1E:3F:B3:F2:23:9C:72"}}},"request":{"raw":"GET /static/js/matomo.js?t=1771471929 HTTP/1.1\r\nHost: www.nvhcdn.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:11 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 19 Feb 2026 03:11:57 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69967f7d-40dc\"\r\nExpires: Thu, 19 Feb 2026 15:32:11 GMT\r\nCache-Control: max-age=43200\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET,OPTIONS\r\nAccess-Control-Allow-Headers: *\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-884a-7cd3-b63e-9aed6ff0ee93\r\nX-Cache-Status: miss\r\nX-Cache-Lookup: 19ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16604,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (16604), with no line terminators","md5":"f8cc69a7afa26977824abe555bff23ff","sha1":"0ee143869c44aef209ddac9983529fda4e84c663","sha256":"bb0bc60872f207c90121d5dfacf79e138c66ab2ebc110eeea43f9a4c64f11794","sha512":"26c077041c48db4fef404e53aac838641b263efcd3500287a33e762bca38051081e1642ca6e72a0c4d33e331c1fb6e819a417c0d2201a9c014ee59b4d84dbd3e","ssdeep":"384:s4SDZ7MAoCDE1z5ZivSLgG95h9eMqwyMlfkBAqQb+rFwSw8bTEX1BqniGl7RibkW:s4SDZ7MAlAOQgkh9eMqwyMpkBpQb+rFY","tlshash":"ae720894b2c07ae117076bfb7f23b0c4e45ec87b7461085ad550fc8c7a90626e6f2ab4","first_seen":"2026-02-19T03:33:08.738051Z","last_seen":"2026-02-19T09:49:00.341243Z","times_seen":3,"resource_available":true,"data":null}},"time_used":3325,"timings":{"blocked":1435,"dns":1036,"connect":210,"send":0,"wait":386,"receive":35,"ssl":219},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_system/script/jquery-2.2.4.min.js","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:09.968Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_system/script/jquery-2.2.4.min.js HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:10 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 30 Sep 2021 03:48:34 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\netag: \"61553392-14e4e\"\r\nexpires: Thu, 19 Feb 2026 15:32:10 GMT\r\ncache-control: max-age=43200\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-848d-73c1-bc98-62dc144da8f9\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":85582,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32065), with CRLF line terminators","md5":"710458dd559c957714ac4a8e95357eb5","sha1":"f694238d616f579a0690001f37984af430c19963","sha256":"b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365","sha512":"282d65828a43bfe50fe0f9aea8bca3838ac1b5250e7c7c359c066e0428aa723f001d31c2463681b2ad6816a49a8571bf9f3ae29b2dc53adf1bbd7d5c4471322b","ssdeep":"1536:fYE1JVoiB9JqZdXXe2pD3PgoIiulrUn6Z6a4tfOR7WpfWBZPBJda4w9W3qG9a98N:u4J+rlfOhWpgCW6G9a98Hrp","tlshash":"3583c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","first_seen":"2023-03-07T01:03:07Z","last_seen":"2026-04-05T14:34:04.865537Z","times_seen":11398,"resource_available":true,"data":null}},"time_used":1449,"timings":{"blocked":449,"dns":53,"connect":210,"send":0,"wait":284,"receive":210,"ssl":238},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_system/script/c_html_js_add.php","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:09.974Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_system/script/c_html_js_add.php HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:10 GMT\r\nContent-Type: application/x-javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nProduct: Z-BlogPHP 1.7.4\r\nEtag: W/6f40b236c2a337da878870ca4f3440cf\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-847f-7ba1-87be-7b520576e0c0\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4600,"size_decoded":0,"mime_type":"application/x-javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1278), with CRLF line terminators","md5":"6f40b236c2a337da878870ca4f3440cf","sha1":"4260197ae75ed920ae4d9395c30dc85a6499ace5","sha256":"c527900f4b8146842ec09186d92a38b0945c66b81720172cc07fb1a8e750e85f","sha512":"3431aa3963d46f6bb6007d639ebc82b724db6ce34972548f720fa6a4781b5eaea24cafb06b7b3b48fd9445217b52507cda8c6692a2da82983a7049fc892b460e","ssdeep":"96:6hkV06qZuiMRd1BhXJnbZ2THKrp2iMMKDg8E:6+vf1BhXJnNAHk2iMNDLE","tlshash":"5591d858595651a7143723b7d8af1508feb21aab0414cc26fe7c54682f32f949123fbe","first_seen":"2026-02-19T03:33:08.740563Z","last_seen":"2026-02-19T03:33:08.740563Z","times_seen":1,"resource_available":true,"data":null}},"time_used":781,"timings":{"blocked":-1,"dns":51,"connect":207,"send":0,"wait":292,"receive":0,"ssl":231},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/upload/water/2025-12-13/693cec7364a98.jpeg","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:09.990Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/upload/water/2025-12-13/693cec7364a98.jpeg HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:12 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Sat, 13 Dec 2025 04:32:51 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\netag: \"693cec73-8ae1\"\r\nexpires: Sat, 21 Mar 2026 03:32:12 GMT\r\ncache-control: max-age=2592000\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-8dcf-79b2-b573-d9e638ff00ac\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":35553,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 499x341, components 3","md5":"fea255c89fe8ca9d1e8c5d2609e39d71","sha1":"018ecc157dc8329f9428eea9358919a5c2e5c847","sha256":"ad8b0b5cf8139f121c759e6640b7ee8c5e7dee08e0998bb46c3bed900c5b88ff","sha512":"b58ae4f0d7bc491973926f52ac1313393ea6d73d700473be3d27d88b6ee485a573e872b15deaf42fca0350e762391988ffb4ed236704461b35b1c44dc6d992e0","ssdeep":"768:GpyHoXrV7bVL0lxRHquj1VAiqjfuFfQlSY9S88gJ/JrZsi:myGrV7bh0lxRfVAiqjfuKjygZJ5","tlshash":"24f2e11a7208a06eeb164fe125d57085329e3cfa6b94ed7d2371e34cd698df2d0d1368","first_seen":"2026-01-27T08:07:56.383936Z","last_seen":"2026-02-28T05:20:03.586968Z","times_seen":5,"resource_available":false,"data":null}},"time_used":3256,"timings":{"blocked":2797,"dns":0,"connect":0,"send":0,"wait":247,"receive":212,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/upload/water/2025-12-13/693ce8731d862.jpeg","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:09.991Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/upload/water/2025-12-13/693ce8731d862.jpeg HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:12 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Sat, 13 Dec 2025 04:15:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\netag: \"693ce873-42f3\"\r\nexpires: Sat, 21 Mar 2026 03:32:12 GMT\r\ncache-control: max-age=2592000\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-8dd3-7913-a610-3887abb693ce\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17139,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 295x221, components 3","md5":"1735e98cc26301e4a2435b97d197a4c7","sha1":"2edf682f6823d26d2f99af0a97c48c108a6704c0","sha256":"df00ac9d84fed677718658b317046f28f2b305a4b24a9cfd0c1578ed6623d86b","sha512":"f01fbe43a4cced8977eb0f734c39276d0d2c98ab241aeaea47608b660041a6b25baedd3e311eec009bdd537d90dd3331ae0f1e9664e340deadd0be7ad9e6f767","ssdeep":"384:G20XBUMZ1XE1Bq2S/5kZk+OnKD+PViRUy6K4Sw1pTLfFuIdgozMQ:G2GZ1XgBu5kZ96VaUy6Khw1pfz+oQQ","tlshash":"da72d0928761722beb5d4c36c205427d4822d5a4eb23ce3fe41d73359252cf79a894db","first_seen":"2026-01-27T08:07:56.3784Z","last_seen":"2026-02-28T05:20:03.607981Z","times_seen":5,"resource_available":false,"data":null}},"time_used":3037,"timings":{"blocked":2800,"dns":0,"connect":0,"send":0,"wait":236,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/theme/Jz52_ylz/script/custom.js?v1.1.1","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:10.023Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/theme/Jz52_ylz/script/custom.js?v1.1.1 HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:10 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Tue, 22 Apr 2025 08:04:09 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\netag: \"68074d79-9f78\"\r\nexpires: Thu, 19 Feb 2026 15:32:10 GMT\r\ncache-control: max-age=43200\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-843c-7762-98ce-d6eb69f1204b\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40824,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (40675), with no line terminators","md5":"671b310c039c11c83b138065fb3996eb","sha1":"00cc40011ac773ba76ab6f55da6b56882726f2cf","sha256":"fc4b56ef0aba2a89a7ea79b21be77e10d21a1ed4106c4a72f5be159c41d3ecf6","sha512":"185a87ca26e1a8a4006b3d8198aaf79633bc21fd748fd194874a4672a27f1db28040ddd63a346c4005c2e16ca04ea569148e6879e19b30dbe0274622fd76e3d9","ssdeep":"768:bsDtpbBaN7ljWy68YDVVwtcLz7+AJZG89FW7401EVew2JXLsnuWDxYAjpNhkNkVE:YXSstYWob46qOn0helS1N3EwjXrlwF","tlshash":"cd034fc1b7c5bc4706476bbb331b72f2e82aadd5658488caf104bc54f09d622fae4971","first_seen":"2025-12-07T08:27:51.86532Z","last_seen":"2026-02-28T05:20:03.623437Z","times_seen":8,"resource_available":true,"data":null}},"time_used":525,"timings":{"blocked":312,"dns":0,"connect":0,"send":0,"wait":212,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/favicon.ico","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:13.796Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nCookie: __vtins__KqbVaD2ZBOe4Q1Bs=%7B%22sid%22%3A%20%22689c4108-bcda-501f-b3f7-d62745b68df9%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201771473732418%2C%20%22ct%22%3A%201771471932418%7D; __51uvsct__KqbVaD2ZBOe4Q1Bs=1; __51vcke__KqbVaD2ZBOe4Q1Bs=f06b53c7-54ac-5343-a1e3-b3b4308d298e; __51vuft__KqbVaD2ZBOe4Q1Bs=1771471932422; timezone=0\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:14 GMT\r\nContent-Type: text/html\r\nContent-Length: 146\r\nConnection: keep-alive\r\nx-request-id: 019c73f4-91c0-7703-9878-c71aa4a25489\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-04-05T14:48:22.829826Z","times_seen":479663,"resource_available":true,"data":null}},"time_used":659,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":652,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"d6ii9agw2wrlt.cloudfront.net/system/202512/ed7653e5f39e44f1a3dd95f511794660","fqdn":"d6ii9agw2wrlt.cloudfront.net","domain":"d6ii9agw2wrlt.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.230.245.215","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://afe.qr7gax.top/?v=1771471931842","date":"2026-02-19T03:32:17.084Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /system/202512/ed7653e5f39e44f1a3dd95f511794660 HTTP/1.1\r\nHost: d6ii9agw2wrlt.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://afe.qr7gax.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/base64.jpg\r\ncontent-length: 19494\r\nx-amz-replication-status: COMPLETED\r\nlast-modified: Mon, 15 Dec 2025 08:20:25 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: sQeJqqW7Kyu127X_Z7tkNA4m0xXm8iyH\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Thu, 19 Feb 2026 03:32:17 GMT\r\netag: \"f3e53d07815699d9398ca909ee7b9668\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: rV1KpgvP0t8YqEZ6EENIBpKq2o9XiI_8baQO8UPON8kXtNwMAuvAkA==\r\nage: 4014\r\nvary: accept-encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":19494,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 400x400, components 3","md5":"f3e53d07815699d9398ca909ee7b9668","sha1":"b983612e1facb12cc7a4465829a56745a3630675","sha256":"da21f9ca1de8927e1975ebed5225ca1dcb062caf9b8af42d57e5911c5ac63dca","sha512":"dd8eed3854ac3b20707ba07604695333986bf34b72326ea293e717386901909e177125b2cf20ddd8cdf6f3b30d1b2bbd06ac3328024da078da57a277f045b851","ssdeep":"384:u3P29VlBrHFmkeKqFiZeo5bJHg7+gj32Mm+HI4/jkdM4hZ/o8:u3P2BBc5KqFiZ9HgCgr2l+blMo8","tlshash":"7a92e09cf5b601d8e88cbaf0174b4b42952e57fd3d329737817a0c8271202693fa853d","first_seen":"2025-12-16T18:41:57.737456Z","last_seen":"2026-03-07T13:24:56.691142Z","times_seen":210,"resource_available":false,"data":null}},"time_used":100,"timings":{"blocked":22,"dns":0,"connect":0,"send":0,"wait":77,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"afe.qr7gax.top/images/g-left.png","fqdn":"afe.qr7gax.top","domain":"qr7gax.top","tld":"top"},"ip":{"addr":"149.104.35.77","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://afe.qr7gax.top/?v=1771471931842","date":"2026-02-19T03:32:15.450Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qr7gax.top","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 18 Feb 2026 00:00:00 GMT","end":"Tue, 19 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2B:95:02:91:5E:E8:74:F1:2F:A1:7D:00:BC:2F:5B:30:E9:49:01:22","sha256":"05:06:DA:14:AB:0F:96:26:40:F9:26:18:C1:BC:BF:76:A4:F3:80:62:9A:5E:06:EC:9B:74:BE:EB:EE:AF:CB:CF"}}},"request":{"raw":"GET /images/g-left.png HTTP/1.1\r\nHost: afe.qr7gax.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://afe.qr7gax.top/?v=1771471931842\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:16 GMT\r\nContent-Type: image/png\r\nContent-Length: 2200\r\nConnection: keep-alive\r\nKeep-Alive: timeout=120\r\nVary: Accept-Encoding\r\nETag: \"898-Xf6YO0pqYkBbsx7sPiYjb6HMsSA\"\r\nLast-Modified: Mon, 15 Dec 2025 08:51:44 GMT\r\nx-request-id: 019c73f4-9da4-7a41-949e-d643dc5e8625\r\nAge: 1260\r\nX-Cache-Status: hit\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2200,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 158 x 36, 8-bit colormap, non-interlaced","md5":"1ac0a0df91fc39f0b54df9f24af2581d","sha1":"5dfe983b4a6a62405bb31eec3e26236fa1ccb120","sha256":"a8d0ecb7fdf9d761aa09894dec9194d8704aa60551334722778fd5aefebfeaf6","sha512":"86a9666f62a44f0e04a00703b9d737f23d50bba2f28bc7e78aad2466dbb3321ac7280ec4dd070a784d6f5e30f5643440cd1497f4d9641661147ba34b230432e3","ssdeep":"","tlshash":"5b4109650e134abfb2fc6bfb9b220171862349d861d967bba095d4384f5bc720bd3904","first_seen":"2024-08-01T20:11:44Z","last_seen":"2026-04-04T22:06:01.246555Z","times_seen":262,"resource_available":false,"data":null}},"time_used":1608,"timings":{"blocked":1397,"dns":0,"connect":0,"send":0,"wait":210,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"afe.qr7gax.top/_nuxt/builds/meta/4a2a470e-c095-4407-9b91-21d158e57bf1.json","fqdn":"afe.qr7gax.top","domain":"qr7gax.top","tld":"top"},"ip":{"addr":"149.104.35.77","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://afe.qr7gax.top/?v=1771471931842","date":"2026-02-19T03:32:17.630Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qr7gax.top","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 18 Feb 2026 00:00:00 GMT","end":"Tue, 19 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2B:95:02:91:5E:E8:74:F1:2F:A1:7D:00:BC:2F:5B:30:E9:49:01:22","sha256":"05:06:DA:14:AB:0F:96:26:40:F9:26:18:C1:BC:BF:76:A4:F3:80:62:9A:5E:06:EC:9B:74:BE:EB:EE:AF:CB:CF"}}},"request":{"raw":"GET /_nuxt/builds/meta/4a2a470e-c095-4407-9b91-21d158e57bf1.json HTTP/1.1\r\nHost: afe.qr7gax.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://afe.qr7gax.top/?v=1771471931842\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:17 GMT\r\nContent-Type: application/json\r\nContent-Length: 139\r\nConnection: keep-alive\r\nKeep-Alive: timeout=120\r\ncache-control: public, max-age=31536000, immutable\r\nVary: Accept-Encoding\r\nETag: \"8b-eqUPDYiwe8VuKsnzhkmnxYeiMKs\"\r\nLast-Modified: Mon, 15 Dec 2025 08:51:44 GMT\r\nx-request-id: 019c73f4-a0b2-7121-ad0c-d57e6ff2aa16\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":139,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"90d8c5dc91e30a8d1d690674110b295a","sha1":"7aa50f0d88b07bc56e2ac9f38649a7c587a230ab","sha256":"ec3bda45fbc92ed67d9eece3212d7217aac929e6202997d0b0507b9ae7078a5a","sha512":"907099098e061ae0babbe56d67a51b59c5ac4562817f26fd7facf51bd879660e874744426447f799cb028e6fd03763b6d59acdd3fbcafb01cd8e24986ac7da8d","ssdeep":"","tlshash":"9bc02b310401008228328d53ec003460c4cb4171d57c08ef05a40a2dc10c08aac14113","first_seen":"2025-12-16T18:41:57.696129Z","last_seen":"2026-03-01T21:33:12.531866Z","times_seen":257,"resource_available":false,"data":null}},"time_used":211,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/theme/Jz52_ylz/xtiper/xtiper.min.js","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:09.966Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/theme/Jz52_ylz/xtiper/xtiper.min.js HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:10 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Tue, 22 Apr 2025 08:04:09 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\netag: \"68074d79-9a7d\"\r\nexpires: Thu, 19 Feb 2026 15:32:10 GMT\r\ncache-control: max-age=43200\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-848c-7e83-8218-9f6a7a22b260\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":39549,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (39395)","md5":"15701f4d8642dcf13ba284d1c897ee23","sha1":"8179c9a6f12d5f693803387e28168b9136a58a8a","sha256":"afcf9570e11b45aec5654ea6f47448e0bb4d846b9f10336e2048311b90761df3","sha512":"0e926c525f3158e476c3e8436c17ece393f38ba8b2dabb9431b174564086e10848c6a09df003b168f5ddcee713d78deb1c11013d8505e0797ccf518075679bf6","ssdeep":"768:g6MC4gX1/hO2YdKYz1NEYnEW4EW5+LBrT+hdg4omlEn4fYbqraJt/2GodzBVglCz:g6L4gF/hO2KKYJNE2ENEW5+LBrT+hy4B","tlshash":"e503c69b7348383743eb0a48544f8b847922db734b89a925d570fc1a96b4fc1a936fcd","first_seen":"2025-06-18T19:58:40.613303Z","last_seen":"2026-03-31T11:56:58.196619Z","times_seen":46,"resource_available":true,"data":null}},"time_used":1369,"timings":{"blocked":450,"dns":52,"connect":210,"send":0,"wait":278,"receive":137,"ssl":239},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"afe.qr7gax.top/images/logo_hj.png","fqdn":"afe.qr7gax.top","domain":"qr7gax.top","tld":"top"},"ip":{"addr":"149.104.35.77","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://afe.qr7gax.top/?v=1771471931842","date":"2026-02-19T03:32:15.356Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qr7gax.top","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 18 Feb 2026 00:00:00 GMT","end":"Tue, 19 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2B:95:02:91:5E:E8:74:F1:2F:A1:7D:00:BC:2F:5B:30:E9:49:01:22","sha256":"05:06:DA:14:AB:0F:96:26:40:F9:26:18:C1:BC:BF:76:A4:F3:80:62:9A:5E:06:EC:9B:74:BE:EB:EE:AF:CB:CF"}}},"request":{"raw":"GET /images/logo_hj.png HTTP/1.1\r\nHost: afe.qr7gax.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://afe.qr7gax.top/?v=1771471931842\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:16 GMT\r\nContent-Type: image/png\r\nContent-Length: 5368\r\nConnection: keep-alive\r\nKeep-Alive: timeout=120\r\nVary: Accept-Encoding\r\nETag: \"14f8-hVFSICR+Sk2JVsOm0H7DsXWPDXE\"\r\nLast-Modified: Mon, 15 Dec 2025 08:51:44 GMT\r\nx-request-id: 019c73f4-9bf5-7d50-b236-611f51857f02\r\nAge: 1260\r\nX-Cache-Status: hit\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5368,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit colormap, non-interlaced","md5":"e33134bf440ed193d7a2de34574bb490","sha1":"85515220247e4a4d8956c3a6d07ec3b1758f0d71","sha256":"84d441a67686e276e7d583fb60f012ecc1cfc139a1a1215c99c400b5bdb3c865","sha512":"e6064fc3e15b8b9163dc48cadc55698fe0426e9a24b42c6d4aa6b83161434993cf5aa350ce994a50ab5d73c949adea0975e4cb7e0578087a0c85f36ae7f96ec5","ssdeep":"96:gKbSl6HYjboT8SzuX9KI5f/fzzcInobX4K5K7tBcimLgkAiKvwIR1CbENu:gcXL8SzuXwI1ffjnobvKhBm8kA0mCgNu","tlshash":"51b19f829d79b67edc1a59d2c404709fd9d10585397502462cf7c19af2c30ed17c07da","first_seen":"2025-08-19T22:12:06.088126Z","last_seen":"2026-03-07T13:24:56.704695Z","times_seen":281,"resource_available":false,"data":null}},"time_used":2339,"timings":{"blocked":1061,"dns":631,"connect":209,"send":0,"wait":209,"receive":1,"ssl":225},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"afe.qr7gax.top/_nuxt/BHxy9OVn.js","fqdn":"afe.qr7gax.top","domain":"qr7gax.top","tld":"top"},"ip":{"addr":"149.104.35.77","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://afe.qr7gax.top/?v=1771471931842","date":"2026-02-19T03:32:16.683Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qr7gax.top","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 18 Feb 2026 00:00:00 GMT","end":"Tue, 19 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2B:95:02:91:5E:E8:74:F1:2F:A1:7D:00:BC:2F:5B:30:E9:49:01:22","sha256":"05:06:DA:14:AB:0F:96:26:40:F9:26:18:C1:BC:BF:76:A4:F3:80:62:9A:5E:06:EC:9B:74:BE:EB:EE:AF:CB:CF"}}},"request":{"raw":"GET /_nuxt/BHxy9OVn.js HTTP/1.1\r\nHost: afe.qr7gax.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://afe.qr7gax.top/_nuxt/Dmk0oD0K.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:16 GMT\r\nContent-Type: text/javascript; charset=utf-8\r\nContent-Length: 51396\r\nConnection: keep-alive\r\nKeep-Alive: timeout=120\r\ncache-control: public, max-age=31536000, immutable\r\nVary: Accept-Encoding\r\nETag: \"c8c4-IDbWV83S5WAife2LcnyxKVCNeqA\"\r\nLast-Modified: Mon, 15 Dec 2025 08:51:44 GMT\r\nx-request-id: 019c73f4-9d90-7992-ac27-6c435767b3e7\r\nAge: 1260\r\nX-Cache-Status: hit\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":51396,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (35060)","md5":"e06a507d1958490d06a8ba5aaa00e230","sha1":"2036d657cdd2e560227ded8b727cb129508d7aa0","sha256":"463bd7c7eca2c55a5a56bfac3d93366663162ffbac511aae38c2a873450730c0","sha512":"8ce159d0f748003ba7c25082ccac170d47ee758614570984aeda9577fe50a0e35dd89a6335d86ebb95f3d722e0b98ea5bd140864c3486b2fca9d1d332b53f143","ssdeep":"768:/vJNE7Qp0dZmfzppzl4KE/86+29BqWysVrz7fS/UzdvOOJ2jvRAAOJO4NccME4/I:kMGgYgyDZKvXlcTnor74","tlshash":"06332ad8b3e7e2f6a2f75ef1803e0001f119af596069c4a8f17c8fa61ed68056136736","first_seen":"2025-12-16T18:41:57.772634Z","last_seen":"2026-03-07T13:24:56.704195Z","times_seen":264,"resource_available":true,"data":null}},"time_used":372,"timings":{"blocked":144,"dns":0,"connect":0,"send":0,"wait":208,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/upload/water/2025-12-13/693cee22c7613.jpeg","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:09.989Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/upload/water/2025-12-13/693cee22c7613.jpeg HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:12 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Sat, 13 Dec 2025 04:40:02 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\netag: \"693cee22-89c4\"\r\nexpires: Sat, 21 Mar 2026 03:32:12 GMT\r\ncache-control: max-age=2592000\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-8dcb-7870-8113-229c9947d8a6\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":35268,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 498x310, components 3","md5":"8a6a92084053a45d5fa0efbe120da537","sha1":"f92dfd21f5418d9f31047dcb291b239aff48e33b","sha256":"770dc156d82caa565e26c61931b3acf8bd8ed89058289b59776dd25d44c9fac2","sha512":"20263c732226a4c5cfb369a83fef6b461ade2405e2ccd0ce99dc016589a8762a902b7499f6730f769bc6bb728cf820ddd5dc89c76e69238c6bda50b116cd64e1","ssdeep":"768:GLURoZtGa+djni6ZAxXVoBsmfdF1gc7q1c/wjA4klCwm/kU5ich8:UCstGzdjni6ZA5eumfx57q1chgw0k0h8","tlshash":"71f2f164bd43a1af139ea3dc53b4158367b1a0fa78afae24f125f3808503db48cb554c","first_seen":"2026-01-27T08:07:56.377003Z","last_seen":"2026-02-28T05:20:03.601142Z","times_seen":5,"resource_available":false,"data":null}},"time_used":3041,"timings":{"blocked":2794,"dns":0,"connect":0,"send":0,"wait":245,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/upload/water/2025-12-13/693ce7a8c6894.jpeg","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:09.993Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/upload/water/2025-12-13/693ce7a8c6894.jpeg HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:12 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Sat, 13 Dec 2025 04:12:24 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\netag: \"693ce7a8-3285\"\r\nexpires: Sat, 21 Mar 2026 03:32:12 GMT\r\ncache-control: max-age=2592000\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-8ded-78a1-a776-019e0632b547\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12933,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 323x202, components 3","md5":"079119406b10e4e6c498c11246a86259","sha1":"64a9217ad2aac1a077d1bfeefefd49f8d8cb06b4","sha256":"98735eb8e997ba8f70ede38a3cf7843a860e4dad93b5f2342565cef346edb5f5","sha512":"d572d352dccebeaad8acc8a359d29070a5913f41d065cac6c1623e9a08cb6895afe1587c4990e860cad03659647ef57091cfc6a0cabb21437cb6ab54d7f4bd8e","ssdeep":"384:GZWOjd0hk/GdLGw5w0s082J41WIyA03WAilpb0J:GZW0C6/GFG405Mgp4J","tlshash":"e842bf0be73fa9653763967161e1fed4e0049d42ac08a2f79b8091e02172f38b64d695","first_seen":"2026-01-27T08:07:56.349015Z","last_seen":"2026-02-28T05:20:03.587508Z","times_seen":5,"resource_available":false,"data":null}},"time_used":3067,"timings":{"blocked":2824,"dns":0,"connect":0,"send":0,"wait":242,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/theme/Jz52_ylz/images/mtop1.svg","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:10.018Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/theme/Jz52_ylz/images/mtop1.svg HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:13 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 776\r\nLast-Modified: Tue, 22 Apr 2025 08:04:09 GMT\r\nConnection: keep-alive\r\netag: \"68074d79-308\"\r\nAccept-Ranges: bytes\r\nx-request-id: 019c73f4-8ee1-76c0-b09d-fa9691d2604b\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":776,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"17647b7f6476fffa78661de43dcf5aee","sha1":"ff29a430988cd83fbc26acee5f1d593551a76702","sha256":"0c8b13b5c0764c9eaa7f228828c3174eecd52d483318ebceb8c5942fccdb3e29","sha512":"d6426379116b4d08da9029eb67cb5ea224c9ddb3e4a9dde247311a70b824a36360d38a6f5dfa7cd009e0956883c5d24b777258fafeb69a5b893785b7ebab94ad","ssdeep":"","tlshash":"4001203801492ea9120343a06fc518cd13bfb503f0f897f5f7e225320d24caf5238152","first_seen":"2025-12-07T08:27:51.86263Z","last_seen":"2026-02-28T05:20:03.589267Z","times_seen":8,"resource_available":false,"data":null}},"time_used":3285,"timings":{"blocked":3043,"dns":0,"connect":0,"send":0,"wait":242,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/plugin/UEditor/third-party/prism/prism.css","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:11.903Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/plugin/UEditor/third-party/prism/prism.css HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:12 GMT\r\nContent-Type: text/css\r\nLast-Modified: Tue, 11 Jul 2023 21:18:02 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\netag: \"64adc70a-1039\"\r\nexpires: Thu, 19 Feb 2026 15:32:12 GMT\r\ncache-control: max-age=43200\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-8b0c-7b13-9ee9-ed3c3acbb7c2\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4153,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (446), with CRLF line terminators","md5":"b723c2f958f530879d534e05628b401a","sha1":"2a7ba0076d94322373e6033e8e7d414c77b11592","sha256":"e82e0b58f5c11f55f08603ea35e2aa7612d4e5986e5cb6bc2d4c53e3c1c9c149","sha512":"f5537e2e51c8e8c210a639646fad3230e2180e5c5ad2597115b24d1253e73981469a2d3155e28b8ba38e77776fc6933a2ba45d0e9f00fd5876d7264f7d6e46fb","ssdeep":"96:FJpT8IVUVLK5oSXX1V1VIHvtVtVQnVAf5rVKHVlVaBkBABvBUBQBBOB9BlBWBnBb:B8dLK5oSXXzzIHvLLQVy5xK1DiQcpgQ5","tlshash":"958110219d7b159d30076a67e8f1b0243816aa19c993267cbf30d2909f43fdeebb3519","first_seen":"2023-04-08T15:33:58Z","last_seen":"2026-04-05T12:04:50.436192Z","times_seen":1397,"resource_available":false,"data":null}},"time_used":426,"timings":{"blocked":174,"dns":0,"connect":0,"send":0,"wait":251,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/upload/2025/04/20250422160932174530937210383.png","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:10.022Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/upload/2025/04/20250422160932174530937210383.png HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:12 GMT\r\nContent-Type: image/png\r\nLast-Modified: Tue, 22 Apr 2025 08:09:32 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\netag: \"68074ebc-5dfb\"\r\nexpires: Sat, 21 Mar 2026 03:32:12 GMT\r\ncache-control: max-age=2592000\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-8c06-7752-9cf9-a3f390c567b1\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24059,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 620 x 160, 8-bit colormap, non-interlaced","md5":"2dc9f9607ff0d1c75b3ba144555fba8f","sha1":"647fe1e3185e93edc9f1f1d30716bc8fcb4dc492","sha256":"334f607965d94e0149afc6a257f1e61230a26b9a253b4e8340db1f7dfca8a0ff","sha512":"fa1625fea11c53b7597678409c50833512814a78b1724f70c2f0bc5dc7ffb1570c32a4dd56579d103ee009eee7b815aabc76cb99b03a66003d6cfc8a32096573","ssdeep":"384:6bxZsYKKodP0IBlvLHg/PVjamtVMGOXyxiRMbVQocl1q5+DCjJSQINWzzIefNzAv:0xZsfdPZBlviPwmtVYX9RU5cl1qoDOIN","tlshash":"beb2d1e08c4f08d4b6761672d32bbb511426e6f9b3c07afa37da127665e00b4295a391","first_seen":"2025-12-07T08:27:51.794443Z","last_seen":"2026-03-01T10:00:44.279854Z","times_seen":10,"resource_available":false,"data":null}},"time_used":2556,"timings":{"blocked":2308,"dns":0,"connect":0,"send":0,"wait":247,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"afe.qr7gax.top/images/logo_91cg.png","fqdn":"afe.qr7gax.top","domain":"qr7gax.top","tld":"top"},"ip":{"addr":"149.104.35.77","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://afe.qr7gax.top/?v=1771471931842","date":"2026-02-19T03:32:15.358Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qr7gax.top","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 18 Feb 2026 00:00:00 GMT","end":"Tue, 19 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2B:95:02:91:5E:E8:74:F1:2F:A1:7D:00:BC:2F:5B:30:E9:49:01:22","sha256":"05:06:DA:14:AB:0F:96:26:40:F9:26:18:C1:BC:BF:76:A4:F3:80:62:9A:5E:06:EC:9B:74:BE:EB:EE:AF:CB:CF"}}},"request":{"raw":"GET /images/logo_91cg.png HTTP/1.1\r\nHost: afe.qr7gax.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://afe.qr7gax.top/?v=1771471931842\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:16 GMT\r\nContent-Type: image/png\r\nContent-Length: 17856\r\nConnection: keep-alive\r\nKeep-Alive: timeout=120\r\nVary: Accept-Encoding\r\nETag: \"45c0-WyOTBcJJ4C/nxv2dzLKMPY7eCNQ\"\r\nLast-Modified: Mon, 15 Dec 2025 08:51:44 GMT\r\nx-request-id: 019c73f4-9bf9-77b3-97e4-40138fa90bb0\r\nAge: 1260\r\nX-Cache-Status: hit\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17856,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit colormap, non-interlaced","md5":"44ced265a5fd620d1eaa2d98f0861016","sha1":"5b239305c249e02fe7c6fd9dccb28c3d8ede08d4","sha256":"419d25c5178440eba21831216ed5745374ea291d1fd283c3bf5a3cccbc0171b8","sha512":"edce904991e9260edb69e0c4ecb040cff4a2646e8ac8bf90d937a893f5c73b13e382a38f59601acd70a9984aad15bacd514ff6d16ff673aa1541101dae710bbe","ssdeep":"384:E0bJkhjA3skjYRKaVlWJjrfsaEWxZBcOycSts82xENPjrJRw:zbJkEkjf+XT+OTqt2kjro","tlshash":"6a82c0570cc24b0421734d7a9109c6da8306e93fb753b6fe07fef34a5260a596528e6f","first_seen":"2025-08-19T22:12:06.063531Z","last_seen":"2026-03-07T13:24:56.716414Z","times_seen":281,"resource_available":false,"data":null}},"time_used":2560,"timings":{"blocked":1063,"dns":630,"connect":212,"send":0,"wait":210,"receive":217,"ssl":226},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d6ii9agw2wrlt.cloudfront.net/system/202512/e1764ea7e3334e90951501e45a041c0b","fqdn":"d6ii9agw2wrlt.cloudfront.net","domain":"d6ii9agw2wrlt.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.230.245.215","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://afe.qr7gax.top/?v=1771471931842","date":"2026-02-19T03:32:17.069Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /system/202512/e1764ea7e3334e90951501e45a041c0b HTTP/1.1\r\nHost: d6ii9agw2wrlt.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://afe.qr7gax.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/base64.jpg\r\ncontent-length: 166818\r\nx-amz-replication-status: COMPLETED\r\nlast-modified: Fri, 12 Dec 2025 11:05:29 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: 0B9Lut3x0_SekP3YPPSLioTUXZxGGtnj\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Thu, 19 Feb 2026 03:32:17 GMT\r\netag: \"7cc4a96b27bfbad74aecce8c39a50d8e\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: Fouj8r9e2Kylu6b1CYYbVe2wS2bRylUWAFr7UezDXjsN6Ifo5etvEw==\r\nage: 4004\r\nvary: accept-encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":166818,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=美图秀秀], baseline, precision 8, 800x450, components 3","md5":"7cc4a96b27bfbad74aecce8c39a50d8e","sha1":"8d1db583c00f09303dd35a52651dbb1f054b3841","sha256":"c3b431772247b14b9fc38797680003332f0b05fe1f6615703bbd6472c21db8c2","sha512":"413b83523d926d7b81910bf43ef71fe87b9b09e11f4cfbb66f432cfe6d42b9910432eb1f93cb8431973dadce90bdad3591582e852fb5c028da6301bc0ef6c1bc","ssdeep":"3072:21kwLkusRA0JnriXGTTgkGOa8OgxmzdVH4oWa3GoLG/S9z1Gk:lw4dJIaTHLR+dJ4oWCD6/If","tlshash":"30f312138c154b9c76e663647e0b03eddf0059bc10a129be06221dd3772eabe6d9c69e","first_seen":"2025-12-13T08:59:43.809706Z","last_seen":"2026-03-07T13:24:56.717161Z","times_seen":208,"resource_available":false,"data":null}},"time_used":145,"timings":{"blocked":82,"dns":0,"connect":0,"send":0,"wait":59,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d6ii9agw2wrlt.cloudfront.net/system/202601/2d664869e0f24dd7a67fbf5449594f94","fqdn":"d6ii9agw2wrlt.cloudfront.net","domain":"d6ii9agw2wrlt.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.230.245.215","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://afe.qr7gax.top/?v=1771471931842","date":"2026-02-19T03:32:17.074Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /system/202601/2d664869e0f24dd7a67fbf5449594f94 HTTP/1.1\r\nHost: d6ii9agw2wrlt.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://afe.qr7gax.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/base64.jpg\r\ncontent-length: 208613\r\ndate: Wed, 18 Feb 2026 08:49:39 GMT\r\nx-amz-replication-status: COMPLETED\r\nlast-modified: Sun, 18 Jan 2026 08:44:41 GMT\r\netag: \"11d32313b0d820ae17b660c8c1f2b501\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: 2_WVh4udWVZeaofnWFUgRwpEHa0xbhPJ\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: ypFPBOFCOBbtKaxChHQZ5ZxL7wvdCZbdtU3SxYS2tBBKi3Aw01889w==\r\nage: 67358\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":208613,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 200 x 200","md5":"11d32313b0d820ae17b660c8c1f2b501","sha1":"c5a84942dc4d0431f8a64b5a8cb3be3abe098e7c","sha256":"9c8cb0467202328f62deece7ea193e6b083e4f299e28bfad1b38e26d58915190","sha512":"5c2af4a884c05578d9a8b537fb59829fc8c15df24da194a2b2aab71f06cc8318f3f39b64f38ea7b15c9aac44b2a4a4e92e5e7dbdbfbb26c6781894f66407633b","ssdeep":"3072:EK4TA6ojr9KJa5QA4NprYwNqxleAwQkSdGHmmFLThrQkvXcv1SlqQ8Nb:N36+4QUprYwquS+mmF3ZQ3DQ8N","tlshash":"ce142395eed9883dea4c6c6c01178c63ff275cf82d315634aba3654e6d29dca8025f38","first_seen":"2026-01-18T09:31:19.10439Z","last_seen":"2026-03-23T13:37:58.023223Z","times_seen":322,"resource_available":false,"data":null}},"time_used":230,"timings":{"blocked":83,"dns":9,"connect":11,"send":0,"wait":43,"receive":5,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d6ii9agw2wrlt.cloudfront.net/system/202601/f6bc8dad859148878af0640a5fafb746","fqdn":"d6ii9agw2wrlt.cloudfront.net","domain":"d6ii9agw2wrlt.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.230.245.215","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://afe.qr7gax.top/?v=1771471931842","date":"2026-02-19T03:32:17.074Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /system/202601/f6bc8dad859148878af0640a5fafb746 HTTP/1.1\r\nHost: d6ii9agw2wrlt.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://afe.qr7gax.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/base64.jpg\r\ncontent-length: 135212\r\nx-amz-replication-status: COMPLETED\r\nlast-modified: Thu, 29 Jan 2026 08:47:26 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: UBrJnqAI1CnNVBsY8f0sGBVnS.fWU0c9\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Thu, 19 Feb 2026 03:32:17 GMT\r\netag: \"115b8fe3210dac8aa45a495266d501a0\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: yImpvT0d7j_dP7Ag8RhS8Ju51a2DUxxGP7ffPHIEcCUNLr6wPXTBLQ==\r\nage: 4031\r\nvary: accept-encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":135212,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 150 x 150","md5":"115b8fe3210dac8aa45a495266d501a0","sha1":"d73cfda581adbb4fd0d2a86ac3fa8927ad2d5280","sha256":"bbc996ab3ff5a0eb1a9f028e0a0a96bc09198b4aee4ab5c03ba18663753cf3bc","sha512":"f19a2e5d11798f39ae45d40d832ee4ae6f70c8fb23c677348935acf5a2c3c4b3c52fb7570650cf4f012a81333d6345eea51cf38fa6cdf575a3f6129d2c68b615","ssdeep":"3072:as++qZ0vpt4gsiK7ha4tHUQhcyxH9+fagQ:F606iK7UQh59x","tlshash":"e9d312e7c6108b33961ddb7825f31ccc2c3c81705ea9a6952d18b7b5157c28eda928bf","first_seen":"2026-01-19T02:39:08.830748Z","last_seen":"2026-03-22T11:37:24.079172Z","times_seen":176,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":82,"dns":11,"connect":3,"send":0,"wait":65,"receive":3,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d6ii9agw2wrlt.cloudfront.net/system/202512/c492fb97afdc45a48e46a4e4cebcad00","fqdn":"d6ii9agw2wrlt.cloudfront.net","domain":"d6ii9agw2wrlt.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.230.245.215","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://afe.qr7gax.top/?v=1771471931842","date":"2026-02-19T03:32:17.086Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /system/202512/c492fb97afdc45a48e46a4e4cebcad00 HTTP/1.1\r\nHost: d6ii9agw2wrlt.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://afe.qr7gax.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/base64.jpg\r\ncontent-length: 30182\r\nx-amz-replication-status: COMPLETED\r\nlast-modified: Mon, 15 Dec 2025 08:22:57 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: SbPGihLrSyDmivZkYneK8a2rCuIfJdNS\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Thu, 19 Feb 2026 03:32:17 GMT\r\netag: \"b0826b710d3d1bf60f9fd37878989449\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: GLxhKWI-KZDcohRvAAxWTyVWOPaAOU0PppqJ0JUtGa1cz5Y18ovdTg==\r\nage: 4014\r\nvary: accept-encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":30182,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x500, components 3","md5":"b0826b710d3d1bf60f9fd37878989449","sha1":"57998439279e8d70c16d299deb13cf92ba740395","sha256":"83aa9dfeb8eae254c9c85426707dbfa15598fa0a9b49610b33b8cc596b777a6d","sha512":"fbe4db0e4b308375b221615fa41fb32f41aa409d0a2dbec005068648327cb150957120d3a0d200eebb8b07ab0af748efdbe55a8c7f28e2de0e7dda7a2ca65c45","ssdeep":"768:CN/9qGubyEJeHjIFccLTr5duQrbTIz26AjgAY1GQ:CNlHuHQj+fmiFZCB","tlshash":"f9d2e13e352561dcd79f8635007f10da6a6ddb78b1e691f249855780ebcabcc0f1c458","first_seen":"2025-12-16T23:23:39.415333Z","last_seen":"2026-03-07T13:24:56.730311Z","times_seen":208,"resource_available":false,"data":null}},"time_used":99,"timings":{"blocked":23,"dns":0,"connect":0,"send":0,"wait":75,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/theme/Jz52_ylz/images/top2.svg","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:10.008Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/theme/Jz52_ylz/images/top2.svg HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:12 GMT\r\nContent-Type: image/svg+xml\r\nLast-Modified: Tue, 22 Apr 2025 08:04:09 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\netag: \"68074d79-bc7\"\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-8c06-7752-9cf9-a3a36684685a\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3015,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ec703737c79e8d8d324426dbddab3408","sha1":"e0187058ed25f0d7c6ef6900bf91a08e62fc5069","sha256":"0c31240e56be782458cdeab705dea1573078ddd70de48c0f47c8cdd2f85b310b","sha512":"726fc61f12a316c5fc75a6ae2becd4c2bfa69a2c66bae9981bbfcca1ec89f644d6fceed02815d03d257c253fbb6563f7742eea08f8994db6ad340302d8b3d689","ssdeep":"","tlshash":"c751f0770214976a8541d78487e6b18d33a85643f2fb90ecafe31a962c165fbc13cc50","first_seen":"2025-12-07T08:27:51.763674Z","last_seen":"2026-02-28T05:20:03.618093Z","times_seen":8,"resource_available":false,"data":null}},"time_used":2565,"timings":{"blocked":2322,"dns":0,"connect":0,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/upload/water/2025-06-18/68523bbba4619.jpeg","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:10.012Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/upload/water/2025-06-18/68523bbba4619.jpeg HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:12 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Wed, 18 Jun 2025 04:08:27 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\netag: \"68523bbb-c73f\"\r\nexpires: Sat, 21 Mar 2026 03:32:12 GMT\r\ncache-control: max-age=2592000\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-8c06-7752-9cf9-a41e3c316402\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":51007,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 500x1083, components 3","md5":"1e966c4a9dfcb86ed08a8de274731460","sha1":"d5a2691db1929ae2d4d9e5cf7be177518b16128e","sha256":"d6347c7e8b6b52b1ec62f37d5a4fd63a086b18d3fed20294b601fbde042a5f42","sha512":"b10be5a30c36497f7c1071df5d48c0689f61fbf62bcbfc0243a9f202e6ddd456cf56be1ce06a25d70814de790997fcc1d78cbe3038d4dd26a89c694bd10bcbbe","ssdeep":"768:Gv++Zqm9I+szFHve9o5haq45rYnjcVIM7k9DQTAMlJS2hLI1ET2LruzRfb:Q++t94zlQnqNj9MADQn7z2Lruzd","tlshash":"9a339d43cd159f87a619c3fabf0b0da45f1e5259e4ca3fee54324e9b5b602262c8e04d","first_seen":"2025-09-10T22:28:41.356744Z","last_seen":"2026-02-28T05:20:03.594113Z","times_seen":9,"resource_available":false,"data":null}},"time_used":2744,"timings":{"blocked":2318,"dns":0,"connect":0,"send":0,"wait":216,"receive":210,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"afe.qr7gax.top/images/logo_51.png","fqdn":"afe.qr7gax.top","domain":"qr7gax.top","tld":"top"},"ip":{"addr":"149.104.35.77","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://afe.qr7gax.top/?v=1771471931842","date":"2026-02-19T03:32:15.354Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qr7gax.top","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 18 Feb 2026 00:00:00 GMT","end":"Tue, 19 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2B:95:02:91:5E:E8:74:F1:2F:A1:7D:00:BC:2F:5B:30:E9:49:01:22","sha256":"05:06:DA:14:AB:0F:96:26:40:F9:26:18:C1:BC:BF:76:A4:F3:80:62:9A:5E:06:EC:9B:74:BE:EB:EE:AF:CB:CF"}}},"request":{"raw":"GET /images/logo_51.png HTTP/1.1\r\nHost: afe.qr7gax.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://afe.qr7gax.top/?v=1771471931842\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:16 GMT\r\nContent-Type: image/png\r\nContent-Length: 42687\r\nConnection: keep-alive\r\nKeep-Alive: timeout=120\r\nVary: Accept-Encoding\r\nETag: \"a6bf-HU75SaXccN3QjvsT0rNCBfJTU6I\"\r\nLast-Modified: Mon, 15 Dec 2025 08:51:44 GMT\r\nx-request-id: 019c73f4-9bec-7420-b50d-ce553cc4b340\r\nAge: 1260\r\nX-Cache-Status: hit\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":42687,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 640 x 640, 8-bit colormap, non-interlaced","md5":"a2e84475a7b64a9f475a7d16f1175717","sha1":"1d4ef949a5dc70ddd08efb13d2b34205f25353a2","sha256":"1abf896bda07df0b69e84bdc27d8634ba08ab7b65a83a357d89fcd1ec93203ae","sha512":"413ed455a7e476e0cd446d69b56a414c0fa4e42b2d027a838438812f86f749c19d0ae57c6565c414242348c4dc9b3b69c04b10681a077ddf1e6922908db99d10","ssdeep":"768:/zMn72ME/PwCTCvXlCNaLY3NGAd4ZIykJtc3kKA1eovIh5Jac4Yl8kLLH77Ra:7e7WPHCvXlCNC2Nf4GykLEkKAg4+3R4n","tlshash":"4e13f1fc305749330598eb7174698ac234a1be5edba49c77197202a67051e8bfc8ebf4","first_seen":"2025-08-19T22:12:06.062157Z","last_seen":"2026-03-07T13:24:56.726725Z","times_seen":281,"resource_available":false,"data":null}},"time_used":2659,"timings":{"blocked":1054,"dns":634,"connect":206,"send":0,"wait":210,"receive":334,"ssl":218},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"afe.qr7gax.top/images/logo_52cg.png","fqdn":"afe.qr7gax.top","domain":"qr7gax.top","tld":"top"},"ip":{"addr":"149.104.35.77","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://afe.qr7gax.top/?v=1771471931842","date":"2026-02-19T03:32:15.359Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qr7gax.top","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 18 Feb 2026 00:00:00 GMT","end":"Tue, 19 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2B:95:02:91:5E:E8:74:F1:2F:A1:7D:00:BC:2F:5B:30:E9:49:01:22","sha256":"05:06:DA:14:AB:0F:96:26:40:F9:26:18:C1:BC:BF:76:A4:F3:80:62:9A:5E:06:EC:9B:74:BE:EB:EE:AF:CB:CF"}}},"request":{"raw":"GET /images/logo_52cg.png HTTP/1.1\r\nHost: afe.qr7gax.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://afe.qr7gax.top/?v=1771471931842\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:16 GMT\r\nContent-Type: image/png\r\nContent-Length: 18625\r\nConnection: keep-alive\r\nKeep-Alive: timeout=120\r\nVary: Accept-Encoding\r\nETag: \"48c1-VCk+kAJWuEYf7yEGC1/UG4Q72rI\"\r\nLast-Modified: Mon, 15 Dec 2025 08:51:44 GMT\r\nx-request-id: 019c73f4-9c00-7692-84c6-427f2332bcdf\r\nAge: 1260\r\nX-Cache-Status: hit\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18625,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit colormap, non-interlaced","md5":"5edcd3489b3a27601e234e73e7c2248b","sha1":"54293e900256b8461fef21060b5fd41b843bdab2","sha256":"25ec9c455d8aacb0167cf70214a9108782721324283fee703f6ef691077d1614","sha512":"ecb7ef9745edbb40d65ff355cf07a22df63596265e6cf599d7648faf2160e9c4bccb3adf40d0e476bf2588337fe3cd9b5c2e4ee1c9f573f9a16084b9bf50d43b","ssdeep":"384:qxlCS22uioAQLtffY5G+KJWST1qlG26YklBeQXhs3MMpzmDcaKM:qxQSwiRQLNfYo+KMST1yGjvBeQxs8XDh","tlshash":"1882e047f401e82332a73ffa665010b5748ed7ba7e24b0c2687537f6290499adee3c95","first_seen":"2025-12-16T18:41:57.761437Z","last_seen":"2026-03-07T13:24:56.713291Z","times_seen":267,"resource_available":false,"data":null}},"time_used":2579,"timings":{"blocked":1068,"dns":629,"connect":216,"send":0,"wait":214,"receive":221,"ssl":229},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"collect-v6.51.la/v6/collect?dt=4","fqdn":"collect-v6.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"43.159.107.113","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://afe.qr7gax.top/?v=1771471931842","date":"2026-02-19T03:32:15.883Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.51.la","organization":"广州有啦网络科技有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 18 Mar 2025 04:08:22 GMT","end":"Sun, 19 Apr 2026 04:08:21 GMT"},"fingerprint":{"sha1":"AE:CB:32:71:EE:EE:E6:72:A4:88:B2:9F:4F:C4:E5:B5:A8:C2:73:6C","sha256":"7C:F1:09:2F:6A:8C:5B:F8:63:DF:D3:32:B0:F3:F8:E7:01:29:0E:F2:55:8B:4F:6C:58:55:8E:44:E9:EC:15:F4"}}},"request":{"raw":"POST /v6/collect?dt=4 HTTP/1.1\r\nHost: collect-v6.51.la\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Length: 465\r\nOrigin: https://afe.qr7gax.top\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://afe.qr7gax.top/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 210 No Reason Phrase\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://afe.qr7gax.top\r\naccess-control-allow-credentials: true\r\nserver: TencentEdgeOne\r\ncontent-length: 0\r\ndate: Thu, 19 Feb 2026 03:32:15 GMT\r\neo-log-uuid: 5804899109582457292\r\neo-cache-status: MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"210","status_text":"No Reason Phrase","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":253,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":252,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d6ii9agw2wrlt.cloudfront.net/system/202602/86ce9f6223cc4ef9b756132221fc6257","fqdn":"d6ii9agw2wrlt.cloudfront.net","domain":"d6ii9agw2wrlt.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.230.245.215","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://afe.qr7gax.top/?v=1771471931842","date":"2026-02-19T03:32:17.072Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /system/202602/86ce9f6223cc4ef9b756132221fc6257 HTTP/1.1\r\nHost: d6ii9agw2wrlt.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://afe.qr7gax.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/base64.jpg\r\ncontent-length: 506791\r\nx-amz-replication-status: COMPLETED\r\nlast-modified: Sun, 01 Feb 2026 14:46:34 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: wc6wmfUdhPIcrKyzO5wEKyA_DbEe8GLO\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Thu, 19 Feb 2026 00:29:46 GMT\r\netag: \"d56424ddacedf9c756405acfd5ef6b58\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: zYeB-CtYlYxVIwtmcsLZBjSy0OWqU46SCVCCQ3GnO_lgvbprzpnc8g==\r\nage: 72380\r\nvary: accept-encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":506791,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 200 x 200","md5":"d56424ddacedf9c756405acfd5ef6b58","sha1":"fd4203a35d7c3b1e291fdf5599f7934fa37ceff3","sha256":"874adf618342d70c737f4f18cb22634a16ec1064ac16b9e2965f85bfcc295d8f","sha512":"4b9d69d916c192cbf00ff60aae24a19a83ba153c5f332855ba933bb429e32f6c5286b5b3a3ba7611b0d8ff5f5773f9fcb83222f0217675267f4b1672545d290a","ssdeep":"12288:j1TTeF3hT0il2Sh2WuatHnkSSh2WuaBSLM/59fwDTh+tHnkSSh2WuaG:VTSTHduwqduQOM/Dl5qduZ","tlshash":"b2b4234ec3086553ba071e702932274b50929eb9931fce0757d1666a7abbc87a338df0","first_seen":"2026-02-02T00:09:15.979177Z","last_seen":"2026-04-05T06:15:32.182941Z","times_seen":223,"resource_available":false,"data":null}},"time_used":107,"timings":{"blocked":33,"dns":9,"connect":1,"send":0,"wait":5,"receive":21,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d6ii9agw2wrlt.cloudfront.net/system/202512/5053c70938104e03b82fe3f6e181aa53","fqdn":"d6ii9agw2wrlt.cloudfront.net","domain":"d6ii9agw2wrlt.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.230.245.215","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://afe.qr7gax.top/?v=1771471931842","date":"2026-02-19T03:32:17.078Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /system/202512/5053c70938104e03b82fe3f6e181aa53 HTTP/1.1\r\nHost: d6ii9agw2wrlt.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://afe.qr7gax.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/base64.jpg\r\ncontent-length: 60005\r\nx-amz-replication-status: COMPLETED\r\nlast-modified: Thu, 25 Dec 2025 10:02:41 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: 8Ii_zr6EoioUcvoWjqOBZyJPQiuYfoQz\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Thu, 19 Feb 2026 03:32:17 GMT\r\netag: \"1068d9571a76658e0963cd4ab5b43867\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: AM7rFqxmytm88Nb_pDl9Vf36GFCvFhhFEfMZTYWKwJw2_mFdPqN0wQ==\r\nage: 4028\r\nvary: accept-encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":60005,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 200 x 200","md5":"1068d9571a76658e0963cd4ab5b43867","sha1":"5fb71325634c1d0dd57e863e8a8b119113c536a8","sha256":"2ed3b7a545ce246259e4a17202ab4a718c73a63f6b3cd214249af205a15b8ec3","sha512":"e56185304276211402a7f126093d4579cc691ac1c623110cf240bec2101fc2b7f6b86d87824e42aa0923812b48746afe1880771546fa471a4749415f28147fa3","ssdeep":"1536:ajPbEjSporKSYEjSporKSYEjSpRgbdK0v6bdK0v6bdK0R:a02orjd2orjd2Rg44f","tlshash":"fa43f1f2ceb04b49a8ff4052b9b864be9cd42e7a3e187714f468e401940496d65f2db9","first_seen":"2025-04-27T22:51:41.498505Z","last_seen":"2026-04-05T06:15:32.20467Z","times_seen":508,"resource_available":false,"data":null}},"time_used":85,"timings":{"blocked":27,"dns":0,"connect":0,"send":0,"wait":52,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-19T03:32:08.127Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:09 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nProduct: Z-BlogPHP 1.7.4\r\nX-XSS-Protection: 1; mode=block\r\nUpgrade-Insecure-Requests: 1\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-800e-7260-a252-a25f972379d1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Infinite Scroll","description":"jQuery plugin for infinite scrolling.","website":"https://infinite-scroll.com/","common_platform_enumeration":"","icon":"Infinite Scroll.svg","categories":["JavaScript libraries"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":51454,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5030), with CRLF, LF line terminators","md5":"f5c3e97425d34443c468616c608287a9","sha1":"7da4251ccd458d5f0df64c527acd768161562fa8","sha256":"8343fd05458f712b665a511cd67b35027d0b079bcfcd7d698b67bb1c162d1639","sha512":"f930964c4d536855a18e2c83ecc363a2b512b8839f0f5cc32ada91c1306834e6ac5a964713babd23db7cff43ff13013a044b00715fc33c4230b8b44c32477f6d","ssdeep":"384:T/syex8XBm+Jub0D+tp1zRG5LQu8QzYQDCMv8MDSRGvtd1tbQzNR31NYRhiS+GX0:zsyeoRJ2ILDJewJuLI93mYKmy","tlshash":"263373e292c3753703b221de85a82e8cd952884bcd5bcd11baed36874f57db2e94214f","first_seen":"2026-02-19T03:33:08.765971Z","last_seen":"2026-02-19T03:33:08.765971Z","times_seen":1,"resource_available":true,"data":null}},"time_used":2714,"timings":{"blocked":1138,"dns":706,"connect":209,"send":0,"wait":437,"receive":2,"ssl":219},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"afe.qr7gax.top/?v=1771471931842","fqdn":"afe.qr7gax.top","domain":"qr7gax.top","tld":"top"},"ip":{"addr":"149.104.35.77","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:13.367Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qr7gax.top","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 18 Feb 2026 00:00:00 GMT","end":"Tue, 19 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2B:95:02:91:5E:E8:74:F1:2F:A1:7D:00:BC:2F:5B:30:E9:49:01:22","sha256":"05:06:DA:14:AB:0F:96:26:40:F9:26:18:C1:BC:BF:76:A4:F3:80:62:9A:5E:06:EC:9B:74:BE:EB:EE:AF:CB:CF"}}},"request":{"raw":"GET /?v=1771471931842 HTTP/1.1\r\nHost: afe.qr7gax.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:15 GMT\r\nContent-Type: text/html;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nKeep-Alive: timeout=120\r\nVary: Accept-Encoding, Accept-Encoding\r\nx-powered-by: Nuxt\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-9667-7e52-9de2-f992c362720c\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"Nuxt.js","description":"Nuxt is a Vue framework for developing modern web applications.","website":"https://nuxt.com","common_platform_enumeration":"","icon":"Nuxt.js.svg","categories":["JavaScript frameworks","Web frameworks","Web servers","Static site generator"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":87574,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (35835), with LF, NEL line terminators","md5":"fb81ee73dfe18af477e8ab4f53f5caf4","sha1":"f6967f24d8a591af2c0f01e358e756cefe4890e1","sha256":"765fa667792acb1bbdf0d201543fe6971ec94226595b4ea05ffb5e683f663c85","sha512":"bdb7f3520f10f576c1151e4aefdeef658d0068aac299a2f7ee50502566011383b6e3d63d2f2264b19212d3579a7b87dc4ab249b03598da833392fa740f08eebb","ssdeep":"768:+HTDybZNQVxSY/L/M/1qUtAZ/ni17S1Usypl4B02Kg38q2MZV1b6XaS:+HTmmSYm8nB6g38q2EV1b6XaS","tlshash":"1083b6b5d9b482b7936784e464a5fb4c54e1b36ec4238b09f2ff4bac07e9da46907310","first_seen":"2026-02-19T03:33:08.767512Z","last_seen":"2026-02-19T03:33:08.767512Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3694,"timings":{"blocked":1628,"dns":1134,"connect":208,"send":0,"wait":219,"receive":219,"ssl":282},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"afe.qr7gax.top/_nuxt/index.DATpVlAj.css","fqdn":"afe.qr7gax.top","domain":"qr7gax.top","tld":"top"},"ip":{"addr":"149.104.35.77","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://afe.qr7gax.top/?v=1771471931842","date":"2026-02-19T03:32:15.342Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qr7gax.top","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 18 Feb 2026 00:00:00 GMT","end":"Tue, 19 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2B:95:02:91:5E:E8:74:F1:2F:A1:7D:00:BC:2F:5B:30:E9:49:01:22","sha256":"05:06:DA:14:AB:0F:96:26:40:F9:26:18:C1:BC:BF:76:A4:F3:80:62:9A:5E:06:EC:9B:74:BE:EB:EE:AF:CB:CF"}}},"request":{"raw":"GET /_nuxt/index.DATpVlAj.css HTTP/1.1\r\nHost: afe.qr7gax.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://afe.qr7gax.top/?v=1771471931842\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:15 GMT\r\nContent-Type: text/css; charset=utf-8\r\nContent-Length: 355\r\nConnection: keep-alive\r\nKeep-Alive: timeout=120\r\ncache-control: public, max-age=31536000, immutable\r\nVary: Accept-Encoding\r\nETag: \"163-mGVko7XBEbnEXli8DBF7VkUNREQ\"\r\nLast-Modified: Mon, 15 Dec 2025 08:51:44 GMT\r\nx-request-id: 019c73f4-981e-7541-ab3a-90ae20928e9c\r\nAge: 1259\r\nX-Cache-Status: hit\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":355,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (354)","md5":"88651178ed39a7bf0ea2004fdda8292c","sha1":"986564a3b5c111b9c45e58bc0c117b56450d4444","sha256":"37aa79440f8e7572589a17f7176dcb42cbb58d7865dde53b3af849ecb93078ab","sha512":"d8b1c73da6282a1ffcd1890e02eed0328d23f31ac241de87e7cc2cad5050318f6f6f25f41ce6c0879a692acc0d5d60f54ffbe65ad2d2d5a075928d4bd046e8cd","ssdeep":"","tlshash":"24e02021b41e69dd55bfd01d8ce06a9d2014e3c3d6a5069473e8df309f4b7a7335c186","first_seen":"2025-12-12T15:40:00.684024Z","last_seen":"2026-03-07T13:24:56.729095Z","times_seen":270,"resource_available":false,"data":null}},"time_used":300,"timings":{"blocked":92,"dns":0,"connect":0,"send":0,"wait":208,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/avatar/0.png","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:09.987Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/avatar/0.png HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:12 GMT\r\nContent-Type: image/png\r\nLast-Modified: Tue, 11 Jul 2023 21:18:02 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\netag: \"64adc70a-607\"\r\nexpires: Sat, 21 Mar 2026 03:32:12 GMT\r\ncache-control: max-age=2592000\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-8cfe-7f73-9de4-ff80861ff649\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1543,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 40 x 40, 8-bit colormap, non-interlaced","md5":"ee5d41a3d66ad74f9f9f8071b3c8704f","sha1":"f95789aa835923681db418eba2dbbaf8e0ade62c","sha256":"d284115b6f0994410d2466ab471727d867c1c183dcdafed233c902ece5d76b18","sha512":"72a11cb2d40b0ca85e5e387520e3f57fb36806e800797a386fd56b6ca93651858f9e3b066efe33d9aa827049c92f1a8f9bf8e7c50300ff47ef558602d2bda88c","ssdeep":"","tlshash":"09311be6b77d46b2f5987bb1c9949251c0312e825085cb138502c1a7b735e06ef7ddc1","first_seen":"2023-05-18T11:31:11Z","last_seen":"2026-04-05T13:49:45.726379Z","times_seen":339,"resource_available":false,"data":null}},"time_used":2836,"timings":{"blocked":2591,"dns":0,"connect":0,"send":0,"wait":245,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/theme/Jz52_ylz/images/mtop2.svg","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:10.019Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/theme/Jz52_ylz/images/mtop2.svg HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:13 GMT\r\nContent-Type: image/svg+xml\r\nLast-Modified: Tue, 22 Apr 2025 08:04:09 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\netag: \"68074d79-4c8\"\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-8eea-7f31-8e9b-84fd41068818\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1224,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d83b9a5970e3b6d24617d19a80e4b771","sha1":"77183aa9ed2e5bf34f8ab3de70b7030a4583d228","sha256":"b906bc308aea724af997d6145b879973945351786540fb132594e51ab195aefb","sha512":"0db346d1ff867155feb836ae90fc4d8a9e5f029e0b6c058308f2bcc48cc8b551e9dadbd56b287b992c25e348c9047e74a5e7890a960537b70525deab76408518","ssdeep":"","tlshash":"1221ce3f0256a65f624383585ba6e9dd2399a516f0f9d1bcdfc36a550c15cfb4438802","first_seen":"2025-12-07T08:27:51.86362Z","last_seen":"2026-02-28T05:20:03.599975Z","times_seen":8,"resource_available":false,"data":null}},"time_used":3264,"timings":{"blocked":3051,"dns":0,"connect":0,"send":0,"wait":213,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/plugin/UEditor/third-party/prism/prism.js","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:11.902Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/plugin/UEditor/third-party/prism/prism.js HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:12 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Tue, 11 Jul 2023 21:18:02 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\netag: \"64adc70a-eecb\"\r\nexpires: Thu, 19 Feb 2026 15:32:12 GMT\r\ncache-control: max-age=43200\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-8ae6-7b71-89da-76793ad95aa9\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":61131,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4799), with CRLF line terminators","md5":"436e8870ba117885ef700bbeaf798ba6","sha1":"7b242c9b1698d8cf69310101c64535c442b97949","sha256":"5867cef615756cb75b523c11e29d88f770ddb40fd51bc39cd60e3ba86d004fdc","sha512":"bd5f55dcdeb34fa64f49cc8badbe57a68cf0b2aa9d2799e31e998a44018352ee8d2326800975c914eb951069bf7024e9197aefa08e1a16e0c038aae1bf8acd71","ssdeep":"768:m5Y2fNvMbzlD2nW6uY45AHdw7UECX3b1ivdpMOxkKda2U6PDFDnNLDSAkvZrE/Jk:IYKEvN2W6uY4EwV1l42vd3gZAccRRx78","tlshash":"de535cbc5eb73d010ac7e1a6f8a29500e9221975d929791bf7e8d648c0f390742d3b6f","first_seen":"2023-03-07T12:24:55Z","last_seen":"2026-04-05T12:04:50.389496Z","times_seen":1481,"resource_available":true,"data":null}},"time_used":385,"timings":{"blocked":138,"dns":0,"connect":0,"send":0,"wait":246,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"afe.qr7gax.top/images/logo_zb.png","fqdn":"afe.qr7gax.top","domain":"qr7gax.top","tld":"top"},"ip":{"addr":"149.104.35.77","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://afe.qr7gax.top/?v=1771471931842","date":"2026-02-19T03:32:15.362Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qr7gax.top","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 18 Feb 2026 00:00:00 GMT","end":"Tue, 19 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2B:95:02:91:5E:E8:74:F1:2F:A1:7D:00:BC:2F:5B:30:E9:49:01:22","sha256":"05:06:DA:14:AB:0F:96:26:40:F9:26:18:C1:BC:BF:76:A4:F3:80:62:9A:5E:06:EC:9B:74:BE:EB:EE:AF:CB:CF"}}},"request":{"raw":"GET /images/logo_zb.png HTTP/1.1\r\nHost: afe.qr7gax.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://afe.qr7gax.top/?v=1771471931842\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:16 GMT\r\nContent-Type: image/png\r\nContent-Length: 24224\r\nConnection: keep-alive\r\nKeep-Alive: timeout=120\r\nVary: Accept-Encoding\r\nETag: \"5ea0-ILIIX3S8fdho6ly0XSzvosCRxVY\"\r\nLast-Modified: Mon, 15 Dec 2025 08:51:44 GMT\r\nx-request-id: 019c73f4-9cd1-7ae1-923a-5e086dc76fc3\r\nAge: 1260\r\nX-Cache-Status: hit\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24224,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2500 x 2500, 8-bit colormap, non-interlaced","md5":"9b599bb1aee7cf2dc97ad7a68027e244","sha1":"20b2085f74bc7dd868ea5cb45d2cefa2c091c556","sha256":"3b13916f0a6b55c63f6521ebee43330a299aa930f2dafb89b25b7e12207eeb6f","sha512":"80f8e546081c9fd8da3d815458b5018beef65703f9e8cc805c168cde720352a595041eb697be2f1e35a29257fb7f2d8411fb7a34acd9d832e8a2ca1e893d34e8","ssdeep":"384:FQFkmS6FaLZttnQPxcfUAhApC96j7/iX0cIaUEyA1Fo7DlKGSx8b8fs8kf:0koFaLZrgc8WAQ96c0cIaU+1FyDlnSmb","tlshash":"40b2c0c57063f129fd0047bb00661eb4daeaeda39629b2c2b5bd1d5b4d3711bbb20436","first_seen":"2025-09-08T07:38:41.40391Z","last_seen":"2026-03-07T13:24:56.703012Z","times_seen":279,"resource_available":false,"data":null}},"time_used":1606,"timings":{"blocked":1274,"dns":0,"connect":0,"send":0,"wait":212,"receive":120,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d6ii9agw2wrlt.cloudfront.net/system/202512/4e4c5ccb2a0046b5a39c180b80e31190","fqdn":"d6ii9agw2wrlt.cloudfront.net","domain":"d6ii9agw2wrlt.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.230.245.215","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://afe.qr7gax.top/?v=1771471931842","date":"2026-02-19T03:32:17.080Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /system/202512/4e4c5ccb2a0046b5a39c180b80e31190 HTTP/1.1\r\nHost: d6ii9agw2wrlt.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://afe.qr7gax.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/base64.jpg\r\ncontent-length: 216800\r\nx-amz-replication-status: COMPLETED\r\nlast-modified: Thu, 18 Dec 2025 02:21:52 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: _.5DShi2akRzmX21oZ8LPffaYQhBV94s\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Thu, 19 Feb 2026 00:29:46 GMT\r\netag: \"b758ba8b592f888eff7f9b4457ada284\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: OURhLyA1zvmbZ5jIUDWUhYka18BcbAzQfbay7qFN77T4-RMgcW0sRg==\r\nage: 66255\r\nvary: accept-encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":216800,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 200 x 200","md5":"b758ba8b592f888eff7f9b4457ada284","sha1":"8e81e12fa08a67cbcf9af68f93e2544e1aa63d01","sha256":"ab8cbc35cd5364d30e048fedf4a9deb9c1e871b89a545acd33581f55493907e0","sha512":"b959a1ba0f906dea02c957b97ea6972745c3016b719fbe7c0f9df867ea42914deb3adda443298d2f1805e05e9a5e5624e4a817b517491373900fce7bb6b780b4","ssdeep":"6144:by2UtnDcZ6qtlhblhupKxYte2XB6wUv3VM9ywPnnsW:VscTlbnuBe2R6w6VM9yUnsW","tlshash":"c124122f59858127605c782defa67f4a2cd9fe00e9023cc2fc5ab70636255e18a36676","first_seen":"2025-12-11T04:29:03.808982Z","last_seen":"2026-04-04T08:01:07.604344Z","times_seen":368,"resource_available":false,"data":null}},"time_used":70,"timings":{"blocked":26,"dns":0,"connect":0,"send":0,"wait":36,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d6ii9agw2wrlt.cloudfront.net/system/202601/5411682775044f54af41b35516c1a1dc","fqdn":"d6ii9agw2wrlt.cloudfront.net","domain":"d6ii9agw2wrlt.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.230.245.215","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://afe.qr7gax.top/?v=1771471931842","date":"2026-02-19T03:32:17.080Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /system/202601/5411682775044f54af41b35516c1a1dc HTTP/1.1\r\nHost: d6ii9agw2wrlt.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://afe.qr7gax.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/base64.jpg\r\ncontent-length: 203881\r\nx-amz-replication-status: COMPLETED\r\nlast-modified: Fri, 23 Jan 2026 12:31:48 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: nFRyahMOMUpt9Z2h_cdwvwnRFTqZt3uP\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Thu, 19 Feb 2026 03:32:17 GMT\r\netag: \"579be5baa2c58767ddfd2100cdc897de\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: ktBEyTiLtZQZG6OGRMF7pLvut_pby9XMYHjmvjwBbNzjsZPZQX4GSw==\r\nage: 4031\r\nvary: accept-encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":203881,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 200 x 200","md5":"579be5baa2c58767ddfd2100cdc897de","sha1":"6c79df50b69e4d067394b483bb8cbc588606d703","sha256":"8d230c2509a7b5e359eef34336573b00e9d67b27bb702e92f8502422885ebfff","sha512":"bac011f20e365f189970dfa2b1cf29c4a5a3fbefd33035af850474652a33e83b1b480c8b7db4517476fbb7367a9ed29493154498ef7746c334aec7806a44a34e","ssdeep":"3072:lUxfkTV7XAQG4Ysbvn6ZlVwAGZW+KGfWwEleXjwqr4fxtsDI4bYTRGdaLAkb:z5QQ1rjn6SpXfW2t4ZtYb4GdpS","tlshash":"ed14231a2b0fe3085a9251486c9d3f5a1c02feb2adba9c8af567c4d044c3bdd90cde59","first_seen":"2026-01-23T14:38:56.721155Z","last_seen":"2026-03-18T00:43:57.912409Z","times_seen":148,"resource_available":false,"data":null}},"time_used":81,"timings":{"blocked":25,"dns":0,"connect":0,"send":0,"wait":51,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"afe.qr7gax.top/_nuxt/DlAUqK2U.js","fqdn":"afe.qr7gax.top","domain":"qr7gax.top","tld":"top"},"ip":{"addr":"149.104.35.77","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://afe.qr7gax.top/?v=1771471931842","date":"2026-02-19T03:32:17.093Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qr7gax.top","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 18 Feb 2026 00:00:00 GMT","end":"Tue, 19 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2B:95:02:91:5E:E8:74:F1:2F:A1:7D:00:BC:2F:5B:30:E9:49:01:22","sha256":"05:06:DA:14:AB:0F:96:26:40:F9:26:18:C1:BC:BF:76:A4:F3:80:62:9A:5E:06:EC:9B:74:BE:EB:EE:AF:CB:CF"}}},"request":{"raw":"GET /_nuxt/DlAUqK2U.js HTTP/1.1\r\nHost: afe.qr7gax.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://afe.qr7gax.top/_nuxt/BHxy9OVn.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:17 GMT\r\nContent-Type: text/javascript; charset=utf-8\r\nContent-Length: 91\r\nConnection: keep-alive\r\nKeep-Alive: timeout=120\r\ncache-control: public, max-age=31536000, immutable\r\nVary: Accept-Encoding\r\nETag: \"5b-eFCz/UrraTh721pgAl0VxBNR1es\"\r\nLast-Modified: Mon, 15 Dec 2025 08:51:44 GMT\r\nx-request-id: 019c73f4-9e9d-7640-85f6-1e9a2f827a1c\r\nAge: 1260\r\nX-Cache-Status: hit\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":91,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text","md5":"25e3a5dcaf00fb2b1ba0c8ecea6d2560","sha1":"7850b3fd4aeb69387bdb5a60025d15c41351d5eb","sha256":"cb85b0f263dbe24e857338301c0627076592e9f1f1a5662929f86d2c126444aa","sha512":"2e5cc9b53d5641147f68c73e5db0442d93fb6a64da45cfc051da5550a2fad07e912e651bd730e54325ef74eb706be0c5df612355c1dca144ab6e9cc8c4ecc73b","ssdeep":"","tlshash":"1fb012c81cc3e078939818d47738c15844380448310742b0808c0943e2c20809797c1d","first_seen":"2023-03-08T16:39:49Z","last_seen":"2026-04-05T15:11:06.45567Z","times_seen":17509,"resource_available":true,"data":null}},"time_used":212,"timings":{"blocked":4,"dns":0,"connect":0,"send":0,"wait":208,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"o4u.jingkenengyuan.com/zb_users/theme/Jz52_ylz/images/top3.svg","fqdn":"o4u.jingkenengyuan.com","domain":"jingkenengyuan.com","tld":"com"},"ip":{"addr":"45.202.214.154","port":443,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://o4u.jingkenengyuan.com/","date":"2026-02-19T03:32:10.010Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jingkenengyuan.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 07:06:45 GMT","end":"Mon, 27 Apr 2026 07:06:44 GMT"},"fingerprint":{"sha1":"C1:A1:D9:AF:6B:1C:C4:54:6E:41:D7:6C:DD:ED:66:BA:32:7F:2A:03","sha256":"6F:84:F0:47:14:0E:6C:46:00:76:80:34:7A:BB:97:FE:80:47:2B:81:06:90:B9:8A:D6:BD:D4:3D:D0:0A:90:E5"}}},"request":{"raw":"GET /zb_users/theme/Jz52_ylz/images/top3.svg HTTP/1.1\r\nHost: o4u.jingkenengyuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://o4u.jingkenengyuan.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Xcdn\r\nDate: Thu, 19 Feb 2026 03:32:12 GMT\r\nContent-Type: image/svg+xml\r\nLast-Modified: Tue, 22 Apr 2025 08:04:09 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\netag: \"68074d79-bae\"\r\nContent-Encoding: gzip\r\nx-request-id: 019c73f4-8c06-7752-9cf9-a405c5b767f9\r\nX-Cache-Status: revalidated\r\nX-Cache-Lookup: 0ms\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2990,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d5251bc7941b823ca1a2c5f4e1d60301","sha1":"c77167af2d75b46329cfa204a9c0c821414e5d63","sha256":"49ac8d12a8708301e528b08ab8005808f1be9b56758cb18d913b8f379b160cdc","sha512":"4881a3ecbb853087b4c55236035865ad23e379a2605e6a9605da890924c6194036a1b918c2253956e66c01c95c525769a71b9951ab50ee682250726c8b0ab3be","ssdeep":"","tlshash":"d4513277020857a90a41e3c0c7fab59d33996647f1f9d0dc9b936aa32c168b7c13c811","first_seen":"2025-12-07T08:27:51.891585Z","last_seen":"2026-02-28T05:20:03.618668Z","times_seen":8,"resource_available":false,"data":null}},"time_used":2564,"timings":{"blocked":2320,"dns":0,"connect":0,"send":0,"wait":244,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-19","alert":"Sinkholed","trigger":"o4u.jingkenengyuan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}