{"report_id":"976f3d44-d3b1-410c-8b55-7da94f22e1d0","version":6,"status":"done","tags":[],"date":"2025-10-10T01:18:13Z","url":{"schema":"http","addr":"2v5y3a0g9q8.shop/","fqdn":"2v5y3a0g9q8.shop","domain":"2v5y3a0g9q8.shop","tld":"shop"},"ip":{"addr":"154.201.70.155","port":0,"asn":142032,"as":"High Family Technology Co., Limited","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"2v5y3a0g9q8.shop/welcome?returnTo=%2F","fqdn":"2v5y3a0g9q8.shop","domain":"2v5y3a0g9q8.shop","tld":"shop"},"title":"笔盒-地址发布页：bh81944.vip"},"submit":{"url":{"schema":"http","addr":"2v5y3a0g9q8.shop/","fqdn":"2v5y3a0g9q8.shop","domain":"2v5y3a0g9q8.shop","tld":"shop"},"ip":{"addr":"154.201.70.155","port":0,"asn":142032,"as":"High Family Technology Co., Limited","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-14T01:18:13Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":5}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"2v5y3a0g9q8.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"ajgvkj1jsv.shenglinyiyang.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"ajgvkj1jsv.shenglinyiyang.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"hljbrsn1gj.qiaozhixuexiao.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"hljbrsn1gj.qiaozhixuexiao.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null},"summary":[{"fqdn":"ajgvkj1jsv.shenglinyiyang.cn","ip":{"addr":"13.33.100.134","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2020-08-26","domain_rank":0,"first_seen":"2025-02-26T19:47:25.554497Z","last_seen":"2025-10-07T19:37:52.894147Z","alert_count":2,"request_count":1,"received_data":1411,"sent_data":448,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"hljbrsn1gj.qiaozhixuexiao.com","ip":{"addr":"3.165.100.97","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2018-08-23","domain_rank":5792296,"first_seen":"2025-05-21T04:31:35.340299Z","last_seen":"2025-10-07T19:37:52.997267Z","alert_count":8,"request_count":4,"received_data":85949,"sent_data":3677,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"8bhravb4.yxevym.cn","ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2025-03-30","domain_rank":0,"first_seen":"2025-10-10T01:18:14.732436Z","last_seen":"2025-10-10T01:18:14.732436Z","alert_count":0,"request_count":40,"received_data":2546137,"sent_data":19459,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"2v5y3a0g9q8.shop","ip":{"addr":"137.220.194.106","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-10-10T01:18:15.834654Z","last_seen":"2025-10-10T01:18:15.834654Z","alert_count":6,"request_count":6,"received_data":89680,"sent_data":3320,"comment":"","tags":null,"fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2025-10-05T22:12:07.052692Z","alert_count":0,"request_count":1,"received_data":421595,"sent_data":437,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/utils-vendor-Cmu5Z3Ie.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"c21dc3e7fc40d5f16a7781bcadc642da","sha1":"314bb3360c256553287210f89412760e1602c95d","sha256":"5faf740ae2254f026f2b3d4925066eceeb42be12a943c0507df4da3789570467","sha512":"b96cf48769c4e6aea340ede5d6e5d776e242cddb7dbae3f8024ceee8fd1e98d39294841e7f902ce3dbcbc208935e9bfa7f5fc181445bb6efdac89e61fb89d4d2","ssdeep":"3072:9uEUIJQTAs3ucXhNyMBiDn7/9VZgLzisRqZOlosRK3Tjav/TnhbpFQC2vhXThmQV:8MJQducXhNyqiDnw+SGUl/T5YThmQV","tlshash":"58d33bc57295b0a243e760e4043f140bf2ba6d25295d8598f658e8ef7cbc58a817bf3c","size":132407,"data":"","first_seen":"2025-09-11T13:20:21.0498Z","last_seen":"2026-01-24T00:26:02.382467Z","times_seen":119,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/react-vendor-CjZsb-BP.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"4c3daff76e9c753583ae817e4a6c2d1a","sha1":"d4293d97ea6d30a042961280c95b763295a4bcc6","sha256":"d0b831bf4a7e9540ae7a47afc72fee9baabeccb6c1e2e988e460a913c9f82bc8","sha512":"2fbb8aa4b61033eda7291455cb24fa08f1a279c9e71b94bff55124c68b8f644aef0ebe26ee7f07f930c6dbe144da1e9962d063af2b364cc07a53a7af002c3241","ssdeep":"192:5NdELVzXSN6lfHt9lhYsiA3Oermf5Gavw0lAfknmV+cHjmT:5N+RikN9/JUGavlAfkmct","tlshash":"cd42a3cc7599b0500aa3b970507f911bf37d38b6289cc1b4a2a6c4f8bab455dc137f6a","size":12470,"data":"","first_seen":"2025-09-10T13:21:03.844292Z","last_seen":"2026-05-18T08:35:19.483554Z","times_seen":148,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/WelcomePage-B8jYrNzw.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3eccae351b8e2de52a1bd0af5e1f2f08","sha1":"d615b5673830b5278e6e8763e3b09f83752df804","sha256":"1464c48a70ef768bef4f44681df6bfaa463e0525e2155500572921fd36990dcf","sha512":"0d8c14db37560fd52cf5f685adf64c7327a9284994c95758f3c4705fc79040ef5d372e73e0f0028dfe7c1c04814cc55dd84c11386f097632d381b011844c19d6","ssdeep":"96:aLj8WZ7U44k+OXOjpiszF84eJ3fhlSBPYfNhmaPvksIEWVyGecaBJkuDCRym939P:aLj8cU4YrZoPUBPYUsIZV/mH3i9tP","tlshash":"b8f1241ae043ffadfaf618956a1f7444781e4f19c22e8490e07dad190654cafb63b3c9","size":7545,"data":"","first_seen":"2025-10-10T01:18:26.101352Z","last_seen":"2025-11-16T09:50:33.604541Z","times_seen":52,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/BottomLoading-BvbgoFzV.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"43425768266fa549af811c1519c618cc","sha1":"3039c35b88b7217f003645a1403e68f32c0b160c","sha256":"a0e500ba27810cc90678549f35bbe744cc389d77a76faab19975cfb99dc21bdf","sha512":"26036225df93889117548e8c35471cd1a185f1236b0b516ec69456c8da7bd1c9f48eb9fd9e327a4a46d715433cb98373880560ddeed6d104584fe45c8df6293e","ssdeep":"","tlshash":"4531e116a003b6aca4e72666577d5c01a805df55db1b8818a07e981e5459c2f3d732ca","size":1491,"data":"","first_seen":"2025-10-10T01:18:26.19329Z","last_seen":"2025-11-13T15:46:40.846305Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/layoutStability-Dq7IThs2.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"5353d3e35cf4294f300cd4cfa90591e3","sha1":"ff6b45bb3a5c17714f70f8b1ab113e3b08873f5d","sha256":"bbcb3be5565ef159940a3f953c26550a3fe79e808b5047fddc766731f19953ff","sha512":"494be1d41f1b7a1c3f12758f862078d9490966348608dc8e109d209a0295b9cd7aa764f271397f56b99f9c2c0e123dfca5d8fb70fec5a21d1f04914ce39e426a","ssdeep":"","tlshash":"eb5185817aa5a432866a605689511a0273240f649f15c4e8f67d2e6f003bd8337fb27d","size":2634,"data":"","first_seen":"2025-09-11T13:20:21.059115Z","last_seen":"2026-04-14T11:06:51.959728Z","times_seen":76,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/HomePage-Bq0V-r1Q.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"450463c089f6ea27b2e0ae7b56791322","sha1":"1eb5c5d85902339bed4e602d0221c545d5c1a91e","sha256":"0254200608d9c2d3f900207e1919df2ed5101b907f114a381bffba57b4654b60","sha512":"936f33e7d9b9ef0846eaf6013974856df4199dfd485472e272b0d1950eda4a4b00b06fe525d6e8acf3dfbec17053e57889b1d218f65748b136b7cf1120b148a8","ssdeep":"192:Q1fmPwbM9xHTKMaGuFRW/ADXsNRjBiudRwkx+nXTliPL0LP6He:Q1ww6xHeMfuFR5DcNRd4kxqIALPge","tlshash":"bd42431ef012dabdd9a608d54d6fe8483c154f44ca2e8091f07eaa1c0a30c6f7b6a6dd","size":13001,"data":"","first_seen":"2025-10-10T01:18:26.22629Z","last_seen":"2025-11-13T15:46:40.855287Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/video-player-BSCjrfTE.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"faed80e26508ffa54b4a669dbfc0d1d2","sha1":"5e0b5e1132acaa1caae7626cbf34952316e02959","sha256":"fa6bf5af25f9176fd1218f1e8ef9f023683724d4496f214ad969a3c8e34fd162","sha512":"1ddae32cab81cd5a70ea5d186d7e9cd15c87fd0823f6f51494d7fd568cce7379c657ed26f1de1d3c60bcbd5f28ded980e317354eaa131eb962d3829ff3ca8b58","ssdeep":"12288:lMumZk1fZZhtZNFADGF7LiwwsGd5S4cXjTjILm/Ds:lMhk1fZZhtHFADYiwwsGHS40jTjIq/Ds","tlshash":"75d43bd632ea942683d499caa07546127339be0a3408c1acfe3dbddb2d16d41b47bf74","size":625508,"data":"","first_seen":"2025-09-10T13:21:03.809989Z","last_seen":"2026-01-24T00:26:02.371724Z","times_seen":57,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"2v5y3a0g9q8.shop/","fqdn":"2v5y3a0g9q8.shop","domain":"2v5y3a0g9q8.shop","tld":"shop"},"ip":{"addr":"137.220.194.106","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"introduction_type":"scriptElement","is_inline":true,"md5":"3a25e976d45b5126eea0ef9144d175b3","sha1":"5963e80dd521ba559436ca8432acd5c557e2b1da","sha256":"de6be1fbbc78044a6be13d9c43e44a6febd2072cd7fd4727e2ee5ad452e24c5e","sha512":"5c757d68b5c6c6853db3519c8fcf4210a532a6814d3447941f51b7988484dc31b8c40a4dfc944dfbd6d34fdc86d63c537fc7334ac8faeb840536a560340fa09d","ssdeep":"","tlshash":"b1d05ee910274c2065a326065f6fa70474272153a9d2a920390e12049f24b0fd656a94","size":263,"data":"","first_seen":"2025-09-10T13:21:03.855264Z","last_seen":"2026-01-28T20:21:32.085505Z","times_seen":122,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/ui-vendor-mmIZGDQJ.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"3d245ebaad464a77f7595c5b1890571c","sha1":"742c1a3337bbc30349a0eb1ce1367877432a4921","sha256":"d57a20fe6cbcd852067a464efcb381e5ea3e7b4b36e725572e9aa0ab60869403","sha512":"a6ff7d30ac1e0ac852cc2de410acfa4ecfdce72b78f02639a026300af3bfeef90a093f56a6bffb5105a061a916ab4b6a74eb4d9479f44240a78fc78856df2775","ssdeep":"3072:1dHTzTletONA7odgnVxPkN9gkDlxw4mV2Q:PHvhetONA7odgnVxPQykDlxwnV2Q","tlshash":"d8b338c97161b57683eb4aca92ba811173760950744ec4a0b1bc8c6f287a94853ffffd","size":114591,"data":"","first_seen":"2025-09-13T02:06:13.522605Z","last_seen":"2026-03-06T12:41:06.095721Z","times_seen":132,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/constants-Bb-5yfQo.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"c092b1555484ee90346f657f374b949e","sha1":"7f58a7ce4057b4ca04bc32e6bb2871b9b5546d42","sha256":"7f50b8269c413e1236104aaebd06247f7c2321154c145abae48d4b9b82bf9715","sha512":"14ff0b624440070e458e0d704f4af3dda6148c4feaea4142ab88de694154013134d3f9a9cfb2e773bd9be37375e962f653f7de3d941f22bf14747e7aca9bfd8c","ssdeep":"","tlshash":"d5a0220e20a800f00c2000888338ca00c0083008303220c38000022b00003c0032c8e8","size":67,"data":"","first_seen":"2025-09-10T13:21:03.813009Z","last_seen":"2026-03-06T12:41:06.088378Z","times_seen":134,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/Header-CceGoUZX.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"8588dc6a6e42761ce31571a206a50ced","sha1":"5adf0ce3e3e35ba291b0e376471a016cdd352d3c","sha256":"31abac5b559f743769ff2fa63ff41effb294a06b94f0c8f422832cef9eae64d3","sha512":"7bd4edbfb96a9a236421742283c9af2b2de00079cdbc1476bbeceb68338d9443cce7954b57495ed809c8270e4549888c6ee1ba41ad53cca87ddd4b8541600c40","ssdeep":"","tlshash":"7c51100ee1415a6d9cb7858a6e8fbd44bc199e88d72e4852b079e80f0524c3e6b677c1","size":2963,"data":"","first_seen":"2025-10-10T01:18:26.081057Z","last_seen":"2025-11-13T15:46:40.865133Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/tag-s7qn3k0M.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"0c1a1d10bfebded94892235980c085ba","sha1":"68f92e8a3345ea417a70e59dc462a849f228499a","sha256":"864ccc276381ba5ddeeb2c5a606dacd98c3ae099b22961d0605e3896c5597cdf","sha512":"bd90fa9d437af3d2804fe1dbcd2af3f03c821e1a2f914e423893ebfa8e1ac2169561647537f4d6cb7da0669c6e4ab0593bab2bd50e46d4b3bb8db2ae014732b7","ssdeep":"","tlshash":"fd316615f160b5bd125b4d6eb0ac7ca5e74ccbd8db575c92f8de013602f30568b36505","size":1615,"data":"","first_seen":"2025-10-10T01:18:26.141796Z","last_seen":"2025-11-13T15:46:40.849484Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hljbrsn1gj.qiaozhixuexiao.com/sdk/web/countly.min.js","fqdn":"hljbrsn1gj.qiaozhixuexiao.com","domain":"qiaozhixuexiao.com","tld":"com"},"ip":{"addr":"3.165.100.97","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"46848781d845a2db2feabb1d5afbf7fa","sha1":"077db796bc6469bb94c594be628f8ba9ecfa2d2a","sha256":"64c77c5c416d0298075dc98e509a3dff7cc48c262910393358a2d97f65233751","sha512":"f425473346b756a2dcb8d6cb888e2be00af92d1aedef80945c179be4943d732bb84b7f076e02de59c9a6344a99fa65160113dbc04c9a9aff672eb3337ecb4996","ssdeep":"1536:+tvJ5BlOi1p8+GZ6jM6PFdzSmO29yxppIywQO1ygsUR4sL0l8RJzhybi7whPGiX9:KxOi1p8+GoodOrhybisGiTB","tlshash":"6d8319ab71803d7a4abac069393f8385737e41aa7f0044987d69c9fd1958dc6463bf28","size":83722,"data":"","first_seen":"2025-05-21T04:31:42.719418Z","last_seen":"2026-05-19T19:10:55.788341Z","times_seen":60,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-GEY91XQ7RC","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d4a8a7572410522f9998b1f0bd463e66","sha1":"146a8f0b13df7a69524c74f11aeed147e178fee3","sha256":"a0c2598c86462cc4126d5c74adec2b4c2502ce593bd6a8783988220af655ea88","sha512":"d0e48db7a84c9c394560c0f959fcfa6210b9624241f47f4bdc8aa7c2fa1bca72ec454cefa2cbc5eb425c951ea024fe2656422da6ddbeb71e6655de1204566803","ssdeep":"6144:a3/yp2/4tk0uwbWZJT+Nju5204O0nsYXdXAQ2:aqYQm0KZJu0qC","tlshash":"289418de73d674225396f078503f018ba57b28a2b44cc899f189cde42e74a9a4277f7c","size":420991,"data":"","first_seen":"2025-10-10T01:18:26.020507Z","last_seen":"2025-10-10T01:18:26.020507Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/router-query-BgCAYGIA.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"a77ac44d6ec622c392e87f0191fe1985","sha1":"2517ad6a85a391d975b87b308ac1f299cd552ad1","sha256":"3a738f03807878c5cc4c0561771036d521f9402140836ab8356a7aebd6c206cd","sha512":"441b4fd4a338c2f3dd1fb3295c11d06cde5e733c182707c10ec4e896963491a002d0845138d90a0c800b96474f0fdde982e2a161c393255d7fbc59b883c75916","ssdeep":"1536:6R65ZhPxzG4hPeg45JlS8VcWd+eMAqdlHIooK82iL1qou48o991Y9F:6uZF0qENcA+eMJo0BaDY9F","tlshash":"95b339e93193a2260af685e5d03f0115f1365e79300ac058b17d9fea796290fe1bbf78","size":109350,"data":"","first_seen":"2025-09-13T02:06:13.550462Z","last_seen":"2026-03-06T12:41:06.078639Z","times_seen":132,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/ScrollToTop-CwjTfElz.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"760034ca5018c384b9933bf3ef5ea14a","sha1":"8ca3a3025469ae55f8dc9e2f594ad6b12ae131fd","sha256":"6dddc99fdda705f4ad9d36a6fb2bc1d199bb80138bfe21e8ade20d4f96d77105","sha512":"20ed0528cecc6aaa84f14d36c3fdb930f354eb337397c0c124b578413a1358f065dbdc2718c3545bb28a959242859200c92a47934101d4eaf60ec9c3a539e9c9","ssdeep":"96:jBPsF2k7thXg4C6eGv3vjTxNNax1b3RJep+etOaTYdf/f3rrespyk1wY:9PrYtxgKeGv3blwedgXrreAhwY","tlshash":"8bc1b64af180e875e8fb4795154feac828367b88fd0dc004f17e9c5d652186bc7266af","size":6024,"data":"","first_seen":"2025-10-10T01:18:26.311034Z","last_seen":"2025-11-13T15:46:40.861627Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/HomeMenu-79Fx1IT8.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"230e61c8734523db621edf253b1723dc","sha1":"6fe0856bb4a6852244d176f25ef0d87cfca83405","sha256":"0db19ff55db24faacd0b1a2f6af85e69fe6ca80c8745bccc9d86ee769e424e5b","sha512":"1897ee402bb7a65ab394d1959f3ee33771919f9d8fe7162c699ff2df999781c20c92daeca1e52ee91d1e75a6da00322383e84975cc17a9c6b1ec3a5803194ae9","ssdeep":"96:/DFx4jX9C6gM6D3/HvaYPn2Bd9TFdkfltf0B0kAnXQzhWEAn9QQdRNeBIEl5nbvX:/LKizvRf2RcLUzgEAn9QQdRit5rmQ5x","tlshash":"8ff1b41ee102abee51a789d5175ff44c7e1d4a58ef2e9060b03bed0c06a1c6e7667bc0","size":7828,"data":"","first_seen":"2025-10-10T01:18:25.93627Z","last_seen":"2025-11-13T15:46:40.856458Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/useScrollHideNav-89-raXzw.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"ff6e0a62fdcda0afc9edb1a8197b6142","sha1":"5d8b4811c92db19471ed65a746dbf4b0239a83d2","sha256":"5883b9079e960a93335658014e47209bbef2622e2f01f5e52447d114e198b793","sha512":"d3b3f003f4086279a4e091d2b31750ebcea7f1d30dd692a522e6ce78d16e215b98b68f0aec4981bf5c68dc6c80adbfd855c7cb3730ebc6393667f39ec8aec24e","ssdeep":"","tlshash":"1031cc90a4d25abcc6ab06c9d33aeffe33777fc2b0589298c41c1c349198992e0644f5","size":1535,"data":"","first_seen":"2025-09-13T02:06:13.553168Z","last_seen":"2026-03-06T12:41:06.092681Z","times_seen":64,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/LazyImage-o6RIw3U7.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"122307ce31d422ee71e2bc29e949a6bd","sha1":"9e8c61b55d77f0c3ce2b74c06e64291c4c45b249","sha256":"cba213a96dec949f2ec6c074532a7b009a5434f8d14e9c605c4bba304590d792","sha512":"bb41111e3b947f7dc915e8a27e72ef0136d34058caaead02eacf53d0b765c085b6112daa1228f3233f24ece64576b747c4a1231bb6a82880ae0dd0ae14d5645b","ssdeep":"192:iLtC+km6UZkzfo2rxv7Rouo6Xg2osMxiQyHiwSwTu+6amjqPiZ3qkleqLx16yCFB:iLv6UEPltouvXg2KxiQ0ru+6amOPiZ3E","tlshash":"61220a95a15a807ff2a740a5147ec1112f3b1f967c05c0acf2bdaadbe519801e473ab3","size":10345,"data":"","first_seen":"2025-10-10T01:18:26.294942Z","last_seen":"2025-11-13T15:46:40.851328Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/index-CL6or3OW.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"9ca7126b17eb98599871b90c67071018","sha1":"7778c4cae5f9d01e333befeadb64452086172e21","sha256":"86c167a0beead0ab8e2242f78a6d5449d51596397c483147fa115d113a4148ae","sha512":"45f78901253dee6137aed72aea830c9ce4b55ec950ad1bc413b8adbb92b0fc000e63e74c38f52f58f1c5fb0d7c0ce912aa974da4a91c63a062e32cacca5c761e","ssdeep":"3072:RdmbT3HWR0z3X0c5old5UeQRisFC1uhtLLb9qxUzRo0j7zxykJPrhm68NJSy:R6bHWGzZSd516tLmUzRo0Lx7JLy","tlshash":"f7545edc31aa75662be346f1507f1607b2382917680c8860f255eef93b7480a51bbfed","size":292539,"data":"","first_seen":"2025-10-10T01:18:26.091541Z","last_seen":"2025-11-16T09:50:33.614577Z","times_seen":52,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/VodGrid-CMAGuuWP.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"d69e1c67e629f536ac445cb740c8b4b5","sha1":"e5ed8f8218c3b8b6d53b8a0e6e571b32cac10e59","sha256":"4ab8d8d79125c252ffbaa5ed8a5ed7e75165ffd821ef25b04f0a2e651f47f0bd","sha512":"53387bf507063281aa7e2c9ecac4394420c7fe29454e85e6efe17e5949cee55e5a206c538f9645eeef4fb8b5beac040054c95c26ff060d0c4937d73be9bfc4ab","ssdeep":"96:2AS2A8cFXcL/2I7FpO7yzBDNzBFOMWR8R+uH17XbJ3oHBro4HRz8Ha/BYqpZBcuw:FS2AHO2eFk7yzTOMWzALp83aou6E","tlshash":"61d1d71ee1015ef9c5a304a55ddee400183bafa5f7abc5c2f038ac0e1a58c42a8776db","size":6328,"data":"","first_seen":"2025-10-10T01:18:26.275939Z","last_seen":"2025-11-13T15:46:40.872037Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/arrow-left-ui1V_NRP.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"667e4c633ffbd26b1fd13211463483ec","sha1":"fb88f0c0e02a855b5b528b0ab0c0ed5ebc2c6b02","sha256":"18c581248984273f34d4655f35d2066b9f257efa985962f0697c5f122610ccdf","sha512":"acd751edae7721a0dca0205eb67eb849e4ada6b7be953498dc65e8fd3944d46c6fb67ef7e533e3d56b51b6927f9cbac813cd16f821dfff94967f3a3f5ad9def2","ssdeep":"","tlshash":"afe0267f29d012b3027184b81b0be5cb564811fc836eb240b41243698a304bf4adde90","size":338,"data":"","first_seen":"2025-10-10T01:18:26.135613Z","last_seen":"2025-11-13T15:46:40.871198Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajgvkj1jsv.shenglinyiyang.cn/files/671713e14eb9a/countly.js","fqdn":"ajgvkj1jsv.shenglinyiyang.cn","domain":"shenglinyiyang.cn","tld":"cn"},"ip":{"addr":"13.33.100.134","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2b4be2934ca03b7de88b5fd819bd0f2e","sha1":"d7d754cad678f6937dbdb8be99eeb01dfd630344","sha256":"2d55d3669fe0bfaa9239f56e754e526f94f637333bf3ec4a861fead36c909914","sha512":"3f4cf228b69ff5662a5b3908162146adbef42c16ed1c6171b9c23aff66212537a19d927df1b55373509bc524613180d070c468b9806c4b025e7061a8a6fc99ed","ssdeep":"","tlshash":"4011291cdce76136b42790b9fa7ae5283ead95131c5ae8057accc5684f60bda0c24a88","size":878,"data":"","first_seen":"2025-05-12T01:53:14.353294Z","last_seen":"2026-05-15T20:33:51.148508Z","times_seen":211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/ui-vendor-mmIZGDQJ.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:52.304Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/js/20251008125202/ui-vendor-mmIZGDQJ.js HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://8bhravb4.yxevym.cn/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: openresty\r\ndate: Thu, 09 Oct 2025 09:15:01 GMT\r\naccess-control-allow-headers: *\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\ncontent-encoding: br\r\naccess-control-allow-methods: GET, OPTIONS\r\nexpires: Sat, 08 Nov 2025 09:15:01 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\netag: W/\"68e65e7d-1bf9f\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: iKt1VWhLnjCBHG__cUi1h7tUvUo2q81rhDg_n-smJwleSP7EqzquWg==\r\nage: 57771\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":114591,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"3d245ebaad464a77f7595c5b1890571c","sha1":"742c1a3337bbc30349a0eb1ce1367877432a4921","sha256":"d57a20fe6cbcd852067a464efcb381e5ea3e7b4b36e725572e9aa0ab60869403","sha512":"a6ff7d30ac1e0ac852cc2de410acfa4ecfdce72b78f02639a026300af3bfeef90a093f56a6bffb5105a061a916ab4b6a74eb4d9479f44240a78fc78856df2775","ssdeep":"3072:1dHTzTletONA7odgnVxPkN9gkDlxw4mV2Q:PHvhetONA7odgnVxPQykDlxwnV2Q","tlshash":"d8b338c97161b57683eb4aca92ba811173760950744ec4a0b1bc8c6f287a94853ffffd","first_seen":"2025-09-13T02:06:13.522605Z","last_seen":"2026-03-06T12:41:06.095721Z","times_seen":132,"resource_available":true,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/HomeMenu-79Fx1IT8.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:52.992Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/js/20251008125202/HomeMenu-79Fx1IT8.js HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://8bhravb4.yxevym.cn/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: openresty\r\ndate: Thu, 09 Oct 2025 09:15:02 GMT\r\naccess-control-allow-headers: *\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\ncontent-encoding: br\r\naccess-control-allow-methods: GET, OPTIONS\r\nexpires: Sat, 08 Nov 2025 09:15:02 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\netag: W/\"68e65e7d-1e94\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: VjO_SP05AO5bVaPK7k-CKmdhRH9JDoAslcdgR4GtCJ8NEBB271WTRg==\r\nage: 57771\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":7828,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (5945)","md5":"230e61c8734523db621edf253b1723dc","sha1":"6fe0856bb4a6852244d176f25ef0d87cfca83405","sha256":"0db19ff55db24faacd0b1a2f6af85e69fe6ca80c8745bccc9d86ee769e424e5b","sha512":"1897ee402bb7a65ab394d1959f3ee33771919f9d8fe7162c699ff2df999781c20c92daeca1e52ee91d1e75a6da00322383e84975cc17a9c6b1ec3a5803194ae9","ssdeep":"96:/DFx4jX9C6gM6D3/HvaYPn2Bd9TFdkfltf0B0kAnXQzhWEAn9QQdRNeBIEl5nbvX:/LKizvRf2RcLUzgEAn9QQdRit5rmQ5x","tlshash":"8ff1b41ee102abee51a789d5175ff44c7e1d4a58ef2e9060b03bed0c06a1c6e7667bc0","first_seen":"2025-10-10T01:18:25.93627Z","last_seen":"2025-11-13T15:46:40.856458Z","times_seen":23,"resource_available":true,"data":null}},"time_used":129,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":129,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"2v5y3a0g9q8.shop/api/topic/list?page=1\u0026limit=10\u0026sortBy=topicSort\u0026sortOrder=ASC\u0026vodLimit=8","fqdn":"2v5y3a0g9q8.shop","domain":"2v5y3a0g9q8.shop","tld":"shop"},"ip":{"addr":"137.220.194.106","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:53.154Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"2v5y3a0g9q8.shop","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Oct 2025 19:32:25 GMT","end":"Sat, 03 Jan 2026 19:32:24 GMT"},"fingerprint":{"sha1":"E4:9B:03:D7:70:7C:80:21:D7:70:48:7B:8D:D0:E7:7F:3A:73:B2:07","sha256":"A2:8C:93:E5:5F:8D:34:50:5E:DF:7A:A5:78:EA:F8:A3:C3:E1:C9:EB:76:D3:0E:44:EE:59:68:8F:62:0D:17:3D"}}},"request":{"raw":"GET /api/topic/list?page=1\u0026limit=10\u0026sortBy=topicSort\u0026sortOrder=ASC\u0026vodLimit=8 HTTP/1.1\r\nHost: 2v5y3a0g9q8.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2v5y3a0g9q8.shop/welcome?returnTo=%2F\r\nCookie: _ga_GEY91XQ7RC=GS2.1.s1760059071$o1$g0$t1760059072$j59$l0$h0; _ga=GA1.1.559218275.1760059072\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nage: 1313\r\ncontent-encoding: br\r\ncontent-type: application/json; charset=utf-8\r\ndate: Fri, 10 Oct 2025 00:24:17 GMT\r\netag: W/\"e421-vEo0ONF5YVFlQKORhEdOQAyhmdk\"\r\nlast-modified: Fri, 10 Oct 2025 00:56:00 GMT\r\nserver: openresty\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-cache: HIT, server, memory\r\nx-encrypted: AES-128-CBC:hex\r\nx-powered-by: Express\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":58401,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"061695736530a04505f32afb1890462f","sha1":"bc4a3438d17961516540a39184474e400ca199d9","sha256":"4f21ca3ece7ca3e026b0653dbdc10cdeecbf93c1b52b080e4a0fd06a68fd35c7","sha512":"a87c594e6c50b064a85e28177ff95960a512de5af051a09aed712c6eaa06f417eed2252cb2ed505572874861740946cee849228bde2c15911f5b802e56cac97f","ssdeep":"1536:GXeFDHpF16vf8Wolm7A3LX/AEG9B/rZ/ax02iN2:RLpH638WOm7A3LqLDZ/a/iN2","tlshash":"4943aefcb5487de6362f466fda8bb9e903b52613dec7a4c98065bbc20163375ee05804","first_seen":"2025-10-10T01:18:25.956631Z","last_seen":"2025-10-10T01:18:36.071554Z","times_seen":2,"resource_available":false,"data":null}},"time_used":290,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":290,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"2v5y3a0g9q8.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"2v5y3a0g9q8.shop/api/vod/latest?page=1\u0026limit=8","fqdn":"2v5y3a0g9q8.shop","domain":"2v5y3a0g9q8.shop","tld":"shop"},"ip":{"addr":"137.220.194.106","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:53.426Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"2v5y3a0g9q8.shop","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Oct 2025 19:32:25 GMT","end":"Sat, 03 Jan 2026 19:32:24 GMT"},"fingerprint":{"sha1":"E4:9B:03:D7:70:7C:80:21:D7:70:48:7B:8D:D0:E7:7F:3A:73:B2:07","sha256":"A2:8C:93:E5:5F:8D:34:50:5E:DF:7A:A5:78:EA:F8:A3:C3:E1:C9:EB:76:D3:0E:44:EE:59:68:8F:62:0D:17:3D"}}},"request":{"raw":"GET /api/vod/latest?page=1\u0026limit=8 HTTP/1.1\r\nHost: 2v5y3a0g9q8.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2v5y3a0g9q8.shop/welcome?returnTo=%2F\r\nCookie: _ga_GEY91XQ7RC=GS2.1.s1760059071$o1$g0$t1760059072$j59$l0$h0; _ga=GA1.1.559218275.1760059072\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nage: 3249\r\ncontent-encoding: br\r\ncontent-type: application/json; charset=utf-8\r\ndate: Fri, 10 Oct 2025 00:23:42 GMT\r\netag: W/\"16c1-Ikh+XXO93K1hxbXbWqGAWQDo8AI\"\r\nlast-modified: Fri, 10 Oct 2025 00:23:44 GMT\r\nserver: openresty\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-cache: HIT, server, disk\r\nx-encrypted: AES-128-CBC:hex\r\nx-powered-by: Express\r\ncontent-length: 3297\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5825,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"34116733fc4858fd19a9fe2b4b53b7de","sha1":"22487e5d73bddcad61c5b5db5aa1805900e8f002","sha256":"c34a5dcb0c7222ee40505fb573a770d7a9add182ea19688e6f65930f385f4731","sha512":"b51b5392241191d37dae0acb068cbba4288aa04b4aaae126e348a9222dec4be604a40e17c3dc9a88804dc62b553e2283fbfd484c87451b5668c26e052f153767","ssdeep":"96:KJMzaNYDsMdtvKSnKkGJ/LZAdjhDsERL0uz1dwQXIP0sc:KJjN0dU5kGRLZCjlsERg0D","tlshash":"71c16df97e08049b2e36096fd74b79a813e03a025e97dc8c9864378719a33e1ff12462","first_seen":"2025-10-10T01:18:25.979216Z","last_seen":"2025-10-10T01:18:36.085809Z","times_seen":2,"resource_available":false,"data":null}},"time_used":310,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":309,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"2v5y3a0g9q8.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"2v5y3a0g9q8.shop/icon.webp","fqdn":"2v5y3a0g9q8.shop","domain":"2v5y3a0g9q8.shop","tld":"shop"},"ip":{"addr":"137.220.194.106","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:53.839Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"2v5y3a0g9q8.shop","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Oct 2025 19:32:25 GMT","end":"Sat, 03 Jan 2026 19:32:24 GMT"},"fingerprint":{"sha1":"E4:9B:03:D7:70:7C:80:21:D7:70:48:7B:8D:D0:E7:7F:3A:73:B2:07","sha256":"A2:8C:93:E5:5F:8D:34:50:5E:DF:7A:A5:78:EA:F8:A3:C3:E1:C9:EB:76:D3:0E:44:EE:59:68:8F:62:0D:17:3D"}}},"request":{"raw":"GET /icon.webp HTTP/1.1\r\nHost: 2v5y3a0g9q8.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2v5y3a0g9q8.shop/\r\nCookie: _ga_GEY91XQ7RC=GS2.1.s1760059071$o1$g1$t1760059073$j58$l0$h0; _ga=GA1.1.559218275.1760059072\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nage: 2513\r\ncontent-encoding: gzip\r\ncontent-type: text/html\r\ndate: Fri, 10 Oct 2025 00:23:26 GMT\r\netag: W/\"68e65e7d-7ac\"\r\nlast-modified: Fri, 10 Oct 2025 00:36:00 GMT\r\nserver: openresty\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-cache: HIT, server, memory\r\ncontent-length: 969\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1964,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"d73e1e3150e6af5d5d86fcbe1dc10eed","sha1":"f9d162031d9411cd25287aa54d49f5cded520dcb","sha256":"8c7f194964a2b635345849375a314a621de43f206fedcaebb146df563ca12a06","sha512":"67cbfee63449a7ab3432d59bee94fde94e59d799c35df377057278b0b3c8852e790034f3457ae37515029bd949914b3b311b002246bee3d9fa1b71f0bf15755b","ssdeep":"","tlshash":"644101a765e0885766460162dfc1f508e9bbf28b0885d49a70ef1064df40bc28a47cac","first_seen":"2025-10-10T01:18:26.000572Z","last_seen":"2025-11-16T09:50:33.606499Z","times_seen":52,"resource_available":false,"data":null}},"time_used":289,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":289,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"2v5y3a0g9q8.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-GEY91XQ7RC","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:51.660Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:34:17 GMT","end":"Mon, 08 Dec 2025 08:34:16 GMT"},"fingerprint":{"sha1":"71:28:4D:CB:A8:43:CE:20:8D:C2:D0:1C:15:47:53:FB:EE:1F:E6:6C","sha256":"FD:F8:A3:C0:21:C0:03:15:43:2F:C7:36:8C:50:6A:39:57:B4:06:6A:0D:82:33:AB:55:A7:80:D2:E3:79:B8:11"}}},"request":{"raw":"GET /gtag/js?id=G-GEY91XQ7RC HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2v5y3a0g9q8.shop/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Fri, 10 Oct 2025 01:17:51 GMT\r\nexpires: Fri, 10 Oct 2025 01:17:51 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 140308\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":420991,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5911)","md5":"d4a8a7572410522f9998b1f0bd463e66","sha1":"146a8f0b13df7a69524c74f11aeed147e178fee3","sha256":"a0c2598c86462cc4126d5c74adec2b4c2502ce593bd6a8783988220af655ea88","sha512":"d0e48db7a84c9c394560c0f959fcfa6210b9624241f47f4bdc8aa7c2fa1bca72ec454cefa2cbc5eb425c951ea024fe2656422da6ddbeb71e6655de1204566803","ssdeep":"6144:a3/yp2/4tk0uwbWZJT+Nju5204O0nsYXdXAQ2:aqYQm0KZJu0qC","tlshash":"289418de73d674225396f078503f018ba57b28a2b44cc899f189cde42e74a9a4277f7c","first_seen":"2025-10-10T01:18:26.020507Z","last_seen":"2025-10-10T01:18:26.020507Z","times_seen":1,"resource_available":true,"data":null}},"time_used":185,"timings":{"blocked":64,"dns":1,"connect":8,"send":0,"wait":29,"receive":25,"ssl":54},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/20251008125202/index-C3-HcAfq.css","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:51.665Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/20251008125202/index-C3-HcAfq.css HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2v5y3a0g9q8.shop/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nserver: openresty\r\ndate: Thu, 09 Oct 2025 09:15:01 GMT\r\naccess-control-allow-headers: *\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\ncontent-encoding: br\r\naccess-control-allow-methods: GET, OPTIONS\r\nexpires: Sat, 08 Nov 2025 09:15:01 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\netag: W/\"68e65e7d-15006\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: Ehycf524i2pU8GvGsmudU3Bbb5X5fV3M-4AErxlT7yU5gHCxKvCEnA==\r\nage: 57770\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":86022,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"36df0f556d830e6bb9f682aa2f605ecc","sha1":"eba4a99826a40290d538e7bdb6510532eefda8e2","sha256":"b895b0104e60aaac11a046a8172c934cc11481589238179e32b70817a16fefa7","sha512":"6c4108b9a294e87968d830bf1f94e130bdfbfaa95dab06b8cce03bf7735b41dc3134c8fa896887734c7b41653c925ebfad57781bd22b1cb7687fea868bbdfa36","ssdeep":"1536:sg2UPdfEXIWHbzT+oh8uqFn1X27JZwHzY/gf2kU:D2UPCIW7zh5qV1m7JZd","tlshash":"2b83f6a4e361e43fbd1368fd539cf42ce51da0c2de624becba52610193d36f60a6b614","first_seen":"2025-09-21T18:37:53.104293Z","last_seen":"2026-01-24T00:26:02.393558Z","times_seen":116,"resource_available":false,"data":null}},"time_used":859,"timings":{"blocked":265,"dns":1,"connect":130,"send":0,"wait":324,"receive":0,"ssl":135},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/utils-vendor-Cmu5Z3Ie.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:52.303Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/js/20251008125202/utils-vendor-Cmu5Z3Ie.js HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://8bhravb4.yxevym.cn/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: openresty\r\ndate: Thu, 09 Oct 2025 09:15:01 GMT\r\naccess-control-allow-headers: *\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\ncontent-encoding: br\r\naccess-control-allow-methods: GET, OPTIONS\r\nexpires: Sat, 08 Nov 2025 09:15:01 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\netag: W/\"68e65e7d-20537\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: 9fKQ-ztYkXoGSE2ip48XZMIdUlJH1Yiaj6wqvbREaHbCYAG1xCAApQ==\r\nage: 57771\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":132407,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (29303)","md5":"c21dc3e7fc40d5f16a7781bcadc642da","sha1":"314bb3360c256553287210f89412760e1602c95d","sha256":"5faf740ae2254f026f2b3d4925066eceeb42be12a943c0507df4da3789570467","sha512":"b96cf48769c4e6aea340ede5d6e5d776e242cddb7dbae3f8024ceee8fd1e98d39294841e7f902ce3dbcbc208935e9bfa7f5fc181445bb6efdac89e61fb89d4d2","ssdeep":"3072:9uEUIJQTAs3ucXhNyMBiDn7/9VZgLzisRqZOlosRK3Tjav/TnhbpFQC2vhXThmQV:8MJQducXhNyqiDnw+SGUl/T5YThmQV","tlshash":"58d33bc57295b0a243e760e4043f140bf2ba6d25295d8598f658e8ef7cbc58a817bf3c","first_seen":"2025-09-11T13:20:21.0498Z","last_seen":"2026-01-24T00:26:02.382467Z","times_seen":119,"resource_available":true,"data":null}},"time_used":172,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":172,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/Header-CceGoUZX.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:52.693Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/js/20251008125202/Header-CceGoUZX.js HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2v5y3a0g9q8.shop/\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: openresty\r\ndate: Thu, 09 Oct 2025 09:15:02 GMT\r\naccess-control-allow-headers: *\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\ncontent-encoding: br\r\naccess-control-allow-methods: GET, OPTIONS\r\nexpires: Sat, 08 Nov 2025 09:15:02 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\netag: W/\"68e65e7d-b93\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: MDBC9bZjd1er2G96cg4zb0CcGLziDr4xRLNxaWpTW909dVjuAHBibQ==\r\nage: 57770\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":2963,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (2596)","md5":"8588dc6a6e42761ce31571a206a50ced","sha1":"5adf0ce3e3e35ba291b0e376471a016cdd352d3c","sha256":"31abac5b559f743769ff2fa63ff41effb294a06b94f0c8f422832cef9eae64d3","sha512":"7bd4edbfb96a9a236421742283c9af2b2de00079cdbc1476bbeceb68338d9443cce7954b57495ed809c8270e4549888c6ee1ba41ad53cca87ddd4b8541600c40","ssdeep":"","tlshash":"7c51100ee1415a6d9cb7858a6e8fbd44bc199e88d72e4852b079e80f0524c3e6b677c1","first_seen":"2025-10-10T01:18:26.081057Z","last_seen":"2025-11-13T15:46:40.865133Z","times_seen":23,"resource_available":true,"data":null}},"time_used":128,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":128,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"2v5y3a0g9q8.shop/api/configs?platformType=h5","fqdn":"2v5y3a0g9q8.shop","domain":"2v5y3a0g9q8.shop","tld":"shop"},"ip":{"addr":"137.220.194.106","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:52.711Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"2v5y3a0g9q8.shop","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Oct 2025 19:32:25 GMT","end":"Sat, 03 Jan 2026 19:32:24 GMT"},"fingerprint":{"sha1":"E4:9B:03:D7:70:7C:80:21:D7:70:48:7B:8D:D0:E7:7F:3A:73:B2:07","sha256":"A2:8C:93:E5:5F:8D:34:50:5E:DF:7A:A5:78:EA:F8:A3:C3:E1:C9:EB:76:D3:0E:44:EE:59:68:8F:62:0D:17:3D"}}},"request":{"raw":"GET /api/configs?platformType=h5 HTTP/1.1\r\nHost: 2v5y3a0g9q8.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2v5y3a0g9q8.shop/welcome?returnTo=%2F\r\nCookie: _ga_GEY91XQ7RC=GS2.1.s1760059071$o1$g0$t1760059072$j59$l0$h0; _ga=GA1.1.559218275.1760059072\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nage: 3222\r\ncontent-encoding: br\r\ncontent-type: application/json; charset=utf-8\r\ndate: Fri, 10 Oct 2025 00:24:07 GMT\r\netag: W/\"21c1-A4xKscs/XHkNrksYCWAUjRCywtA\"\r\nlast-modified: Fri, 10 Oct 2025 00:24:10 GMT\r\nserver: openresty\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-cache: HIT, server, disk\r\nx-encrypted: AES-128-CBC:hex\r\nx-powered-by: Express\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":8641,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"c60b607a95b2f0eda12b41edda980f49","sha1":"038c4ab1cb3f5c790dae4b180960148d10b2c2d0","sha256":"e0e6c7590782b3ea4b767a981f4f2c07aac043cea94533c9bad34b7e9cdee700","sha512":"e26f8f92674ed9859e298dd603bdb42ada77b8e9db2de69835d77768dc1c0ddbb6d4035018b350a2e81cd7ca304e03b7dedf2f4262401986809312a147b23f6c","ssdeep":"96:KJCTevRL+0eyJEkFm4S+5gT1Gw3kKWh4OF8GZwL1bkXzuSpew0utQ0UkCv6yP11s:KJBJy0ecgTr25ZwL2iSUwp14dCIwkIq+","tlshash":"16028d3474185fc63566202fafb78de52b681b656497e448e0947ec7057376adf0340a","first_seen":"2025-10-10T01:18:26.093156Z","last_seen":"2025-10-10T01:18:36.070827Z","times_seen":2,"resource_available":false,"data":null}},"time_used":289,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":289,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"2v5y3a0g9q8.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/WelcomePage-B8jYrNzw.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:52.725Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/js/20251008125202/WelcomePage-B8jYrNzw.js HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2v5y3a0g9q8.shop/\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: openresty\r\ndate: Thu, 09 Oct 2025 09:15:02 GMT\r\naccess-control-allow-headers: *\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\ncontent-encoding: br\r\naccess-control-allow-methods: GET, OPTIONS\r\nexpires: Sat, 08 Nov 2025 09:15:02 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\netag: W/\"68e65e7d-1d79\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: zMiIxEa56PhejtXlbDg4bpaTJ4AbzJSkEz11GsXvZOudEgNMND00_Q==\r\nage: 57770\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7545,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4825)","md5":"3eccae351b8e2de52a1bd0af5e1f2f08","sha1":"d615b5673830b5278e6e8763e3b09f83752df804","sha256":"1464c48a70ef768bef4f44681df6bfaa463e0525e2155500572921fd36990dcf","sha512":"0d8c14db37560fd52cf5f685adf64c7327a9284994c95758f3c4705fc79040ef5d372e73e0f0028dfe7c1c04814cc55dd84c11386f097632d381b011844c19d6","ssdeep":"96:aLj8WZ7U44k+OXOjpiszF84eJ3fhlSBPYfNhmaPvksIEWVyGecaBJkuDCRym939P:aLj8cU4YrZoPUBPYUsIZV/mH3i9tP","tlshash":"b8f1241ae043ffadfaf618956a1f7444781e4f19c22e8490e07dad190654cafb63b3c9","first_seen":"2025-10-10T01:18:26.101352Z","last_seen":"2025-11-16T09:50:33.604541Z","times_seen":52,"resource_available":true,"data":null}},"time_used":227,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":227,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/layoutStability-Dq7IThs2.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:53.005Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/js/20251008125202/layoutStability-Dq7IThs2.js HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://8bhravb4.yxevym.cn/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: openresty\r\ndate: Thu, 09 Oct 2025 09:15:02 GMT\r\naccess-control-allow-headers: *\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\ncontent-encoding: br\r\naccess-control-allow-methods: GET, OPTIONS\r\nexpires: Sat, 08 Nov 2025 09:15:02 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\netag: W/\"68e65e7d-a4a\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: rRiacNc7yPB8tqzbrl1Pi0Hr0kqWXH294rxes2c82oQTGPZIP2Jbqg==\r\nage: 57771\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":2634,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2531)","md5":"5353d3e35cf4294f300cd4cfa90591e3","sha1":"ff6b45bb3a5c17714f70f8b1ab113e3b08873f5d","sha256":"bbcb3be5565ef159940a3f953c26550a3fe79e808b5047fddc766731f19953ff","sha512":"494be1d41f1b7a1c3f12758f862078d9490966348608dc8e109d209a0295b9cd7aa764f271397f56b99f9c2c0e123dfca5d8fb70fec5a21d1f04914ce39e426a","ssdeep":"","tlshash":"eb5185817aa5a432866a605689511a0273240f649f15c4e8f67d2e6f003bd8337fb27d","first_seen":"2025-09-11T13:20:21.059115Z","last_seen":"2026-04-14T11:06:51.959728Z","times_seen":76,"resource_available":true,"data":null}},"time_used":128,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":128,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/utils-vendor-Cmu5Z3Ie.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:52.577Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/js/20251008125202/utils-vendor-Cmu5Z3Ie.js HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2v5y3a0g9q8.shop/\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: openresty\r\ndate: Thu, 09 Oct 2025 09:15:01 GMT\r\naccess-control-allow-headers: *\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\ncontent-encoding: br\r\naccess-control-allow-methods: GET, OPTIONS\r\nexpires: Sat, 08 Nov 2025 09:15:01 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\netag: W/\"68e65e7d-20537\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: vDWZh9O0va2LyR__0mFz7GJCo0AI2xOtZ38-QEHpp4GXVBxM2n89qQ==\r\nage: 57771\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":132407,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (29303)","md5":"c21dc3e7fc40d5f16a7781bcadc642da","sha1":"314bb3360c256553287210f89412760e1602c95d","sha256":"5faf740ae2254f026f2b3d4925066eceeb42be12a943c0507df4da3789570467","sha512":"b96cf48769c4e6aea340ede5d6e5d776e242cddb7dbae3f8024ceee8fd1e98d39294841e7f902ce3dbcbc208935e9bfa7f5fc181445bb6efdac89e61fb89d4d2","ssdeep":"3072:9uEUIJQTAs3ucXhNyMBiDn7/9VZgLzisRqZOlosRK3Tjav/TnhbpFQC2vhXThmQV:8MJQducXhNyqiDnw+SGUl/T5YThmQV","tlshash":"58d33bc57295b0a243e760e4043f140bf2ba6d25295d8598f658e8ef7cbc58a817bf3c","first_seen":"2025-09-11T13:20:21.0498Z","last_seen":"2026-01-24T00:26:02.382467Z","times_seen":119,"resource_available":true,"data":null}},"time_used":133,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":133,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/ui-vendor-mmIZGDQJ.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:52.578Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/js/20251008125202/ui-vendor-mmIZGDQJ.js HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2v5y3a0g9q8.shop/\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: openresty\r\ndate: Thu, 09 Oct 2025 09:15:01 GMT\r\naccess-control-allow-headers: *\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\ncontent-encoding: br\r\naccess-control-allow-methods: GET, OPTIONS\r\nexpires: Sat, 08 Nov 2025 09:15:01 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\netag: W/\"68e65e7d-1bf9f\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: PS0bKK0ZCUMBWE1yBFeJXavK_ImALv1ZkoQs1En2IhJc6WbrEw38Pg==\r\nage: 57771\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":114591,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"3d245ebaad464a77f7595c5b1890571c","sha1":"742c1a3337bbc30349a0eb1ce1367877432a4921","sha256":"d57a20fe6cbcd852067a464efcb381e5ea3e7b4b36e725572e9aa0ab60869403","sha512":"a6ff7d30ac1e0ac852cc2de410acfa4ecfdce72b78f02639a026300af3bfeef90a093f56a6bffb5105a061a916ab4b6a74eb4d9479f44240a78fc78856df2775","ssdeep":"3072:1dHTzTletONA7odgnVxPkN9gkDlxw4mV2Q:PHvhetONA7odgnVxPQykDlxwnV2Q","tlshash":"d8b338c97161b57683eb4aca92ba811173760950744ec4a0b1bc8c6f287a94853ffffd","first_seen":"2025-09-13T02:06:13.522605Z","last_seen":"2026-03-06T12:41:06.095721Z","times_seen":132,"resource_available":true,"data":null}},"time_used":194,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":194,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/arrow-left-ui1V_NRP.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:52.695Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/js/20251008125202/arrow-left-ui1V_NRP.js HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2v5y3a0g9q8.shop/\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 338\r\nserver: openresty\r\ndate: Thu, 09 Oct 2025 09:15:02 GMT\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\naccept-ranges: bytes\r\netag: \"68e65e7d-152\"\r\nexpires: Sat, 08 Nov 2025 09:15:02 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, OPTIONS\r\naccess-control-allow-headers: *\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: lLe8eZEcQeiC4t8h1ElEYkC2iHd4-Pw9MjFX8Y3IvM8IxokiXq732g==\r\nage: 57770\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":338,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"667e4c633ffbd26b1fd13211463483ec","sha1":"fb88f0c0e02a855b5b528b0ab0c0ed5ebc2c6b02","sha256":"18c581248984273f34d4655f35d2066b9f257efa985962f0697c5f122610ccdf","sha512":"acd751edae7721a0dca0205eb67eb849e4ada6b7be953498dc65e8fd3944d46c6fb67ef7e533e3d56b51b6927f9cbac813cd16f821dfff94967f3a3f5ad9def2","ssdeep":"","tlshash":"afe0267f29d012b3027184b81b0be5cb564811fc836eb240b41243698a304bf4adde90","first_seen":"2025-10-10T01:18:26.135613Z","last_seen":"2025-11-13T15:46:40.871198Z","times_seen":23,"resource_available":true,"data":null}},"time_used":128,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":128,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/video-player-BSCjrfTE.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:52.699Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/js/20251008125202/video-player-BSCjrfTE.js HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2v5y3a0g9q8.shop/\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: openresty\r\ndate: Thu, 09 Oct 2025 09:15:02 GMT\r\naccess-control-allow-headers: *\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\ncontent-encoding: br\r\naccess-control-allow-methods: GET, OPTIONS\r\nexpires: Sat, 08 Nov 2025 09:15:02 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\netag: W/\"68e65e7d-98b64\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: GGYA-eLYmWpxWIxveDgjTflZ-Pd54NxEgvgN1bucn9nht28LK6LSUA==\r\nage: 57770\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":625508,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (44872)","md5":"faed80e26508ffa54b4a669dbfc0d1d2","sha1":"5e0b5e1132acaa1caae7626cbf34952316e02959","sha256":"fa6bf5af25f9176fd1218f1e8ef9f023683724d4496f214ad969a3c8e34fd162","sha512":"1ddae32cab81cd5a70ea5d186d7e9cd15c87fd0823f6f51494d7fd568cce7379c657ed26f1de1d3c60bcbd5f28ded980e317354eaa131eb962d3829ff3ca8b58","ssdeep":"12288:lMumZk1fZZhtZNFADGF7LiwwsGd5S4cXjTjILm/Ds:lMhk1fZZhtHFADYiwwsGHS40jTjIq/Ds","tlshash":"75d43bd632ea942683d499caa07546127339be0a3408c1acfe3dbddb2d16d41b47bf74","first_seen":"2025-09-10T13:21:03.809989Z","last_seen":"2026-01-24T00:26:02.371724Z","times_seen":57,"resource_available":true,"data":null}},"time_used":151,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/BottomLoading-BvbgoFzV.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:52.706Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/js/20251008125202/BottomLoading-BvbgoFzV.js HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2v5y3a0g9q8.shop/\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: openresty\r\ndate: Thu, 09 Oct 2025 09:15:02 GMT\r\naccess-control-allow-headers: *\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\ncontent-encoding: br\r\naccess-control-allow-methods: GET, OPTIONS\r\nexpires: Sat, 08 Nov 2025 09:15:02 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\netag: W/\"68e65e7d-5d3\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: tQKnv5br_ohNYSUqOhVFdrBNJzpq4eRuGBpiTCQEwQWHheUlpNs2ZQ==\r\nage: 57770\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1491,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (1462)","md5":"43425768266fa549af811c1519c618cc","sha1":"3039c35b88b7217f003645a1403e68f32c0b160c","sha256":"a0e500ba27810cc90678549f35bbe744cc389d77a76faab19975cfb99dc21bdf","sha512":"26036225df93889117548e8c35471cd1a185f1236b0b516ec69456c8da7bd1c9f48eb9fd9e327a4a46d715433cb98373880560ddeed6d104584fe45c8df6293e","ssdeep":"","tlshash":"4531e116a003b6aca4e72666577d5c01a805df55db1b8818a07e981e5459c2f3d732ca","first_seen":"2025-10-10T01:18:26.19329Z","last_seen":"2025-11-13T15:46:40.846305Z","times_seen":23,"resource_available":true,"data":null}},"time_used":249,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":249,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/BottomLoading-BvbgoFzV.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:53.001Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/js/20251008125202/BottomLoading-BvbgoFzV.js HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://8bhravb4.yxevym.cn/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: openresty\r\ndate: Thu, 09 Oct 2025 09:15:02 GMT\r\naccess-control-allow-headers: *\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\ncontent-encoding: br\r\naccess-control-allow-methods: GET, OPTIONS\r\nexpires: Sat, 08 Nov 2025 09:15:02 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\netag: W/\"68e65e7d-5d3\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: LnXPgxqts1QJKJw5lKygwOEPxO0Tl6xD4JN9ZQZINrpBXw0W2o_QYw==\r\nage: 57771\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":1491,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (1462)","md5":"43425768266fa549af811c1519c618cc","sha1":"3039c35b88b7217f003645a1403e68f32c0b160c","sha256":"a0e500ba27810cc90678549f35bbe744cc389d77a76faab19975cfb99dc21bdf","sha512":"26036225df93889117548e8c35471cd1a185f1236b0b516ec69456c8da7bd1c9f48eb9fd9e327a4a46d715433cb98373880560ddeed6d104584fe45c8df6293e","ssdeep":"","tlshash":"4531e116a003b6aca4e72666577d5c01a805df55db1b8818a07e981e5459c2f3d732ca","first_seen":"2025-10-10T01:18:26.19329Z","last_seen":"2025-11-13T15:46:40.846305Z","times_seen":23,"resource_available":true,"data":null}},"time_used":128,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":128,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/useScrollHideNav-89-raXzw.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:53.002Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/js/20251008125202/useScrollHideNav-89-raXzw.js HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://8bhravb4.yxevym.cn/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: openresty\r\ndate: Thu, 09 Oct 2025 09:15:02 GMT\r\naccess-control-allow-headers: *\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\ncontent-encoding: br\r\naccess-control-allow-methods: GET, OPTIONS\r\nexpires: Sat, 08 Nov 2025 09:15:02 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\netag: W/\"68e65e7d-5ff\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: vqMwlDgUtqQ59I78vP7cMetvR018AvHLLkJkOQD1MnDROq6ulxA-Vg==\r\nage: 57771\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":1535,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (1518)","md5":"ff6e0a62fdcda0afc9edb1a8197b6142","sha1":"5d8b4811c92db19471ed65a746dbf4b0239a83d2","sha256":"5883b9079e960a93335658014e47209bbef2622e2f01f5e52447d114e198b793","sha512":"d3b3f003f4086279a4e091d2b31750ebcea7f1d30dd692a522e6ce78d16e215b98b68f0aec4981bf5c68dc6c80adbfd855c7cb3730ebc6393667f39ec8aec24e","ssdeep":"","tlshash":"1031cc90a4d25abcc6ab06c9d33aeffe33777fc2b0589298c41c1c349198992e0644f5","first_seen":"2025-09-13T02:06:13.553168Z","last_seen":"2026-03-06T12:41:06.092681Z","times_seen":64,"resource_available":true,"data":null}},"time_used":128,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":128,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/20251008125202/logo-CUbu4sCy.webp","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:53.150Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/20251008125202/logo-CUbu4sCy.webp HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2v5y3a0g9q8.shop/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/webp\r\ncontent-length: 29350\r\nserver: openresty\r\ndate: Wed, 08 Oct 2025 17:14:38 GMT\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\naccept-ranges: bytes\r\netag: \"68e65e7d-72a6\"\r\nexpires: Fri, 07 Nov 2025 17:14:38 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, OPTIONS\r\naccess-control-allow-headers: *\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: gawyyp4Zv_Q8V8qUJs_DrpqyzouWI30m2gOg12HvMIYbJc2dz5gvgw==\r\nage: 115395\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":29350,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"2ca5e5609a02e3f28e7c7224d6951bc9","sha1":"3863e455d52fd7f69866099d69314276d4763d1f","sha256":"04e01aad07ff03fd67c4293f8c8a8c338d6dc4adef2ea42d9fcb91c4588e5170","sha512":"34b571a359bb973c20c7139c3dca44bb721a8d92a8d19cb4f15797f0891cb724ba2eb5be2a32e8aefc3f1650fa6e5d787f7f1502ffece213e766ea062f762b01","ssdeep":"768:Jc4s84Wx7fxq0MpXOPEOB63mawFtE1n+eNk2XybIzPj/7M1:Gf07w0Mp+PEOB627FtI1k2Xy2L/y","tlshash":"98d2f190f2614521846e9e5560756471b056ea01e2d1ff3783bbeb8c1bf90f0fdaea0d","first_seen":"2025-06-04T10:54:32.016797Z","last_seen":"2026-03-06T12:41:06.093536Z","times_seen":135,"resource_available":false,"data":null}},"time_used":134,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":130,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajgvkj1jsv.shenglinyiyang.cn/files/671713e14eb9a/countly.js","fqdn":"ajgvkj1jsv.shenglinyiyang.cn","domain":"shenglinyiyang.cn","tld":"cn"},"ip":{"addr":"13.33.100.134","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:51.662Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"file.static01.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M03","organization":"Amazon"},"validity":{"start":"Mon, 17 Feb 2025 00:00:00 GMT","end":"Wed, 18 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"57:20:9E:85:6F:93:BA:BD:13:F6:08:CC:9B:44:53:7D:E8:79:7D:04","sha256":"85:BA:DE:7E:86:F1:DF:08:D4:39:FF:4A:9A:B3:F5:BB:68:A5:77:1C:2C:5F:27:AE:D3:AA:6B:07:1F:0A:70:22"}}},"request":{"raw":"GET /files/671713e14eb9a/countly.js HTTP/1.1\r\nHost: ajgvkj1jsv.shenglinyiyang.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2v5y3a0g9q8.shop/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/javascript; charset=UTF-8\r\ncontent-length: 878\r\ndate: Sun, 15 Dec 2024 09:25:08 GMT\r\nlast-modified: Tue, 22 Oct 2024 02:54:26 GMT\r\netag: \"db2317b980affeabfe86236be1eb68b2-1\"\r\nx-amz-server-side-encryption: AES256\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 9f7a987f61c1e9f7d25cd5462f22a14a.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: SIN2-P2\r\nx-amz-cf-id: zTdj9XcxW-8oKK_OAkxoK5Ir4-kTBgA-hs-1nlipVHzzMS0o1yBkBA==\r\nage: 25804364\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":878,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text","md5":"2b4be2934ca03b7de88b5fd819bd0f2e","sha1":"d7d754cad678f6937dbdb8be99eeb01dfd630344","sha256":"2d55d3669fe0bfaa9239f56e754e526f94f637333bf3ec4a861fead36c909914","sha512":"3f4cf228b69ff5662a5b3908162146adbef42c16ed1c6171b9c23aff66212537a19d927df1b55373509bc524613180d070c468b9806c4b025e7061a8a6fc99ed","ssdeep":"","tlshash":"4011291cdce76136b42790b9fa7ae5283ead95131c5ae8057accc5684f60bda0c24a88","first_seen":"2025-05-12T01:53:14.353294Z","last_seen":"2026-05-15T20:33:51.148508Z","times_seen":211,"resource_available":true,"data":null}},"time_used":1287,"timings":{"blocked":513,"dns":1,"connect":254,"send":0,"wait":255,"receive":1,"ssl":260},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"ajgvkj1jsv.shenglinyiyang.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"ajgvkj1jsv.shenglinyiyang.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/react-vendor-CjZsb-BP.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:52.300Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/js/20251008125202/react-vendor-CjZsb-BP.js HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://8bhravb4.yxevym.cn/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: openresty\r\ndate: Thu, 09 Oct 2025 09:15:01 GMT\r\naccess-control-allow-headers: *\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\ncontent-encoding: br\r\naccess-control-allow-methods: GET, OPTIONS\r\nexpires: Sat, 08 Nov 2025 09:15:01 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\netag: W/\"68e65e7d-30b6\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: xlxmmW15lbVq0gYxG_l3v9Y-FBrSRNEKUMUKz6G1JMm1GkVkUuzfug==\r\nage: 57771\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":12470,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (7625)","md5":"4c3daff76e9c753583ae817e4a6c2d1a","sha1":"d4293d97ea6d30a042961280c95b763295a4bcc6","sha256":"d0b831bf4a7e9540ae7a47afc72fee9baabeccb6c1e2e988e460a913c9f82bc8","sha512":"2fbb8aa4b61033eda7291455cb24fa08f1a279c9e71b94bff55124c68b8f644aef0ebe26ee7f07f930c6dbe144da1e9962d063af2b364cc07a53a7af002c3241","ssdeep":"192:5NdELVzXSN6lfHt9lhYsiA3Oermf5Gavw0lAfknmV+cHjmT:5N+RikN9/JUGavlAfkmct","tlshash":"cd42a3cc7599b0500aa3b970507f911bf37d38b6289cc1b4a2a6c4f8bab455dc137f6a","first_seen":"2025-09-10T13:21:03.844292Z","last_seen":"2026-05-18T08:35:19.483554Z","times_seen":148,"resource_available":true,"data":null}},"time_used":158,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":158,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/HomeMenu-79Fx1IT8.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:52.690Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/js/20251008125202/HomeMenu-79Fx1IT8.js HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2v5y3a0g9q8.shop/\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: openresty\r\ndate: Thu, 09 Oct 2025 09:15:02 GMT\r\naccess-control-allow-headers: *\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\ncontent-encoding: br\r\naccess-control-allow-methods: GET, OPTIONS\r\nexpires: Sat, 08 Nov 2025 09:15:02 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\netag: W/\"68e65e7d-1e94\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: 2SRmKJikPT5pw1aiV1J1jpFa1j_bsM9YL9PXHnW0FMFLExhFYBr2ZQ==\r\nage: 57770\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":7828,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (5945)","md5":"230e61c8734523db621edf253b1723dc","sha1":"6fe0856bb4a6852244d176f25ef0d87cfca83405","sha256":"0db19ff55db24faacd0b1a2f6af85e69fe6ca80c8745bccc9d86ee769e424e5b","sha512":"1897ee402bb7a65ab394d1959f3ee33771919f9d8fe7162c699ff2df999781c20c92daeca1e52ee91d1e75a6da00322383e84975cc17a9c6b1ec3a5803194ae9","ssdeep":"96:/DFx4jX9C6gM6D3/HvaYPn2Bd9TFdkfltf0B0kAnXQzhWEAn9QQdRNeBIEl5nbvX:/LKizvRf2RcLUzgEAn9QQdRit5rmQ5x","tlshash":"8ff1b41ee102abee51a789d5175ff44c7e1d4a58ef2e9060b03bed0c06a1c6e7667bc0","first_seen":"2025-10-10T01:18:25.93627Z","last_seen":"2025-11-13T15:46:40.856458Z","times_seen":23,"resource_available":true,"data":null}},"time_used":130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":130,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/Header-CceGoUZX.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:52.995Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/js/20251008125202/Header-CceGoUZX.js HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://8bhravb4.yxevym.cn/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: openresty\r\ndate: Thu, 09 Oct 2025 09:15:02 GMT\r\naccess-control-allow-headers: *\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\ncontent-encoding: br\r\naccess-control-allow-methods: GET, OPTIONS\r\nexpires: Sat, 08 Nov 2025 09:15:02 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\netag: W/\"68e65e7d-b93\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: ekZsabcf3s0gbVsfXYiuAGlFPsIPnz4d37xeAqcRLtBQcZE_jBRP2A==\r\nage: 57771\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":2963,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (2596)","md5":"8588dc6a6e42761ce31571a206a50ced","sha1":"5adf0ce3e3e35ba291b0e376471a016cdd352d3c","sha256":"31abac5b559f743769ff2fa63ff41effb294a06b94f0c8f422832cef9eae64d3","sha512":"7bd4edbfb96a9a236421742283c9af2b2de00079cdbc1476bbeceb68338d9443cce7954b57495ed809c8270e4549888c6ee1ba41ad53cca87ddd4b8541600c40","ssdeep":"","tlshash":"7c51100ee1415a6d9cb7858a6e8fbd44bc199e88d72e4852b079e80f0524c3e6b677c1","first_seen":"2025-10-10T01:18:26.081057Z","last_seen":"2025-11-13T15:46:40.865133Z","times_seen":23,"resource_available":true,"data":null}},"time_used":128,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":128,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/VodGrid-CMAGuuWP.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:52.997Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/js/20251008125202/VodGrid-CMAGuuWP.js HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://8bhravb4.yxevym.cn/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: openresty\r\ndate: Thu, 09 Oct 2025 09:15:02 GMT\r\naccess-control-allow-headers: *\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\ncontent-encoding: br\r\naccess-control-allow-methods: GET, OPTIONS\r\nexpires: Sat, 08 Nov 2025 09:15:02 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\netag: W/\"68e65e7d-18b8\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: Xmk-yfvXF2fH223m4WDzRRXkAt9r4Rk-LcqOqNoXRh9rxJl-ERru4Q==\r\nage: 57771\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":6328,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6327)","md5":"d69e1c67e629f536ac445cb740c8b4b5","sha1":"e5ed8f8218c3b8b6d53b8a0e6e571b32cac10e59","sha256":"4ab8d8d79125c252ffbaa5ed8a5ed7e75165ffd821ef25b04f0a2e651f47f0bd","sha512":"53387bf507063281aa7e2c9ecac4394420c7fe29454e85e6efe17e5949cee55e5a206c538f9645eeef4fb8b5beac040054c95c26ff060d0c4937d73be9bfc4ab","ssdeep":"96:2AS2A8cFXcL/2I7FpO7yzBDNzBFOMWR8R+uH17XbJ3oHBro4HRz8Ha/BYqpZBcuw:FS2AHO2eFk7yzTOMWzALp83aou6E","tlshash":"61d1d71ee1015ef9c5a304a55ddee400183bafa5f7abc5c2f038ac0e1a58c42a8776db","first_seen":"2025-10-10T01:18:26.275939Z","last_seen":"2025-11-13T15:46:40.872037Z","times_seen":23,"resource_available":true,"data":null}},"time_used":128,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":128,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/tag-s7qn3k0M.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:52.999Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/js/20251008125202/tag-s7qn3k0M.js HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://8bhravb4.yxevym.cn/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: openresty\r\ndate: Thu, 09 Oct 2025 09:15:02 GMT\r\naccess-control-allow-headers: *\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\ncontent-encoding: br\r\naccess-control-allow-methods: GET, OPTIONS\r\nexpires: Sat, 08 Nov 2025 09:15:02 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\netag: W/\"68e65e7d-64f\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: WlzFBgyHq8A1aghSubCGyEFJ-wAiOZZXa0LBkBRn8zZi-fRNnCnEUA==\r\nage: 57771\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1615,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1614)","md5":"0c1a1d10bfebded94892235980c085ba","sha1":"68f92e8a3345ea417a70e59dc462a849f228499a","sha256":"864ccc276381ba5ddeeb2c5a606dacd98c3ae099b22961d0605e3896c5597cdf","sha512":"bd90fa9d437af3d2804fe1dbcd2af3f03c821e1a2f914e423893ebfa8e1ac2169561647537f4d6cb7da0669c6e4ab0593bab2bd50e46d4b3bb8db2ae014732b7","ssdeep":"","tlshash":"fd316615f160b5bd125b4d6eb0ac7ca5e74ccbd8db575c92f8de013602f30568b36505","first_seen":"2025-10-10T01:18:26.141796Z","last_seen":"2025-11-13T15:46:40.849484Z","times_seen":23,"resource_available":true,"data":null}},"time_used":128,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":128,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hljbrsn1gj.qiaozhixuexiao.com/i?hc=%7B%22el%22%3A0%2C%22wl%22%3A0%2C%22sc%22%3A-1%2C%22em%22%3A%22%22%7D\u0026metrics=%7B%22_app_version%22%3A%220.0%22%2C%22_ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0%22%7D\u0026app_key=19dc23f5ac78cd398d107b7aef0343ddad7f54df\u0026device_id=be53b484-4bc8-4792-81ab-fbe5c3a0b7d9\u0026sdk_name=javascript_native_web\u0026sdk_version=24.4.1\u0026t=1\u0026av=0.0\u0026timestamp=1760059074100\u0026hour=1\u0026dow=5","fqdn":"hljbrsn1gj.qiaozhixuexiao.com","domain":"qiaozhixuexiao.com","tld":"com"},"ip":{"addr":"3.165.100.97","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:54.104Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qiaozhixuexiao.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 24 Feb 2025 00:00:00 GMT","end":"Wed, 25 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EB:4E:5E:A8:32:63:02:33:A0:44:01:91:5E:56:E6:6E:85:CB:EC:C3","sha256":"1D:5F:6F:4C:CF:87:9B:60:BA:FD:36:96:74:03:68:18:2A:15:71:6E:8C:01:8E:73:A5:DD:3D:95:0F:CB:11:06"}}},"request":{"raw":"GET /i?hc=%7B%22el%22%3A0%2C%22wl%22%3A0%2C%22sc%22%3A-1%2C%22em%22%3A%22%22%7D\u0026metrics=%7B%22_app_version%22%3A%220.0%22%2C%22_ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0%22%7D\u0026app_key=19dc23f5ac78cd398d107b7aef0343ddad7f54df\u0026device_id=be53b484-4bc8-4792-81ab-fbe5c3a0b7d9\u0026sdk_name=javascript_native_web\u0026sdk_version=24.4.1\u0026t=1\u0026av=0.0\u0026timestamp=1760059074100\u0026hour=1\u0026dow=5 HTTP/1.1\r\nHost: hljbrsn1gj.qiaozhixuexiao.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2v5y3a0g9q8.shop/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/json; charset=utf-8\r\nserver: nginx\r\ndate: Fri, 10 Oct 2025 01:17:55 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\naccess-control-allow-origin: *\r\nx-frame-options: deny, SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 8c9a0c99f4b683332dc88f73bbc3c078.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: SIN2-P6\r\nx-amz-cf-id: zhK7QiMmOiPUOok--nBeE5zbsREJPBw77DqAAfTSDQ4v5s5fnqSvUw==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":20,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"9a14fe813903daf8566702dfd5ba2f4d","sha1":"0f6ac0a433de78e11e8a7035146d704ad02b6658","sha256":"83786d6ca95e7099b09dda2f11b25e7ac860caf70ec87fd35f520fbb58d8a296","sha512":"d1c5909cf2781e18eef4c799c7f157ecad65ca25020fd58b275674e82b79e8f0e490b41408a502f6b612e2e155fb5ece3a1a3d1f084c43f35eaf81d0e555e3a9","ssdeep":"","tlshash":"ec7000822800008200082800a0000a8030e0202002088880c03c00080208002ba8b200","first_seen":"2023-04-11T12:53:52Z","last_seen":"2026-06-07T04:52:28.225749Z","times_seen":837,"resource_available":false,"data":null}},"time_used":2166,"timings":{"blocked":870,"dns":360,"connect":250,"send":0,"wait":425,"receive":0,"ssl":258},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"hljbrsn1gj.qiaozhixuexiao.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"hljbrsn1gj.qiaozhixuexiao.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/router-query-BgCAYGIA.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:52.299Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/js/20251008125202/router-query-BgCAYGIA.js HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://8bhravb4.yxevym.cn/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: openresty\r\ndate: Thu, 09 Oct 2025 09:15:01 GMT\r\naccess-control-allow-headers: *\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\ncontent-encoding: br\r\naccess-control-allow-methods: GET, OPTIONS\r\nexpires: Sat, 08 Nov 2025 09:15:01 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\netag: W/\"68e65e7d-1ab26\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: jNc0SEkkWWO33Y2Kd64_ZQGzjlubLckwhyswBBG2N0z_skgaGoh6Tw==\r\nage: 57771\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":109350,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (53437)","md5":"a77ac44d6ec622c392e87f0191fe1985","sha1":"2517ad6a85a391d975b87b308ac1f299cd552ad1","sha256":"3a738f03807878c5cc4c0561771036d521f9402140836ab8356a7aebd6c206cd","sha512":"441b4fd4a338c2f3dd1fb3295c11d06cde5e733c182707c10ec4e896963491a002d0845138d90a0c800b96474f0fdde982e2a161c393255d7fbc59b883c75916","ssdeep":"1536:6R65ZhPxzG4hPeg45JlS8VcWd+eMAqdlHIooK82iL1qou48o991Y9F:6uZF0qENcA+eMJo0BaDY9F","tlshash":"95b339e93193a2260af685e5d03f0115f1365e79300ac058b17d9fea796290fe1bbf78","first_seen":"2025-09-13T02:06:13.550462Z","last_seen":"2026-03-06T12:41:06.078639Z","times_seen":132,"resource_available":true,"data":null}},"time_used":140,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":140,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/WelcomePage-B8jYrNzw.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:52.726Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/js/20251008125202/WelcomePage-B8jYrNzw.js HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://8bhravb4.yxevym.cn/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: openresty\r\ndate: Thu, 09 Oct 2025 09:15:02 GMT\r\naccess-control-allow-headers: *\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\ncontent-encoding: br\r\naccess-control-allow-methods: GET, OPTIONS\r\nexpires: Sat, 08 Nov 2025 09:15:02 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\netag: W/\"68e65e7d-1d79\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: IscZ4hgS4xBXE2gltQm4XLUrEHtLoth5xP9taPcyDLwo9N2jRQBmLA==\r\nage: 57770\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":7545,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4825)","md5":"3eccae351b8e2de52a1bd0af5e1f2f08","sha1":"d615b5673830b5278e6e8763e3b09f83752df804","sha256":"1464c48a70ef768bef4f44681df6bfaa463e0525e2155500572921fd36990dcf","sha512":"0d8c14db37560fd52cf5f685adf64c7327a9284994c95758f3c4705fc79040ef5d372e73e0f0028dfe7c1c04814cc55dd84c11386f097632d381b011844c19d6","ssdeep":"96:aLj8WZ7U44k+OXOjpiszF84eJ3fhlSBPYfNhmaPvksIEWVyGecaBJkuDCRym939P:aLj8cU4YrZoPUBPYUsIZV/mH3i9tP","tlshash":"b8f1241ae043ffadfaf618956a1f7444781e4f19c22e8490e07dad190654cafb63b3c9","first_seen":"2025-10-10T01:18:26.101352Z","last_seen":"2025-11-16T09:50:33.604541Z","times_seen":52,"resource_available":true,"data":null}},"time_used":227,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":227,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/video-player-BSCjrfTE.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:53.009Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/js/20251008125202/video-player-BSCjrfTE.js HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://8bhravb4.yxevym.cn/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: openresty\r\ndate: Thu, 09 Oct 2025 09:15:02 GMT\r\naccess-control-allow-headers: *\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\ncontent-encoding: br\r\naccess-control-allow-methods: GET, OPTIONS\r\nexpires: Sat, 08 Nov 2025 09:15:02 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\netag: W/\"68e65e7d-98b64\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: Ca8WBSRpjuCrE6FFACQvj1dIAnRCGcwxbf4B2h0qCvjmhLlNDvYG7w==\r\nage: 57771\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":625508,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (44872)","md5":"faed80e26508ffa54b4a669dbfc0d1d2","sha1":"5e0b5e1132acaa1caae7626cbf34952316e02959","sha256":"fa6bf5af25f9176fd1218f1e8ef9f023683724d4496f214ad969a3c8e34fd162","sha512":"1ddae32cab81cd5a70ea5d186d7e9cd15c87fd0823f6f51494d7fd568cce7379c657ed26f1de1d3c60bcbd5f28ded980e317354eaa131eb962d3829ff3ca8b58","ssdeep":"12288:lMumZk1fZZhtZNFADGF7LiwwsGd5S4cXjTjILm/Ds:lMhk1fZZhtHFADYiwwsGHS40jTjIq/Ds","tlshash":"75d43bd632ea942683d499caa07546127339be0a3408c1acfe3dbddb2d16d41b47bf74","first_seen":"2025-09-10T13:21:03.809989Z","last_seen":"2026-01-24T00:26:02.371724Z","times_seen":57,"resource_available":true,"data":null}},"time_used":132,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":132,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/LazyImage-o6RIw3U7.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:53.010Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/js/20251008125202/LazyImage-o6RIw3U7.js HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://8bhravb4.yxevym.cn/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: openresty\r\ndate: Thu, 09 Oct 2025 09:15:02 GMT\r\naccess-control-allow-headers: *\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\ncontent-encoding: br\r\naccess-control-allow-methods: GET, OPTIONS\r\nexpires: Sat, 08 Nov 2025 09:15:02 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\netag: W/\"68e65e7d-2869\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: BiaF3vn628EpYYGzJhScYFJktvysitM5-154v-cZWsVnJ9mjTc92Xg==\r\nage: 57771\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":10345,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (10329)","md5":"122307ce31d422ee71e2bc29e949a6bd","sha1":"9e8c61b55d77f0c3ce2b74c06e64291c4c45b249","sha256":"cba213a96dec949f2ec6c074532a7b009a5434f8d14e9c605c4bba304590d792","sha512":"bb41111e3b947f7dc915e8a27e72ef0136d34058caaead02eacf53d0b765c085b6112daa1228f3233f24ece64576b747c4a1231bb6a82880ae0dd0ae14d5645b","ssdeep":"192:iLtC+km6UZkzfo2rxv7Rouo6Xg2osMxiQyHiwSwTu+6amjqPiZ3qkleqLx16yCFB:iLv6UEPltouvXg2KxiQ0ru+6amOPiZ3E","tlshash":"61220a95a15a807ff2a740a5147ec1112f3b1f967c05c0acf2bdaadbe519801e473ab3","first_seen":"2025-10-10T01:18:26.294942Z","last_seen":"2025-11-13T15:46:40.851328Z","times_seen":23,"resource_available":true,"data":null}},"time_used":171,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":171,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hljbrsn1gj.qiaozhixuexiao.com/i?begin_session=1\u0026metrics=%7B%22_app_version%22%3A%220.0%22%2C%22_ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0%22%2C%22_resolution%22%3A%221280x1024%22%2C%22_density%22%3A1%2C%22_locale%22%3A%22en-US%22%7D\u0026app_key=19dc23f5ac78cd398d107b7aef0343ddad7f54df\u0026device_id=be53b484-4bc8-4792-81ab-fbe5c3a0b7d9\u0026sdk_name=javascript_native_web\u0026sdk_version=24.4.1\u0026t=1\u0026av=0.0\u0026timestamp=1760059074105\u0026hour=1\u0026dow=5\u0026rr=2","fqdn":"hljbrsn1gj.qiaozhixuexiao.com","domain":"qiaozhixuexiao.com","tld":"com"},"ip":{"addr":"3.165.100.97","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:54.121Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qiaozhixuexiao.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 24 Feb 2025 00:00:00 GMT","end":"Wed, 25 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EB:4E:5E:A8:32:63:02:33:A0:44:01:91:5E:56:E6:6E:85:CB:EC:C3","sha256":"1D:5F:6F:4C:CF:87:9B:60:BA:FD:36:96:74:03:68:18:2A:15:71:6E:8C:01:8E:73:A5:DD:3D:95:0F:CB:11:06"}}},"request":{"raw":"GET /i?begin_session=1\u0026metrics=%7B%22_app_version%22%3A%220.0%22%2C%22_ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0%22%2C%22_resolution%22%3A%221280x1024%22%2C%22_density%22%3A1%2C%22_locale%22%3A%22en-US%22%7D\u0026app_key=19dc23f5ac78cd398d107b7aef0343ddad7f54df\u0026device_id=be53b484-4bc8-4792-81ab-fbe5c3a0b7d9\u0026sdk_name=javascript_native_web\u0026sdk_version=24.4.1\u0026t=1\u0026av=0.0\u0026timestamp=1760059074105\u0026hour=1\u0026dow=5\u0026rr=2 HTTP/1.1\r\nHost: hljbrsn1gj.qiaozhixuexiao.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2v5y3a0g9q8.shop/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/json; charset=utf-8\r\nserver: nginx\r\ndate: Fri, 10 Oct 2025 01:17:55 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\naccess-control-allow-origin: *\r\nx-frame-options: deny, SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 8c9a0c99f4b683332dc88f73bbc3c078.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: SIN2-P6\r\nx-amz-cf-id: lxC7UvNcZG0I0ATYPyYDNfPDFIW59SsLYipOS_QeJxrCzcpzZZ5-tg==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"9a14fe813903daf8566702dfd5ba2f4d","sha1":"0f6ac0a433de78e11e8a7035146d704ad02b6658","sha256":"83786d6ca95e7099b09dda2f11b25e7ac860caf70ec87fd35f520fbb58d8a296","sha512":"d1c5909cf2781e18eef4c799c7f157ecad65ca25020fd58b275674e82b79e8f0e490b41408a502f6b612e2e155fb5ece3a1a3d1f084c43f35eaf81d0e555e3a9","ssdeep":"","tlshash":"ec7000822800008200082800a0000a8030e0202002088880c03c00080208002ba8b200","first_seen":"2023-04-11T12:53:52Z","last_seen":"2026-06-07T04:52:28.225749Z","times_seen":837,"resource_available":false,"data":null}},"time_used":2169,"timings":{"blocked":862,"dns":343,"connect":255,"send":0,"wait":444,"receive":0,"ssl":261},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"hljbrsn1gj.qiaozhixuexiao.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"hljbrsn1gj.qiaozhixuexiao.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/LazyImage-o6RIw3U7.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:52.701Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/js/20251008125202/LazyImage-o6RIw3U7.js HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2v5y3a0g9q8.shop/\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: openresty\r\ndate: Thu, 09 Oct 2025 09:15:02 GMT\r\naccess-control-allow-headers: *\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\ncontent-encoding: br\r\naccess-control-allow-methods: GET, OPTIONS\r\nexpires: Sat, 08 Nov 2025 09:15:02 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\netag: W/\"68e65e7d-2869\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: OFDnJBX3TvwRRWIqcqyKAjVbYyAQlFdx1KLEFSWURuTdLQ3AvH5t8w==\r\nage: 57770\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":10345,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (10329)","md5":"122307ce31d422ee71e2bc29e949a6bd","sha1":"9e8c61b55d77f0c3ce2b74c06e64291c4c45b249","sha256":"cba213a96dec949f2ec6c074532a7b009a5434f8d14e9c605c4bba304590d792","sha512":"bb41111e3b947f7dc915e8a27e72ef0136d34058caaead02eacf53d0b765c085b6112daa1228f3233f24ece64576b747c4a1231bb6a82880ae0dd0ae14d5645b","ssdeep":"192:iLtC+km6UZkzfo2rxv7Rouo6Xg2osMxiQyHiwSwTu+6amjqPiZ3qkleqLx16yCFB:iLv6UEPltouvXg2KxiQ0ru+6amOPiZ3E","tlshash":"61220a95a15a807ff2a740a5147ec1112f3b1f967c05c0acf2bdaadbe519801e473ab3","first_seen":"2025-10-10T01:18:26.294942Z","last_seen":"2025-11-13T15:46:40.851328Z","times_seen":23,"resource_available":true,"data":null}},"time_used":252,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":252,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/tag-s7qn3k0M.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:52.704Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/js/20251008125202/tag-s7qn3k0M.js HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2v5y3a0g9q8.shop/\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: openresty\r\ndate: Thu, 09 Oct 2025 09:15:02 GMT\r\naccess-control-allow-headers: *\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\ncontent-encoding: br\r\naccess-control-allow-methods: GET, OPTIONS\r\nexpires: Sat, 08 Nov 2025 09:15:02 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\netag: W/\"68e65e7d-64f\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: P7xSm4l_84YAtdLvcoxoCRyI4eZtA0wIbrS6xi4LqgNtw393dy2eXw==\r\nage: 57770\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":1615,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1614)","md5":"0c1a1d10bfebded94892235980c085ba","sha1":"68f92e8a3345ea417a70e59dc462a849f228499a","sha256":"864ccc276381ba5ddeeb2c5a606dacd98c3ae099b22961d0605e3896c5597cdf","sha512":"bd90fa9d437af3d2804fe1dbcd2af3f03c821e1a2f914e423893ebfa8e1ac2169561647537f4d6cb7da0669c6e4ab0593bab2bd50e46d4b3bb8db2ae014732b7","ssdeep":"","tlshash":"fd316615f160b5bd125b4d6eb0ac7ca5e74ccbd8db575c92f8de013602f30568b36505","first_seen":"2025-10-10T01:18:26.141796Z","last_seen":"2025-11-13T15:46:40.849484Z","times_seen":23,"resource_available":true,"data":null}},"time_used":249,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":249,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/useScrollHideNav-89-raXzw.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:52.707Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/js/20251008125202/useScrollHideNav-89-raXzw.js HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2v5y3a0g9q8.shop/\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: openresty\r\ndate: Thu, 09 Oct 2025 09:15:02 GMT\r\naccess-control-allow-headers: *\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\ncontent-encoding: br\r\naccess-control-allow-methods: GET, OPTIONS\r\nexpires: Sat, 08 Nov 2025 09:15:02 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\netag: W/\"68e65e7d-5ff\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: q_Oiz7JI_xUlxEJeedqFL9PcEWRxFaKHdSJzJAOrGCEQAx6h6uQLpQ==\r\nage: 57770\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1535,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (1518)","md5":"ff6e0a62fdcda0afc9edb1a8197b6142","sha1":"5d8b4811c92db19471ed65a746dbf4b0239a83d2","sha256":"5883b9079e960a93335658014e47209bbef2622e2f01f5e52447d114e198b793","sha512":"d3b3f003f4086279a4e091d2b31750ebcea7f1d30dd692a522e6ce78d16e215b98b68f0aec4981bf5c68dc6c80adbfd855c7cb3730ebc6393667f39ec8aec24e","ssdeep":"","tlshash":"1031cc90a4d25abcc6ab06c9d33aeffe33777fc2b0589298c41c1c349198992e0644f5","first_seen":"2025-09-13T02:06:13.553168Z","last_seen":"2026-03-06T12:41:06.092681Z","times_seen":64,"resource_available":true,"data":null}},"time_used":248,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":248,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/router-query-BgCAYGIA.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:52.576Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/js/20251008125202/router-query-BgCAYGIA.js HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2v5y3a0g9q8.shop/\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: openresty\r\ndate: Thu, 09 Oct 2025 09:15:01 GMT\r\naccess-control-allow-headers: *\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\ncontent-encoding: br\r\naccess-control-allow-methods: GET, OPTIONS\r\nexpires: Sat, 08 Nov 2025 09:15:01 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\netag: W/\"68e65e7d-1ab26\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: wLUxJ2hmuCVjot5hIfcwvlpkzQhq_JXJRMb_NpzZHbmCkUhdkm8A-w==\r\nage: 57771\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":109350,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (53437)","md5":"a77ac44d6ec622c392e87f0191fe1985","sha1":"2517ad6a85a391d975b87b308ac1f299cd552ad1","sha256":"3a738f03807878c5cc4c0561771036d521f9402140836ab8356a7aebd6c206cd","sha512":"441b4fd4a338c2f3dd1fb3295c11d06cde5e733c182707c10ec4e896963491a002d0845138d90a0c800b96474f0fdde982e2a161c393255d7fbc59b883c75916","ssdeep":"1536:6R65ZhPxzG4hPeg45JlS8VcWd+eMAqdlHIooK82iL1qou48o991Y9F:6uZF0qENcA+eMJo0BaDY9F","tlshash":"95b339e93193a2260af685e5d03f0115f1365e79300ac058b17d9fea796290fe1bbf78","first_seen":"2025-09-13T02:06:13.550462Z","last_seen":"2026-03-06T12:41:06.078639Z","times_seen":132,"resource_available":true,"data":null}},"time_used":133,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":133,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/index-CL6or3OW.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:51.663Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/js/20251008125202/index-CL6or3OW.js HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2v5y3a0g9q8.shop/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: openresty\r\ndate: Thu, 09 Oct 2025 09:15:01 GMT\r\naccess-control-allow-headers: *\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\ncontent-encoding: br\r\naccess-control-allow-methods: GET, OPTIONS\r\nexpires: Sat, 08 Nov 2025 09:15:01 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\netag: W/\"68e65e7d-476bb\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: 8k-2unEuBQ7C7i_iP2D15ntadinUlFs4C81o7tMppaBUZNLQeqRUlw==\r\nage: 57770\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":292539,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46049)","md5":"9ca7126b17eb98599871b90c67071018","sha1":"7778c4cae5f9d01e333befeadb64452086172e21","sha256":"86c167a0beead0ab8e2242f78a6d5449d51596397c483147fa115d113a4148ae","sha512":"45f78901253dee6137aed72aea830c9ce4b55ec950ad1bc413b8adbb92b0fc000e63e74c38f52f58f1c5fb0d7c0ce912aa974da4a91c63a062e32cacca5c761e","ssdeep":"3072:RdmbT3HWR0z3X0c5old5UeQRisFC1uhtLLb9qxUzRo0j7zxykJPrhm68NJSy:R6bHWGzZSd516tLmUzRo0Lx7JLy","tlshash":"f7545edc31aa75662be346f1507f1607b2382917680c8860f255eef93b7480a51bbfed","first_seen":"2025-10-10T01:18:26.091541Z","last_seen":"2025-11-16T09:50:33.614577Z","times_seen":52,"resource_available":true,"data":null}},"time_used":673,"timings":{"blocked":263,"dns":2,"connect":126,"send":0,"wait":142,"receive":0,"ssl":136},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/react-vendor-CjZsb-BP.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:52.573Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/js/20251008125202/react-vendor-CjZsb-BP.js HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2v5y3a0g9q8.shop/\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: openresty\r\ndate: Thu, 09 Oct 2025 09:15:01 GMT\r\naccess-control-allow-headers: *\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\ncontent-encoding: br\r\naccess-control-allow-methods: GET, OPTIONS\r\nexpires: Sat, 08 Nov 2025 09:15:01 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\netag: W/\"68e65e7d-30b6\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: miJzr_-wd1RhA0nhs3CoFofcs0Tha_cmpiDRvVdbdcaShJknDEJG3g==\r\nage: 57771\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":12470,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (7625)","md5":"4c3daff76e9c753583ae817e4a6c2d1a","sha1":"d4293d97ea6d30a042961280c95b763295a4bcc6","sha256":"d0b831bf4a7e9540ae7a47afc72fee9baabeccb6c1e2e988e460a913c9f82bc8","sha512":"2fbb8aa4b61033eda7291455cb24fa08f1a279c9e71b94bff55124c68b8f644aef0ebe26ee7f07f930c6dbe144da1e9962d063af2b364cc07a53a7af002c3241","ssdeep":"192:5NdELVzXSN6lfHt9lhYsiA3Oermf5Gavw0lAfknmV+cHjmT:5N+RikN9/JUGavlAfkmct","tlshash":"cd42a3cc7599b0500aa3b970507f911bf37d38b6289cc1b4a2a6c4f8bab455dc137f6a","first_seen":"2025-09-10T13:21:03.844292Z","last_seen":"2026-05-18T08:35:19.483554Z","times_seen":148,"resource_available":true,"data":null}},"time_used":134,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":134,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/HomePage-Bq0V-r1Q.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:52.683Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/js/20251008125202/HomePage-Bq0V-r1Q.js HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2v5y3a0g9q8.shop/\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: openresty\r\ndate: Thu, 09 Oct 2025 09:15:02 GMT\r\naccess-control-allow-headers: *\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\ncontent-encoding: br\r\naccess-control-allow-methods: GET, OPTIONS\r\nexpires: Sat, 08 Nov 2025 09:15:02 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\netag: W/\"68e65e7d-32c9\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: -mnQG9IVa0Kyw7KlngSxYdgkBvStcguEKoD0p9Ul3jOcvt0Xmz-5QQ==\r\nage: 57770\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13001,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (6761)","md5":"450463c089f6ea27b2e0ae7b56791322","sha1":"1eb5c5d85902339bed4e602d0221c545d5c1a91e","sha256":"0254200608d9c2d3f900207e1919df2ed5101b907f114a381bffba57b4654b60","sha512":"936f33e7d9b9ef0846eaf6013974856df4199dfd485472e272b0d1950eda4a4b00b06fe525d6e8acf3dfbec17053e57889b1d218f65748b136b7cf1120b148a8","ssdeep":"192:Q1fmPwbM9xHTKMaGuFRW/ADXsNRjBiudRwkx+nXTliPL0LP6He:Q1ww6xHeMfuFR5DcNRd4kxqIALPge","tlshash":"bd42431ef012dabdd9a608d54d6fe8483c154f44ca2e8091f07eaa1c0a30c6f7b6a6dd","first_seen":"2025-10-10T01:18:26.22629Z","last_seen":"2025-11-13T15:46:40.855287Z","times_seen":23,"resource_available":true,"data":null}},"time_used":128,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":128,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hljbrsn1gj.qiaozhixuexiao.com/i?events=%5B%7B%22key%22%3A%22%5BCLY%5D_orientation%22%2C%22count%22%3A1%2C%22segmentation%22%3A%7B%22mode%22%3A%22landscape%22%7D%2C%22timestamp%22%3A1760059074104%2C%22hour%22%3A1%2C%22dow%22%3A5%2C%22id%22%3A%2287140c311760059074104%22%2C%22cvid%22%3A%22%22%7D%2C%7B%22key%22%3A%22%5BCLY%5D_view%22%2C%22count%22%3A1%2C%22segmentation%22%3A%7B%22name%22%3A%22%2Fwelcome%22%2C%22visit%22%3A1%2C%22view%22%3A%22%2Fwelcome%22%2C%22domain%22%3A%222v5y3a0g9q8.shop%22%2C%22start%22%3A1%7D%2C%22timestamp%22%3A1760059074106%2C%22hour%22%3A1%2C%22dow%22%3A5%2C%22id%22%3A%220d9ca5511760059074105%22%2C%22pvid%22%3A%22%22%7D%5D\u0026app_key=19dc23f5ac78cd398d107b7aef0343ddad7f54df\u0026device_id=be53b484-4bc8-4792-81ab-fbe5c3a0b7d9\u0026sdk_name=javascript_native_web\u0026sdk_version=24.4.1\u0026t=1\u0026av=0.0\u0026metrics=%7B%22_ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0%22%7D\u0026timestamp=1760059074107\u0026hour=1\u0026dow=5\u0026rr=1","fqdn":"hljbrsn1gj.qiaozhixuexiao.com","domain":"qiaozhixuexiao.com","tld":"com"},"ip":{"addr":"3.165.100.97","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:55.610Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qiaozhixuexiao.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 24 Feb 2025 00:00:00 GMT","end":"Wed, 25 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EB:4E:5E:A8:32:63:02:33:A0:44:01:91:5E:56:E6:6E:85:CB:EC:C3","sha256":"1D:5F:6F:4C:CF:87:9B:60:BA:FD:36:96:74:03:68:18:2A:15:71:6E:8C:01:8E:73:A5:DD:3D:95:0F:CB:11:06"}}},"request":{"raw":"GET /i?events=%5B%7B%22key%22%3A%22%5BCLY%5D_orientation%22%2C%22count%22%3A1%2C%22segmentation%22%3A%7B%22mode%22%3A%22landscape%22%7D%2C%22timestamp%22%3A1760059074104%2C%22hour%22%3A1%2C%22dow%22%3A5%2C%22id%22%3A%2287140c311760059074104%22%2C%22cvid%22%3A%22%22%7D%2C%7B%22key%22%3A%22%5BCLY%5D_view%22%2C%22count%22%3A1%2C%22segmentation%22%3A%7B%22name%22%3A%22%2Fwelcome%22%2C%22visit%22%3A1%2C%22view%22%3A%22%2Fwelcome%22%2C%22domain%22%3A%222v5y3a0g9q8.shop%22%2C%22start%22%3A1%7D%2C%22timestamp%22%3A1760059074106%2C%22hour%22%3A1%2C%22dow%22%3A5%2C%22id%22%3A%220d9ca5511760059074105%22%2C%22pvid%22%3A%22%22%7D%5D\u0026app_key=19dc23f5ac78cd398d107b7aef0343ddad7f54df\u0026device_id=be53b484-4bc8-4792-81ab-fbe5c3a0b7d9\u0026sdk_name=javascript_native_web\u0026sdk_version=24.4.1\u0026t=1\u0026av=0.0\u0026metrics=%7B%22_ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0%22%7D\u0026timestamp=1760059074107\u0026hour=1\u0026dow=5\u0026rr=1 HTTP/1.1\r\nHost: hljbrsn1gj.qiaozhixuexiao.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2v5y3a0g9q8.shop/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/json; charset=utf-8\r\nserver: nginx\r\ndate: Fri, 10 Oct 2025 01:17:55 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\naccess-control-allow-origin: *\r\nx-frame-options: deny, SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 8c9a0c99f4b683332dc88f73bbc3c078.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: SIN2-P6\r\nx-amz-cf-id: dy8Mtf4K3Y9HOTdJmw8Li5hQAVOZKkJ3yxxNVPDwP5rHsIFvirCJPA==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"9a14fe813903daf8566702dfd5ba2f4d","sha1":"0f6ac0a433de78e11e8a7035146d704ad02b6658","sha256":"83786d6ca95e7099b09dda2f11b25e7ac860caf70ec87fd35f520fbb58d8a296","sha512":"d1c5909cf2781e18eef4c799c7f157ecad65ca25020fd58b275674e82b79e8f0e490b41408a502f6b612e2e155fb5ece3a1a3d1f084c43f35eaf81d0e555e3a9","ssdeep":"","tlshash":"ec7000822800008200082800a0000a8030e0202002088880c03c00080208002ba8b200","first_seen":"2023-04-11T12:53:52Z","last_seen":"2026-06-07T04:52:28.225749Z","times_seen":837,"resource_available":false,"data":null}},"time_used":441,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":441,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"hljbrsn1gj.qiaozhixuexiao.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"hljbrsn1gj.qiaozhixuexiao.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"2v5y3a0g9q8.shop/","fqdn":"2v5y3a0g9q8.shop","domain":"2v5y3a0g9q8.shop","tld":"shop"},"ip":{"addr":"137.220.194.106","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-10T01:17:50.502Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"2v5y3a0g9q8.shop","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Oct 2025 19:32:25 GMT","end":"Sat, 03 Jan 2026 19:32:24 GMT"},"fingerprint":{"sha1":"E4:9B:03:D7:70:7C:80:21:D7:70:48:7B:8D:D0:E7:7F:3A:73:B2:07","sha256":"A2:8C:93:E5:5F:8D:34:50:5E:DF:7A:A5:78:EA:F8:A3:C3:E1:C9:EB:76:D3:0E:44:EE:59:68:8F:62:0D:17:3D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 2v5y3a0g9q8.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nage: 3259\r\ncontent-encoding: gzip\r\ncontent-type: text/html\r\ndate: Fri, 10 Oct 2025 00:23:32 GMT\r\netag: W/\"68e65e7d-7ac\"\r\nlast-modified: Fri, 10 Oct 2025 00:23:32 GMT\r\nserver: openresty\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-cache: HIT, server, disk\r\ncontent-length: 969\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1964,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"d73e1e3150e6af5d5d86fcbe1dc10eed","sha1":"f9d162031d9411cd25287aa54d49f5cded520dcb","sha256":"8c7f194964a2b635345849375a314a621de43f206fedcaebb146df563ca12a06","sha512":"67cbfee63449a7ab3432d59bee94fde94e59d799c35df377057278b0b3c8852e790034f3457ae37515029bd949914b3b311b002246bee3d9fa1b71f0bf15755b","ssdeep":"","tlshash":"644101a765e0885766460162dfc1f508e9bbf28b0885d49a70ef1064df40bc28a47cac","first_seen":"2025-10-10T01:18:26.000572Z","last_seen":"2025-11-16T09:50:33.606499Z","times_seen":52,"resource_available":false,"data":null}},"time_used":1483,"timings":{"blocked":597,"dns":7,"connect":288,"send":0,"wait":289,"receive":1,"ssl":298},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"2v5y3a0g9q8.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/20251008125202/HomeMenu-Cwa-UX_Q.css","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:52.653Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/20251008125202/HomeMenu-Cwa-UX_Q.css HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2v5y3a0g9q8.shop/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-length: 776\r\nserver: openresty\r\ndate: Thu, 09 Oct 2025 09:15:02 GMT\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\naccept-ranges: bytes\r\netag: \"68e65e7d-308\"\r\nexpires: Sat, 08 Nov 2025 09:15:02 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, OPTIONS\r\naccess-control-allow-headers: *\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: -s9YYpmYsR8DDiqgXSeN1XLALeWpd0-b-Db1assRQV1hA1TRTafZjQ==\r\nage: 57770\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":776,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (775)","md5":"83bf514a543d2c5e99f6047bb3af1b30","sha1":"3a612cdc22225e44fe6863dc2674584d2fb94728","sha256":"d3cadbbe87a7ceb70ed53c2bfa3f3c849ae7071af172df7b73229d3c4f5378ad","sha512":"79cd46bc6046994155b24d063e892e482bd3d45de98572c0ade330894cb5d5e75b74323bc714c81a2dd719a6bba413ceb7405afc2aaa52d8ec4d62ce662f5c1f","ssdeep":"","tlshash":"5f0142c88b65045841864381b9c0ea74077dcad2f5735ccf33f54c4e47001b953dba65","first_seen":"2025-09-10T13:21:03.832486Z","last_seen":"2026-04-19T14:03:43.183057Z","times_seen":78,"resource_available":false,"data":null}},"time_used":131,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":131,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/ScrollToTop-CwjTfElz.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:52.688Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/js/20251008125202/ScrollToTop-CwjTfElz.js HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2v5y3a0g9q8.shop/\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: openresty\r\ndate: Thu, 09 Oct 2025 09:15:02 GMT\r\naccess-control-allow-headers: *\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\ncontent-encoding: br\r\naccess-control-allow-methods: GET, OPTIONS\r\nexpires: Sat, 08 Nov 2025 09:15:02 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\netag: W/\"68e65e7d-1788\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: qXwCpxqBz02ND9pggytUfVrO6NcZsBwxY0CUi37l7GrvOm9HaWY-nw==\r\nage: 57770\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":6024,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (5138)","md5":"760034ca5018c384b9933bf3ef5ea14a","sha1":"8ca3a3025469ae55f8dc9e2f594ad6b12ae131fd","sha256":"6dddc99fdda705f4ad9d36a6fb2bc1d199bb80138bfe21e8ade20d4f96d77105","sha512":"20ed0528cecc6aaa84f14d36c3fdb930f354eb337397c0c124b578413a1358f065dbdc2718c3545bb28a959242859200c92a47934101d4eaf60ec9c3a539e9c9","ssdeep":"96:jBPsF2k7thXg4C6eGv3vjTxNNax1b3RJep+etOaTYdf/f3rrespyk1wY:9PrYtxgKeGv3blwedgXrreAhwY","tlshash":"8bc1b64af180e875e8fb4795154feac828367b88fd0dc004f17e9c5d652186bc7266af","first_seen":"2025-10-10T01:18:26.311034Z","last_seen":"2025-11-13T15:46:40.861627Z","times_seen":23,"resource_available":true,"data":null}},"time_used":128,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":128,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/VodGrid-CMAGuuWP.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:52.698Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/js/20251008125202/VodGrid-CMAGuuWP.js HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2v5y3a0g9q8.shop/\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: openresty\r\ndate: Thu, 09 Oct 2025 09:15:02 GMT\r\naccess-control-allow-headers: *\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\ncontent-encoding: br\r\naccess-control-allow-methods: GET, OPTIONS\r\nexpires: Sat, 08 Nov 2025 09:15:02 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\netag: W/\"68e65e7d-18b8\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: TIbCIZtWygoxZ6NN0pWlY160r7igQPYSjaNo57TT8XmWYd06ir3DYg==\r\nage: 57770\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6328,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6327)","md5":"d69e1c67e629f536ac445cb740c8b4b5","sha1":"e5ed8f8218c3b8b6d53b8a0e6e571b32cac10e59","sha256":"4ab8d8d79125c252ffbaa5ed8a5ed7e75165ffd821ef25b04f0a2e651f47f0bd","sha512":"53387bf507063281aa7e2c9ecac4394420c7fe29454e85e6efe17e5949cee55e5a206c538f9645eeef4fb8b5beac040054c95c26ff060d0c4937d73be9bfc4ab","ssdeep":"96:2AS2A8cFXcL/2I7FpO7yzBDNzBFOMWR8R+uH17XbJ3oHBro4HRz8Ha/BYqpZBcuw:FS2AHO2eFk7yzTOMWzALp83aou6E","tlshash":"61d1d71ee1015ef9c5a304a55ddee400183bafa5f7abc5c2f038ac0e1a58c42a8776db","first_seen":"2025-10-10T01:18:26.275939Z","last_seen":"2025-11-13T15:46:40.872037Z","times_seen":23,"resource_available":true,"data":null}},"time_used":145,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":145,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/constants-Bb-5yfQo.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:52.703Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/js/20251008125202/constants-Bb-5yfQo.js HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2v5y3a0g9q8.shop/\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 67\r\nserver: openresty\r\ndate: Thu, 09 Oct 2025 09:15:02 GMT\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\naccept-ranges: bytes\r\netag: \"68e65e7d-43\"\r\nexpires: Sat, 08 Nov 2025 09:15:02 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, OPTIONS\r\naccess-control-allow-headers: *\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: NM5_HF53QSmuap37b3Hc1SMHqx1KuU08zX9Z_wvlylZ45QXpvwBSxw==\r\nage: 57770\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":67,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text","md5":"c092b1555484ee90346f657f374b949e","sha1":"7f58a7ce4057b4ca04bc32e6bb2871b9b5546d42","sha256":"7f50b8269c413e1236104aaebd06247f7c2321154c145abae48d4b9b82bf9715","sha512":"14ff0b624440070e458e0d704f4af3dda6148c4feaea4142ab88de694154013134d3f9a9cfb2e773bd9be37375e962f653f7de3d941f22bf14747e7aca9bfd8c","ssdeep":"","tlshash":"d5a0220e20a800f00c2000888338ca00c0083008303220c38000022b00003c0032c8e8","first_seen":"2025-09-10T13:21:03.813009Z","last_seen":"2026-03-06T12:41:06.088378Z","times_seen":134,"resource_available":true,"data":null}},"time_used":251,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":251,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/HomePage-Bq0V-r1Q.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:52.794Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/js/20251008125202/HomePage-Bq0V-r1Q.js HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://8bhravb4.yxevym.cn/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: openresty\r\ndate: Thu, 09 Oct 2025 09:15:02 GMT\r\naccess-control-allow-headers: *\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\ncontent-encoding: br\r\naccess-control-allow-methods: GET, OPTIONS\r\nexpires: Sat, 08 Nov 2025 09:15:02 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\netag: W/\"68e65e7d-32c9\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: X8Y04owTpxswTmuUaeo53-wDMAvn5p018XD2Ie9e_LIGKLQEU2hOrg==\r\nage: 57770\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":13001,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (6761)","md5":"450463c089f6ea27b2e0ae7b56791322","sha1":"1eb5c5d85902339bed4e602d0221c545d5c1a91e","sha256":"0254200608d9c2d3f900207e1919df2ed5101b907f114a381bffba57b4654b60","sha512":"936f33e7d9b9ef0846eaf6013974856df4199dfd485472e272b0d1950eda4a4b00b06fe525d6e8acf3dfbec17053e57889b1d218f65748b136b7cf1120b148a8","ssdeep":"192:Q1fmPwbM9xHTKMaGuFRW/ADXsNRjBiudRwkx+nXTliPL0LP6He:Q1ww6xHeMfuFR5DcNRd4kxqIALPge","tlshash":"bd42431ef012dabdd9a608d54d6fe8483c154f44ca2e8091f07eaa1c0a30c6f7b6a6dd","first_seen":"2025-10-10T01:18:26.22629Z","last_seen":"2025-11-13T15:46:40.855287Z","times_seen":23,"resource_available":true,"data":null}},"time_used":158,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":158,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/ScrollToTop-CwjTfElz.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:52.989Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/js/20251008125202/ScrollToTop-CwjTfElz.js HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://8bhravb4.yxevym.cn/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: openresty\r\ndate: Thu, 09 Oct 2025 09:15:02 GMT\r\naccess-control-allow-headers: *\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\ncontent-encoding: br\r\naccess-control-allow-methods: GET, OPTIONS\r\nexpires: Sat, 08 Nov 2025 09:15:02 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\netag: W/\"68e65e7d-1788\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: omjzpkaO6U60iXiYTkYmdMvi0UdovQykSHMuVsgEzPAbBn6y-4Nbpw==\r\nage: 57771\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":6024,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (5138)","md5":"760034ca5018c384b9933bf3ef5ea14a","sha1":"8ca3a3025469ae55f8dc9e2f594ad6b12ae131fd","sha256":"6dddc99fdda705f4ad9d36a6fb2bc1d199bb80138bfe21e8ade20d4f96d77105","sha512":"20ed0528cecc6aaa84f14d36c3fdb930f354eb337397c0c124b578413a1358f065dbdc2718c3545bb28a959242859200c92a47934101d4eaf60ec9c3a539e9c9","ssdeep":"96:jBPsF2k7thXg4C6eGv3vjTxNNax1b3RJep+etOaTYdf/f3rrespyk1wY:9PrYtxgKeGv3blwedgXrreAhwY","tlshash":"8bc1b64af180e875e8fb4795154feac828367b88fd0dc004f17e9c5d652186bc7266af","first_seen":"2025-10-10T01:18:26.311034Z","last_seen":"2025-11-13T15:46:40.861627Z","times_seen":23,"resource_available":true,"data":null}},"time_used":129,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":129,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/constants-Bb-5yfQo.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:52.984Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/js/20251008125202/constants-Bb-5yfQo.js HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://8bhravb4.yxevym.cn/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 67\r\nserver: openresty\r\ndate: Thu, 09 Oct 2025 09:15:02 GMT\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\naccept-ranges: bytes\r\netag: \"68e65e7d-43\"\r\nexpires: Sat, 08 Nov 2025 09:15:02 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, OPTIONS\r\naccess-control-allow-headers: *\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: ibTxdqRjp6ys3be0tEdBpVbEDLcOUQMPsu4UxT-W3sXn54NY2ebddw==\r\nage: 57771\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":67,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text","md5":"c092b1555484ee90346f657f374b949e","sha1":"7f58a7ce4057b4ca04bc32e6bb2871b9b5546d42","sha256":"7f50b8269c413e1236104aaebd06247f7c2321154c145abae48d4b9b82bf9715","sha512":"14ff0b624440070e458e0d704f4af3dda6148c4feaea4142ab88de694154013134d3f9a9cfb2e773bd9be37375e962f653f7de3d941f22bf14747e7aca9bfd8c","ssdeep":"","tlshash":"d5a0220e20a800f00c2000888338ca00c0083008303220c38000022b00003c0032c8e8","first_seen":"2025-09-10T13:21:03.813009Z","last_seen":"2026-03-06T12:41:06.088378Z","times_seen":134,"resource_available":true,"data":null}},"time_used":128,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":128,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hljbrsn1gj.qiaozhixuexiao.com/sdk/web/countly.min.js","fqdn":"hljbrsn1gj.qiaozhixuexiao.com","domain":"qiaozhixuexiao.com","tld":"com"},"ip":{"addr":"3.165.100.97","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:52.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qiaozhixuexiao.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 24 Feb 2025 00:00:00 GMT","end":"Wed, 25 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EB:4E:5E:A8:32:63:02:33:A0:44:01:91:5E:56:E6:6E:85:CB:EC:C3","sha256":"1D:5F:6F:4C:CF:87:9B:60:BA:FD:36:96:74:03:68:18:2A:15:71:6E:8C:01:8E:73:A5:DD:3D:95:0F:CB:11:06"}}},"request":{"raw":"GET /sdk/web/countly.min.js HTTP/1.1\r\nHost: hljbrsn1gj.qiaozhixuexiao.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2v5y3a0g9q8.shop/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\ncontent-length: 83722\r\ndate: Wed, 19 Feb 2025 03:09:33 GMT\r\nx-frame-options: deny\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 07 Oct 2024 11:08:26 GMT\r\netag: W/\"1470a-19266aa8c10\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 67960dcfa01c1252d7354f3032a3107e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: SIN2-P6\r\nx-amz-cf-id: TZCIGlHuo8oXRdt9x6aa9cW8V7PqhzIO7220mFhrr71gmsQ4Nh9eew==\r\nage: 20124500\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":83722,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (970)","md5":"46848781d845a2db2feabb1d5afbf7fa","sha1":"077db796bc6469bb94c594be628f8ba9ecfa2d2a","sha256":"64c77c5c416d0298075dc98e509a3dff7cc48c262910393358a2d97f65233751","sha512":"f425473346b756a2dcb8d6cb888e2be00af92d1aedef80945c179be4943d732bb84b7f076e02de59c9a6344a99fa65160113dbc04c9a9aff672eb3337ecb4996","ssdeep":"1536:+tvJ5BlOi1p8+GZ6jM6PFdzSmO29yxppIywQO1ygsUR4sL0l8RJzhybi7whPGiX9:KxOi1p8+GoodOrhybisGiTB","tlshash":"6d8319ab71803d7a4abac069393f8385737e41aa7f0044987d69c9fd1958dc6463bf28","first_seen":"2025-05-21T04:31:42.719418Z","last_seen":"2026-05-19T19:10:55.788341Z","times_seen":60,"resource_available":true,"data":null}},"time_used":2591,"timings":{"blocked":984,"dns":472,"connect":255,"send":0,"wait":284,"receive":334,"ssl":259},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"hljbrsn1gj.qiaozhixuexiao.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"hljbrsn1gj.qiaozhixuexiao.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/layoutStability-Dq7IThs2.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:52.708Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/js/20251008125202/layoutStability-Dq7IThs2.js HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2v5y3a0g9q8.shop/\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: openresty\r\ndate: Thu, 09 Oct 2025 09:15:02 GMT\r\naccess-control-allow-headers: *\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\ncontent-encoding: br\r\naccess-control-allow-methods: GET, OPTIONS\r\nexpires: Sat, 08 Nov 2025 09:15:02 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\netag: W/\"68e65e7d-a4a\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: ybw7RUzbE_JjRFfprDTVn2QlrWIQ-d5GiUHwfp1mjRkmgxc1Of2s9Q==\r\nage: 57770\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":2634,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2531)","md5":"5353d3e35cf4294f300cd4cfa90591e3","sha1":"ff6b45bb3a5c17714f70f8b1ab113e3b08873f5d","sha256":"bbcb3be5565ef159940a3f953c26550a3fe79e808b5047fddc766731f19953ff","sha512":"494be1d41f1b7a1c3f12758f862078d9490966348608dc8e109d209a0295b9cd7aa764f271397f56b99f9c2c0e123dfca5d8fb70fec5a21d1f04914ce39e426a","ssdeep":"","tlshash":"eb5185817aa5a432866a605689511a0273240f649f15c4e8f67d2e6f003bd8337fb27d","first_seen":"2025-09-11T13:20:21.059115Z","last_seen":"2026-04-14T11:06:51.959728Z","times_seen":76,"resource_available":true,"data":null}},"time_used":249,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":249,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"8bhravb4.yxevym.cn/assets/js/20251008125202/arrow-left-ui1V_NRP.js","fqdn":"8bhravb4.yxevym.cn","domain":"yxevym.cn","tld":"cn"},"ip":{"addr":"18.154.101.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:53.007Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yxevym.cn","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:0B:15:34:CC:BF:7B:1B:06:8A:37:9B:CB:D8:71:48:7B:44:F7:0E","sha256":"07:66:0E:D9:03:F0:41:EB:CB:54:A3:99:A1:50:54:FD:B6:57:D6:3A:15:70:BD:11:E8:67:C1:7E:07:D0:49:88"}}},"request":{"raw":"GET /assets/js/20251008125202/arrow-left-ui1V_NRP.js HTTP/1.1\r\nHost: 8bhravb4.yxevym.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://2v5y3a0g9q8.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://8bhravb4.yxevym.cn/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 338\r\nserver: openresty\r\ndate: Thu, 09 Oct 2025 09:15:02 GMT\r\nlast-modified: Wed, 08 Oct 2025 12:52:13 GMT\r\naccept-ranges: bytes\r\netag: \"68e65e7d-152\"\r\nexpires: Sat, 08 Nov 2025 09:15:02 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, OPTIONS\r\naccess-control-allow-headers: *\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: DEN52-P3\r\nx-amz-cf-id: Nadi_kR25h91ckfU6WOYWTCnK2lCRwpp4voV4KuwunuC7vt8v2TUjQ==\r\nage: 57771\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":338,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"667e4c633ffbd26b1fd13211463483ec","sha1":"fb88f0c0e02a855b5b528b0ab0c0ed5ebc2c6b02","sha256":"18c581248984273f34d4655f35d2066b9f257efa985962f0697c5f122610ccdf","sha512":"acd751edae7721a0dca0205eb67eb849e4ada6b7be953498dc65e8fd3944d46c6fb67ef7e533e3d56b51b6927f9cbac813cd16f821dfff94967f3a3f5ad9def2","ssdeep":"","tlshash":"afe0267f29d012b3027184b81b0be5cb564811fc836eb240b41243698a304bf4adde90","first_seen":"2025-10-10T01:18:26.135613Z","last_seen":"2025-11-13T15:46:40.871198Z","times_seen":23,"resource_available":true,"data":null}},"time_used":127,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":127,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"2v5y3a0g9q8.shop/api/vod/carousel","fqdn":"2v5y3a0g9q8.shop","domain":"2v5y3a0g9q8.shop","tld":"shop"},"ip":{"addr":"137.220.194.106","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://2v5y3a0g9q8.shop/","date":"2025-10-10T01:17:53.153Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"2v5y3a0g9q8.shop","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Oct 2025 19:32:25 GMT","end":"Sat, 03 Jan 2026 19:32:24 GMT"},"fingerprint":{"sha1":"E4:9B:03:D7:70:7C:80:21:D7:70:48:7B:8D:D0:E7:7F:3A:73:B2:07","sha256":"A2:8C:93:E5:5F:8D:34:50:5E:DF:7A:A5:78:EA:F8:A3:C3:E1:C9:EB:76:D3:0E:44:EE:59:68:8F:62:0D:17:3D"}}},"request":{"raw":"GET /api/vod/carousel HTTP/1.1\r\nHost: 2v5y3a0g9q8.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2v5y3a0g9q8.shop/welcome?returnTo=%2F\r\nCookie: _ga_GEY91XQ7RC=GS2.1.s1760059071$o1$g0$t1760059072$j59$l0$h0; _ga=GA1.1.559218275.1760059072\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nage: 2273\r\ncontent-encoding: br\r\ncontent-type: application/json; charset=utf-8\r\ndate: Fri, 10 Oct 2025 00:23:39 GMT\r\netag: W/\"2921-vEKhx7GFray4mAiqlYThX7icHe0\"\r\nlast-modified: Fri, 10 Oct 2025 00:40:00 GMT\r\nserver: openresty\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-cache: HIT, server, memory\r\nx-encrypted: AES-128-CBC:hex\r\nx-powered-by: Express\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":10529,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"9dd7da57feeb67998e4c81ef906c6337","sha1":"bc42a1c7b185adacb89808aa9584e15fb89c1ded","sha256":"62f97836cb2c811aedfd1efa29e0fb042ebe269cbcb23b0ef40c09204e200f27","sha512":"42c903c5bd047e277af78e80da0156ed202691f296694b2a79849655a12b096a2e164d1bad2facd363602d3e38db7bf2b55073e56ce25ac22512097e62a675e4","ssdeep":"192:KJ41wiOv22Q3duPCGvI6hRDo024D1CavkDhOOKUd7jrgFyP7UzU8fAT9r:KWZipQgP3dhhowdvkNLZNV7Ua9r","tlshash":"f7226d6cba047adf6a6f625fd88b999942f11061ddc77cdc9065bec90473232be13806","first_seen":"2025-10-10T01:18:26.316442Z","last_seen":"2025-10-10T01:18:36.083515Z","times_seen":2,"resource_available":false,"data":null}},"time_used":289,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":289,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"2v5y3a0g9q8.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}