{"report_id":"8f6ffddd-e83e-4266-83a6-6c554d32a0e0","version":0,"status":"done","tags":[],"date":"2026-06-27T16:10:42Z","url":{"schema":"http","addr":"ystl03106.top","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"ystl03106.top/?ms=1782576618026#/pages/login/login","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"title":"ystl03106.top/?ms=1782576618026","dom":{"size":76686,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (8393)","md5":"a772f65b044928f883368e6d609f335c","sha1":"8ad03fc62d95d62d0fa33a06006a064e131982e8","sha256":"693e6c16a072d299d43490dbaec9fe1c3f4e123abac7ae2b2e1d1fa61dc33f8d","sha512":"5575c1b77a9ea18e312c0b1cb3f9a217da8c371b911818452390211d6df7b4bb1028896bfd64a3bf2d36df6a45ca667055a03b57c88d76778dafaa24b34ddd35","ssdeep":"1536:oGdZXEnTmlX+RHnURzedf2PDVu52LQFG/sfbAsf9hsfYXsfjJsfejW6YEJJS+:oEX+RHnURzedf8Dk52L9","tlshash":"b873a631750c352ab83bc481e4d4ab492019e363c7630aa9f799372a8fc79d67e7538d","dom_hash":"domhash3d31408595a08190d1c7b432b35990da","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"ystl03106.top","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-01T16:10:42Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"ystltefuo.top","ip":{"addr":"172.67.186.71","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-11-16","domain_rank":0,"first_seen":"2026-03-24T07:01:37.769045Z","last_seen":"2026-03-24T07:01:37.769045Z","alert_count":0,"request_count":3,"received_data":237793,"sent_data":1635,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}]},{"fqdn":"at.alicdn.com","ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2008-06-25","domain_rank":96084,"first_seen":"2013-11-28T05:03:29Z","last_seen":"2026-06-26T03:45:52.797316Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":496,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.dcloud.net.cn","ip":{"addr":"118.25.42.241","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"domain_registered":"2013-07-17","domain_rank":296858,"first_seen":"2018-09-15T09:18:08Z","last_seen":"2026-06-26T12:26:28.399326Z","alert_count":0,"request_count":1,"received_data":576,"sent_data":548,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"ys0980795.com","ip":{"addr":"172.67.192.174","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-05-15","domain_rank":0,"first_seen":"2025-09-16T03:51:49.797617Z","last_seen":"2026-06-27T16:09:44.554602Z","alert_count":0,"request_count":3,"received_data":181766,"sent_data":1638,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"ystl03106.top","ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-12-04","domain_rank":0,"first_seen":"2026-06-27T16:09:43.809612Z","last_seen":"2026-06-27T16:09:43.809612Z","alert_count":147,"request_count":49,"received_data":28960615,"sent_data":22505,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"ystl03106.top/static/js/2533.5741dc11.js","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"196b0b9e7b6e7b2d0731a54ed74c5b51","sha1":"758a9a0258450edbe92d042f763277ad9b291a9b","sha256":"6691f9ae10da4a52176716886bf040253436aa3d84fb3731446aa0a5907a217c","sha512":"388c1b53f7e41b2120aa53e4d94af823412046c549d9bb572c854a9c1a1ce2508f5cef7234b28c574082f6a25721cfc41745fa11b9bb80db49016599af2524d9","ssdeep":"192:iqEwj+170+6CI0Ka4JiEgJsvJMpEjIKVUtCyyOW9xQfx0r:iqEwC08I7JHgJEJwMgyNUu","tlshash":"0b12c51f750ef6199ecb5c0290de056263116679ce6d2488ebb3d3b4836b6c1531afcc","size":9143,"data":"","first_seen":"2024-12-27T20:58:41.86215Z","last_seen":"2026-06-27T16:10:49.910394Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/js/2810.6b188de6.js","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"944ad4a0ed51d7928d2bf0c34df5dcdf","sha1":"8dfde6d2225f7ec476edbc93d3422b43e98f7100","sha256":"e586beb8b635679f70b22eccdaae0b3700177f35d3ffd9c73eec142c479d31c3","sha512":"a5bf4ca4e4f9c9cfbfbd0f27208cbd7bdb1ea72dbf3162e1a534463dd81d9c4ae6b12c0a876deee44b66a863e67a42e4bba1fa0f7a02fd14e72f9dc23b03fde9","ssdeep":"384:zBdLzpNZkzIvHQsVbJUscXXMk1mgJmAmCQgiSyRW2JcXuMmKrg3EmVCta2tUauCU:zbzp7ktsVbcwsu3covd","tlshash":"0123d8d9b79674254253b6e0503f120eb137790c640699acbabaf4e22dbd44e2137fbc","size":50110,"data":"","first_seen":"2026-05-10T22:08:37.964692Z","last_seen":"2026-06-27T16:10:49.946052Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/js/9640.3cdeaa0f.js","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"38c88835873c3d24dc6c25b9e4204378","sha1":"11fb9d4cc2c5154ed6d6318c6912e649faee71c7","sha256":"ca242bfa014bd93c05a9becb7eaac098f536ae8a15b609242935a02032e867ce","sha512":"6e58e29b258d62a0d9709b078587907c2b9f45e1e7ec972a30672c24fd6e92cb247b332e5d6be3915b310d13cb5292bedfa259782f4c2823b935c1d858432ce6","ssdeep":"96:UhTtiTtmrEEokoHepL+WCeaOp52cGv+FvNl601EG3rozqIfzBkJTV8j2dL:yTETUrS0+WCeaQDGmdNxE+m7Bkf8a","tlshash":"db02d729700db10a4af3c421511b7e4162b06d9d9d2a2689b7f7b5b9cadbe0e1370f9c","size":8959,"data":"","first_seen":"2026-05-10T22:08:37.998398Z","last_seen":"2026-06-27T16:10:49.959657Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/?ms=1782576618026","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"af5f2001714a5da47c2436499591ce37","sha1":"3259cafb00b59d5e24028b462c43bc76df9faade","sha256":"319a86609a359940d605673e2158dec3ac9d36b2a693a964f319a890ca129a81","sha512":"328006d808c458f1726b52da6ec884740f729f43e099f1a01cf1efae509bbeebd617d41c2f218766d87cc5e42c9baed4b77325080d17ee5cb65370cbb7b32da3","ssdeep":"","tlshash":"2cb09bcd5115c64b32e755515743731465f382ff5c49510142547517315831fc76b9dd","size":129,"data":"","first_seen":"2025-03-22T06:12:01.220264Z","last_seen":"2026-06-27T16:10:49.960263Z","times_seen":100,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/?ms=1782576618026","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d8a158787957164ae1e8a8f267f9a357","sha1":"47ba743ebeb7776fe3171e2b642263ffd685498f","sha256":"a9e46f013358664a43570dd2c1c5747e0022aab86b44a059a857c98382ada816","sha512":"f0d752f1d52da18919e470de9d79e94cc81a24ca37a001309b3de10b7f000f534712a1bdb2d9df14038f3a92419f817a650a7615ba812031004d0dece8f8a95c","ssdeep":"","tlshash":"a0e0c0c360bf394c0220801a704ac1032bbe08b3efd248610c8c3ba5cff9e4bc46a859","size":357,"data":"","first_seen":"2023-03-07T12:10:50Z","last_seen":"2026-06-27T18:35:02.209602Z","times_seen":683,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/js/3936.5f6bfc28.js","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ba43cfec0149af97d3d9828d1a6a92a4","sha1":"16da1d29b703d30713c9acf1fee4ba6ba4a3ebcf","sha256":"7111ac0096dedaf97811f2354457359bfa1f0be965cdbdf39cb04eab7a5a43cf","sha512":"d224f3fd547550397d9c76345a67f6a11bb0d11fe873b5e52b652258c054f56e492a3c8de3d0a0a6173ca4d01ef5aed2ed72e3ca132377732c8cc081ef5c5e0f","ssdeep":"192:gcM6hWV2tHT+29AI84COcBTJFE1je5hGSt+mX5QU:gf6/xUXysBF","tlshash":"24220e6ca0cd9db37fd868c8408aa50263ce6a01dee07d43b27b4f85cabe255115ff65","size":9979,"data":"","first_seen":"2025-02-12T00:58:32.78123Z","last_seen":"2026-06-27T16:10:49.956496Z","times_seen":96,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/js/pages-tab-home.a7e0f1f6.js","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"fb142df9affed836e8860af0ada5b110","sha1":"d4f37c122a64ab5d29985da2a7102c71b48078c5","sha256":"a95c87f21516186e61dd7fa3650a30ce3c3364e1a5a56f8e0c3501c973d7750c","sha512":"cd384a4bca7447fd430c7828d73bde5dd4bc8ce9bf14101bffad5e58aaecc2592c2c33e3bb9fd36bfd2e07162e8f6134f009aaad076c605a9cc6810e1c7e163f","ssdeep":"1536:Wotyh0PaicWlmdHCz2a2B8mWeOrMc+RHnURzedEtVgty0Vtx22:Wvpdta2B8mWf+RHnURzedEtVg1th","tlshash":"f1734a29708af0af8d97e070609b191850343b69f115e985f7709fa0cee59cb6736fac","size":76554,"data":"","first_seen":"2026-06-27T16:09:50.060212Z","last_seen":"2026-06-27T16:10:49.94724Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/js/5489.5756db2c.js","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ad663bf652c9d1b39f4fa11fb7c53f3d","sha1":"891f14a1578a20e759bfd9d4d15a8e16560561c4","sha256":"a06aa5b2caea5fa18f2162725609001023ba01bb9a1f3abfe3e01288cd951a27","sha512":"e1e35a2b1e96ccda65f7722949575f4abc09d6fc93956f908e0789cc174c9884aa73472ec0865f59f091471dcb04f80b279db90f3227032193a0f01c7f2db65a","ssdeep":"192:eDZG6dYvXqs9+PJvyevv9fgl4L01PQjiBuPJiuiXiwiriGhD7RAXV7f2byTPFnM9:eDZG6dk9kBnQBQjiBiJRAXlf2+Tgb","tlshash":"b3829558b55f24400ae7c045d6c94745813eb266a9360ecd73d8a1df8ba3bcc23a4fbb","size":18934,"data":"","first_seen":"2026-03-29T05:30:59.136777Z","last_seen":"2026-06-27T16:10:49.909588Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/js/7890.ed606937.js","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"882e6c65fd9acca05063fcccedbb1928","sha1":"28052e3e6314253be37e3ff6bdd1ff861092be44","sha256":"8b8551269d259ec004ce984bd98723d097fc4d1b063a8f4f0ba11a1c9ff5540c","sha512":"25fee2612b85d765bc33e14c7bd57c6eae761aea3d41c7a3800e56609897455fb22297bfa68c2dda30ff35b7f8a06d1a8cf345cb28f7fd80e01e998bcd789a28","ssdeep":"192:feo0H8iQSkF1VTtVxd9NkxphGdKUYvioGRxviH9n:feo0HFQSIhd9NknhGdKUYvnGRxviH9n","tlshash":"9c22552e314c74255ee6448440184a83b777398c8a9c6afcb2e555f94ebf4947223fbc","size":10195,"data":"","first_seen":"2026-05-10T22:08:37.987248Z","last_seen":"2026-06-27T16:10:49.895701Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/js/pages-login-login.5c6d96a9.js","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4ad8d5d2fcdd2f6d141e23c15aa55e1e","sha1":"17894d8b7831568f369348c25d03c6264734dc91","sha256":"f97a3be11a791869ee8ec6e629c6d64b5a393507293b4c28ed5f9168a44cb6a7","sha512":"6da41da67b5ab87ac82acd80f58cdafa5b289926fd94468b462303558497fc6b09e82a9a3bdca03edef28068422d33533f0a17696648787441fd6f94fb81f155","ssdeep":"192:hELGM5p6CLLZ01gvSdPEjhyBYk0dlDPh3qgxrm8SgPlgJtqJbyh:hECM5p6TVhBYkAlDZ3qgxugPl00A","tlshash":"7482d65874cd748a9d7be034f45b3a1da1743a96b100ce05bbb09f459de8b4a1b22b3e","size":18622,"data":"","first_seen":"2026-06-27T16:09:50.072278Z","last_seen":"2026-06-27T16:10:49.943526Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/js/index.c4b8ccc4.js","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"305febe3cc690a77bdb820b66a385b90","sha1":"82d1cf48deeb9fe573fb1a23594381ab20e571ac","sha256":"9d676460c16b727efad47cefc7f9b03bd9225d25b246915dde7b30d66f53c96d","sha512":"c8c30907bd3dfc074b56c35cc1a4f2371a9bdf7c1ee6a4b10db66204d9a4b2e077e4b2ced6f21f7373cadfdca00dedf2985938b3811d3435d4dee011b9a4f611","ssdeep":"12288:99tycLBWWC5//jbvIr8UdO4iBITOQNsfC/KLbDAXRRHNz7B1SCSUiMKsk0s6CoEM:99FlJPqvUib5PbJW","tlshash":"80e48d7a27db216d1901a316f45b32075aee2cb8371ed0e194ec4e2d1afd4e392274b7","size":683705,"data":"","first_seen":"2026-06-27T16:09:50.067547Z","last_seen":"2026-06-27T16:10:49.919479Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/js/399.789f6329.js","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"25abe8b9948a092e7b14286a1a3546c8","sha1":"9e18753e8526a03e2887c89405a7bd8fc11f6118","sha256":"a505381e6c4208062869c9efc7656abbd59392b90783b979b9b2eea24c96b701","sha512":"4c6b7e3f4933c1388317259ed82166b70448f960a2b8f361caf15380cce16dba20e36c8322e8dfa749a49e9002e97d9a2c84cb583a404f112ba3571175e2af18","ssdeep":"192:91+PEU1brrtJCfFgrGTB+xo+UQWPoB/rPekwFjveknR1eknyt6bucza9Yi:91+sRfFgra+xlUQiFjlucUYi","tlshash":"7f62b666b05df61f4bd38914319eaa4062563783c9b02bd8b3a229f0cf975a5360df1f","size":15421,"data":"","first_seen":"2026-05-31T10:37:45.469418Z","last_seen":"2026-06-27T16:10:49.912479Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/js/3390.cbe513a3.js","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3af4b9feeb600f1287a9ab8d065447c3","sha1":"21516bf05536ba29cd31b726e890023c7779f525","sha256":"d0226600a20ac72b685b2aa6fe18e9ba140e8777160983039933a43a2f51b7bb","sha512":"51ba5d55663bf61293301c66e7afec8dc53a54fd59a335fed63c5777cfd84a64ef5d67da69cf36584a861d02afe103eade91b9f3b8638fe0727b29599d919002","ssdeep":"192:aO7tAJG1JkM0vN5bAr63TQ4J2pFyKffB5rln9YhUwgnKToV:anG8M0srOqpz5lamwgnKTk","tlshash":"ef223c207484703e59bbf0a479775a5da0723b8ee314d895e3f4ea864dd6a0d13317dc","size":10512,"data":"","first_seen":"2026-05-10T22:08:37.988891Z","last_seen":"2026-06-27T16:10:49.946657Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/js/3823.1c50dcf7.js","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3dd1f047f9cc3afb94ee26b97b178496","sha1":"40f035345befe2bb9ab17d7b994cfeeb1dd5dafe","sha256":"56df36101efcb29008692bec6371b7c1b67a6b38a537ad1a57597fb920b68cb3","sha512":"fad03b9a83860fb3ee9877d54d6749ec066de39f8a12dd8c600ec73f48e43d80aac1a290e77b8553073b903150dbb833b837eef623278905ae6f777ee37a70ff","ssdeep":"96:9va0o+ixlHQSvUBuiGvjDLQb9cGWXfw/8bXAk1j+qvx4v3s1P/C+hZegBKyR4E:9i07cwS0uBvjDLm2G0wsX3aqyiP5TPF","tlshash":"bd027639701cf6a68ed2cc74e0d901425320674cd8956884f7ba79b883abb44577af7f","size":8297,"data":"","first_seen":"2026-03-29T05:30:59.160354Z","last_seen":"2026-06-27T16:10:49.894178Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/js/chunk-vendors.dc37e71b.js","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1c9ba4d4cd83bb2322dd31b5843a59c0","sha1":"77a37c50dfd72d65cacf0c49ced9219c8c32af7e","sha256":"0afac01d78289dfc35fdba48e682695d8ad622f1cfd38ff8a44ec5aee17d75f3","sha512":"da36870f33aff16735d20308d2eddb9700e43dfb1e9e33eb92f7c4dbbe3aa45af51b9bbeec488b717fd7bf8ba72f41595d44524575f5c2549ade32a47fdef806","ssdeep":"6144:Q5bRpHwQTwDMbBm3M/zpbcHO+kn+3gz+/KGwJAAih85BYUDzS05x:a9dlb48/zGlkn+3gz+yRGABEPC","tlshash":"89e42a8db281b0b60be760e5403f220bb23b6959780e9594f275e4e56dbc98e5137f3c","size":711473,"data":"","first_seen":"2026-06-27T16:09:50.059164Z","last_seen":"2026-06-27T16:10:49.949601Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"ystl03106.top/static/bicycle/logo-area.png","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:19.739Z","timestamp":1782576619739,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /static/bicycle/logo-area.png HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=p60As57%2BbUCcHg7EQweqgbhMXAUagfFDyM5z%2B8SEOGWNOZxAjSB9WxUHC8E4HsS%2F%2F0dQJmJRp%2FINZvfWad0vnf7OF0CkrpoXu1i3jI%2B%2FhRLHwHyMmvGfZgC7lhBWKWgi\"}]}\r\ncontent-type: image/png\r\ndate: Sat, 27 Jun 2026 16:10:19 GMT\r\netag: \"6a2c4ca8-92c7\"\r\nlast-modified: Fri, 12 Jun 2026 18:15:04 GMT\r\nserver: cloudflare\r\nx-cache: BYPASS, Cache-Control or Pragma\r\nage: 59\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 37575\r\ncf-ray: a125b8a1594356bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":37575,"size_decoded":38316,"mime_type":"image/png","magic":"PNG image data, 400 x 200, 8-bit/color RGBA, non-interlaced","md5":"7aa80f9a1d7636452045b3d330a1bf22","sha1":"a4b39935d564ff1be911296d144b17b7a88c815f","sha256":"fec69c04c76fc5151c1907b8638f1e4a44ef56d31c7f539d2faaef0cc5fbeacd","sha512":"123832ea7c8f258fa27520d5ca317d8183374f848fb6386ee50968327f5825640317ff18b096b8fef403cdf4e2b8876c6ab2cddc515c452fe9feb1bff081af06","ssdeep":"768:A7qW21ck0xqTyS6SWQLJZncJXnwMoOBPecdYGcNX7D5GN:Avh1xklxJFWw3hsY3tH+","tlshash":"67f2f198eaab970551dce3a9425434bdfdc3b6f06d8731d6fcd0b579c91e6332240262","first_seen":"2025-09-16T03:51:56.154297Z","last_seen":"2026-06-27T16:10:49.88384Z","times_seen":12,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/nav/tab-1.svg","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:19.166Z","timestamp":1782576619166,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /static/nav/tab-1.svg HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JU%2B6V649L01w0pTnWm%2F5H8AYkg9mth4irM1ekc2a2PEPlrwe2VSJ3O8CMW7e073ZYxFP82eT1PZABYxxdC5vyfGRxMgvKK37L7UXHg%2F0mSY1GONhEATd1xQB1zxqwxXQ\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Sat, 27 Jun 2026 16:10:19 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Fri, 12 Jun 2026 18:15:04 GMT\r\nserver: cloudflare\r\nx-cache: BYPASS, Cache-Control or Pragma\r\nage: 59\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\netag: W/\"6a2c4ca8-3e7\"\r\ncf-ray: a125b89dc8f956bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":999,"size_decoded":1269,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"62348516a731ca6b1773477cf7158a75","sha1":"11ba2d6d79d034b821ad714f8b84e8f8536b93b6","sha256":"b8aa5d705441d11b934e39687996357fce619546315cab1c9c7e2d45b6b187ba","sha512":"739ebc71db69eec3b3dd0a647624a686072bdd573e46bf18ce06c63f7f3c6b5b7d5de92cb3d0d41ab603b7f97ce00c2ce3944d8dd9780199a18d6c1c4e34146e","ssdeep":"","tlshash":"8111cebc99ac8b4807e28371df67748906eef056b34fd269727f9ac5250880f14347c0","first_seen":"2025-09-16T03:51:56.151308Z","last_seen":"2026-06-27T16:10:49.892507Z","times_seen":12,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/js/3823.1c50dcf7.js","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:19.726Z","timestamp":1782576619726,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /static/js/3823.1c50dcf7.js HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Sat, 27 Jun 2026 16:10:20 GMT\r\netag: W/\"6a2c4ca8-2069\"\r\nlast-modified: Fri, 12 Jun 2026 18:15:04 GMT\r\nserver: cloudflare\r\nx-cache: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IglBDHWc0LyrSXZofbhDFqV9T%2BK9nXLu25iDCt%2BXWnBJJ07FogxpF9D9DzRePFANAoqLP2bCUgZAEjDkdSCPZltK8PVcMfCsYFnAGW8ir%2FQIUfyDM7Dv5uRIIn5clg8J\"}]}\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: accept-encoding\r\ncf-ray: a125b8a1493e56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8297,"size_decoded":3235,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (8297), with no line terminators","md5":"3dd1f047f9cc3afb94ee26b97b178496","sha1":"40f035345befe2bb9ab17d7b994cfeeb1dd5dafe","sha256":"56df36101efcb29008692bec6371b7c1b67a6b38a537ad1a57597fb920b68cb3","sha512":"fad03b9a83860fb3ee9877d54d6749ec066de39f8a12dd8c600ec73f48e43d80aac1a290e77b8553073b903150dbb833b837eef623278905ae6f777ee37a70ff","ssdeep":"96:9va0o+ixlHQSvUBuiGvjDLQb9cGWXfw/8bXAk1j+qvx4v3s1P/C+hZegBKyR4E:9i07cwS0uBvjDLm2G0wsX3aqyiP5TPF","tlshash":"bd027639701cf6a68ed2cc74e0d901425320674cd8956884f7ba79b883abb44577af7f","first_seen":"2026-03-29T05:30:59.160354Z","last_seen":"2026-06-27T16:10:49.894178Z","times_seen":16,"resource_available":true,"data":null}},"time_used":309,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":309,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/js/7890.ed606937.js","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:19.731Z","timestamp":1782576619731,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /static/js/7890.ed606937.js HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Sat, 27 Jun 2026 16:10:20 GMT\r\netag: W/\"6a2c4ca8-27d3\"\r\nlast-modified: Fri, 12 Jun 2026 18:15:04 GMT\r\nserver: cloudflare\r\nx-cache: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zBbqFqciJ3Hc3GI%2BoRD4PmkDZSTziSjgTzu3Y04kfBgN%2FboRp82%2FSg57XuLMIiD9r%2FUQF0JZwPPOZ6qjU9Iz63W7Fw3eYY1JyV9N2Kl6%2BnBQGIfGVr9%2Fjq1nd5e2OzM2\"}]}\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: accept-encoding\r\ncf-ray: a125b8a1594056bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10195,"size_decoded":3547,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (10137), with no line terminators","md5":"882e6c65fd9acca05063fcccedbb1928","sha1":"28052e3e6314253be37e3ff6bdd1ff861092be44","sha256":"8b8551269d259ec004ce984bd98723d097fc4d1b063a8f4f0ba11a1c9ff5540c","sha512":"25fee2612b85d765bc33e14c7bd57c6eae761aea3d41c7a3800e56609897455fb22297bfa68c2dda30ff35b7f8a06d1a8cf345cb28f7fd80e01e998bcd789a28","ssdeep":"192:feo0H8iQSkF1VTtVxd9NkxphGdKUYvioGRxviH9n:feo0HFQSIhd9NknhGdKUYvnGRxviH9n","tlshash":"9c22552e314c74255ee6448440184a83b777398c8a9c6afcb2e555f94ebf4947223fbc","first_seen":"2026-05-10T22:08:37.987248Z","last_seen":"2026-06-27T16:10:49.895701Z","times_seen":3,"resource_available":true,"data":null}},"time_used":296,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":296,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/cdb/api/content/getCustomerServiceLinkV2","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:20.057Z","timestamp":1782576620057,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /cdb/api/content/getCustomerServiceLinkV2 HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nContent-Type: application/json;charset=UTF-8\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: gzip\r\ncontent-type: application/json\r\ndate: Sat, 27 Jun 2026 16:10:20 GMT\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, accept-encoding\r\nx-cache: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pCU5E5mm8jjOXdVNG86hG6qxnKbjZ8qkcJ%2BvA95Wx9CbIN%2BQ5PHQRd%2B%2FfYyLuEyRsMLMVE9mMfb7VhSgLfQZlZS6d1JoF6BaELjev4AfPuJwQI7iB5rvS3laA1H53tWS\"}]}\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 315\r\ncf-ray: a125b8a3597556bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":622,"size_decoded":1025,"mime_type":"application/json","magic":"JSON text data","md5":"213a68bfa4631199290fefddbfbb9053","sha1":"aaff27d16bf7d52b968f2e9acaf7350e1c9e3b0b","sha256":"728cd6ab509c435dce576983d24dcbf55d2675dd547be07d7d2e138012f5cc1f","sha512":"ee621e5967f2da06600d58b7c04afcadb5037a8ab57e1881c7c53dd58943acd6cf3fce9758e26e76f62e2f3aa921a21a73d8459e178658a4194be4e2b48eefac","ssdeep":"","tlshash":"d6f0499ba38c99f903818ed0180f2a0cfa12a143ac98ed28f92c4d94f0de76c20a5d50","first_seen":"2026-06-27T16:09:50.07389Z","last_seen":"2026-06-27T16:10:49.897715Z","times_seen":2,"resource_available":false,"data":null}},"time_used":305,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":305,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystltefuo.top/image/20251117/e75ab231dfc647e983725b540de552f5api_199","fqdn":"ystltefuo.top","domain":"ystltefuo.top","tld":"top"},"ip":{"addr":"172.67.186.71","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:20.924Z","timestamp":1782576620924,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystltefuo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 May 2026 11:59:43 GMT","end":"Mon, 10 Aug 2026 12:57:15 GMT"},"fingerprint":{"sha1":"E3:57:FA:55:8B:A2:D0:B3:58:3C:E4:15:CD:E0:46:87:F5:04:0F:B7","sha256":"7C:83:08:5C:0B:E6:99:FF:23:D9:85:DD:CD:18:F7:09:79:CE:08:EC:B7:8C:C8:98:84:A9:60:6D:21:FE:0B:62"}}},"request":{"raw":"GET /image/20251117/e75ab231dfc647e983725b540de552f5api_199 HTTP/1.1\r\nHost: ystltefuo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sat, 27 Jun 2026 16:10:21 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 203924\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-oss-request-id: 6A3FF5EDAFAD5B3536E0091E\r\naccept-ranges: bytes\r\netag: \"9098A759EEB43024561F733E52604502\"\r\nlast-modified: Sun, 16 Nov 2025 18:18:52 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 14289772890296678872\r\nx-oss-storage-class: Standard\r\ncontent-md5: kJinWe60MCRWH3M+UmBFAg==\r\nx-oss-server-time: 4\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=h3zrVgtz17HSc%2FmWFLnZZd5KwiHaSomMm2CXjwno3MIDXWFUcGEbTVGqotZqODgBKGUZlfnyHSy%2FsBN3yAICxGC2FR%2Bh%2FJml726%2FMscAq%2Frphm95BFls4Z0nhuq83adz\"}]}\r\ncf-ray: a125b8a8ecce568a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":203924,"size_decoded":204792,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"9098a759eeb43024561f733e52604502","sha1":"518bacf80a71da1239abf69e01a0017fc6af4618","sha256":"ab6e45ac2f0b990b6f6cfa2cf9bbebb4ef156ebdf4ca85a9951a8008f3d154e7","sha512":"ff20fccd2356525b15644bbebda7f4af0ab7a83bf85a0774bf3a9871e41d079389cdb9d1a5843e7cd9dd69f24471968563700663757eec2d1abef1715dc73146","ssdeep":"6144:iQl2Ee+ebO2RJQtZXIrp+qlGAUb2K4GTMX2z9:iQQS2YXekCUKbGrz9","tlshash":"7714235439c0c518fac3346a8236574ba9aec2dac65a54b2a250fccbf6d3cefe1c4354","first_seen":"2025-11-19T09:53:00.336683Z","last_seen":"2026-06-27T16:10:49.899452Z","times_seen":17,"resource_available":false,"data":null}},"time_used":995,"timings":{"blocked":-1,"dns":4,"connect":2,"send":0,"wait":624,"receive":348,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/?ms=1782576618026","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-27T16:10:18.058Z","timestamp":1782576618058,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /?ms=1782576618026 HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\npriority: u=0,i\r\ncontent-type: text/html\r\ndate: Sat, 27 Jun 2026 16:10:18 GMT\r\nvary: accept-encoding\r\nlast-modified: Fri, 12 Jun 2026 18:15:04 GMT\r\nserver: cloudflare\r\nx-cache: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YBYz2oEjG%2BetJRuJgBZRG6fuBN%2FbnceZ8pxkbmhx5vqmMyHCBhBlCVgI6h2B0C4HUiCobGUzIz0N4p0eXAQ9bvrSQINBEwe%2B%2FonILLocNdFqBST7h%2BPHjeVIjfh0Hqxt\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: zstd\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a125b896d8b356bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1253,"size_decoded":1328,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (671), with CRLF line terminators","md5":"992b465ee76b2c9e90df82fbf4738177","sha1":"72966072f151f70d947842baa2b241b677b0dafe","sha256":"409dae88b6a1ff0831e3fb311957c6b98fc2a5555b27a69f71290dfa67188711","sha512":"bf961ea183454e11386a1342984cf8c3395c56ce43c0adb9b73b5aebdac08ba39a59d7154aa1cb6b53e5482597839520d1b735d886558ae32884aed467eeba48","ssdeep":"","tlshash":"f82102d38c25e50e16608671babbf31e556b98759954c800b4c835fe48f4f8ac9af8a4","first_seen":"2026-06-27T16:09:50.079462Z","last_seen":"2026-06-27T16:10:49.902201Z","times_seen":2,"resource_available":true,"data":null}},"time_used":302,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":302,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/shiping-2.mp4","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:20.472Z","timestamp":1782576620472,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /static/shiping-2.mp4 HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nRange: bytes=0-\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 206 \r\nage: 59\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Sw4d%2FEaruypGoluxzExHYHCfee7XvWVsMkovifZPEgEKy6OIJjPB60geJKW5Gw0tiF4VylgZ9jDxfWKCpKg4LFy29AAaY8GMAF%2FyHtXU7BfIyWeMB1o1ysTgtCciUQKm\"}]}\r\ncontent-type: video/mp4\r\ndate: Sat, 27 Jun 2026 16:10:20 GMT\r\netag: \"6a2c4ca8-4ef94\"\r\nlast-modified: Fri, 12 Jun 2026 18:15:04 GMT\r\nserver: cloudflare\r\nx-cache: BYPASS, Cache-Control or Pragma\r\ncontent-range: bytes 0-323475/323476\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncontent-length: 323476\r\ncf-ray: a125b8a5f99156bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":323476,"size_decoded":324228,"mime_type":"video/mp4","magic":"ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]","md5":"56bda57fbfe09b8bd3dcb41c06ddef9d","sha1":"76fc4f6ee7adc81d7a2467c5655e615995dd0e4a","sha256":"7ca7c03b176ab1cccfca33585153f49993b833b2845aff6c619270670c0174fb","sha512":"83d9910718695cf9ae3a3f5886e32db9f9407e4973512b7048ceb48cef0eada45e2fb447f76157005bf4f27625ceaadaeed737324faebc89eeeb03bc8aeb180f","ssdeep":"3072:DYsczHHvOeozjC0GpOaTZZTiUbi9Ws/I2SK+By6m/2lnz3QC2cqVs4Q6bkM:DYxH/I+jTrT/bgWs/3SfB+mzAPsr+kM","tlshash":"e26402af4de64225ff68fa3c5a69c467e8d01a25c892d3df450c061587be28987bf03d","first_seen":"2025-09-16T03:51:56.141911Z","last_seen":"2026-06-27T16:10:49.907051Z","times_seen":13,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/nav/tab-active-0.svg","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:19.164Z","timestamp":1782576619164,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /static/nav/tab-active-0.svg HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GPPghzRTYV1NtjK5kHCiUGWZddcmGQKjHG1pw7wo52wXHyz34wu02J0JyQKG4ujVFo%2BEauRjGt4KPXkYlo2fUZ4aP5WqwMH%2F4hq09doAh1lw696mdEOx1xbKXsGWjs1p\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Sat, 27 Jun 2026 16:10:19 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Fri, 12 Jun 2026 18:15:04 GMT\r\nserver: cloudflare\r\nx-cache: BYPASS, Cache-Control or Pragma\r\nage: 59\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\netag: W/\"6a2c4ca8-2dc\"\r\ncf-ray: a125b89dc8f856bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":732,"size_decoded":1144,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"bc85df6b3d9e7792396b5ee2714dfb24","sha1":"901a04e1561a2867949627188ae678bb7253a90b","sha256":"4093c0e9c5872a727e5c0d113b275cfe174c4bbd6f74594b8e08009439da430d","sha512":"0460fee5a35cb55e096013a1c6c9e0cf71366fd8991719378b62565cdab9e208d4d934d278c087e5e0e95daf3fdcf43adf1d1ff5136c35aea9d031e75e6f796a","ssdeep":"","tlshash":"9601c0b5c3ddc7440f8993745f1a38b4e9296298b24cd128bbb437043a480d52d5a9c0","first_seen":"2025-09-16T03:51:56.186918Z","last_seen":"2026-06-27T16:10:49.908073Z","times_seen":12,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/eye-off.png","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:20.105Z","timestamp":1782576620105,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /static/eye-off.png HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GPOrCWSEWJzANOHlsuMgnBOJTYXOxfkuSLCFMuA1nsSbSkIG8Oco0RE0uK56GKwww0MgZTF8XYwYsqALAb%2FgFIIWqrNN3uwXiv0SqhxxnY8E8LxwqUsV61khtWSL6Beb\"}]}\r\ncontent-type: image/png\r\ndate: Sat, 27 Jun 2026 16:10:20 GMT\r\netag: \"6a2c4ca8-426\"\r\nlast-modified: Fri, 12 Jun 2026 18:15:04 GMT\r\nserver: cloudflare\r\nx-cache: BYPASS, Cache-Control or Pragma\r\nage: 59\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 1062\r\ncf-ray: a125b8a3a97d56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1062,"size_decoded":1789,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"2881b6e3d642240555ed5f4179790637","sha1":"f3475d6fa93ea19d91bea23717d17e2d73b82598","sha256":"718fa18429a06bd6edfb9ff2de420f99bad0abf32fed9938709e0eab86a26a99","sha512":"9bfacac008dbaa6b00963d742cd861e551bb5d27c61c61181e83aa2e3f0fcae17b85cca510297b949989a8f54a02d29bcdc22e602f2a01f3b65c7f3e90cf0963","ssdeep":"","tlshash":"f911dc4f698f78fd11f44477bf174cd94266805d8b2bdf190a6c1d54217150553df643","first_seen":"2025-09-16T03:51:56.144001Z","last_seen":"2026-06-27T16:10:49.908859Z","times_seen":51,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/js/5489.5756db2c.js","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:19.116Z","timestamp":1782576619116,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /static/js/5489.5756db2c.js HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Sat, 27 Jun 2026 16:10:19 GMT\r\netag: W/\"6a2c4ca8-49f6\"\r\nlast-modified: Fri, 12 Jun 2026 18:15:04 GMT\r\nserver: cloudflare\r\nx-cache: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cIvOJKaN0IyJ1AmHU7xbQnAfK0jGa2B%2FWBTxxfsrE00Zt1JFeFwMVPnu%2FgyL057nJVj%2FA25gUI336L6aGc4bE82GfWoTJEGQ7MHE8CT1uqCsxRiNBLwwS8E6ir7EMyI6\"}]}\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: accept-encoding\r\ncf-ray: a125b89d78ee56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18934,"size_decoded":4686,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (18802), with no line terminators","md5":"ad663bf652c9d1b39f4fa11fb7c53f3d","sha1":"891f14a1578a20e759bfd9d4d15a8e16560561c4","sha256":"a06aa5b2caea5fa18f2162725609001023ba01bb9a1f3abfe3e01288cd951a27","sha512":"e1e35a2b1e96ccda65f7722949575f4abc09d6fc93956f908e0789cc174c9884aa73472ec0865f59f091471dcb04f80b279db90f3227032193a0f01c7f2db65a","ssdeep":"192:eDZG6dYvXqs9+PJvyevv9fgl4L01PQjiBuPJiuiXiwiriGhD7RAXV7f2byTPFnM9:eDZG6dk9kBnQBQjiBiJRAXlf2+Tgb","tlshash":"b3829558b55f24400ae7c045d6c94745813eb266a9360ecd73d8a1df8ba3bcc23a4fbb","first_seen":"2026-03-29T05:30:59.136777Z","last_seen":"2026-06-27T16:10:49.909588Z","times_seen":14,"resource_available":true,"data":null}},"time_used":288,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":288,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/js/2533.5741dc11.js","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:19.122Z","timestamp":1782576619122,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /static/js/2533.5741dc11.js HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Sat, 27 Jun 2026 16:10:19 GMT\r\netag: W/\"6a2c4ca8-23b7\"\r\nlast-modified: Fri, 12 Jun 2026 18:15:04 GMT\r\nserver: cloudflare\r\nx-cache: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9ec8DszX8BikBQpR%2BTxlnz%2BKhFnKKF%2BrNKS5a2iphiQnIH5VyqaL66AfYkiZNs9pGY4Fu4fW1JgdHHp4OF1icl0TNPTpSflyFvoLUOR9d%2BzynEmLbsq1Tnf5trYt%2Fcp9\"}]}\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: accept-encoding\r\ncf-ray: a125b89d88f156bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9143,"size_decoded":3105,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (9143), with no line terminators","md5":"196b0b9e7b6e7b2d0731a54ed74c5b51","sha1":"758a9a0258450edbe92d042f763277ad9b291a9b","sha256":"6691f9ae10da4a52176716886bf040253436aa3d84fb3731446aa0a5907a217c","sha512":"388c1b53f7e41b2120aa53e4d94af823412046c549d9bb572c854a9c1a1ce2508f5cef7234b28c574082f6a25721cfc41745fa11b9bb80db49016599af2524d9","ssdeep":"192:iqEwj+170+6CI0Ka4JiEgJsvJMpEjIKVUtCyyOW9xQfx0r:iqEwC08I7JHgJEJwMgyNUu","tlshash":"0b12c51f750ef6199ecb5c0290de056263116679ce6d2488ebb3d3b4836b6c1531afcc","first_seen":"2024-12-27T20:58:41.86215Z","last_seen":"2026-06-27T16:10:49.910394Z","times_seen":14,"resource_available":true,"data":null}},"time_used":281,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":281,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/cdb/api/content/getImg/706","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:20.701Z","timestamp":1782576620701,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /cdb/api/content/getImg/706 HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=J%2FUgg1Hojv6nclgP63J5H0wBk9wpNaMEihs%2BsVBHkwWq4aZfdwLIhmkp5v1E7aXALOqjO%2F5EH6N74zLbo8007ebgoFJiX5%2FtaGSO3u98r8%2FeMPNDpOlxvoxKuLCBvu9B\"}]}\r\ndate: Sat, 27 Jun 2026 16:10:20 GMT\r\nlocation: https://ystltefuo.top/image/20251121/1aa3f461c8674707af1857dbf17fa74capi_199\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nx-cache: BYPASS\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a125b8a7699e56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T20:17:43.334641Z","times_seen":16769159,"resource_available":true,"data":null}},"time_used":285,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":285,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-27T16:10:17.468Z","timestamp":1782576617468,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\npriority: u=0,i\r\ncontent-type: text/html\r\ndate: Sat, 27 Jun 2026 16:10:17 GMT\r\nvary: accept-encoding\r\nlast-modified: Fri, 12 Jun 2026 18:15:04 GMT\r\nserver: cloudflare\r\nx-cache: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=773CABIHbcxLsyp%2BwQ8obY%2BwefyW%2FagaHS6U%2Bacn%2BzVIw0hUYVhLEE%2FXNIa97rQy2VKD5QD8fQBV%2FuApWAZ4i6vXxaCXuGZWmJMTBT5pSnvw9RYir2Rp3WtrwUB4nAh5\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: zstd\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a125b893588a56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T20:17:43.334641Z","times_seen":16769159,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/js/399.789f6329.js","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:19.118Z","timestamp":1782576619118,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /static/js/399.789f6329.js HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Sat, 27 Jun 2026 16:10:19 GMT\r\netag: W/\"6a2c4ca8-3c3d\"\r\nlast-modified: Fri, 12 Jun 2026 18:15:04 GMT\r\nserver: cloudflare\r\nx-cache: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=67bM8%2B8F2J4uxZ9hF0j2HyvOAOzwFSKdbfgDHEwKhvHyOTzzvmefr6CHDjhXlU1DQMbGHGxQw9GEECD%2FHUMbJ5g4d3BVaJyQdTWYkcnugnDSBK6iAZBrlPTaoo5Qh2hx\"}]}\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: accept-encoding\r\ncf-ray: a125b89d78ef56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15421,"size_decoded":4539,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (15421), with no line terminators","md5":"25abe8b9948a092e7b14286a1a3546c8","sha1":"9e18753e8526a03e2887c89405a7bd8fc11f6118","sha256":"a505381e6c4208062869c9efc7656abbd59392b90783b979b9b2eea24c96b701","sha512":"4c6b7e3f4933c1388317259ed82166b70448f960a2b8f361caf15380cce16dba20e36c8322e8dfa749a49e9002e97d9a2c84cb583a404f112ba3571175e2af18","ssdeep":"192:91+PEU1brrtJCfFgrGTB+xo+UQWPoB/rPekwFjveknR1eknyt6bucza9Yi:91+sRfFgra+xlUQiFjlucUYi","tlshash":"7f62b666b05df61f4bd38914319eaa4062563783c9b02bd8b3a229f0cf975a5360df1f","first_seen":"2026-05-31T10:37:45.469418Z","last_seen":"2026-06-27T16:10:49.912479Z","times_seen":8,"resource_available":true,"data":null}},"time_used":297,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":297,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"at.alicdn.com/t/font_2225171_8kdcwk4po24.ttf","fqdn":"at.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:20.422Z","timestamp":1782576620422,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /t/font_2225171_8kdcwk4po24.ttf HTTP/1.1\r\nHost: at.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://ystl03106.top\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T20:17:43.334641Z","times_seen":16769159,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.dcloud.net.cn/img/shadow-grey.png","fqdn":"cdn.dcloud.net.cn","domain":"dcloud.net.cn","tld":"net.cn"},"ip":{"addr":"118.25.42.241","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:21.888Z","timestamp":1782576621888,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.dcloud.net.cn","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 26 Aug 2025 11:47:17 GMT","end":"Fri, 25 Sep 2026 11:47:16 GMT"},"fingerprint":{"sha1":"47:A7:6C:09:6B:1D:CA:2D:7D:39:2E:C1:7F:15:DE:5D:F2:C4:0F:77","sha256":"EA:73:37:83:D0:38:44:D9:3C:0B:26:F0:DD:D1:22:2F:36:F7:F2:86:A1:B0:58:52:DE:4E:0A:21:D6:89:E7:3E"}}},"request":{"raw":"GET /img/shadow-grey.png HTTP/1.1\r\nHost: cdn.dcloud.net.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ystl03106.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 16:10:22 GMT\r\ncontent-type: image/png\r\ncontent-length: 136\r\nlast-modified: Thu, 06 Jun 2019 06:42:07 GMT\r\netag: \"5cf8b5bf-88\"\r\nexpires: Sat, 27 Jun 2026 16:40:22 GMT\r\ncache-control: max-age=1800\r\nset-cookie: __uni__uid=rBEQMWo/9e6MebfwAzxuAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dcloud.net.cn; path=/; secure; httponly; samesite=none\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":136,"size_decoded":576,"mime_type":"image/png","magic":"PNG image data, 1 x 6, 4-bit colormap, non-interlaced","md5":"5a962adf74d92ae702467b3f47976547","sha1":"36f74049375584e3fa69b5ef87e9572336ff9e7a","sha256":"ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f","sha512":"4ace23fe7ec6c7271710030fd423aace13eafac68ac3e76366ce4ce9bdc702caf71c9bdc2fb6a32c8e9791546098617cc0259decd8bb8489afdbce43e1b53a73","ssdeep":"","tlshash":"47c09bf3a615dc754a0d153b42e98271f429511e07046d0e5a13c216741e3448d56793","first_seen":"2023-04-15T10:50:30Z","last_seen":"2026-06-27T19:23:29.691989Z","times_seen":16719,"resource_available":false,"data":null}},"time_used":798,"timings":{"blocked":0,"dns":5,"connect":195,"send":0,"wait":195,"receive":0,"ssl":403},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/js/index.c4b8ccc4.js","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:18.398Z","timestamp":1782576618398,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /static/js/index.c4b8ccc4.js HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Sat, 27 Jun 2026 16:10:18 GMT\r\netag: W/\"6a2c4ca8-a6eb9\"\r\nlast-modified: Fri, 12 Jun 2026 18:15:04 GMT\r\nserver: cloudflare\r\nx-cache: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ncNrs6akesYkFoepcG9f%2BBZTdRj4VdjGJaTG0615K35G18xXMxFe%2BSeNmHaBWaNG2K6YA8fnzt0%2BDMawbhURVioq3MIdorMDJPihpOCuN9kwXUP03ofMK%2F9p1lqhcsQd\"}]}\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: accept-encoding\r\ncf-ray: a125b898f8d356bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":683705,"size_decoded":174891,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"305febe3cc690a77bdb820b66a385b90","sha1":"82d1cf48deeb9fe573fb1a23594381ab20e571ac","sha256":"9d676460c16b727efad47cefc7f9b03bd9225d25b246915dde7b30d66f53c96d","sha512":"c8c30907bd3dfc074b56c35cc1a4f2371a9bdf7c1ee6a4b10db66204d9a4b2e077e4b2ced6f21f7373cadfdca00dedf2985938b3811d3435d4dee011b9a4f611","ssdeep":"12288:99tycLBWWC5//jbvIr8UdO4iBITOQNsfC/KLbDAXRRHNz7B1SCSUiMKsk0s6CoEM:99FlJPqvUib5PbJW","tlshash":"80e48d7a27db216d1901a316f45b32075aee2cb8371ed0e194ec4e2d1afd4e392274b7","first_seen":"2026-06-27T16:09:50.067547Z","last_seen":"2026-06-27T16:10:49.919479Z","times_seen":2,"resource_available":true,"data":null}},"time_used":509,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":301,"receive":208,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/cdb/api/auth/encryptionEnabled","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:19.076Z","timestamp":1782576619076,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /cdb/api/auth/encryptionEnabled HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nContent-Type: application/json;charset=UTF-8\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: gzip\r\ncontent-type: application/json\r\ndate: Sat, 27 Jun 2026 16:10:19 GMT\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, accept-encoding\r\nx-cache: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=W%2BZfrJP0PYv1tQ3UZeCu1fCi82emNuBeECukUOC1jxY%2Bf5k2PuGiITRXuVvtFwuMB4qReh%2FVjFOLN%2BOtA3J5Xn0FNZ17TEXTdtfdVxtsJHYdeIzwvJqAwWg2cRqO3f1I\"}]}\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 65\r\ncf-ray: a125b89d38e256bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":57,"size_decoded":774,"mime_type":"application/json","magic":"JSON text data","md5":"511b2015afa09547c7396dba956b20f0","sha1":"f5c021d756d2dfc888c593f99a340f8de4810b65","sha256":"d3ebfb0b88d6849aff33a25f86475b692bde07f0c519e0fd684033a0db7b5a10","sha512":"8999f6a53b868e61cce9de4079c4d3e9b0444477d4ace0da97edcf9d9d7bce1df4878acefe4b3a57097d4d592bfda38ea09e2b792fd8e3b4741824d29d531991","ssdeep":"","tlshash":"e0900213190884e3e8123584062e6f1824f8316381400624d89c6329ce34165708392b","first_seen":"2025-02-12T00:58:32.736387Z","last_seen":"2026-06-27T16:10:49.932096Z","times_seen":125,"resource_available":false,"data":null}},"time_used":301,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":301,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/cdb/api/content/getImg/425","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:20.564Z","timestamp":1782576620564,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /cdb/api/content/getImg/425 HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7SOnKFsYKQEf2Jf%2BkBmeIqZLj%2BxwFx5IZTeoVf3%2Br7Ml2GAWWcGFr3S65NP6bNA4hS8mLyeBgmmfhQcbSH7YKctmUhoOqJzuLxXr4qGfh7czPIol5iPubwoBpmd1YR%2BW\"}]}\r\ndate: Sat, 27 Jun 2026 16:10:20 GMT\r\nlocation: https://ys0980795.com/image/20250606/287661ee02c842b2a10554626b92e5beapi_197\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nx-cache: BYPASS\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a125b8a6899456bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T20:17:43.334641Z","times_seen":16769159,"resource_available":true,"data":null}},"time_used":280,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":280,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ys0980795.com/image/20250715/db35bc976ce24e11b3af168bf400c447api_198","fqdn":"ys0980795.com","domain":"ys0980795.com","tld":"com"},"ip":{"addr":"172.67.192.174","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:21.165Z","timestamp":1782576621165,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ys0980795.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 04 May 2026 15:53:37 GMT","end":"Sun, 02 Aug 2026 16:52:18 GMT"},"fingerprint":{"sha1":"2D:77:0C:AA:D1:7D:DD:83:72:CB:11:8A:CB:06:B3:5F:69:25:A0:8F","sha256":"5F:48:19:B6:02:51:08:77:7B:C1:F5:56:09:E4:63:5A:21:30:3F:AA:9D:FB:DE:7A:28:B3:DA:9D:2C:9C:CB:9F"}}},"request":{"raw":"GET /image/20250715/db35bc976ce24e11b3af168bf400c447api_198 HTTP/1.1\r\nHost: ys0980795.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sat, 27 Jun 2026 16:10:21 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nx-oss-request-id: 6A3FF5ED8B904436384C64D7\r\naccept-ranges: bytes\r\netag: \"35EFB8A46A9571DBC1896E1E9AECAECC\"\r\nlast-modified: Tue, 15 Jul 2025 11:25:17 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 14827059312394741938\r\nx-oss-storage-class: Standard\r\ncontent-md5: Ne+4pGqVcdvBiW4emuyuzA==\r\nx-oss-server-time: 22\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lk3XgrFh8D50DSGJJzA97Y5YQze6mhiKeurTCrnu5gY9%2BR%2B1v61kgOIzSsOfcaSgoGs6IJinU0uWIi63niVwC2sa5OgEhXkowY9xJhHMUjqH%2F9zhusWF%2B0xCDOgH1a0j\"}]}\r\ncontent-length: 3514\r\ncf-ray: a125b8aa5a504e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3514,"size_decoded":4398,"mime_type":"image/png","magic":"PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced","md5":"35efb8a46a9571dbc1896e1e9aecaecc","sha1":"b323bc5d795e602356934403bbed3a3e61baad2d","sha256":"224d8f86259194734d64cac69bdb54ec4073cd36f1c4be5cc5a114fe603d4230","sha512":"630a2f7c1fa872106a0f416d8640d29cfced9bd6461ee555342257d294704bf00148085947bdbc292dd59338d870e65fbbbdf9148723a4045ddf309fe82c67e4","ssdeep":"","tlshash":"95717c489c50091e140a06ef39ffcb19465aab5486a89a0cddee134f8221c502c3ab5f","first_seen":"2025-09-16T03:51:56.189692Z","last_seen":"2026-06-27T16:10:49.933807Z","times_seen":13,"resource_available":false,"data":null}},"time_used":585,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":585,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/index.cc298949.css","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:18.394Z","timestamp":1782576618394,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /static/index.cc298949.css HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Sat, 27 Jun 2026 16:10:18 GMT\r\netag: W/\"6a2c4ca8-17998\"\r\nlast-modified: Fri, 12 Jun 2026 18:15:04 GMT\r\nserver: cloudflare\r\nx-cache: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zHD1VCSa07PwtAitwhKQ5y8raG4FXgWXPzEo5FOeCeWSqr%2FgNqukqgjnDwDaq3DgPv1CUcu10%2Fn6UXTGo77rHaQ3dryXInyFyZlSr01I4MblX3tFiZm27UKFCQWlrQLZ\"}]}\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: accept-encoding\r\ncf-ray: a125b898f8d156bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":96664,"size_decoded":26904,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"b23ffbdf507ee417fc3c7b7b242737a7","sha1":"eba2371178176221506aff0dc474570e47562e55","sha256":"97fafefc6bb45ed52a6930fd2fa079e13da77929f11bc7b813d5f09c85ff0f36","sha512":"c5bcad9b474333689093a848601b2871dcd50e04fbd2592ebee0053bed1c540a95f371e84db5bd34f641345bff4cfdf3938a9266b3280243f95fa7cafd6e4519","ssdeep":"1536:qlIApuK7hmVmU2RS1Wu3xdynGJ7eh/nQhlvbc:hApuK7hmV+S1Wu3iG41nQPI","tlshash":"b993f73719012e39e52bcd26b6c1ab5a1e61c033e15307adfba47628cbcf9c9167b345","first_seen":"2026-03-22T00:30:56.219993Z","last_seen":"2026-06-27T16:13:26.862496Z","times_seen":343,"resource_available":false,"data":null}},"time_used":459,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":312,"receive":147,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/bg_ystl.mp4","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:19.759Z","timestamp":1782576619759,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /static/bg_ystl.mp4 HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nRange: bytes=0-\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 206 \r\nage: 59\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7BTt43odHaxJzPP7m%2FLSW53CqhBp11JS3LdyFhPzTFs3%2Fj6WxsR4GJ1iv7cTib1frm1tyfX5hK1H7M0hxEpxffUYWqk9dnOEBOatr8HbFyuJc61FmTwdf73m2a3x1LXN\"}]}\r\ncontent-type: video/mp4\r\ndate: Sat, 27 Jun 2026 16:10:19 GMT\r\netag: \"6a2c4ca8-cc4e91\"\r\nlast-modified: Fri, 12 Jun 2026 18:15:04 GMT\r\nserver: cloudflare\r\nx-cache: BYPASS, Cache-Control or Pragma\r\ncontent-range: bytes 0-13389456/13389457\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncontent-length: 13389457\r\ncf-ray: a125b8a1794e56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13389457,"size_decoded":13390216,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"7fe5ae8f05208ee530c457f16dfd34ef","sha1":"44b6b6f2989b2836108b21583013ebb0881c76b8","sha256":"2d70c3cce55cf101b073f86ce9b0a71e965c85d65c1dca3437a546206ce52bc8","sha512":"1eae1cf6527a1bf0c80435b5cd37865a4d2cc77a7d6a7c7424bbd475bc601ed64d7ce42c06a9d477c6247a04e007ea72cefd0e67777e552e53d1b9aee079c5e5","ssdeep":"24576:x0MRnGk7jQ0Imakg9Cd7zdi3ogrLGmW+aZAg61zWK:xZ7j51lMYgpa6g61zv","tlshash":"dc2522880fa140e1fb8dfabe9086ea55c6e75653c9c8e40bb4ce06444f35a650f4fa77","first_seen":"2025-11-07T18:10:03.3691Z","last_seen":"2026-06-27T16:10:49.938449Z","times_seen":11,"resource_available":false,"data":null}},"time_used":255,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":241,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystltefuo.top/image/20251121/df7338654b7541c0b07fca8a98e931d6api_199","fqdn":"ystltefuo.top","domain":"ystltefuo.top","tld":"top"},"ip":{"addr":"172.67.186.71","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:22.423Z","timestamp":1782576622423,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystltefuo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 May 2026 11:59:43 GMT","end":"Mon, 10 Aug 2026 12:57:15 GMT"},"fingerprint":{"sha1":"E3:57:FA:55:8B:A2:D0:B3:58:3C:E4:15:CD:E0:46:87:F5:04:0F:B7","sha256":"7C:83:08:5C:0B:E6:99:FF:23:D9:85:DD:CD:18:F7:09:79:CE:08:EC:B7:8C:C8:98:84:A9:60:6D:21:FE:0B:62"}}},"request":{"raw":"GET /image/20251121/df7338654b7541c0b07fca8a98e931d6api_199 HTTP/1.1\r\nHost: ystltefuo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sat, 27 Jun 2026 16:10:22 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\nx-oss-request-id: 6A3FF5EEAFAD5B3536D40C1E\r\naccept-ranges: bytes\r\netag: \"AF5484BA953BBC16DD6994F7BDE55A2E\"\r\nlast-modified: Thu, 20 Nov 2025 17:08:49 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 9439278731033013823\r\nx-oss-storage-class: Standard\r\ncontent-md5: r1SEupU7vBbdaZT3veVaLg==\r\nx-oss-server-time: 1\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QS3SgCvU9QqAPd4Ysk%2Fx%2BqJV2Snm3QvOyi2Hwo0qoLAF4%2F68IUWAibmRNHCrR6%2Bwg%2B6zmH7r9J1wd0yRt5mkyjqk%2FwxmNp5Tfezzljc3sB7%2B1fnWXp5Ed0kmlTbrCXin\"}]}\r\ncontent-length: 15626\r\ncf-ray: a125b8b22a9cb4fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":15626,"size_decoded":16518,"mime_type":"image/png","magic":"PNG image data, 200 x 100, 8-bit/color RGBA, non-interlaced","md5":"af5484ba953bbc16dd6994f7bde55a2e","sha1":"58b09f0cfb45224c199259a478f009b772be0f98","sha256":"284357ba25673e70c0cdeb39f777909fb480ce655e28e16129d96c31124d1e30","sha512":"80971d84ef380dbd8ab59b673b430a1ee52e9940de06e5b3e589afb7413f7edebddd22ae33c7aaf80886c1fd1540d8d421e1c1df6e0c5d5515df90ca03c5ef04","ssdeep":"384:Xqn4zb3+Cmwo6ZF55i5Up1rKm1KwmK33QAl0tcoB:6xCmwooFaCbrKwt3l8coB","tlshash":"bf62d117f60074c6ae05790835e4e716619f8db04fa0a6743ce91b76ac1027ec66df8b","first_seen":"2025-11-19T09:53:00.379842Z","last_seen":"2026-06-27T16:10:49.93929Z","times_seen":11,"resource_available":false,"data":null}},"time_used":312,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":302,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/home/Language-enUS.png","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:19.740Z","timestamp":1782576619740,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /static/home/Language-enUS.png HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RdlPXZJ0fzpYcPbsXGOU6PDdcehB1WvaZ9rde6UDVdh1%2F%2FnhW1PYkJ7JpeihwGcj6Uj3%2FlJbCB22iC9NPEsPnnJIIPtDmQUyd1JhSNuJx%2Bo9VpvQFpQwvFQ1ihK6M0qB\"}]}\r\ncontent-type: image/png\r\ndate: Sat, 27 Jun 2026 16:10:19 GMT\r\netag: \"6a2c4ca8-1458\"\r\nlast-modified: Fri, 12 Jun 2026 18:15:04 GMT\r\nserver: cloudflare\r\nx-cache: BYPASS, Cache-Control or Pragma\r\nage: 59\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 5208\r\ncf-ray: a125b8a1694456bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5208,"size_decoded":5942,"mime_type":"image/png","magic":"PNG image data, 102 x 68, 8-bit/color RGBA, non-interlaced","md5":"831614518d6ed9dde20d191763d35790","sha1":"3238c32822fbf2926019fd22660f74316e0b754d","sha256":"6978565cf4aac23d404df91fd0d9ab690a5de3d553d77a1c6bc4b47e56e423ea","sha512":"433243d649504efc9b8bcef4c782119a70da670b30eb9f58979f74b290ea714c67398c43316cad4e01da87374fb06aeb539e51bdc49b3a15fded0a1ed817ec87","ssdeep":"96:5mpvjqQV6igwfbm+hKTuklhMI1LyX0GHWIrtvilcq90lFAnyJVWQ3KcDg:5UHUigwTm+hCJRLa0IWhlcq6lFQCQQ3G","tlshash":"2eb19f526b4f2695045d63df7b3ca333322a33764e207742968f15b79a019ccbcb4ae4","first_seen":"2025-01-06T07:44:05.595571Z","last_seen":"2026-06-27T16:10:49.93999Z","times_seen":71,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/home/helpIcon2.png","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:19.747Z","timestamp":1782576619747,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /static/home/helpIcon2.png HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ixV%2F7CxJUmA6WbHS2fqCCi6eeCUzWAgBRbGVhMold9s3KF51e4t34K%2B1xs3KWV4z97eXLX0BnfFCHylKYIczGBBDN1rdcyTNnO35Y35WXSCaZp8yIBhO13BdFQIxoW9c\"}]}\r\ncontent-type: image/png\r\ndate: Sat, 27 Jun 2026 16:10:19 GMT\r\netag: \"6a2c4ca8-18d1\"\r\nlast-modified: Fri, 12 Jun 2026 18:15:04 GMT\r\nserver: cloudflare\r\nx-cache: BYPASS, Cache-Control or Pragma\r\nage: 59\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 6353\r\ncf-ray: a125b8a1694856bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6353,"size_decoded":7083,"mime_type":"image/png","magic":"PNG image data, 73 x 73, 8-bit/color RGBA, non-interlaced","md5":"7d542025aec53905476fd706705d8edd","sha1":"066b5e88929a0fd223e7c071349022294f7925b4","sha256":"3cb2bd49e939edd2b94b6b6849b2a2ca9e2932ec66a0eab6f4f65c80bb745df1","sha512":"077da359a9f9b0811009248b230b15f266efbc1b0771392f924f7fdbfc89c9f0624716f283c32676d16ee13e0557166f35c714c4b40f834011b2feeb4213bc41","ssdeep":"192:/sagEa15wDnXzuRiwugVT0AfCOKZLjg1tU:/saHA5wby5DMz","tlshash":"d2d1b0f4e2851b3fcf8164601587de97cec346d345c62029ae90d5d825585bc19a36c7","first_seen":"2025-09-16T03:51:56.157871Z","last_seen":"2026-06-27T16:10:49.940602Z","times_seen":13,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/cdb//api/auth/getLogo","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:20.060Z","timestamp":1782576620060,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /cdb//api/auth/getLogo HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nContent-Type: application/json;charset=UTF-8\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: gzip\r\ncontent-type: application/json\r\ndate: Sat, 27 Jun 2026 16:10:20 GMT\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, accept-encoding\r\nx-cache: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wZeD4NZqur65487aEkN5zb%2FHyOQ5Ox5YBX4pkTHidlE6ctAu01UMfExL5d4rPiTCyfsk2YI7ODdtq1yQpb9lOcWUm38IHZSKnNbHltz%2F6Ieo1pX%2FW5BgRWFW1HlEum8k\"}]}\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 68\r\ncf-ray: a125b8a3597756bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":58,"size_decoded":775,"mime_type":"application/json","magic":"JSON text data","md5":"819c33b7abb15db331ba490ec8e0ada9","sha1":"9705a1ea541989603e8a93ffd7ef31eb3d8f68ed","sha256":"df8a6b3d647b4fc2a202427ed539af9da4899edcf0b5d2dfc3935d8027f185d4","sha512":"a519fa804f1151e7181f06e42c4761ba36cdc6ca78f96bc3b43cbaeb7613d5aaecdc6d4310b5a00678137316b9354130ef29935e443c21ee676fc6cb31cdb42f","ssdeep":"","tlshash":"01a002175b4845d3e83335841b3e6f1421e4b15282401720ce9c6238de18164b083925","first_seen":"2026-06-27T16:09:50.108555Z","last_seen":"2026-06-27T16:10:49.941214Z","times_seen":2,"resource_available":false,"data":null}},"time_used":560,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":560,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ys0980795.com/image/20250606/287661ee02c842b2a10554626b92e5beapi_197","fqdn":"ys0980795.com","domain":"ys0980795.com","tld":"com"},"ip":{"addr":"172.67.192.174","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:20.857Z","timestamp":1782576620857,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ys0980795.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 04 May 2026 15:53:37 GMT","end":"Sun, 02 Aug 2026 16:52:18 GMT"},"fingerprint":{"sha1":"2D:77:0C:AA:D1:7D:DD:83:72:CB:11:8A:CB:06:B3:5F:69:25:A0:8F","sha256":"5F:48:19:B6:02:51:08:77:7B:C1:F5:56:09:E4:63:5A:21:30:3F:AA:9D:FB:DE:7A:28:B3:DA:9D:2C:9C:CB:9F"}}},"request":{"raw":"GET /image/20250606/287661ee02c842b2a10554626b92e5beapi_197 HTTP/1.1\r\nHost: ys0980795.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sat, 27 Jun 2026 16:10:21 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nx-oss-request-id: 6A3FF5EDBC6A5B343149F107\r\naccept-ranges: bytes\r\netag: \"FA6A292E44E8451A48A30A286978FE94\"\r\nlast-modified: Fri, 06 Jun 2025 06:47:18 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 5026383326671494058\r\nx-oss-storage-class: Standard\r\ncontent-md5: +mopLkToRRpIowooaXj+lA==\r\nx-oss-server-time: 4\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tX%2FMr5zNy7RoMsiLOCvJUNOy6%2Fu0zyHF4rlIQVPEALTw9ek14k3CGF9Kr8jwIKLDi5atA9sM5aDLfXtGmlSSqUJiB4qFzZKH0ZO7SXnTKCkZfahrKbCGQOphyC1qho2e\"}]}\r\ncontent-length: 97548\r\ncf-ray: a125b8a889f94e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":97548,"size_decoded":98427,"mime_type":"image/png","magic":"PNG image data, 356 x 356, 8-bit/color RGBA, non-interlaced","md5":"fa6a292e44e8451a48a30a286978fe94","sha1":"04ca3715d548d666a62d1afe8d9470eceb212e09","sha256":"2f9bea4e8b7d955ad41af7cea4756b76fad661b99153e00adaeece53915882d7","sha512":"b3b82ff01ac4ee85644f85e7a2ddfb2439c24812ac827f7d2f26f4b4a2804974c7bda83e177663cbc8ad50f8bc2a736d3e2f94299188309194fc2b39c947a4e1","ssdeep":"1536:0dB2DaFUWIU7JA+oxXRwOpNw3jupDwxZ4XZjO0xTXfYR+yMhyZPGz/v5IHi+oPkV:SB2DaFUWDVA+oXwOpG36Cx6YEhyZM/v8","tlshash":"2993126a54e9f46db98cc7a0385a1b7280742f80cff9f2545f654f07887b23746a6acc","first_seen":"2025-09-16T03:51:56.145898Z","last_seen":"2026-06-27T16:10:49.942188Z","times_seen":13,"resource_available":false,"data":null}},"time_used":398,"timings":{"blocked":0,"dns":5,"connect":20,"send":0,"wait":302,"receive":70,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/nav/tab-3.svg","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:19.170Z","timestamp":1782576619170,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /static/nav/tab-3.svg HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cpqIMIO8EpTNs8x6wkBp6UbQcK95YPt9FyhDTG8bckRXewsQk2c0L2%2B5LX1ds8%2BgZj0zdm7Zbv01yWX968W53EgE8XC6VYp15Cp3VH1K5i%2BzisiYADkjTXmgo%2FIe9Zmv\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Sat, 27 Jun 2026 16:10:19 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Fri, 12 Jun 2026 18:15:04 GMT\r\nserver: cloudflare\r\nx-cache: BYPASS, Cache-Control or Pragma\r\nage: 59\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\netag: W/\"6a2c4ca8-3fa\"\r\ncf-ray: a125b89dc8fb56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1018,"size_decoded":1244,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"644d3e2bcf982a1043eb37fb9649ee70","sha1":"8399990b259353eeff153091fd8f7412a4c2ca3c","sha256":"70585f00b61729055fb5af3abcb892d623537ab8fadf3b9cb03dcfb6ee46dda2","sha512":"04ef63ae75ed9bfa6ea17b69356762499c37c9e449e69374243ed502818672f98973e7c81eeb83c580183784aaadb47b392d305a4453e871f19a4dfa9b28d1bb","ssdeep":"","tlshash":"ca11577cebd89bd05b4383b4cf1541a2e06f04feb4ac96f9d77be29839148e64498c42","first_seen":"2025-09-16T03:51:56.180244Z","last_seen":"2026-06-27T16:10:49.942933Z","times_seen":12,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/js/pages-login-login.5c6d96a9.js","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:19.732Z","timestamp":1782576619732,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /static/js/pages-login-login.5c6d96a9.js HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Sat, 27 Jun 2026 16:10:20 GMT\r\netag: W/\"6a2c4ca8-48be\"\r\nlast-modified: Fri, 12 Jun 2026 18:15:04 GMT\r\nserver: cloudflare\r\nx-cache: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lAI%2BVdWOmd1BmlCNGC4i6ry8FFhkXVuM2D%2Frco8bArDGolODH9H5EN7pfrB3TnQWmFidThWupaJQFCrRCwulozgUSNuZoz7jk6yP7VnO7bkicCuQ35zfzFlkJW%2BpNUCw\"}]}\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: accept-encoding\r\ncf-ray: a125b8a1594256bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18622,"size_decoded":5935,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (18614), with no line terminators","md5":"4ad8d5d2fcdd2f6d141e23c15aa55e1e","sha1":"17894d8b7831568f369348c25d03c6264734dc91","sha256":"f97a3be11a791869ee8ec6e629c6d64b5a393507293b4c28ed5f9168a44cb6a7","sha512":"6da41da67b5ab87ac82acd80f58cdafa5b289926fd94468b462303558497fc6b09e82a9a3bdca03edef28068422d33533f0a17696648787441fd6f94fb81f155","ssdeep":"192:hELGM5p6CLLZ01gvSdPEjhyBYk0dlDPh3qgxrm8SgPlgJtqJbyh:hECM5p6TVhBYkAlDZ3qgxugPl00A","tlshash":"7482d65874cd748a9d7be034f45b3a1da1743a96b100ce05bbb09f459de8b4a1b22b3e","first_seen":"2026-06-27T16:09:50.072278Z","last_seen":"2026-06-27T16:10:49.943526Z","times_seen":2,"resource_available":true,"data":null}},"time_used":289,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":289,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/bicycle/arrow-line.png","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:20.104Z","timestamp":1782576620104,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /static/bicycle/arrow-line.png HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5SQZvg9gqqgqAChiVTw73eldp7l9K5N9Un2xN02hs4b0neuAt2dUEarmKLrZySaxPpXzAP%2BbRHRWznFYMEfEEYZpRMTgLAUbUI2J7W9fQo6pF9qzs3u6N5byFPVI4kvJ\"}]}\r\ncontent-type: image/png\r\ndate: Sat, 27 Jun 2026 16:10:20 GMT\r\netag: \"6a2c4ca8-183\"\r\nlast-modified: Fri, 12 Jun 2026 18:15:04 GMT\r\nserver: cloudflare\r\nx-cache: BYPASS, Cache-Control or Pragma\r\nage: 59\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 387\r\ncf-ray: a125b8a3a97c56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":387,"size_decoded":1113,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"472826c9e6fe8fcabee68c11d4366fe8","sha1":"c663c5db1a2cafe6397ff725a76c02840f4d6b70","sha256":"e247e5bb06847f5b797820d90b9f3733d4b1484359c00f11b1915642591f758c","sha512":"10c917a458c9d29c00418b936c25a9f5eeaa1c4df97d4d26cf52bad653f74914af1b1c424acaa70f0e5d3c46b21569fdd8d72704f377466ed393954e7f07c967","ssdeep":"","tlshash":"f3e0f853eab02ca89ecfa39324aa7110ca1637d923148a4ac0125a7a5d28614a48e3a3","first_seen":"2025-09-16T03:51:56.165498Z","last_seen":"2026-06-27T16:10:49.944659Z","times_seen":44,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/cdb/api/content/getImg/497","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:20.595Z","timestamp":1782576620595,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /cdb/api/content/getImg/497 HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zUoEifqS9QdWp8V2nwjbRVliO2n8V5381k3gYKmZoz0UbbjnNQGhuK1vlXUDw9RGJ3qL4e1xi%2B1t%2B8qVzDy0tt3C9NWEGnjlWUD%2FJIlhfBNqxYUz%2BfmkFY%2F7aZqFGn3Y\"}]}\r\ndate: Sat, 27 Jun 2026 16:10:21 GMT\r\nlocation: https://ys0980795.com/image/20250715/db35bc976ce24e11b3af168bf400c447api_198\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nx-cache: BYPASS\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a125b8a6b99a56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T20:17:43.334641Z","times_seen":16769159,"resource_available":true,"data":null}},"time_used":564,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":564,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/cdb/api/content/getImg/408","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:20.566Z","timestamp":1782576620566,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /cdb/api/content/getImg/408 HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Fp0A1IbIc0tZyVxcMk4DyM1hBvTNfsl5Cn4Ji14W0yiZrwK6X1UlF3Z%2F9fzNvu5LkldQmgXISpz1aJ5bGaF1EpqpHrsV%2FoOxbHATlzgqwHHwbVsGSQqlalJkNRlsRjb9\"}]}\r\ndate: Sat, 27 Jun 2026 16:10:20 GMT\r\nlocation: https://ys0980795.com/image/20250606/be0b25bcd4fd44e78a6bf526cbb8e69fapi_199\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nx-cache: BYPASS\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a125b8a6a99756bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T20:17:43.334641Z","times_seen":16769159,"resource_available":true,"data":null}},"time_used":291,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":291,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ys0980795.com/image/20250606/be0b25bcd4fd44e78a6bf526cbb8e69fapi_199","fqdn":"ys0980795.com","domain":"ys0980795.com","tld":"com"},"ip":{"addr":"172.67.192.174","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:20.884Z","timestamp":1782576620884,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ys0980795.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 04 May 2026 15:53:37 GMT","end":"Sun, 02 Aug 2026 16:52:18 GMT"},"fingerprint":{"sha1":"2D:77:0C:AA:D1:7D:DD:83:72:CB:11:8A:CB:06:B3:5F:69:25:A0:8F","sha256":"5F:48:19:B6:02:51:08:77:7B:C1:F5:56:09:E4:63:5A:21:30:3F:AA:9D:FB:DE:7A:28:B3:DA:9D:2C:9C:CB:9F"}}},"request":{"raw":"GET /image/20250606/be0b25bcd4fd44e78a6bf526cbb8e69fapi_199 HTTP/1.1\r\nHost: ys0980795.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sat, 27 Jun 2026 16:10:21 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nx-oss-request-id: 6A3FF5EDC390C33538273FEF\r\naccept-ranges: bytes\r\netag: \"CEE4F01FBB9C1C49C24B9B2A31620AC1\"\r\nlast-modified: Thu, 05 Jun 2025 21:44:19 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 18112646034555877666\r\nx-oss-storage-class: Standard\r\ncontent-md5: zuTwH7ucHEnCS5sqMWIKwQ==\r\nx-oss-server-time: 0\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HRLBv3KfLlC1uOAwEDMDkL%2F2FPJDOyJ9D8Wp5kD4j0SJkwbxaHIS%2B1LzY3CbWMu%2FnsGmOlxgOqS%2F76iqGmy1vAX1PWGpYfn0uxV7yyBc%2BGxhhQN3oHdaKho0PckxQ%2BOB\"}]}\r\ncontent-length: 78053\r\ncf-ray: a125b8a889fb4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":78053,"size_decoded":78941,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced","md5":"cee4f01fbb9c1c49c24b9b2a31620ac1","sha1":"15b48c6d5181236ae7336481ead1cd55e33fe8f9","sha256":"1106c391206683b837711a93d32b448ba93b044dd3999af739a0332283af64b3","sha512":"03e8b0c8554b656f69f5d47f1e7e82446724d293eec574787eca6152136b525e169b6d5135def0360ffc7782570e8f390673abfebbef7328c1234fe9077e7575","ssdeep":"1536:K6pBz/cJw0SJrDYkIfXNbqchDzQx50w/EZVpeBooOddj0MICPglh0CvO:Npx/cJwnefdHhnQx5vMrpeOoEAzr0CO","tlshash":"ca730294fef0544cb90ea9545827e0bc4572dee567ce1e5ec9a0068f8c3ad7b2c04a9f","first_seen":"2025-09-16T03:51:56.159946Z","last_seen":"2026-06-27T16:10:49.945356Z","times_seen":21,"resource_available":false,"data":null}},"time_used":350,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":292,"receive":58,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ystltefuo.top/image/20251121/1aa3f461c8674707af1857dbf17fa74capi_199","fqdn":"ystltefuo.top","domain":"ystltefuo.top","tld":"top"},"ip":{"addr":"172.67.186.71","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:20.992Z","timestamp":1782576620992,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystltefuo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 May 2026 11:59:43 GMT","end":"Mon, 10 Aug 2026 12:57:15 GMT"},"fingerprint":{"sha1":"E3:57:FA:55:8B:A2:D0:B3:58:3C:E4:15:CD:E0:46:87:F5:04:0F:B7","sha256":"7C:83:08:5C:0B:E6:99:FF:23:D9:85:DD:CD:18:F7:09:79:CE:08:EC:B7:8C:C8:98:84:A9:60:6D:21:FE:0B:62"}}},"request":{"raw":"GET /image/20251121/1aa3f461c8674707af1857dbf17fa74capi_199 HTTP/1.1\r\nHost: ystltefuo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sat, 27 Jun 2026 16:10:21 GMT\r\ncontent-type: image/png\r\ncontent-length: 15626\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-oss-request-id: 6A3FF5EDACF6C53333DE41DA\r\naccept-ranges: bytes\r\netag: \"AF5484BA953BBC16DD6994F7BDE55A2E\"\r\nlast-modified: Thu, 20 Nov 2025 17:08:54 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 9439278731033013823\r\nx-oss-storage-class: Standard\r\ncontent-md5: r1SEupU7vBbdaZT3veVaLg==\r\nx-oss-server-time: 4\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=c3NGNea8Ibab4vmOES1dObLA71IRQfvqjb2mOZO26I1PXEmeV5HFtg2f0b4XjLuw3o8VX8zL2BdZgYMqvyZjzRYeFM%2FMpQvrLDF%2BfuAzDDnBRFjjAOpjzZCOQtDD4Em5\"}]}\r\ncf-ray: a125b8a93cf1568a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":15626,"size_decoded":16483,"mime_type":"image/png","magic":"PNG image data, 200 x 100, 8-bit/color RGBA, non-interlaced","md5":"af5484ba953bbc16dd6994f7bde55a2e","sha1":"58b09f0cfb45224c199259a478f009b772be0f98","sha256":"284357ba25673e70c0cdeb39f777909fb480ce655e28e16129d96c31124d1e30","sha512":"80971d84ef380dbd8ab59b673b430a1ee52e9940de06e5b3e589afb7413f7edebddd22ae33c7aaf80886c1fd1540d8d421e1c1df6e0c5d5515df90ca03c5ef04","ssdeep":"384:Xqn4zb3+Cmwo6ZF55i5Up1rKm1KwmK33QAl0tcoB:6xCmwooFaCbrKwt3l8coB","tlshash":"bf62d117f60074c6ae05790835e4e716619f8db04fa0a6743ce91b76ac1027ec66df8b","first_seen":"2025-11-19T09:53:00.379842Z","last_seen":"2026-06-27T16:10:49.93929Z","times_seen":11,"resource_available":false,"data":null}},"time_used":572,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":571,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/cdb/api/content/getImg/705","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:22.129Z","timestamp":1782576622129,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /cdb/api/content/getImg/705 HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yqPJg0YrhObPHK%2B2dRfuHzt%2FlUGi2iXCKShtrnIgywCbGjVq%2F%2BhsK2g4ysj5znijECKzw1gGm5UzbI3isALr3DpsJ1ig6Du%2BUlk2MPEx%2FinqLO3YS1zXWcO43yJWdw%2Fx\"}]}\r\ndate: Sat, 27 Jun 2026 16:10:22 GMT\r\nlocation: https://ystltefuo.top/image/20251121/df7338654b7541c0b07fca8a98e931d6api_199\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nx-cache: BYPASS\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\ncf-ray: a125b8b059f156bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T20:17:43.334641Z","times_seen":16769159,"resource_available":true,"data":null}},"time_used":281,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":281,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/js/2810.6b188de6.js","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:19.120Z","timestamp":1782576619120,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /static/js/2810.6b188de6.js HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Sat, 27 Jun 2026 16:10:19 GMT\r\netag: W/\"6a2c4ca8-c3be\"\r\nlast-modified: Fri, 12 Jun 2026 18:15:04 GMT\r\nserver: cloudflare\r\nx-cache: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4Jne19xwOA7Xl8%2FhiDd8CTXJjS0l8hxOUa6lcoHQoFc1TboxXxz%2FX6kvMcosr11oTUVAlQpPdTC%2FwH8iF%2FpkGGVB6Z9nte1LhHuCPoFymE8dTbE%2BYq%2FF2ntOeFUJdwxv\"}]}\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: accept-encoding\r\ncf-ray: a125b89d78f056bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":50110,"size_decoded":15587,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (45088)","md5":"944ad4a0ed51d7928d2bf0c34df5dcdf","sha1":"8dfde6d2225f7ec476edbc93d3422b43e98f7100","sha256":"e586beb8b635679f70b22eccdaae0b3700177f35d3ffd9c73eec142c479d31c3","sha512":"a5bf4ca4e4f9c9cfbfbd0f27208cbd7bdb1ea72dbf3162e1a534463dd81d9c4ae6b12c0a876deee44b66a863e67a42e4bba1fa0f7a02fd14e72f9dc23b03fde9","ssdeep":"384:zBdLzpNZkzIvHQsVbJUscXXMk1mgJmAmCQgiSyRW2JcXuMmKrg3EmVCta2tUauCU:zbzp7ktsVbcwsu3covd","tlshash":"0123d8d9b79674254253b6e0503f120eb137790c640699acbabaf4e22dbd44e2137fbc","first_seen":"2026-05-10T22:08:37.964692Z","last_seen":"2026-06-27T16:10:49.946052Z","times_seen":3,"resource_available":true,"data":null}},"time_used":377,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":286,"receive":91,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/js/3390.cbe513a3.js","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:19.124Z","timestamp":1782576619124,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /static/js/3390.cbe513a3.js HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Sat, 27 Jun 2026 16:10:19 GMT\r\netag: W/\"6a2c4ca8-2910\"\r\nlast-modified: Fri, 12 Jun 2026 18:15:04 GMT\r\nserver: cloudflare\r\nx-cache: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=H8PYNISh7g596pDEu0F%2Bxyf3yhuzmP%2FPe6yGVvJ6N%2BJPmjZAnCb4oIP%2FS2RbCrFxmo%2FscSfTccZtM5UYbz4VqBA%2BpTbJnGc7E8hs%2BNWhL8iAxKMjmrYEy4roBHocwgcU\"}]}\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: accept-encoding\r\ncf-ray: a125b89d88f256bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10512,"size_decoded":6341,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (10511), with no line terminators","md5":"3af4b9feeb600f1287a9ab8d065447c3","sha1":"21516bf05536ba29cd31b726e890023c7779f525","sha256":"d0226600a20ac72b685b2aa6fe18e9ba140e8777160983039933a43a2f51b7bb","sha512":"51ba5d55663bf61293301c66e7afec8dc53a54fd59a335fed63c5777cfd84a64ef5d67da69cf36584a861d02afe103eade91b9f3b8638fe0727b29599d919002","ssdeep":"192:aO7tAJG1JkM0vN5bAr63TQ4J2pFyKffB5rln9YhUwgnKToV:anG8M0srOqpz5lamwgnKTk","tlshash":"ef223c207484703e59bbf0a479775a5da0723b8ee314d895e3f4ea864dd6a0d13317dc","first_seen":"2026-05-10T22:08:37.988891Z","last_seen":"2026-06-27T16:10:49.946657Z","times_seen":3,"resource_available":true,"data":null}},"time_used":294,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":294,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/js/pages-tab-home.a7e0f1f6.js","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:19.125Z","timestamp":1782576619125,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /static/js/pages-tab-home.a7e0f1f6.js HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Sat, 27 Jun 2026 16:10:19 GMT\r\netag: W/\"6a2c4ca8-12b0a\"\r\nlast-modified: Fri, 12 Jun 2026 18:15:04 GMT\r\nserver: cloudflare\r\nx-cache: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pi8Kl2ysdhmo4VmDq7iO80DRv1Ur%2BhfihC6Sp9y%2F%2BkzNTpN%2Fk8gL7rBtFSQlnTTcza7jizLVGyCldjfNtkWVHgqWUdhJSoFNsv89amXJQ8hIw%2B9gKhbNX047Y%2BaQh5Pw\"}]}\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: accept-encoding\r\ncf-ray: a125b89d88f356bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":76554,"size_decoded":29672,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65494), with no line terminators","md5":"fb142df9affed836e8860af0ada5b110","sha1":"d4f37c122a64ab5d29985da2a7102c71b48078c5","sha256":"a95c87f21516186e61dd7fa3650a30ce3c3364e1a5a56f8e0c3501c973d7750c","sha512":"cd384a4bca7447fd430c7828d73bde5dd4bc8ce9bf14101bffad5e58aaecc2592c2c33e3bb9fd36bfd2e07162e8f6134f009aaad076c605a9cc6810e1c7e163f","ssdeep":"1536:Wotyh0PaicWlmdHCz2a2B8mWeOrMc+RHnURzedEtVgty0Vtx22:Wvpdta2B8mWf+RHnURzedEtVg1th","tlshash":"f1734a29708af0af8d97e070609b191850343b69f115e985f7709fa0cee59cb6736fac","first_seen":"2026-06-27T16:09:50.060212Z","last_seen":"2026-06-27T16:10:49.94724Z","times_seen":2,"resource_available":true,"data":null}},"time_used":452,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":293,"receive":159,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/bicycle/recharge.png","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:19.743Z","timestamp":1782576619743,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /static/bicycle/recharge.png HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=X6hvk2r7GuKEYyZDGgbRLLVOm4yHWUxVTXE0ZPrMtuawO8nbijZbf8PMq4yRFXHQMI6PotoxKYxNpDq7VWi6e4Q1h4MPvZtRA4aG0mw0tALDoHrUHp5f1UokuFIrzC0e\"}]}\r\ncontent-type: image/png\r\ndate: Sat, 27 Jun 2026 16:10:19 GMT\r\netag: \"6a2c4ca8-e47\"\r\nlast-modified: Fri, 12 Jun 2026 18:15:04 GMT\r\nserver: cloudflare\r\nx-cache: BYPASS, Cache-Control or Pragma\r\nage: 59\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 3655\r\ncf-ray: a125b8a1694556bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3655,"size_decoded":4380,"mime_type":"image/png","magic":"PNG image data, 46 x 49, 8-bit/color RGBA, non-interlaced","md5":"28920a387f076a4addf514f05bb83078","sha1":"5f7e22027f8010af1b300928acf6723f72a8f0c1","sha256":"8887b89b5edb526293706e69794ef4a8b2dcfaf1ee078f9bfebeed336e0ca657","sha512":"bfe0df5f6186a1982d5680ca7046ca525c3b30310fb944f66a6294247508002bc6e28d9a549b4003dbe2c3c44ba0223170e356a1cf3a32c92e1499e000ce55ea","ssdeep":"","tlshash":"99715d083e64dc2d212ffb19a19e9b4d2235d95d8a2563801cb1714e6db0c3ed0daf90","first_seen":"2025-09-16T03:51:56.162378Z","last_seen":"2026-06-27T16:10:49.948223Z","times_seen":13,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/bicycle/empty-states.png","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:19.752Z","timestamp":1782576619752,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /static/bicycle/empty-states.png HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wajnKCGaZ1a8HBbdwMWL%2Bp1OBqn0CmdnL5wRhARYgekSNt3VXzzst%2FMUktTc6r1o8yMlZ6AtbmYQYhe7pn4%2BThY19j5MCpuAh6LX9yfXzo%2FsIeEHx6S93lvbvs4cfnen\"}]}\r\ncontent-type: image/png\r\ndate: Sat, 27 Jun 2026 16:10:19 GMT\r\netag: \"6a2c4ca8-1929\"\r\nlast-modified: Fri, 12 Jun 2026 18:15:04 GMT\r\nserver: cloudflare\r\nx-cache: BYPASS, Cache-Control or Pragma\r\nage: 59\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 6441\r\ncf-ray: a125b8a1794c56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6441,"size_decoded":7175,"mime_type":"image/png","magic":"PNG image data, 161 x 160, 8-bit/color RGBA, non-interlaced","md5":"900f3693f515d721e5a87d2bafff8f5a","sha1":"0fd5f8327fe69a8537a930abbffc1eff1ba5d00d","sha256":"1545e153f144fcd07aca6bde63374d6d7b888095de34fb7d3f711b926682b046","sha512":"497d6d26eccba6b59f898eb4c4a1fa9f9535938b676b574cb320774ddb539509c0496260828a8c0054263b60f0b32c031244c7b5ad11813d1b17beae0d6fd0b6","ssdeep":"192:ISAtSiwLFBhSVBXdJs0UO5jR7qNwr62bwH5nZ9hG:PAtSL4B3TUQjRQwLwlE","tlshash":"5ed19de8075144f8e30493e033c6f0b6b45aec86811d695b192676e89d28d0dff4ec8d","first_seen":"2025-09-16T03:51:56.163403Z","last_seen":"2026-06-27T16:10:49.948981Z","times_seen":14,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/bg_ystl.mp4","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:20.474Z","timestamp":1782576620474,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /static/bg_ystl.mp4 HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nRange: bytes=0-\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 206 \r\nage: 60\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XH06%2FB5gMjoKhgQ8ZenaTPqKPeAKwJyHipsi1VoJtUvKc%2BigKRc%2FjFfRfBkIHI2pNZbER%2FauyCWZwUqMz2R%2FvG4DW2JFFrw6GqvJ1yo0DBYQT%2BRj3nZElBnI9O%2FtqoJF\"}]}\r\ncontent-type: video/mp4\r\ndate: Sat, 27 Jun 2026 16:10:20 GMT\r\netag: \"6a2c4ca8-cc4e91\"\r\nlast-modified: Fri, 12 Jun 2026 18:15:04 GMT\r\nserver: cloudflare\r\nx-cache: BYPASS, Cache-Control or Pragma\r\ncontent-range: bytes 0-13389456/13389457\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncontent-length: 13389457\r\ncf-ray: a125b8a5f99256bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13389457,"size_decoded":13390226,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"7fe5ae8f05208ee530c457f16dfd34ef","sha1":"44b6b6f2989b2836108b21583013ebb0881c76b8","sha256":"2d70c3cce55cf101b073f86ce9b0a71e965c85d65c1dca3437a546206ce52bc8","sha512":"1eae1cf6527a1bf0c80435b5cd37865a4d2cc77a7d6a7c7424bbd475bc601ed64d7ce42c06a9d477c6247a04e007ea72cefd0e67777e552e53d1b9aee079c5e5","ssdeep":"24576:x0MRnGk7jQ0Imakg9Cd7zdi3ogrLGmW+aZAg61zWK:xZ7j51lMYgpa6g61zv","tlshash":"dc2522880fa140e1fb8dfabe9086ea55c6e75653c9c8e40bb4ce06444f35a650f4fa77","first_seen":"2025-11-07T18:10:03.3691Z","last_seen":"2026-06-27T16:10:49.938449Z","times_seen":11,"resource_available":false,"data":null}},"time_used":316,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":308,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/cdb/api/content/getImg/695","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:20.593Z","timestamp":1782576620593,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /cdb/api/content/getImg/695 HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VXoa5SWlGNNQ39zv1y69CpphrBT8TK2eqMVQlY1pdU6y6rBlCFBOND4GEGIQ5DQLsgc%2FkICftdZS3r2fCN%2FUfr%2F2Dkm%2Brtb1RFIKT0TstDllx9LWtTjxmSy3Jw9Nhl9E\"}]}\r\ndate: Sat, 27 Jun 2026 16:10:20 GMT\r\nlocation: https://ystltefuo.top/image/20251117/e75ab231dfc647e983725b540de552f5api_199\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nx-cache: BYPASS\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a125b8a6b99956bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T20:17:43.334641Z","times_seen":16769159,"resource_available":true,"data":null}},"time_used":303,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":303,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/js/chunk-vendors.dc37e71b.js","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:18.396Z","timestamp":1782576618396,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /static/js/chunk-vendors.dc37e71b.js HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Sat, 27 Jun 2026 16:10:18 GMT\r\netag: W/\"6a2c4ca8-adb31\"\r\nlast-modified: Fri, 12 Jun 2026 18:15:04 GMT\r\nserver: cloudflare\r\nx-cache: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BiTYRhs5OmkezHQ%2FVq%2BDScUFVpDb8fyTxArNL1ec%2BRyaVECBue8SEbJAD5%2F4S8txjzjN4MN%2F3GOf1mmQmKKe0%2BtE0MaL6dPFZ%2FT4c7r4cVa3Ddc2zgr5aWRIQMHFgQoQ\"}]}\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: accept-encoding\r\ncf-ray: a125b898f8d256bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":711473,"size_decoded":245077,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (60953)","md5":"1c9ba4d4cd83bb2322dd31b5843a59c0","sha1":"77a37c50dfd72d65cacf0c49ced9219c8c32af7e","sha256":"0afac01d78289dfc35fdba48e682695d8ad622f1cfd38ff8a44ec5aee17d75f3","sha512":"da36870f33aff16735d20308d2eddb9700e43dfb1e9e33eb92f7c4dbbe3aa45af51b9bbeec488b717fd7bf8ba72f41595d44524575f5c2549ade32a47fdef806","ssdeep":"6144:Q5bRpHwQTwDMbBm3M/zpbcHO+kn+3gz+/KGwJAAih85BYUDzS05x:a9dlb48/zGlkn+3gz+yRGABEPC","tlshash":"89e42a8db281b0b60be760e5403f220bb23b6959780e9594f275e4e56dbc98e5137f3c","first_seen":"2026-06-27T16:09:50.059164Z","last_seen":"2026-06-27T16:10:49.949601Z","times_seen":2,"resource_available":true,"data":null}},"time_used":508,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":296,"receive":212,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/bicycle/withdraw.png","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:19.745Z","timestamp":1782576619745,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /static/bicycle/withdraw.png HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LoQifxwV0jzwbcgIshmQVgLIyAcUqBTt9%2FRDZCe7WiE4sTTT3FcGWlZaktAJeBk6AOayKSa4pLObtnBTGqmVRufCxiHAJXfITjqTaheVprDsDbpLqXbht1LTlMFTTejH\"}]}\r\ncontent-type: image/png\r\ndate: Sat, 27 Jun 2026 16:10:19 GMT\r\netag: \"6a2c4ca8-136d\"\r\nlast-modified: Fri, 12 Jun 2026 18:15:04 GMT\r\nserver: cloudflare\r\nx-cache: BYPASS, Cache-Control or Pragma\r\nage: 59\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 4973\r\ncf-ray: a125b8a1694656bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4973,"size_decoded":5701,"mime_type":"image/png","magic":"PNG image data, 49 x 49, 8-bit/color RGBA, non-interlaced","md5":"88da4a4ff9dd2f32b16dcd636eb1b1c9","sha1":"04a0b44400975d8b097eba31f71ad1d33d92b31b","sha256":"11ac2f7f073d1b4b2f9cef32a75dfbe3a218636680372fe7e5a931a48b83704c","sha512":"b2c4efe5ef88e874a13c75084d11fc8621d7f9392b8991286268152ace6dc74566f8b9145c2b44d787517c5d408545d2742b519fa2abcf449616ad834b56f22f","ssdeep":"96:yKXMNoe+jrnmEO9jmEjXZdxgMZLiCBZBKeqWA1RSKyBrVQfgKRilRei8VE:yKXMojrnBSjNPxguLiCxKe1CoBefBORX","tlshash":"78a16cb3342760ad51a503da3a98473d36b948ebfb2c171558978b21ae3a2f046c930e","first_seen":"2025-09-16T03:51:56.175166Z","last_seen":"2026-06-27T16:10:49.950595Z","times_seen":13,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/cdb/api/content/officialNews","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:19.748Z","timestamp":1782576619748,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"POST /cdb/api/content/officialNews HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nX-Encrypted: true\r\nContent-Type: application/json;charset=UTF-8\r\nContent-Length: 99\r\nOrigin: https://ystl03106.top\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 \r\naccess-control-allow-origin: *\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-type: application/json;charset=UTF-8\r\ndate: Sat, 27 Jun 2026 16:10:20 GMT\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nx-cache: BYPASS\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\ncontent-encoding: zstd\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Mqg19%2FvMMaX6uwboArpNVYxhpXThNgi%2BQ75TTN40%2BLfKwd6CYLfF%2B4tyQrhOwJWMx1PH0pBzv%2FxWZv1jl1XRXEH4wDLbID1Gisy1s8TFBkBIB64uN4B9M%2B3sN4yiS%2Bc7\"}]}\r\ncf-ray: a125b8a1694956bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":335,"size_decoded":1030,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"9c6d99ab80ec84f06764ed6601fd534f","sha1":"a7ca75fbe8a696a331844c297ab4218759231e87","sha256":"cf1eb8b92a6df8dd1676ad5227e10677dd4904bd03ee6aacc1ac1dde8601b4d3","sha512":"b7817f8f8fcf993033e79ca802c4d1a6a331646b8c5c9a49befbec5f122cf15514edcda7231cb9fea5e60274acf9b4f169d0d9b961de0858ab0cf3167776df80","ssdeep":"","tlshash":"01e02004a6345783f505b5bf7a6f2f7055a4298a03134b42e81f5515291946563ca4d2","first_seen":"2026-06-27T16:10:49.951194Z","last_seen":"2026-06-27T16:10:49.951194Z","times_seen":1,"resource_available":false,"data":null}},"time_used":303,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":303,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/cdb/api/content/countryCode","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:20.052Z","timestamp":1782576620052,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /cdb/api/content/countryCode HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nContent-Type: application/json;charset=UTF-8\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: gzip\r\ncontent-type: application/json\r\ndate: Sat, 27 Jun 2026 16:10:20 GMT\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, accept-encoding\r\nx-cache: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fCWHohyWbBVDrtN1ktcZTIpLKGeHkBU5XF7v62HdF1BfrVwiNWXCUm8mqeM1hBwqikb4NDQPVbYXPjEM7Uxhg9Mnl%2BSUy6teEC2ug8cbkL3as312doAcGlsEmfYtcc74\"}]}\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 961\r\ncf-ray: a125b8a3597456bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5539,"size_decoded":1665,"mime_type":"application/json","magic":"JSON text data","md5":"7c75d991aa0f6e3f49bb58a7edfab37e","sha1":"492b39037921acb86c55bd6fdaeef85c7dce4814","sha256":"f6794168f823e19974222cd26e740e150b91f3c262ea547f247c4e97cec3b7c8","sha512":"852d054a0b4982cc7e0c4e87dc770b77457c08df759003e30b08493b52fcb97fab8de45225767525cc8724559ec121c8f97f2d9fcea35395b295829bc43ce115","ssdeep":"96:EIhH6K9iRx5U9i9YHHd++kTXoqUcSYjRt56i+0z1+cGL7ZoBhiK0NSQyUV1n1E/x:yE0kqsh/ofd","tlshash":"f7b19a7da05cabfefd72afc8b94b302062b493d98155194ec0e05bdb53817fca0b2a54","first_seen":"2026-06-27T16:09:50.078507Z","last_seen":"2026-06-27T16:10:49.952622Z","times_seen":2,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":291,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/cdb/api/auth/isForgetPasswordEnable","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:20.058Z","timestamp":1782576620058,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /cdb/api/auth/isForgetPasswordEnable HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nContent-Type: application/json;charset=UTF-8\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: gzip\r\ncontent-type: application/json\r\ndate: Sat, 27 Jun 2026 16:10:20 GMT\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, accept-encoding\r\nx-cache: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zkTkZ9f0bq%2BA9yg%2BU8cgv5bRnVX3qO%2BjioVwXhSlD1NRGPMuSlxZmpxu3xzpbKpEe2vmL3%2B23r0XWIIokMyUmD1oTcyVQ5YGllusCmh%2B1cb3EjaZjFs0cxaplCfHZsWQ\"}]}\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 69\r\ncf-ray: a125b8a3597656bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":58,"size_decoded":780,"mime_type":"application/json","magic":"JSON text data","md5":"9c424398ae4b13a3de7291a058f648c5","sha1":"73ebe6aa48f453249f357bfbdb4107b2e4363dd7","sha256":"a886181c4b9c40bd36b9317fd1eca3f252292f39778790c09a5060270a3dc7f1","sha512":"0e6937670f4bf134b6bc38852d4d0305c4c0037e9f57b6a60f0a5c0583b915e6d8affa42f81216234eb9cb2e6d1c5d934d13858ca1df4f3b9e7b7ca3b851abb9","ssdeep":"","tlshash":"b1a00217191854d7e8163584462e5f1821e4305691401624c89c6228de551a47093926","first_seen":"2025-07-06T21:55:11.33245Z","last_seen":"2026-06-27T16:10:49.95368Z","times_seen":28,"resource_available":false,"data":null}},"time_used":276,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":276,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/cdb//api/auth/getIoc","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:19.157Z","timestamp":1782576619157,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /cdb//api/auth/getIoc HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nContent-Type: application/json;charset=UTF-8\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: gzip\r\ncontent-type: application/json\r\ndate: Sat, 27 Jun 2026 16:10:19 GMT\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, accept-encoding\r\nx-cache: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rkN0Wsk9ChhiB3KY86r2q0GiCQnZ1NWkC34atVbjtGa%2BgJzB%2BXPcYtIANstcy5VRQnB3x7KRnCugzGW37Zdk3Vi9oaVSs63WvwJpkVOh6BeNYmaQuWFw7M5aZzgpGRnc\"}]}\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 68\r\ncf-ray: a125b89db8f756bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":58,"size_decoded":773,"mime_type":"application/json","magic":"JSON text data","md5":"9ecb0930b50920a0e5d5a8ee38e2b149","sha1":"092d9ec768de7ac229466bf0a436b79e3a4b78ee","sha256":"070f991c5f73bb70429f2dfd60e3fa8cd440bedceb36effeff2b6332d4ba89ab","sha512":"786e4af5b2f096f5bb62425819e8e579df61247985684e53813c112896c46b6bf75ec786cfa7cdd1e01d8657213197487b5ce5e2101ef6c69e308cd6723bb805","ssdeep":"","tlshash":"6fa002171a0844d3e83335841b2e6f3420e4715287400720cc9c6228ce28165b083925","first_seen":"2026-06-27T16:09:50.11652Z","last_seen":"2026-06-27T16:10:49.954289Z","times_seen":2,"resource_available":false,"data":null}},"time_used":542,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":542,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/favicon.ico","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:19.682Z","timestamp":1782576619682,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T20:17:43.334641Z","times_seen":16769159,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/home/launchIcon2.png","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:19.746Z","timestamp":1782576619746,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /static/home/launchIcon2.png HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rk4mZm2obsoH6HabVGQX1RlIpSjFQj%2BCheNGGjjml%2FG6Lz3qT9soULPAgULEEb%2B%2FOYFUD3%2B%2FXFhpjyCgdXQU%2BHtKJwL6CYDubWO5Vir7TPP1UCxukn2vp5f16oOnZZBL\"}]}\r\ncontent-type: image/png\r\ndate: Sat, 27 Jun 2026 16:10:19 GMT\r\netag: \"6a2c4ca8-1668\"\r\nlast-modified: Fri, 12 Jun 2026 18:15:04 GMT\r\nserver: cloudflare\r\nx-cache: BYPASS, Cache-Control or Pragma\r\nage: 59\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 5736\r\ncf-ray: a125b8a1694756bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5736,"size_decoded":6476,"mime_type":"image/png","magic":"PNG image data, 73 x 72, 8-bit/color RGBA, non-interlaced","md5":"c4890017e92eebc6c1c9bfa34c272a9f","sha1":"de0d32fbf1e2db862a11e09e43a1d92e0fafaba9","sha256":"078562d1b8940e150d8e0f9a23b010a995a7b3eb0de961d50a42c212295fb4ea","sha512":"e327b121a01800c17c0b777e8bfa915ee24501f309e2fc9cffd0b605d37a5f08319704a122f34ccfeed2e8d53ee060cf05f0e73ac1f0deccfba94c69553101b9","ssdeep":"96:e4b6A0C/HNkE1Yz75nSW5tISpMNECmhaXtMIXoiYT+Daam7bNGqe5OwMLiq+2Mn8:JnvfWE1Q75SW5xeGvh4Mxd+ua4bNGLOx","tlshash":"88c18c84e3ab99521a255ca7ee0305dfb83c6f7e84420ec38b571dbe171f7021992b87","first_seen":"2025-09-16T03:51:56.171035Z","last_seen":"2026-06-27T16:10:49.955209Z","times_seen":13,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/home/projectIcon2.png","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:19.750Z","timestamp":1782576619750,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /static/home/projectIcon2.png HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hx14YdALfbADzRSEIEF8vEvOW4OA5xaJZ4jenOmauTp%2F1B8UPtLDzOwClwJvZlshAgjkIeLo4wcZqq3mdlFBetymL60EszTyvFJedcLEPDOUA0LuB4oUJq0vDvRaQE1x\"}]}\r\ncontent-type: image/png\r\ndate: Sat, 27 Jun 2026 16:10:19 GMT\r\netag: \"6a2c4ca8-1b2c\"\r\nlast-modified: Fri, 12 Jun 2026 18:15:04 GMT\r\nserver: cloudflare\r\nx-cache: BYPASS, Cache-Control or Pragma\r\nage: 59\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 6956\r\ncf-ray: a125b8a1794a56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6956,"size_decoded":7684,"mime_type":"image/png","magic":"PNG image data, 73 x 73, 8-bit/color RGBA, non-interlaced","md5":"4ecd2e7a287c8ba3946f387ae09ec976","sha1":"a3deec397c14cc41ffbfe787aba6a645d8e739eb","sha256":"57041dd53ea45c35d0d21e86ada50170b020bc3a2fc1feedae1dee89228c19c1","sha512":"5a88345b9b61b6abb47bddb3fa5ad3b84cb98f72473e6fdf14a490cfe5884719c78aeabf23bd8fab3b713a4910303d21f19e00ec71dbc716e4446b8a3a4b1134","ssdeep":"192:4kj2lRjNoKiZ3pMH5Y9agqZyClUqCTXUlUskNRRa2CX:4kj2XJoVXuY9jUlUNrCX","tlshash":"b7e18dcf93a8c20aa9365e797a9d19243bdf5e008236e7cc38861f938b2c455223671d","first_seen":"2025-09-16T03:51:56.146958Z","last_seen":"2026-06-27T16:10:49.955847Z","times_seen":13,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/js/3936.5f6bfc28.js","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:19.112Z","timestamp":1782576619112,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /static/js/3936.5f6bfc28.js HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Sat, 27 Jun 2026 16:10:19 GMT\r\netag: W/\"6a2c4ca8-26fb\"\r\nlast-modified: Fri, 12 Jun 2026 18:15:04 GMT\r\nserver: cloudflare\r\nx-cache: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4%2Fyi2St%2FBOHRGGPODk%2F4DdCpUx9Yp6c3pkgCaM2FXQP42norr9f4GIFjR1YpQNcbP%2F8jYkXBvXMWB5K%2FiLMNFP9tJUGgGkWVP6023skZLaIXXotsWO7uzTKNlZD22ASm\"}]}\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: accept-encoding\r\ncf-ray: a125b89d78ed56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9979,"size_decoded":3953,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (9555), with no line terminators","md5":"ba43cfec0149af97d3d9828d1a6a92a4","sha1":"16da1d29b703d30713c9acf1fee4ba6ba4a3ebcf","sha256":"7111ac0096dedaf97811f2354457359bfa1f0be965cdbdf39cb04eab7a5a43cf","sha512":"d224f3fd547550397d9c76345a67f6a11bb0d11fe873b5e52b652258c054f56e492a3c8de3d0a0a6173ca4d01ef5aed2ed72e3ca132377732c8cc081ef5c5e0f","ssdeep":"192:gcM6hWV2tHT+29AI84COcBTJFE1je5hGSt+mX5QU:gf6/xUXysBF","tlshash":"24220e6ca0cd9db37fd868c8408aa50263ce6a01dee07d43b27b4f85cabe255115ff65","first_seen":"2025-02-12T00:58:32.78123Z","last_seen":"2026-06-27T16:10:49.956496Z","times_seen":96,"resource_available":true,"data":null}},"time_used":283,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":283,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/cdb/api/language/list","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:19.155Z","timestamp":1782576619155,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /cdb/api/language/list HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nContent-Type: application/json;charset=UTF-8\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: gzip\r\ncontent-type: application/json\r\ndate: Sat, 27 Jun 2026 16:10:19 GMT\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, accept-encoding\r\nx-cache: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=s%2Bgsthrf2fCRQOjc2iDG%2BQxX55MfR3qN2UCgiy4%2BjwZkp073grFHIUSTaYByNg%2B7dHdN79iClRE7erWuBdAQmBD%2FG%2FgWQ4umN6LqCkWq0Oi251x9%2BSWNmwjHd7NsEQTN\"}]}\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 310\r\ncf-ray: a125b89db8f656bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1767,"size_decoded":1026,"mime_type":"application/json","magic":"JSON text data","md5":"27d72f8a6a7b11cb62a54246adaf2625","sha1":"ac84e981b48aea91fd3799d179671d9fe894e938","sha256":"78d8d1147243fe7a7455cb35633506d9b960317d394d8df93dc332d5c3548057","sha512":"e09d4893e7933a223bd37338a3facef0bbbb6ea9d1a54aa1131c115033b835abc7a1de8d9754e1cfdf793996df266f973c01f64b7983ab84d9b84d6cea715df4","ssdeep":"","tlshash":"cf31c82d686b393f6a5cb8d0144b7928305fe5d202c66731e76eef04e44cf95a412deb","first_seen":"2026-06-27T16:09:50.061311Z","last_seen":"2026-06-27T16:10:49.957133Z","times_seen":2,"resource_available":false,"data":null}},"time_used":289,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":289,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/nav/tab-2.svg","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:19.168Z","timestamp":1782576619168,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /static/nav/tab-2.svg HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7vNUgOcjESxex%2F%2B2VSo4vAJ0RStbZ5UNgl1M32oe5MQqUzgEIpwvuUO%2Fr%2F6dcRZmkF3VFkmVVPexM45smYrpahlcEBIWYIVIW%2FuBQ95Hku%2BsQ%2B4hSLyVBd026AKe%2FGAC\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Sat, 27 Jun 2026 16:10:19 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Fri, 12 Jun 2026 18:15:04 GMT\r\nserver: cloudflare\r\nx-cache: BYPASS, Cache-Control or Pragma\r\nage: 59\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\netag: W/\"6a2c4ca8-c15\"\r\ncf-ray: a125b89dc8fa56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3093,"size_decoded":2150,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ef9ed55dca4e5e7e1d341045bb012f51","sha1":"617fdd8d277e9e08246fbf5cd7164a2c9d79f379","sha256":"86f5d8884b3d0ff20dc8f2a49475ea69ea9094a1bcdff65c8b7d2348b1b4f0ae","sha512":"486b34ccabb9fb600d65922982f026cb189f1b5e41570cb74340f380dd3d52652db2e1305d5c5b715a0d0ea0a42f00b4b7c860ff023d61b368b419edce93e872","ssdeep":"","tlshash":"f6510febd3f9a3d0d2874ba9b6551878382e287d4bdccfec42749be5e5a458c9488480","first_seen":"2025-09-16T03:51:56.161255Z","last_seen":"2026-06-27T16:10:49.958137Z","times_seen":11,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/nav/tab-4.svg","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:19.171Z","timestamp":1782576619171,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /static/nav/tab-4.svg HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RiS3m7C1kxCKieqlCz%2FMHMGU2rJPVlN8zJlTJYl3Ssvx9U%2FETYxGEkfJmQgeC7JQbwvlcTcuobmn0RFcX6ejU8s%2FMLtMvEEXWwnz3r0oRKkybgUkUL6WkjBYO%2B77l600\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Sat, 27 Jun 2026 16:10:19 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Fri, 12 Jun 2026 18:15:04 GMT\r\nserver: cloudflare\r\nx-cache: BYPASS, Cache-Control or Pragma\r\nage: 59\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\netag: W/\"6a2c4ca8-367\"\r\ncf-ray: a125b89dd8fc56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":871,"size_decoded":1204,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f911bf443d31fd5a54492cb65c4c45d1","sha1":"83dc918ae8e64ff97d4e8528257f2b5a9372df66","sha256":"0db038488b79c4936ca22adb20075585b2fe6e0ccc6e838b7cc9d91b452602c2","sha512":"283401cfe9cce97ac73569a8ecaaec380e9a517bf245591fe8cf7948ee4eb4327d517eaafa17e3465edf715613fedd0a3acc727e89a0a28dd3595b181272c5b1","ssdeep":"","tlshash":"c711eff9f9ed4764c77283b4d3096292e57f92955a09d00df279d5b83c1c0ad190c280","first_seen":"2025-09-16T03:51:56.156833Z","last_seen":"2026-06-27T16:10:49.958789Z","times_seen":12,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ystl03106.top/static/js/9640.3cdeaa0f.js","fqdn":"ystl03106.top","domain":"ystl03106.top","tld":"top"},"ip":{"addr":"172.67.209.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ystl03106.top/?ms=1782576618026","date":"2026-06-27T16:10:19.728Z","timestamp":1782576619728,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ystl03106.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 16:44:52 GMT","end":"Fri, 28 Aug 2026 17:40:59 GMT"},"fingerprint":{"sha1":"E6:44:AE:43:D7:5C:72:F9:BA:E1:B9:E8:00:7D:64:29:75:79:F1:F3","sha256":"4E:1F:AC:BA:BE:BE:9E:E5:81:A2:2A:6F:1B:40:90:F5:90:26:61:B7:11:5E:99:D3:48:B5:CF:46:DD:A9:B8:8F"}}},"request":{"raw":"GET /static/js/9640.3cdeaa0f.js HTTP/1.1\r\nHost: ystl03106.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Sat, 27 Jun 2026 16:10:20 GMT\r\netag: W/\"6a2c4ca8-22ff\"\r\nlast-modified: Fri, 12 Jun 2026 18:15:04 GMT\r\nserver: cloudflare\r\nx-cache: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6PeaxRG0m4sUQI9tbV3Th8TyqrUZ2bZoXS58STxZ5DphqoWi8t3dFE9UpeEXv5J%2FpN30OBhEEernEMue%2BLg3oKmzyGfRondis21bzIpp94fdZQM9AWBCAskTgJHsaz1P\"}]}\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: accept-encoding\r\ncf-ray: a125b8a1493f56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8959,"size_decoded":3514,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (8959), with no line terminators","md5":"38c88835873c3d24dc6c25b9e4204378","sha1":"11fb9d4cc2c5154ed6d6318c6912e649faee71c7","sha256":"ca242bfa014bd93c05a9becb7eaac098f536ae8a15b609242935a02032e867ce","sha512":"6e58e29b258d62a0d9709b078587907c2b9f45e1e7ec972a30672c24fd6e92cb247b332e5d6be3915b310d13cb5292bedfa259782f4c2823b935c1d858432ce6","ssdeep":"96:UhTtiTtmrEEokoHepL+WCeaOp52cGv+FvNl601EG3rozqIfzBkJTV8j2dL:yTETUrS0+WCeaQDGmdNxE+m7Bkf8a","tlshash":"db02d729700db10a4af3c421511b7e4162b06d9d9d2a2689b7f7b5b9cadbe0e1370f9c","first_seen":"2026-05-10T22:08:37.998398Z","last_seen":"2026-06-27T16:10:49.959657Z","times_seen":3,"resource_available":true,"data":null}},"time_used":296,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":296,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ystl03106.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}