{"report_id":"9c893fe6-21ed-42ea-b191-356c20e579fc","version":6,"status":"done","tags":[],"date":"2026-01-09T13:46:26Z","url":{"schema":"http","addr":"tqyy5mv8.top/","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":0,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"final":{"url":{"schema":"http","addr":"tqyy5mv8.top/","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"title":"草榴社区VIP - 草榴社区VIP专属通道，独享私密精品视频","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"tqyy5mv8.top/","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":0,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-13T13:46:26Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":3}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-09T13:45:55Z","timestamp":1767966355,"ip_dst":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"ip_src":{"addr":"Client IP","port":43776,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2026-01-09T13:45:55.200319+0000\",\"flow_id\":1935308078871793,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.35\",\"src_port\":43776,\"dest_ip\":\"45.202.214.180\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"tqyy5mv8.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1075},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":669,\"bytes_toclient\":4613,\"start\":\"2026-01-09T13:45:54.226545+0000\"}}"}],"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"tqyy5mv8.top","ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"domain_registered":"2025-03-06","domain_rank":0,"first_seen":"2026-01-09T13:46:32.566302Z","last_seen":"2026-01-09T13:46:32.566302Z","alert_count":405,"request_count":135,"received_data":2440592,"sent_data":112060,"comment":"","tags":null,"fingerprints":[{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"Nuxt.js","description":"Nuxt is a Vue framework for developing modern web applications.","website":"https://nuxt.com","common_platform_enumeration":"","icon":"Nuxt.js.svg","categories":["JavaScript frameworks","Web frameworks","Web servers","Static site generator"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}]},{"fqdn":"gtb.lyb63.com","ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"domain_registered":"2024-08-29","domain_rank":0,"first_seen":"2025-08-02T14:38:54.554741Z","last_seen":"2026-01-09T13:29:01.176998Z","alert_count":0,"request_count":55,"received_data":15253132,"sent_data":28875,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}]},{"fqdn":"collect-v6.51.la","ip":{"addr":"43.159.107.113","port":80,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"domain_registered":"2005-01-17","domain_rank":348646,"first_seen":"2021-03-08T16:03:54Z","last_seen":"2026-01-05T02:41:01.3201Z","alert_count":0,"request_count":1,"received_data":359,"sent_data":386,"comment":"","tags":null,"fingerprints":null},{"fqdn":"api.iconify.design","ip":{"addr":"104.26.12.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2018-10-17","domain_rank":89604,"first_seen":"2018-12-24T02:01:40Z","last_seen":"2026-01-07T00:01:17.44971Z","alert_count":0,"request_count":1,"received_data":1543,"sent_data":495,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/C2VePTmI.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"fa45f7eb2cad4068363e0aa03da6796e","sha1":"6715b5552d68fec3a599c57899a84bde73c10a8d","sha256":"fde96455ba7b5a92f894bcd866ec94c34ddb06f3970e49de6c60f30d49453838","sha512":"81330cc0dca1c1fd6619b318e43850d8a6192f3ba2eec8c57acb17df59ba727b3b0f1c3a9ec22c2b82d189d6e3438e2c566fd514dd77611f500b285fa6db5dc4","ssdeep":"96:HEK1FgiB560eoaIMizohzhI+hVXJY8OOCxkD0iZ8vqbX6F66Flm2s69B:HEK/gi60eob8h99LZrvCa38c1U6u","tlshash":"dbb14244f425fdf79fe7485450a04a40e9242b6a9470b8f7d3ab6eacd32ac4077e6738","size":5155,"data":"","first_seen":"2025-10-16T06:08:09.992486Z","last_seen":"2026-02-28T19:40:37.469821Z","times_seen":171,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/DdzjdIBS.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"33bcb92aed739580a4150bd8b32c8501","sha1":"369cbd00ff3fdaa1e55d5d90a17489c7d3dbde4a","sha256":"4dd7cce928880fa87157babd51b41c97f01b2fa764847cb0f6e848915f7a8891","sha512":"8e2ae0a1f1ac46264fb6066d412e0b60368979137581ae42c66a4f1a43402660668f4af3f2b39788c9d3de2cf4d05e149f4bf8fc0f9675aa44d335991972531f","ssdeep":"192:jvUT9JlEDIWGrVqaLNbObnH7zmzQgFVPOWxxE:jMTPOBuE4bObbzMQ+VWWzE","tlshash":"9202a609f01490b4f376ed94d8784c0a9e0b6fd556e880c8e4eade1b5366cb439e9b1c","size":8236,"data":"","first_seen":"2025-10-16T06:08:09.826209Z","last_seen":"2026-02-28T19:40:37.435081Z","times_seen":165,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/0xlt7eT7.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"7520c7f08b1151b07b6927bda1828d9e","sha1":"e2940e90446ead59c5ad1b3b0ea963e275aad24e","sha256":"90ffed836332a30190edb82bde3bd1710c3ac7373c36a24be14561aabe0dc857","sha512":"b335376d6fc09811ac4d2629295ccf34f5a1a0f6046f6ec87f8e2fbe41b18b023f5abf94c7abe4ed04f2c060d7c7876767786fa631630a7fe578cac451be7974","ssdeep":"192:qbRBZvxP1xAZjxWzZxgWhwsDmNvPGFj0P9eaCj6j6s:CRVjYo1qsDmNvu90P9ejj+6s","tlshash":"10222389f1459aae824b1170445d5c0c964b7fa4ceeb8a4a33f4ed4af386cb67988734","size":10308,"data":"","first_seen":"2025-10-16T06:08:09.876092Z","last_seen":"2026-02-28T19:40:37.424996Z","times_seen":171,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/WK6v7wUJ.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"scriptElement","is_inline":false,"md5":"ba2c1db780414260bf9f1c27d6b707b4","sha1":"b31d88b1ad7a7cd47d80b4f3b6bb007a7ca95289","sha256":"209bec5e822efef7719fec8d0c0b7709f61e759eecf3eb764f5b33d37e13d238","sha512":"424318a3d197ead5e691379053aa80a84baa7389da4e4ae4af17f83d2fa68e10e4f3376b4a1c5019a6443f61c9ba705c4a1957106b0bd12e73a4e425b3c038e8","ssdeep":"6144:UPrhxWg1WRCrnGQVXmAJJjskVu08ILFODtuq6Z+pa9Lhu7:UPHzOCzGPmtY08I676Z+pOK","tlshash":"818449e83196b0b253f629e1807f0006f2392925384dc4d4f16dedea3ab655991bbf3d","size":403751,"data":"","first_seen":"2025-10-16T06:08:09.686192Z","last_seen":"2026-02-28T19:40:37.467597Z","times_seen":171,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/O2p0eN2I.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"d5ec1d145b31fc1d368d1632c569e65c","sha1":"bc5007ec749c716aa9988ecac2a0e7c4adefa5f7","sha256":"8e486193f148311ddd976913a44cbde699cdbbe8fc301f7d5be61b1529b5a14b","sha512":"c039034775aef251bfdac85a884a9d138dd7d7bdb8247b18a8bbc2c53863781933e9e8bf979f9aa17abfe857fecdccabe0f23a0bee5611c54689a30a5deca145","ssdeep":"96:4yJqHoUq19XA/uX948XtZ9v7Ab95c56IBziMjXZ2ByKKlV7FU7U42H6jPm5uv:Dkq1AG9TdLv7AZOIIh1LZ29KZ6Dm0v","tlshash":"cdb1a4d57181f8b3d738e6ce005101e097ae97d03029c6edb15f8e03261acb866faa1e","size":5100,"data":"","first_seen":"2025-10-16T06:08:09.782718Z","last_seen":"2026-02-28T19:40:37.478745Z","times_seen":170,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/KGeZgdKO.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"scriptElement","is_inline":false,"md5":"e89fda158cdee0b899ab8763a1d3c65f","sha1":"bf0863b57646d0af21b77c5a007c9bc0cad0b502","sha256":"dbfee3bab623f82de9f2dc2e7dd141228277a152fd30ac3f76d6fd3074b5048d","sha512":"246c2b7b9b2e6ced8bf12b097fa32d40c261fb4b809136466834225d94ea4d29844745e49caca6b755d15407bfef592b5cc58b070e187df1d00e1c7aab509385","ssdeep":"192:t7qVgDRgFIsPSidbEXJmXbGykf/Xk6msa0x/HPd+SocRxnu6g:tVDRgGivdE+bGXXkjt0x/HPWT","tlshash":"4832750df110f679e73bc8d4c4a849056a0bb75946e882b1a1fafe1fc2d5c74ba48735","size":10999,"data":"","first_seen":"2025-10-16T06:08:09.751343Z","last_seen":"2026-02-28T19:40:37.430337Z","times_seen":165,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/Bm7ddlXp.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"7129a1fb57f0e6fba13a56e46cdf8bf6","sha1":"709122464f8c6de3bfc9b9c44c9bf5f948890069","sha256":"0cf7bdeab7b345499662eeababda810f58b54d7b0ce27eb331ae65c2b7d3ab1a","sha512":"0f74446f1a7a4ca7c6e4d97a9c164e92af2a02536d3e4959fdb6dcbf48142a1ba7cebc38d98571a59a58a14df032017e12de1f56cf97ca0debb36da47f556032","ssdeep":"","tlshash":"6f21148cf459c579a7738cb805502c41b60c7f7cb52fa7e19ae817513a96c21e71e718","size":1189,"data":"","first_seen":"2025-10-16T06:08:09.93282Z","last_seen":"2026-02-28T19:40:37.428553Z","times_seen":171,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/rQTPkNhF.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"f6e3c34d522ad49403460d1398d3a128","sha1":"cb60a67fba63f790c36006724a622f14f2ee6b1d","sha256":"e7dc20eca1febd0a8b5a73dcec495fb53a16f45b1f2cd567be135ae1fbf1899b","sha512":"f4509c9114a9bceebcd157cc84fc0aa8be8d18fc7451a66791ee50ae84f46eb88f14c9e2a19a14468d774ad83643e53740c1c09186681d3986e09bbdc2e953a9","ssdeep":"192:UvWjSQFRLDnxisHQSuzpF4KqN2BBeoUEfMpHzXx:4USQFtDnxiRTQKVjxE","tlshash":"30d1f9457999e477c97758e8a49e0020b9181b89e109c3b2f0be5d0d59fd8d0e1bbebc","size":6707,"data":"","first_seen":"2025-10-16T06:08:09.591678Z","last_seen":"2026-02-28T19:40:37.423986Z","times_seen":162,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/CvUKjgFw.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"scriptElement","is_inline":false,"md5":"8ec8c5a192a70d61e3c277ae4664cc45","sha1":"6dc252e536b034e7a53ed513a3b043191d8f03eb","sha256":"b27efe285bffe40caba353c36a070ad52d0a8830d1a91dece4e1407b35217d22","sha512":"c1e5e9f3d3e1e5663372285421a8d6d74a8b21bd6f5de0892ad453d4ef9744260ac040696748fc9df08b0ab2e61cc5922228f57247932327e33a44a00bb4dbaf","ssdeep":"768:ryeAV3kkJ7f2bap3ac6qPb4/9ebB1GUwtltBjT3MVLrv27YMvZ14Q9QSkeDZy/9u:rc0eHN5VL/ZdjYfh","tlshash":"18235d40b474a578e77791ec509a4842266e2f4cf024c5e0f0bd9d193be6cf4ea9d73a","size":49774,"data":"","first_seen":"2025-10-16T06:08:09.632355Z","last_seen":"2026-02-28T19:40:37.453217Z","times_seen":163,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/D51WYg2P.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"scriptElement","is_inline":false,"md5":"7480415196a9c2b525193738c98be9bb","sha1":"6ec812c786bbc0af9c09a3ac9f31e43bec5a4ee9","sha256":"711d5c25a2e2d3ae5a34d6a40463a634f0ba8ad24fb1b07e1ec1df2eb760a539","sha512":"a4f627d2a337c762f4567815de5704f1904ed7a3d6e45cd3fc178ffa2ed8a564b33faf51c3ae707174992b4024371d699d1752482e79cfa3bcbd6069305676cd","ssdeep":"","tlshash":"a84195187c6fdbfd95735d28701905297008bb9ea656eddb83f905123cb2f86c929322","size":2193,"data":"","first_seen":"2025-10-16T06:08:09.818887Z","last_seen":"2026-02-28T19:40:37.462258Z","times_seen":154,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/i01Blr7r.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"826f5fdb6ee79ff4506a59db01680676","sha1":"da5044530cd0d0a7963ad8902c2f71df88796fa7","sha256":"af56f6b6e78a55a3810ce208fa4f86359a156aaff3f2cda993c44c885bb88e67","sha512":"80b5d02cc1e925d4cc2e2da3d969d9096aebead5046e316e294955ad712527717a77572475e1183398a238420a7a22bf188a8bd6330ae5685b2e26fdb286dd48","ssdeep":"","tlshash":"4f21449db149907f3eba1dd04127184292225f0a6920b7f5e1564ff301b3d14e16ef7e","size":1196,"data":"","first_seen":"2025-10-16T06:08:09.804764Z","last_seen":"2026-02-28T19:40:37.445078Z","times_seen":171,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/BJTiVmqf.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"f8f547444557edd63f784a5559e1e0ca","sha1":"e6b107251281dd71e70bf4e6a248d26c17e9ed7f","sha256":"22d4dfa068093b64f39ffcaac5536d7b5aefd3c6cb0a0c52ac3a9ac1ba015c8a","sha512":"9b27473460d3ceccaeb2a13ee313155f151fd45df8dd0aa333119bf3cc786f40d169b6ecb7f42144b31759282c16adb013166251eac384ba04fd3386110c53df","ssdeep":"","tlshash":"6941b6d068f16b769b0ba0a93a53083225946784e0064efc937d0d5b3ac98f0f67d61f","size":1974,"data":"","first_seen":"2025-10-16T06:08:09.556163Z","last_seen":"2026-02-28T19:40:37.460858Z","times_seen":165,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/FNsFDHSu.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"scriptElement","is_inline":false,"md5":"6275a6a1b1a3ae0e8f94e3250658aba8","sha1":"b7e058556ebf6c9df86014061513297e4a75493c","sha256":"fbdb3c383001ad396be9117fd48eeaeb4691f7da03990c2910028fff89d4ba3d","sha512":"f9dd62b78ef458a7907db2de87c5b35f12ce1160894b4ef66e0208b27df18cbd4b5a7fccb2663f072c603d4a07386a9996b9c2c95b46903d256f41af2c22f7dc","ssdeep":"","tlshash":"0b5185153cefebfd95b34868301a0820b009f75b9457aae596f949113c72f658ba6321","size":2673,"data":"","first_seen":"2025-10-16T06:08:09.757482Z","last_seen":"2026-02-28T19:40:37.45069Z","times_seen":154,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/B49QR4hx.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"79a4c4cd2414061a120667b3b5cce535","sha1":"58293f4e7c8dd914565d5b2c0685575702c942cc","sha256":"2ee168b68121100f293a97e385dbacd24a784365b82a3c569fcae22c6a898cc6","sha512":"b20a24efc3d57312d028a829c31a175af4eb770fd1a2444da40552128676bfad7609ca581457b951e4fd8540c2272d2f82373ed200206cea9c7498f676c7c9df","ssdeep":"","tlshash":"7c31d8caf8dac43da32bcc894028441051143f8e603cc1d6b6672b0ce739ed8ae1561d","size":1767,"data":"","first_seen":"2025-10-16T06:08:09.696598Z","last_seen":"2026-02-28T19:40:37.431342Z","times_seen":168,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/C08VCnG4.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"859d861a262b441aca2e2b73829a898e","sha1":"30f71c696be84050440693a70767edd06c8f002c","sha256":"7f83fcc5c0dfbae734ae979570ba603f25a75117fd20203fb5cd4419809b6361","sha512":"7ac80f4ccaad4527da566b23d9f34744a419c15de7de832d9f3fdd0f4e8850cc6183e51ac87b36f42020a9b7b793c9c075a75c64a5ae80d3ae0a5643120b74c8","ssdeep":"192:K/NHM4sR4IDgBtxFD08DNDwAho7TaIYarQQpVxaF+CL4AnwVTJB64Spvkl3olr:KVHORbDg5FD08DNDwqo7GqBVxaF+64A5","tlshash":"4ff1e7f831c5707e63611ce0907e5404a54aef41b696c4e5e12fecb22cf245a227be3d","size":7844,"data":"","first_seen":"2025-10-16T06:08:09.986626Z","last_seen":"2026-02-28T19:40:37.468109Z","times_seen":171,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/n7Z_Ltok.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"601df375fefdf23d996e629ec08c2d8c","sha1":"0759aea946fc942f1d0033cf8797a07d621eae01","sha256":"63f471ecbf1c0211f0a9b281c3d6a4e2bac2d35fb62677445624b20a6c041858","sha512":"c62913917e2d560532d29e2fc8034b1c6cfbd30dbc36381e825e252354ca93797d3f401b6d23d7403208b060bb9bc2b6b51f395c0665f723e9072b32d28a187a","ssdeep":"192:uXX84mprN5N4L1qPYVQlx3VEMYp/zWyOSLRGXJIx822Rue7LRSPkLQ41u9VEP:ucfL5N4L/VcxVAdROSLsXJIoke7L9LQI","tlshash":"4a022b94f848a9b7d7ba65a41018408052682fd4f027cad8f03f7d2b27dc9d43abae19","size":8546,"data":"","first_seen":"2025-10-16T06:08:09.565139Z","last_seen":"2026-02-28T19:40:37.466572Z","times_seen":170,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/BEu6Ldxs.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"f763a28ca57db1035abb0ecc8ad7a4bb","sha1":"3afd0e2bc2c3938f9850e11299332030473c2f02","sha256":"affa82a5bf58f5442a1ed7d9ddfab14663ed8da0420a9f279eba26e8ee20bac5","sha512":"bb116a1ccf0a133a5c9d1844221e2df5ed11f63304849fbc14a8a04ec0a2039963ef1c8487e044fc6672579dcbad6fa0b4d9ecd49ed11ea85f8f0573322251bd","ssdeep":"","tlshash":"04e0c08e4010907446a38ee457140c19d204e710b3a9dface2cc883725a6037e24e31c","size":361,"data":"","first_seen":"2025-10-16T06:08:09.893475Z","last_seen":"2026-02-28T19:40:37.422208Z","times_seen":171,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/DV_8Za2T.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"c7ae8e3f8f678477e6e2fe3f9a2c5f8f","sha1":"5581b096f22243785364b964aa27deaa3cf07e92","sha256":"ff948a6f62ebee4a5056224d4c1242f87173133bde7c2b20e3872c5dbb7fc632","sha512":"75c145fdcd57ff6c2db358d8a3072beea456a75171b49444aa85b5808976cd61fbd466fefaa460eb6bf853552c8cf2e6f3a1347fb95af4ec1c27d594a187ef4d","ssdeep":"","tlshash":"1e81ffcdb08986fea35b0530048d5818624e3eecdaeb874b52f98d59b386dd5b86d370","size":3932,"data":"","first_seen":"2025-10-16T06:08:09.761706Z","last_seen":"2026-02-28T19:40:37.458827Z","times_seen":171,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/B1gS06j0.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"73d6a683c1307703acbbae9216eeafe4","sha1":"a10aee3e906cb8521e6853a9db2524770cfe5e80","sha256":"40c07a58b51457fd0d9f5370f5f3ed7b7bd7dead64520adac534101b5a4c760f","sha512":"3ec0395146341c90b939e9b92ce8c3afd59e052830c70f6e509d4e476e671da1f25d02287ebcdc6681efc65bf386a7832759e9f3dc7e4379237f8c23b7ea3070","ssdeep":"192:LEIC7jOM2E/9w0Y+tea71HtxzyVdCLRes9tkc5JnBC6P00eVUJHHLwE:LEhjzTG0Y+te2N+CLRes9tn7PFQUJHHP","tlshash":"3e326354e040b93719e7cc8ff015ad51e74c662ac836b8f6f566a1be17bb420e312b39","size":11962,"data":"","first_seen":"2025-10-16T06:08:09.707744Z","last_seen":"2026-02-28T19:40:37.432816Z","times_seen":165,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/C3oxHC-_.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"d02ddcb541d286d00227266bcd875593","sha1":"341099afca2cf68a720ffe4e795437e2ecc59346","sha256":"c490a6d2b1ecf560e885d68686621e1c07ce4c1b8d0b00bf222003d5ad59c897","sha512":"2584ab445b95662de5ea9e1ac141873f1cc5303e3e616b8a50ac09036a1180b82638a02b464972c718a59900773269157d134c39abde9a8b0532fd9d7870410f","ssdeep":"","tlshash":"1131110df452c5f5a593045479e46855209e3faadbb09f81f1ec0fb13b028a1ad4f750","size":1572,"data":"","first_seen":"2025-10-16T06:08:09.66058Z","last_seen":"2026-02-28T19:40:37.442827Z","times_seen":157,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/KEEe2ipC.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"6cc892113f75dbb5d6dd66c4a3408c1c","sha1":"2d66edc07b13401985b6f6065c1d29c0f7f36dfa","sha256":"e7d2c3e3b04055106e7fd97eb8ebfa470c5fcd1f2f87f2c427c3687c9a3ff971","sha512":"7ad0cdc3468281b110cb401af9d31a1dff18ccaf101bdae339f3ed8a86835be9998a689abc37826b92eb235f8603018585eea0e8d8abbce812f8e45aeea2c11e","ssdeep":"","tlshash":"8441461ebcadea79caa22c90f8e5444016190f1cb4f879e1e69d2f341767ca0d90d378","size":2252,"data":"","first_seen":"2025-10-16T06:08:09.677474Z","last_seen":"2026-02-28T19:40:37.430809Z","times_seen":168,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/bnqxLtY9.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"9b9f593c4f183837d4142c51f6569cc4","sha1":"39eacc5fe2bb2efb1ab3e8070787317067401dd2","sha256":"b276261f86a4d226e01e1a543465a1d4eef694f57d2757f5c26aaf59a3e07d5a","sha512":"67e0eb740fb27cafe78663de80a4a068e860a6f18a52fe2b60e494514788a97832aaef6f99486d9d56855e3be3624b8952bb757245ec75a2d11d9e11dd4dbab6","ssdeep":"","tlshash":"fc11d048b401863ed4adac9881580931234c7e9f06b8c5b0b4fee7209762454ba4ef31","size":926,"data":"","first_seen":"2025-10-16T06:08:09.606373Z","last_seen":"2026-02-28T19:40:37.456809Z","times_seen":168,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sdk.51.la/js-sdk-pro.min.js","fqdn":"sdk.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8a41c9449b73e8ba0224c6be1f0b7e8","sha1":"33d79319d4110bcf5c44c36f7dd4a291972ac546","sha256":"52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565","sha512":"472d0395a65a3ade2d215559b196a88ffcdacde3ac0f573eb8663b524f201d72c9339bcacbc198d82452a0ac367c0efd407b12795943cdd2755d95a8cf71b977","ssdeep":"768:swetbD3SkE+a/l1jaKUiQU5eqEh9GMXBOXAA/EXBeJMlbJfuPT:BetbD3SVT/3+KUc5eqEh9GMXBYEXBeJ7","tlshash":"dbf23d9577c0317cc3c783ea362b501ae1a69e910059a8bcf345f6907d34e56a37fba8","size":36114,"data":"","first_seen":"2025-03-10T03:40:31.536734Z","last_seen":"2026-04-03T22:33:25.801686Z","times_seen":81091,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/DO24JSDm.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"92872c95c57af3a4daa34799458745d2","sha1":"3d7328523c11d85b2cadeec48f0eb6e21a73f3ff","sha256":"d249211b11826095df9790885365eb4da5b10cb9b2b06403314b47f22ada0662","sha512":"5e352034a59a31a58894bf7da336d1f95677b3ed87bdbaba59c4c40e85bfd5184f725e34bcd32e5cd3a3ed3aa37dc522a74e0729280453d50edf28606e563fe2","ssdeep":"96:U1W+WoH5yuik1QsOikNG4PNYaGhJNUmPTFo9hPE2vhiV9qMYc:U1HWoHu6kl0mNsNwpif4c","tlshash":"0eb165e474e8d0dbbb768e81c033265260077ba96435f0d4e1b66d321167e249653b3f","size":5292,"data":"","first_seen":"2025-10-16T06:08:09.961497Z","last_seen":"2026-02-28T19:40:37.448712Z","times_seen":171,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/DOUSyLD7.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"f318199bc885006e657cf7892e71b038","sha1":"cd5f06373c59ef3e89570b05c65676ff204e067e","sha256":"8d9b9424edc8927c826ed56461fb872830492bc95de8f28aa103f0962111c767","sha512":"65cc759a3d137a3cddf28679db7df4462f84423d51cb6346e2118a98d8d266885f612c5455c4c90c4eb72136933d965210465f12aee683db9e67fc9af60314e9","ssdeep":"","tlshash":"183122a8b4daadb810f7bd84d836314856081e493d35f0f4db8b4da71ba3010567e71a","size":1811,"data":"","first_seen":"2025-10-16T06:08:09.953904Z","last_seen":"2026-02-28T19:40:37.460364Z","times_seen":171,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/BP7QvQo8.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"4eb6992de693a987050868c43f955a7c","sha1":"52ba69593d44cad0c129795ffdb140d230f7f832","sha256":"bc8e9955d7bc5130880db91f0510fdcca762f71d0bd44927dc3ed20988ee73f8","sha512":"06754657681e3734f65b439bbd7f957765856371ad3ae9056bf2f20b9bdde3c4e84283ddfd0577d84e18d43250748329242faf189cb75d9cd193a5efd6046faa","ssdeep":"192:eC78ycUJWiT0rxOW0dQhkRRZWU0gFkRRZRR9Py9+:e0MxiTipYRZWOYRZRn","tlshash":"12f1b6c66016c6bca48b5524696dfc01b00f7fdae65b9a1392fcc42633459e9fe8a334","size":7482,"data":"","first_seen":"2025-10-16T06:08:09.627203Z","last_seen":"2026-02-28T19:40:37.477017Z","times_seen":171,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/DptArvn-.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"f9df5b1f126b2eb2cf955311f48cead5","sha1":"396b77a173859b5f73a666b9da0d7b22f66413bd","sha256":"9cc5e9fabec00ccc8a355d4925f7c083c4c0b6f1d53f4c04057af45f5671b34e","sha512":"4e8f16e77942a7d978feed32c2529f83a6b9b29426ec0294142e238822a31d476aec016aaddbf3b29f532eaff70ccec499ea81e13f736957bae1e17afa3aadab","ssdeep":"","tlshash":"f2a0122d084001b700411cc85306a2a107200408176047d044084a2203214c7644da00","size":83,"data":"","first_seen":"2025-10-16T06:08:09.886213Z","last_seen":"2026-02-28T19:40:37.432352Z","times_seen":171,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/BGnZWUEv.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"scriptElement","is_inline":false,"md5":"4c4ce5295bcf036398597803da51292c","sha1":"edf9243a3c349724d1d74d89b55cb7805fd2b49d","sha256":"b8cff8537b38f959e5d7c03e1a3c4a26bd5caf3b4b2cda8773c916644515cc1b","sha512":"fad071b88fe04936c75dba5436a60ddd0d718d508b4e052eb9d7261841df027c911d5b74a74705970595073bc58f44ee0f272b0ec8921f7c03b1d8ad0f4f0110","ssdeep":"192:5+ssWAOy34EODNfyQ/Pnl+Qz9OEU9L+yC+fkkhVM:5+s3AOaF6Nfym82nUfkP","tlshash":"a0e1a71ff02846b572bb494c40a48988a2490b1f9152dee6e1fdde303345ff5adb93b9","size":7338,"data":"","first_seen":"2025-10-16T06:08:09.765703Z","last_seen":"2026-02-28T19:40:37.436147Z","times_seen":170,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/22V1J99o.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"513cc4012f5b8329aa557c250e94ebc9","sha1":"f76f2b14fdfdbe3d648d40e001af5bea5b35aec0","sha256":"26b8bd74790f95e2b3b7354afe85c55294d46cfb53c02389ef8fc3c6b5f0f3ec","sha512":"e689c776586124cbbd2d3501a74f5f8869e7bf270a6fae3138ee5d0c21626e7334e592c3cae030c343a31e88f05935929fe8be13317b1f384786deda89aa529c","ssdeep":"1536:nkVRRkeadSfFAgYsC7tuQZqnVat+qgKTId1Nnh5Bcmu4qryvUqyR3cLr:uTkVdLdsC7oWq/5HGRc","tlshash":"7f435c9c72a4b0f163bb45b9807f4407b3392e15900ee450b269cee92674d75e1bbb3e","size":55816,"data":"","first_seen":"2025-10-16T06:08:09.689838Z","last_seen":"2026-02-28T19:40:37.462765Z","times_seen":171,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/CCn-0ZJN.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"ba1932965e7379a0c8761e7ebab5c77f","sha1":"f7767b50455fdb341b34722c06ad9a92fcfcb2aa","sha256":"974c2ba95339d513a361a152d0f77530a3d8550e27d99fe7b25a3253f4cf4d04","sha512":"fd9d06d4be4c93e97fc827ad228daa8f484159eef474f64267f956c85b16565ab8a6f1ca39ab448bac871c2c8908fdeef6378085ff9b9c8ba3784e09fb242225","ssdeep":"96:YpRQKKdz3waOof6S8CehWvNhhsvA0UGhqtl/kVKtipq7srV:YpRIdjwalSZCrVcHoO7V","tlshash":"76a1f24cf100e6bdd71f15b4846c4c0dab4b3ed8e9fa820963b9991fa781cb27a48774","size":4867,"data":"","first_seen":"2025-10-16T06:08:09.866301Z","last_seen":"2026-02-28T19:40:37.433854Z","times_seen":170,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/Dh5MGw4w.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"c383980eeeb59fb4cd3f3d2e59e4eb8b","sha1":"040ee3cd7b691b4012202519f4d36f2811ac6b37","sha256":"23ce21c96f0d0e8f007d476d4e331019197b0fead912967af13062db338ada93","sha512":"1f076877483aa3f409a071309c0584ec4118a582c157992cb5d397d9759ed2f86911c5d3522dceda35f9298c1780a52074b774c02c392a78716442f657adb923","ssdeep":"","tlshash":"752146099499cb7e8aa20cb415785804271c5f48e93dc6d0e6bc1a77a787570b609728","size":1420,"data":"","first_seen":"2025-10-16T06:08:09.862004Z","last_seen":"2026-02-28T19:40:37.439725Z","times_seen":171,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/CLY0Q4BU.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"scriptElement","is_inline":false,"md5":"ed0ddebb96dbe9dc6c7253f97e45e3e7","sha1":"13b8e8733314c50673d304936b0dc680516f6a8b","sha256":"cf83362dc4f420f4324546d0ab932f520a5c37f491b2016873875d1a149102b8","sha512":"67285d6b81825ad09715ddd3afb8e4999d15c1fce3a2cfa7ff2a96c2b4ca98ad056565ff0fcb6d93480f1ac3d846854e7b97c9615374888325bebbf227961f80","ssdeep":"96:ig9DV3w4HvnOevlNehzt0RrrJPecVRRZ9XArdbxSdyhs+jjm7QYvOfO3Ysih4:75V3w4HvvNYyR4kRRZO/15PmsYsO3Yp4","tlshash":"cbe1c99cf10461f8d2bfc494c06d5c089b4f735967f981a2a2bead4ac358cb0f689735","size":7340,"data":"","first_seen":"2025-10-16T06:08:09.568993Z","last_seen":"2026-02-28T19:40:37.446176Z","times_seen":155,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d6daa183b24c0cc7ff40cf3fff68531d","sha1":"32137b1af94d6c83b24973a43c77535d0bf4ca7d","sha256":"6d2d20d531314c9d7f53248bf920a77aa72cd6b7bb30b772067c6f5f13bb1dde","sha512":"12ea381b8c6eb199c49f3b026fdfb30513894ab9d48a5c20c1d0fbc0c18eebe9fb1bcf040410b61d08e2883cb3016c5b33d54a76a016b9e3dba60c5452c39c1c","ssdeep":"","tlshash":"f8f0dcbf6841b2585ac239ac97afe348c1ae0435500fc803a5e5c8cd3c38fc9143538c","size":491,"data":"","first_seen":"2025-06-01T02:28:37.651278Z","last_seen":"2026-04-03T08:52:48.198367Z","times_seen":1198,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-09T13:45:55Z","timestamp":1767966355,"ip_dst":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"ip_src":{"addr":"172.18.0.35","port":43776,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2026-01-09T13:45:55.200319+0000\",\"flow_id\":1935308078871793,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.35\",\"src_port\":43776,\"dest_ip\":\"45.202.214.180\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"tqyy5mv8.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1075},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":669,\"bytes_toclient\":4613,\"start\":\"2026-01-09T13:45:54.226545+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"71de182665784805737b46c02973968f","sha1":"3d7f820853b99264192c9a9697acd62a888ca7e7","sha256":"ed02233cea574fded50f9366206a88ed64e2005ba758dd62d627c31d5a798be8","sha512":"3daba704d7672ae49f0ae2022683cfa2622da833874f1de3a18f31b4882550e8be766c766587bebc8027532e6c7e85754d95358331242b655e6ae91b59cc9628","ssdeep":"","tlshash":"7621e12470496a2f16d30ced70d6205871363490705aaa00f57de572be259ef9a72ddf","size":1129,"data":"","first_seen":"2024-10-04T08:53:10Z","last_seen":"2026-04-03T18:25:35.902939Z","times_seen":2519,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-09T13:45:55Z","timestamp":1767966355,"ip_dst":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"ip_src":{"addr":"172.18.0.35","port":43776,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2026-01-09T13:45:55.200319+0000\",\"flow_id\":1935308078871793,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.35\",\"src_port\":43776,\"dest_ip\":\"45.202.214.180\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"tqyy5mv8.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1075},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":669,\"bytes_toclient\":4613,\"start\":\"2026-01-09T13:45:54.226545+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/HRf1EEH4.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"a116ac339fcb6f9815fa22f42b5f48bc","sha1":"da529f8161aa74387829643285f287861243a4bd","sha256":"5d356e6e20509f056b7ecb24ce5e6ca55daf6e97bea83d236504d665f502eee6","sha512":"ced9540777fa752bf18c052bcbedbb7fce078306ebff32cf415c50d5e355ebe7481256e4e54c7d2dfc7b8d788980ebfec9d35b66968df3280767c8afb6d2b4c7","ssdeep":"","tlshash":"d921614cf855f2b9893a0028590c7c2621487fa8e2269340f3b4867aef18c63fa98335","size":1360,"data":"","first_seen":"2025-10-16T06:08:09.635793Z","last_seen":"2026-02-28T19:40:37.459841Z","times_seen":171,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/DYOUx22v.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"37af3e7d594b240dd85a51a4eb2070c0","sha1":"b4ccfdda617c5f63100079248a628d4e14fe2e6d","sha256":"4d6727fbbb9454c565702a256b233fc3779a338a96c72a7f897848404d23b171","sha512":"baf2a6c268a2b26b3fc48a79d6fb6e6373658215b7553868ef1090684bfb17b307cd28aad369e508810aa767dbd6c32a0f241e26c84be8e313bcd9096945f54f","ssdeep":"","tlshash":"3eb0120f044010394447088c23081432431058492bb519e052548a011761082a04eb02","size":91,"data":"","first_seen":"2025-10-16T06:08:09.844914Z","last_seen":"2026-02-28T19:40:37.426032Z","times_seen":170,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/BCOmTdJo.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"b1d70a235174a5bbe17f15fd3259a86e","sha1":"307d943113f0221230d51196d88871a03e0262e0","sha256":"e0f710413129bc6e4b0a0183cb4442559ed3a007d13682add282925ebbb20c0b","sha512":"69e296853fac370ac0d2542e3e6ad969fcde4d2d7616a7254c10bbdc3035d9be0175016190a6af86936fdd71566e12c5676f49bfc0606185b3a77a3c9820b005","ssdeep":"192:sJ8HgWLkovhbkERqqrZ1yP1nn5/WQQbh75lGS8fD273+3n:sJSvnhbkEEqrZiXWphVldequ","tlshash":"c302e70cb079d4fa7ab74ca8507a545251081f4ed221ecf1f6ae5e272f97cd036a9339","size":8306,"data":"","first_seen":"2025-10-16T06:08:10.060452Z","last_seen":"2026-02-28T19:40:37.457834Z","times_seen":167,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d00805e3eb031d072be405a2f0838fe0","sha1":"7919a48b6894df932b3f6e9c169c17eab1497f9f","sha256":"4cae046829b450ff3743888247ca5bfd6b310744cfd663fc6f6e93c44436c1ea","sha512":"298be407847e0e25326d9d9b7575e676bb2cd8d1f4d9d79b8832b35f2b909c92146fde0c9ee1e7e8b0cc29132e66874c72ce89214eaf70cf2107e5bc4d1ec6a4","ssdeep":"","tlshash":"2ad07260e33d491a64e24808bc6a060ab821003a914ca87880b220a9ae86c22a64329b","size":290,"data":"","first_seen":"2025-10-16T06:08:10.07296Z","last_seen":"2026-02-28T19:40:37.485097Z","times_seen":170,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-09T13:45:55Z","timestamp":1767966355,"ip_dst":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"ip_src":{"addr":"172.18.0.35","port":43776,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2026-01-09T13:45:55.200319+0000\",\"flow_id\":1935308078871793,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.35\",\"src_port\":43776,\"dest_ip\":\"45.202.214.180\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"tqyy5mv8.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1075},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":669,\"bytes_toclient\":4613,\"start\":\"2026-01-09T13:45:54.226545+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/ClPwa5ej.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"14add27a5a9186f3f4000b09f74f4245","sha1":"eb62386590dc3af076b242fd687e66b4aa599fe2","sha256":"b5eb4d5d4e64c74ad6b85c1df6dc12ee941675938e4b6c3af7c1adaad8c7d055","sha512":"709eda9c0621ee40efa0dbb37debbcfd8387c85708e71c9d6dc0caee8f200dbfcca80cc8a3b826da91c8c1b3d8e200d8830d1965602500dd2b452287f086a875","ssdeep":"96:oL1gZjXxJZzEVWDuPlBtW8Aw+sEeaa285k/wOFkQFwgHL:oL1gZjh3zEVRNBw8Aw+jea2AHL","tlshash":"aba1b6087540bc762b9769ce94971485b2141faad0b579e150af6cb83388d24a3ae33b","size":4806,"data":"","first_seen":"2025-10-16T06:08:09.622993Z","last_seen":"2026-02-28T19:40:37.452354Z","times_seen":165,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/CLJUqehc.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"9cb8a818f13aa29052bff0efa2fb106d","sha1":"7f70099f17cb9322798cd4865fdbea83e04e7087","sha256":"88bca5ef548587790383d2a7723f36c855c04ab93afa42f5ac1b82bbd8086ac3","sha512":"9feeaaebab4a7eda46989a0d4abfd3a86fd89c1370d4bf9e1c2331c08b840cc4b58ee6d72fbca74caf62d8dc65ad82779a1dcf871cb84b0d918a01ccb910d071","ssdeep":"","tlshash":"de31f0cd31c7f0b2675698f4f127204ab72d1de024592490f1b998737922174b753969","size":1655,"data":"","first_seen":"2025-10-16T06:08:09.729566Z","last_seen":"2026-02-28T19:40:37.421513Z","times_seen":171,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/CGC4xlMU.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"ce126d9b5fec0178754a169a9b362046","sha1":"8c5f59063b07893e29c81f721d9652275ed1d62b","sha256":"bda556867f8226b195cd5dd215a9b67ca819c13c2f9a6bdd5d038e9e29b040f5","sha512":"2ffc04ad46c695801da6b6ce265d0e0334faf6dd97c1120bfd70561129d1cc3b60c3ac924c9cdf3b67b532d0a8e871371d38cf31e8197bee922dd4799d3ef9f3","ssdeep":"192:zypEMiGgp4hZD6Y0kHc7ybDjFntgQyJ6plkfyP6PCaa/9tTiecgW9LAVnBuIK2/K:zyY0ncebDjFtRy2l2yP6PCB7ue29cZY1","tlshash":"93420ac6b5c5a5716fbb64d4f0aa4052a44d5b09b01a80e0e07f9d042bdeec0bb7af3d","size":12022,"data":"","first_seen":"2025-10-16T06:08:09.971215Z","last_seen":"2026-02-28T19:40:37.473088Z","times_seen":163,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/B-uGL23L.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"65b1cb5bed3d597222c7971f9b69c26a","sha1":"7d613b63d5b250ad8cc87b63b25190c713864512","sha256":"35d5bdbf6a8188aa0d715ab3808cbcd6408d5afee8100950fc314bdc862aa1cc","sha512":"d32fe09c3d0906067b4836438687ce95176165fdb21b61e737a340c9f5e2d1a30428caa0fe8247627fdd3a3011d06d7e30652313d943ee9f59f5721358623d51","ssdeep":"","tlshash":"a3f097dca0869bb095d3082136444c13620e2ee5fa389a85b3ce293737d50bad98e325","size":475,"data":"","first_seen":"2025-10-16T06:08:09.701864Z","last_seen":"2026-02-28T19:40:37.435596Z","times_seen":171,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/B80mK0S0.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"scriptElement","is_inline":false,"md5":"2df3fb3be242718954cc7533f145fbdf","sha1":"80f0848ebe7ffb73647ecf56b9cf3226616bbc41","sha256":"28d8f52125e8a6a8ca815c4a893e6d812595c0aa99331c63649a977e18a938be","sha512":"8b8e4c312bb1c02f2ffcf60211a0f17799030cf0240a8e3b03e924606c9aa47a77d9a5ac22f37c65f40300ba645dce89373b11ebdabeec8fff3361e8dbb37e3a","ssdeep":"","tlshash":"9001850bc4625ab47563dcf0c420c632163b72b70be6ebb4e1df9b312765071d18a513","size":849,"data":"","first_seen":"2025-10-16T06:08:09.574938Z","last_seen":"2026-02-28T19:40:37.42755Z","times_seen":165,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/CJJ_gbVK.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"9d28df8087a048d071d95ca848c5ce45","sha1":"ddfce97c7e04915ecf4102cab5fe45fdc3bb37be","sha256":"4c5314fc020ee5c9d8ff1f4f1822513d7b7e276730a54c4c884cbaf50d6e4de3","sha512":"1e8173883febbdfc0205faec8d2ed70f3987ba6d484837c78fee28f39ee170bc43cad7354403e7b4733ea3a8dbaaa5587f73c3069b35611c7fa2a13db3fc52e7","ssdeep":"","tlshash":"f871658eb821dabcf1f3507550749408921c5f8df1b94696f0bc9c613a55c7aaadc36c","size":3728,"data":"","first_seen":"2025-10-16T06:08:09.561146Z","last_seen":"2026-02-28T19:40:37.473594Z","times_seen":170,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/BCVGuXkS.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"ad204076c1f5ecd255d1e83c5366221d","sha1":"9497e9d2467306cfa4ea0e5b9a804ab2ee4f3526","sha256":"dfbe4699b21e17b2eaa44b52733e4714c84b257e0cf94dddf774aca3dfa1524b","sha512":"b0621f0d4acb90f4d5ccbe95489d8dd7888d9c76c0a75d0b3bd4f023ae75309f0258d05dc1d2da72a9b1b85907749712cc0e113f8d5a83d6dec9a8eadd51b4a1","ssdeep":"","tlshash":"7b51c19327bf762107a570a50c6a1858fb0bb53938c1056ab6e9baddec4e410dd3cf30","size":2713,"data":"","first_seen":"2025-10-16T06:08:09.587172Z","last_seen":"2026-02-28T19:40:37.429545Z","times_seen":170,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/FzNlH25k.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"103da67b05cf794eebd8670565621b1d","sha1":"4bd434cf4b3c06e2ee050598e8ea3e09a2739c08","sha256":"43ed64f520240c3708a5937ee2a50fa69a07c05f01836816bfca9a2558b90a63","sha512":"2bf253199c7518fed8cb7a360ec3ab10815949d7b0e49fa47062265b3ce7e06405446718dae7796d942e3ad7f3c4e59d10ff43c80573bfaa3360c97e4e8800a4","ssdeep":"","tlshash":"06416dde35d5b7e9e28270b0f46f0146a2288b98499e5cf2b11af1c47930439a17bd6c","size":1918,"data":"","first_seen":"2025-10-16T06:08:09.651772Z","last_seen":"2026-02-28T19:40:37.439188Z","times_seen":171,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/BYxiyo0l.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"scriptElement","is_inline":false,"md5":"a8620d23c4609529f22e3dd37b487d71","sha1":"36d584080568418d741030d5cd0d58c5edad0f5f","sha256":"8a7e6f788993cabf72cd537d623ed8b7a82461ee4722e8abd8c4da00fec83189","sha512":"c519e0803f8007ab4b899560f195b662e7f47167733bad156e6fa963c93e2d485fdc02151eb36c4391215cb68f1c3993c4ca94be60aeac751c7fed2b64edef04","ssdeep":"","tlshash":"c1f0200bc4914ab44972ccf0c429c9710a7785bb0bd6e734e6cf93312360032e05eb07","size":562,"data":"","first_seen":"2025-10-16T06:08:09.581666Z","last_seen":"2026-02-28T19:40:37.461742Z","times_seen":165,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/BwZF-_3D.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"55a6713cfe3d1ebda0d5373e2f93e284","sha1":"7c332f09f2890c4a96371e7326c1a32359d174a3","sha256":"5edfbd9ff24166cc6ff332974c7a3087ab016776416e528dce246dfa1924d9aa","sha512":"65144ff17abd660eb4dd489bca30389b074058f7ae3eff75475ce1b2e161cb97f4c5fb245a327da053574cf407c71181240e69258f2ec53221855813a61b33dc","ssdeep":"","tlshash":"d9f0594cf993fab8499f4558a9246854f20e3dc8a21892e3a1ad8d633601815f6e9771","size":513,"data":"","first_seen":"2025-10-16T06:08:09.831143Z","last_seen":"2026-02-28T19:40:37.437533Z","times_seen":168,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/D00SvkOZ.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"92cc1fd9dcb9e844070b8e343d172020","sha1":"cdce0a602d631104b73c77f24712b50188b6ee8e","sha256":"5728f5968e19cffab28a3f34de7f794627e1b18254c6db16c02ae12c5049c316","sha512":"1f835393f035b1aaeb22dc68822a9064c162fb64042290001fbad2986dd7dc4797ee67a3ccd0c8ed6131a311d1ea19e7b32fa33cfa5705a58abc3852f3555d5f","ssdeep":"768:7onQclkeAyltuHUSMO64WKMsgrTyBkcOYJSxv5JTDIfXSg2HxyYt+xM/M+xDZeYo:7WvltuHBMO6jPvTjyc4jDD7Nez0","tlshash":"215318a9354131376bd845d060eb2816703468287d4c90ecb97de9db5aa2a0e50ffffe","size":66375,"data":"","first_seen":"2025-10-16T06:08:09.596693Z","last_seen":"2026-02-28T19:40:37.443949Z","times_seen":164,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/CLqSQTZj.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"31c488f7454b9c1f74a2d200dc963869","sha1":"5695c197c0c39a64bf482d0a9acf8cdc6ebaf388","sha256":"b30893cf8a0e3f83b62580a01ff46a9653e5275244f6b7b8660ccde77b387ec0","sha512":"88c3bfa8633c0fddac1115759bbe38b56ebf52fe23e72b7960f78ead3f95b010987ab9b6465aacb16dbe0ea15a2efc549a97a2b29e2d31dd6148cd40094a0c41","ssdeep":"","tlshash":"bc8153d9d0924b3d284fc5afb856fd846d4c9362d9b7fde9e805c4262636220816e32a","size":3941,"data":"","first_seen":"2025-10-16T06:08:09.838604Z","last_seen":"2026-02-28T19:40:37.449254Z","times_seen":171,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/DWL2iDpk.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"3406c51b0beccd1dcc4ca6ad0d821a6c","sha1":"a47bd5c82fa05eaed51e4c774076682adee1b081","sha256":"c8616b3261e9bcf2198cfc23c170082ea0f766a15bfc8dc2b41ab32ebf700fa7","sha512":"6800b2616f9559ebd5ca6999025716382f698afa24f4861bfc8e7613b8a00cd7a2a5e3f78633eee6946a83636f2a7c1922b9cffba0e65231d3a04bc66a9c42e0","ssdeep":"96:WcI2wiTDiXaU/sffYFn2VIlVNejT3oQuak2ponGXm4IViAf6PCbpBy6pAF074GF0:jI2wgDPU/aYFn2VCVNevWJnGXP65yK/U","tlshash":"9ca1d7a839a4303163b98d8ae0f78256632979403117d0e4e06e5f9a2d7aea251f7d4e","size":4867,"data":"","first_seen":"2025-10-16T06:08:09.794904Z","last_seen":"2026-02-28T19:40:37.455311Z","times_seen":171,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/C6NNx1pl.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"b8147d961c8677310bbd6bcebeb098ce","sha1":"16eed3a339fe95f5044a711559958109a4bfbfdb","sha256":"565f4c7f6b212fd740539e9bc0f4362f631d5d2f3e20f0e8bfdde40ab9101977","sha512":"ed6ec8a1a3c6fa81ce45be654842fd0f1b0c4738422944ae874d83308358abbbb0802ce1aa4a12d602ac70d0e1917b36fd6955826eeb57b80103583cc4febe38","ssdeep":"","tlshash":"d41127cee5a80522727e8ddc91bb227305257b2b2075e2e0219a8f861729b6007e5e76","size":1086,"data":"","first_seen":"2025-10-16T06:08:09.674229Z","last_seen":"2026-02-28T19:40:37.423439Z","times_seen":171,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/DQG20OtQ.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"848e083ac2f03c4e621c8294ddd42d02","sha1":"50f736063069b656dedbaf6e6a8eb80e8f81eb72","sha256":"888f64c36c876ee8206cd227dc30662fe808e37dea283a65623ed1f13da22bb3","sha512":"708e519bec0b5e0e58a70ddeaf290ddea3abbc847950beb6bebde1731bb5a4fb0a43ec93b33b1a00d0e7d23ac345324edf35e29fa43e6e2b08dc9d5e2c447211","ssdeep":"96:L2Y/QlGuIsPGoBtaQAvj3aaRhVm5ARLjRY96yYQXRFJ18QInGLA6Daa6+RQej:yYKO4tpAj3/LmeRvRY90Qh/1TLP2J+Rx","tlshash":"e3b1b7e5fd49bc378c37fc1845db54122a081bb5e118b6f1e5ea28491ae627075f0f71","size":5297,"data":"","first_seen":"2025-10-16T06:08:09.601427Z","last_seen":"2026-02-28T19:40:37.425516Z","times_seen":171,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/Ww8WnoUa.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"scriptElement","is_inline":false,"md5":"a6e2fa6440590bee0b441e20a98f5db7","sha1":"1472aeab176dfcaa1b3922a4f7f90c48ab6eb9ac","sha256":"d6017e5510f4d8d517b9ced4adda3a5aba14d469c27ca0d8ad4bd1daff96130f","sha512":"b55736462fa78eec35720e8906c6ccf72804951176a8278924379a8df886340db39e22a4591bf1a27515114373d31447a7a93d8e8626c57faa34e25224b03638","ssdeep":"96:QGtpQhV2RoqNgFikq7A0LHGns/yoGygpN4BGXdaQ5OJLHFnA:jtpQmoqNgFikq7A0bGnjegnyuPO1FnA","tlshash":"94c1b80df578a8b9f37ae9a4c0615809870a379612da89d5b1bfdd235310cb078ad77c","size":5872,"data":"","first_seen":"2025-10-16T06:08:09.810724Z","last_seen":"2026-02-28T19:40:37.463258Z","times_seen":164,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/omETxrfd.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"fe5564590addaa5ffad8309b3a70ee26","sha1":"a9a4e784ce42a0dc065af731c186c17fe9f58a0d","sha256":"96d715abff4c7c5a671fdd6d984dd5785b211350bcb8ce0307db56cd04146fb0","sha512":"8a61544269f74a9f124ac4fb5b523dcb5651afc7840c25f2ed4bda999fe2df10ac358143c0d4f0a8438feacce37d3a24fa2a111b1e8e1edab4de1c4ef28d669b","ssdeep":"1536:KXE8PF+mmIyiNDyfESeZky+4jkiC3EOxrml3bu:qPUIyIysSeKy+4jki+d83bu","tlshash":"fe9371ccb696b06643a774b0807f600bf23b7c99184c4924f259d5e63db9a0c963bf6d","size":93726,"data":"","first_seen":"2025-10-16T06:08:09.739481Z","last_seen":"2026-02-28T19:40:37.443392Z","times_seen":169,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/CcQyTwoe.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"introduction_type":"importedModule","is_inline":false,"md5":"1b2c034e197bfc0aea2ea45e6a48d012","sha1":"d5e939b0ba487754751c00c2fe105d34d32b887b","sha256":"861143863498586d04fc4b62b782782327dd6902040f20bf56ee0c1d23f199e3","sha512":"a9b382c4f44d44f4c97faed6c54c9935085af899bf8ed0c1a8f1e89160f16702a7f026b90718390932b8390a5f6107b26b226bf5639338b63fcd577ee809a9be","ssdeep":"","tlshash":"ce4197cc46f94e74df9a014360540d23bc690e84a03b84e5e7bd0c48a7442c9a3fff0a","size":2187,"data":"","first_seen":"2025-10-16T06:08:09.746895Z","last_seen":"2026-02-28T19:40:37.438636Z","times_seen":165,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/B49QR4hx.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:08.270Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/B49QR4hx.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/KGeZgdKO.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278; deviceId=37PEwMPYrDXTaEZEdYFaxb7i; userStore=%7B%22info%22%3A%7B%22userId%22%3A%222009622699604393984%22%2C%22uniqueId%22%3A%22204e50f4eea5492e9eaa812b9543f557%22%2C%22phone%22%3Anull%2C%22userCode%22%3A%223338FY6W%22%2C%22nickname%22%3A%22%E6%B8%B8%E5%AE%A2%22%2C%22deviceType%22%3A3%2C%22avatar%22%3Anull%2C%22signature%22%3Anull%2C%22gender%22%3Anull%2C%22city%22%3Anull%2C%22experience%22%3Anull%2C%22expLevel%22%3Anull%2C%22account%22%3Anull%2C%22userType%22%3A0%2C%22parentCode%22%3Anull%2C%22agentCode%22%3A%22JNO2R7YK%22%2C%22agentAcct%22%3A%22sc00_03%22%2C%22masterAcct%22%3A%22sc00%22%2C%22merchantAcct%22%3A%22sc00%22%2C%22coinBalance%22%3A0%2C%22pointBalance%22%3A0%2C%22vipBegin%22%3Anull%2C%22vipEnd%22%3Anull%2C%22vipFlag%22%3Afalse%2C%22userJob%22%3A2%2C%22deviceId%22%3A%2237PEwMPYrDXTaEZEdYFaxb7i%22%2C%22roles%22%3A%5B%5D%7D%2C%22searchList%22%3A%5B%5D%2C%22scrollLeft%22%3A0%2C%22downloadTime%22%3A0%7D; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uSWQiOiJhZDM0NTUwNWU5NzU0NDRkOWIxMWM0M2ZlZjBhN2RkYSIsIm1lcmNoYW50QWNjdCI6InNjMDAiLCJ1c2VySWQiOiIyMDA5NjIyNjk5NjA0MzkzOTg0In0.bdt2tOADF1swp4g_M8rGMi5M6CLflZ_dBocaih1RUXw\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:08 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-6e7\"\r\nExpires: Fri, 09 Jan 2026 14:16:08 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: fc52ebea3578c6dacf8ddd58534d0a74\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1767,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (1766)","md5":"79a4c4cd2414061a120667b3b5cce535","sha1":"58293f4e7c8dd914565d5b2c0685575702c942cc","sha256":"2ee168b68121100f293a97e385dbacd24a784365b82a3c569fcae22c6a898cc6","sha512":"b20a24efc3d57312d028a829c31a175af4eb770fd1a2444da40552128676bfad7609ca581457b951e4fd8540c2272d2f82373ed200206cea9c7498f676c7c9df","ssdeep":"","tlshash":"7c31d8caf8dac43da32bcc894028441051143f8e603cc1d6b6672b0ce739ed8ae1561d","first_seen":"2025-10-16T06:08:09.696598Z","last_seen":"2026-02-28T19:40:37.431342Z","times_seen":168,"resource_available":true,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":203,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/C08VCnG4.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:01.026Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/C08VCnG4.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/B80mK0S0.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-1ea4\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: efd1894536c1cc9620ae6f2ddca28537\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7844,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (4037)","md5":"859d861a262b441aca2e2b73829a898e","sha1":"30f71c696be84050440693a70767edd06c8f002c","sha256":"7f83fcc5c0dfbae734ae979570ba603f25a75117fd20203fb5cd4419809b6361","sha512":"7ac80f4ccaad4527da566b23d9f34744a419c15de7de832d9f3fdd0f4e8850cc6183e51ac87b36f42020a9b7b793c9c075a75c64a5ae80d3ae0a5643120b74c8","ssdeep":"192:K/NHM4sR4IDgBtxFD08DNDwAho7TaIYarQQpVxaF+CL4AnwVTJB64Spvkl3olr:KVHORbDg5FD08DNDwqo7GqBVxaF+64A5","tlshash":"4ff1e7f831c5707e63611ce0907e5404a54aef41b696c4e5e12fecb22cf245a227be3d","first_seen":"2025-10-16T06:08:09.986626Z","last_seen":"2026-02-28T19:40:37.468109Z","times_seen":171,"resource_available":true,"data":null}},"time_used":381,"timings":{"blocked":171,"dns":0,"connect":0,"send":0,"wait":209,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-12-29/22/2005640922480107520.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.520Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"OPTIONS /image/2025-12-29/22/2005640922480107520.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: responsetype\r\nReferer: http://tqyy5mv8.top/\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:04 GMT\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: responsetype\r\ncontent-type: text/plain\r\ncontent-length: 0\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":1243,"timings":{"blocked":718,"dns":0,"connect":0,"send":0,"wait":521,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/CGC4xlMU.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.588Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/CGC4xlMU.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:05 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-2ef6\"\r\nExpires: Fri, 09 Jan 2026 14:16:05 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: b849198db620da94ae0c22dc05d7bf95\r\ncache-status: EXPIRED\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12022,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (12021)","md5":"ce126d9b5fec0178754a169a9b362046","sha1":"8c5f59063b07893e29c81f721d9652275ed1d62b","sha256":"bda556867f8226b195cd5dd215a9b67ca819c13c2f9a6bdd5d038e9e29b040f5","sha512":"2ffc04ad46c695801da6b6ce265d0e0334faf6dd97c1120bfd70561129d1cc3b60c3ac924c9cdf3b67b532d0a8e871371d38cf31e8197bee922dd4799d3ef9f3","ssdeep":"192:zypEMiGgp4hZD6Y0kHc7ybDjFntgQyJ6plkfyP6PCaa/9tTiecgW9LAVnBuIK2/K:zyY0ncebDjFtRy2l2yP6PCB7ue29cZY1","tlshash":"93420ac6b5c5a5716fbb64d4f0aa4052a44d5b09b01a80e0e07f9d042bdeec0bb7af3d","first_seen":"2025-10-16T06:08:09.971215Z","last_seen":"2026-02-28T19:40:37.473088Z","times_seen":163,"resource_available":true,"data":null}},"time_used":1692,"timings":{"blocked":1394,"dns":0,"connect":0,"send":0,"wait":298,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-02-15/12/1890621413773533184.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:05.561Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"GET /image/2025-02-15/12/1890621413773533184.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://tqyy5mv8.top/\r\nresponsetype: arraybuffer\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:05 GMT\r\ncontent-type: text/plain\r\nlast-modified: Sat, 19 Apr 2025 01:28:30 GMT\r\nx-amz-meta-mtime: 1739594246\r\nx-wasabi-cm-reference-id: 1767121908937 154.18.200.102 ConID:1258265402/EngineConID:12360538/Core:36\r\netag: W/\"4d84842f73943142273d625511f61242\"\r\nvia: 1.1 d9e0d7c355651c7ba4fe824f652b45fe.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: HKG54-P2\r\nx-amz-cf-id: 4OCYVUHE8gOimqX9aPRnvXqO2VsVs_dLyBrm4vddtWRhsVw1CxKIRg==\r\nage: 20022\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-expose-headers: *\r\nx-cache-status: HIT\r\ncontent-encoding: br\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":771712,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"4d84842f73943142273d625511f61242","sha1":"58b658cde5a146a53b6482d1661414d6cc588911","sha256":"730e4d8deb1c9e0493d491929ae03d1f7426989136b0424e3dd0e18d2a7d4d73","sha512":"6624e889f4e661007f9eb8f76c6c14e3bfd9eea306c0822f6f37d90b84afc45f38afc836790f1a2eb2261735b2089576e267d3f62fe88380444ecd28a0709fef","ssdeep":"12288:85Y5j6gzWZyIe6yppfrJ1lfnzGUpWbUwBSGR679DV7ycCyXE0lDQ0sqk11Xwrgcx:8iN6go0B1fnzrWbUwME6RgcCyXp5nink","tlshash":"67f42312cf6a4dee06084264716f1e233a91fca7d8f5d7d2db9662c33aee97149170b0","first_seen":"2025-05-23T03:23:52.185901Z","last_seen":"2026-04-03T08:52:48.102548Z","times_seen":790,"resource_available":false,"data":null}},"time_used":1299,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1299,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/BCOmTdJo.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:07.145Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/BCOmTdJo.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:07 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-2072\"\r\nExpires: Fri, 09 Jan 2026 14:16:07 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 55ae052ca3a7f0d402fd2d792ff8a9b1\r\ncache-status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8306,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (8157)","md5":"b1d70a235174a5bbe17f15fd3259a86e","sha1":"307d943113f0221230d51196d88871a03e0262e0","sha256":"e0f710413129bc6e4b0a0183cb4442559ed3a007d13682add282925ebbb20c0b","sha512":"69e296853fac370ac0d2542e3e6ad969fcde4d2d7616a7254c10bbdc3035d9be0175016190a6af86936fdd71566e12c5676f49bfc0606185b3a77a3c9820b005","ssdeep":"192:sJ8HgWLkovhbkERqqrZ1yP1nn5/WQQbh75lGS8fD273+3n:sJSvnhbkEEqrZiXWphVldequ","tlshash":"c302e70cb079d4fa7ab74ca8507a545251081f4ed221ecf1f6ae5e272f97cd036a9339","first_seen":"2025-10-16T06:08:10.060452Z","last_seen":"2026-02-28T19:40:37.457834Z","times_seen":167,"resource_available":true,"data":null}},"time_used":857,"timings":{"blocked":563,"dns":0,"connect":0,"send":0,"wait":290,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/bnqxLtY9.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:07.148Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/bnqxLtY9.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:07 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 926\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nETag: \"68ef84a1-39e\"\r\nExpires: Fri, 09 Jan 2026 14:16:07 GMT\r\nCache-Control: max-age=1800\r\nServer: layun.com\r\nX-Request-Id: 214340fd6b56cda13e7dde13c3629b8e\r\ncache-status: EXPIRED\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":926,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, Unicode text, UTF-8 text, with very long lines (917)","md5":"9b9f593c4f183837d4142c51f6569cc4","sha1":"39eacc5fe2bb2efb1ab3e8070787317067401dd2","sha256":"b276261f86a4d226e01e1a543465a1d4eef694f57d2757f5c26aaf59a3e07d5a","sha512":"67e0eb740fb27cafe78663de80a4a068e860a6f18a52fe2b60e494514788a97832aaef6f99486d9d56855e3be3624b8952bb757245ec75a2d11d9e11dd4dbab6","ssdeep":"","tlshash":"fc11d048b401863ed4adac9881580931234c7e9f06b8c5b0b4fee7209762454ba4ef31","first_seen":"2025-10-16T06:08:09.606373Z","last_seen":"2026-02-28T19:40:37.456809Z","times_seen":168,"resource_available":true,"data":null}},"time_used":858,"timings":{"blocked":560,"dns":0,"connect":0,"send":0,"wait":298,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/DOUSyLD7.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:00.728Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/DOUSyLD7.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-713\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: f63c5c808c6de0e1706517b06e251c72\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1811,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (1810)","md5":"f318199bc885006e657cf7892e71b038","sha1":"cd5f06373c59ef3e89570b05c65676ff204e067e","sha256":"8d9b9424edc8927c826ed56461fb872830492bc95de8f28aa103f0962111c767","sha512":"65cc759a3d137a3cddf28679db7df4462f84423d51cb6346e2118a98d8d266885f612c5455c4c90c4eb72136933d965210465f12aee683db9e67fc9af60314e9","ssdeep":"","tlshash":"183122a8b4daadb810f7bd84d836314856081e493d35f0f4db8b4da71ba3010567e71a","first_seen":"2025-10-16T06:08:09.953904Z","last_seen":"2026-02-28T19:40:37.460364Z","times_seen":171,"resource_available":true,"data":null}},"time_used":1021,"timings":{"blocked":810,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/B80mK0S0.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:00.749Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/B80mK0S0.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/WK6v7wUJ.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:00 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 849\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nETag: \"68ef84a1-351\"\r\nExpires: Fri, 09 Jan 2026 14:16:00 GMT\r\nCache-Control: max-age=1800\r\nServer: layun.com\r\nX-Request-Id: 177dcea5ffbbbf20c342b8a473f7b63b\r\ncache-status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":849,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (848)","md5":"2df3fb3be242718954cc7533f145fbdf","sha1":"80f0848ebe7ffb73647ecf56b9cf3226616bbc41","sha256":"28d8f52125e8a6a8ca815c4a893e6d812595c0aa99331c63649a977e18a938be","sha512":"8b8e4c312bb1c02f2ffcf60211a0f17799030cf0240a8e3b03e924606c9aa47a77d9a5ac22f37c65f40300ba645dce89373b11ebdabeec8fff3361e8dbb37e3a","ssdeep":"","tlshash":"9001850bc4625ab47563dcf0c420c632163b72b70be6ebb4e1df9b312765071d18a513","first_seen":"2025-10-16T06:08:09.574938Z","last_seen":"2026-02-28T19:40:37.42755Z","times_seen":165,"resource_available":true,"data":null}},"time_used":225,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":225,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/CLY0Q4BU.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:04.170Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/CLY0Q4BU.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/WK6v7wUJ.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278; deviceId=37PEwMPYrDXTaEZEdYFaxb7i; userStore=%7B%22info%22%3A%7B%22userId%22%3A%222009622699604393984%22%2C%22uniqueId%22%3A%22204e50f4eea5492e9eaa812b9543f557%22%2C%22phone%22%3Anull%2C%22userCode%22%3A%223338FY6W%22%2C%22nickname%22%3A%22%E6%B8%B8%E5%AE%A2%22%2C%22deviceType%22%3A3%2C%22avatar%22%3Anull%2C%22signature%22%3Anull%2C%22gender%22%3Anull%2C%22city%22%3Anull%2C%22experience%22%3Anull%2C%22expLevel%22%3Anull%2C%22account%22%3Anull%2C%22userType%22%3A0%2C%22parentCode%22%3Anull%2C%22agentCode%22%3A%22JNO2R7YK%22%2C%22agentAcct%22%3A%22sc00_03%22%2C%22masterAcct%22%3A%22sc00%22%2C%22merchantAcct%22%3A%22sc00%22%2C%22coinBalance%22%3A0%2C%22pointBalance%22%3A0%2C%22vipBegin%22%3Anull%2C%22vipEnd%22%3Anull%2C%22vipFlag%22%3Afalse%2C%22userJob%22%3A2%2C%22deviceId%22%3A%2237PEwMPYrDXTaEZEdYFaxb7i%22%2C%22roles%22%3A%5B%5D%7D%2C%22searchList%22%3A%5B%5D%2C%22scrollLeft%22%3A0%2C%22downloadTime%22%3A0%7D; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uSWQiOiJhZDM0NTUwNWU5NzU0NDRkOWIxMWM0M2ZlZjBhN2RkYSIsIm1lcmNoYW50QWNjdCI6InNjMDAiLCJ1c2VySWQiOiIyMDA5NjIyNjk5NjA0MzkzOTg0In0.bdt2tOADF1swp4g_M8rGMi5M6CLflZ_dBocaih1RUXw\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:04 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-1cac\"\r\nExpires: Fri, 09 Jan 2026 14:16:04 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 84512321b248cd5498f0a48b78e6b6fa\r\ncache-status: EXPIRED\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7340,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, Unicode text, UTF-8 text, with very long lines (7239)","md5":"ed0ddebb96dbe9dc6c7253f97e45e3e7","sha1":"13b8e8733314c50673d304936b0dc680516f6a8b","sha256":"cf83362dc4f420f4324546d0ab932f520a5c37f491b2016873875d1a149102b8","sha512":"67285d6b81825ad09715ddd3afb8e4999d15c1fce3a2cfa7ff2a96c2b4ca98ad056565ff0fcb6d93480f1ac3d846854e7b97c9615374888325bebbf227961f80","ssdeep":"96:ig9DV3w4HvnOevlNehzt0RrrJPecVRRZ9XArdbxSdyhs+jjm7QYvOfO3Ysih4:75V3w4HvvNYyR4kRRZO/15PmsYsO3Yp4","tlshash":"cbe1c99cf10461f8d2bfc494c06d5c089b4f735967f981a2a2bead4ac358cb0f689735","first_seen":"2025-10-16T06:08:09.568993Z","last_seen":"2026-02-28T19:40:37.446176Z","times_seen":155,"resource_available":true,"data":null}},"time_used":666,"timings":{"blocked":360,"dns":0,"connect":0,"send":0,"wait":306,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-12-23/10/2003290036806606848.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:05.562Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"GET /image/2025-12-23/10/2003290036806606848.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://tqyy5mv8.top/\r\nresponsetype: arraybuffer\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:05 GMT\r\ncontent-type: text/plain\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-expose-headers: Date, Etag, Content-Length, Accept-Ranges, Content-Range, Server, Location, X-Amz-Version-Id, X-Amz-Checksum-Crc32, X-Amz-Checksum-Crc32c, X-Amz-Checksum-Crc64nvme, X-Amz-Checksum-Sha1, X-Amz-Checksum-Sha256\r\naccess-control-max-age: 86400\r\netag: W/\"8b4128b08692a5649127a3fd14ddad43\"\r\nlast-modified: Tue, 23 Dec 2025 02:22:19 GMT\r\nx-wasabi-cm-reference-id: 1767210400898 154.18.200.100 ConID:1267785610/EngineConID:12167034/Core:66\r\nvia: 1.1 bce9c7b70fec2e49575721b4707fb37a.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: HKG54-P2\r\nx-amz-cf-id: IqX2wDjjTh2eMDODRQMBDKGPGeLYUvzSP2Bnj63wwQ661elasWLEAw==\r\nage: 65042\r\nx-cache-status: HIT\r\ncontent-encoding: br\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":609132,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"8b4128b08692a5649127a3fd14ddad43","sha1":"487e64ac6675d3537e5a56f67ae4b00c4dfb7258","sha256":"d02ab56205b171bb787ee4079fa9429c6d817b953733f1585449fbef68272728","sha512":"e5e8000781129f1696c9156a147f00b6b63a731d0a1281672c17dbfb0d1faa2e697705faf4131636b1bfd7aba4ad944c0b49edfc635c433f2f38f1aee34dbded","ssdeep":"12288:TQW/Muoj9X4Prtr5PUCIl965g2zey1d+/kwWpcHdD:T5Zog18r65gcnd+/kwWpgD","tlshash":"cdd42353dffd1f2bcaee90559d2f5d030e686f12ac880d8bc1b4b41b215e2642d5f9a8","first_seen":"2025-11-28T10:39:46.26334Z","last_seen":"2026-01-30T06:30:15.03379Z","times_seen":343,"resource_available":false,"data":null}},"time_used":1275,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1275,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/KEEe2ipC.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:08.263Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/KEEe2ipC.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/KGeZgdKO.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278; deviceId=37PEwMPYrDXTaEZEdYFaxb7i; userStore=%7B%22info%22%3A%7B%22userId%22%3A%222009622699604393984%22%2C%22uniqueId%22%3A%22204e50f4eea5492e9eaa812b9543f557%22%2C%22phone%22%3Anull%2C%22userCode%22%3A%223338FY6W%22%2C%22nickname%22%3A%22%E6%B8%B8%E5%AE%A2%22%2C%22deviceType%22%3A3%2C%22avatar%22%3Anull%2C%22signature%22%3Anull%2C%22gender%22%3Anull%2C%22city%22%3Anull%2C%22experience%22%3Anull%2C%22expLevel%22%3Anull%2C%22account%22%3Anull%2C%22userType%22%3A0%2C%22parentCode%22%3Anull%2C%22agentCode%22%3A%22JNO2R7YK%22%2C%22agentAcct%22%3A%22sc00_03%22%2C%22masterAcct%22%3A%22sc00%22%2C%22merchantAcct%22%3A%22sc00%22%2C%22coinBalance%22%3A0%2C%22pointBalance%22%3A0%2C%22vipBegin%22%3Anull%2C%22vipEnd%22%3Anull%2C%22vipFlag%22%3Afalse%2C%22userJob%22%3A2%2C%22deviceId%22%3A%2237PEwMPYrDXTaEZEdYFaxb7i%22%2C%22roles%22%3A%5B%5D%7D%2C%22searchList%22%3A%5B%5D%2C%22scrollLeft%22%3A0%2C%22downloadTime%22%3A0%7D; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uSWQiOiJhZDM0NTUwNWU5NzU0NDRkOWIxMWM0M2ZlZjBhN2RkYSIsIm1lcmNoYW50QWNjdCI6InNjMDAiLCJ1c2VySWQiOiIyMDA5NjIyNjk5NjA0MzkzOTg0In0.bdt2tOADF1swp4g_M8rGMi5M6CLflZ_dBocaih1RUXw\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:08 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-8cc\"\r\nExpires: Fri, 09 Jan 2026 14:16:08 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: d7c732272aadf9d7cfc7f1358c052147\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2252,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (2086)","md5":"6cc892113f75dbb5d6dd66c4a3408c1c","sha1":"2d66edc07b13401985b6f6065c1d29c0f7f36dfa","sha256":"e7d2c3e3b04055106e7fd97eb8ebfa470c5fcd1f2f87f2c427c3687c9a3ff971","sha512":"7ad0cdc3468281b110cb401af9d31a1dff18ccaf101bdae339f3ed8a86835be9998a689abc37826b92eb235f8603018585eea0e8d8abbce812f8e45aeea2c11e","ssdeep":"","tlshash":"8441461ebcadea79caa22c90f8e5444016190f1cb4f879e1e69d2f341767ca0d90d378","first_seen":"2025-10-16T06:08:09.677474Z","last_seen":"2026-02-28T19:40:37.430809Z","times_seen":168,"resource_available":true,"data":null}},"time_used":213,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":213,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/FzNlH25k.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:00.726Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/FzNlH25k.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-77e\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 86de4d3f764f1527a6c2be3584c6935f\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1918,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (1917)","md5":"103da67b05cf794eebd8670565621b1d","sha1":"4bd434cf4b3c06e2ee050598e8ea3e09a2739c08","sha256":"43ed64f520240c3708a5937ee2a50fa69a07c05f01836816bfca9a2558b90a63","sha512":"2bf253199c7518fed8cb7a360ec3ab10815949d7b0e49fa47062265b3ce7e06405446718dae7796d942e3ad7f3c4e59d10ff43c80573bfaa3360c97e4e8800a4","ssdeep":"","tlshash":"06416dde35d5b7e9e28270b0f46f0146a2288b98499e5cf2b11af1c47930439a17bd6c","first_seen":"2025-10-16T06:08:09.651772Z","last_seen":"2026-02-28T19:40:37.439188Z","times_seen":171,"resource_available":true,"data":null}},"time_used":1019,"timings":{"blocked":805,"dns":0,"connect":0,"send":0,"wait":214,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-05-22/12/1925409360544784384.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.514Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"OPTIONS /image/2025-05-22/12/1925409360544784384.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: responsetype\r\nReferer: http://tqyy5mv8.top/\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:04 GMT\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: responsetype\r\ncontent-type: text/plain\r\ncontent-length: 0\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":1245,"timings":{"blocked":724,"dns":0,"connect":0,"send":0,"wait":521,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/CLY0Q4BU.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:04.165Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/CLY0Q4BU.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:04 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-1cac\"\r\nExpires: Fri, 09 Jan 2026 14:16:04 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 898a05479ac47381af143e166886ae37\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7340,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, Unicode text, UTF-8 text, with very long lines (7239)","md5":"ed0ddebb96dbe9dc6c7253f97e45e3e7","sha1":"13b8e8733314c50673d304936b0dc680516f6a8b","sha256":"cf83362dc4f420f4324546d0ab932f520a5c37f491b2016873875d1a149102b8","sha512":"67285d6b81825ad09715ddd3afb8e4999d15c1fce3a2cfa7ff2a96c2b4ca98ad056565ff0fcb6d93480f1ac3d846854e7b97c9615374888325bebbf227961f80","ssdeep":"96:ig9DV3w4HvnOevlNehzt0RrrJPecVRRZ9XArdbxSdyhs+jjm7QYvOfO3Ysih4:75V3w4HvvNYyR4kRRZO/15PmsYsO3Yp4","tlshash":"cbe1c99cf10461f8d2bfc494c06d5c089b4f735967f981a2a2bead4ac358cb0f689735","first_seen":"2025-10-16T06:08:09.568993Z","last_seen":"2026-02-28T19:40:37.446176Z","times_seen":155,"resource_available":true,"data":null}},"time_used":738,"timings":{"blocked":510,"dns":0,"connect":0,"send":0,"wait":227,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/CCn-0ZJN.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:05.680Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/CCn-0ZJN.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/CLY0Q4BU.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278; deviceId=37PEwMPYrDXTaEZEdYFaxb7i; userStore=%7B%22info%22%3A%7B%22userId%22%3A%222009622699604393984%22%2C%22uniqueId%22%3A%22204e50f4eea5492e9eaa812b9543f557%22%2C%22phone%22%3Anull%2C%22userCode%22%3A%223338FY6W%22%2C%22nickname%22%3A%22%E6%B8%B8%E5%AE%A2%22%2C%22deviceType%22%3A3%2C%22avatar%22%3Anull%2C%22signature%22%3Anull%2C%22gender%22%3Anull%2C%22city%22%3Anull%2C%22experience%22%3Anull%2C%22expLevel%22%3Anull%2C%22account%22%3Anull%2C%22userType%22%3A0%2C%22parentCode%22%3Anull%2C%22agentCode%22%3A%22JNO2R7YK%22%2C%22agentAcct%22%3A%22sc00_03%22%2C%22masterAcct%22%3A%22sc00%22%2C%22merchantAcct%22%3A%22sc00%22%2C%22coinBalance%22%3A0%2C%22pointBalance%22%3A0%2C%22vipBegin%22%3Anull%2C%22vipEnd%22%3Anull%2C%22vipFlag%22%3Afalse%2C%22userJob%22%3A2%2C%22deviceId%22%3A%2237PEwMPYrDXTaEZEdYFaxb7i%22%2C%22roles%22%3A%5B%5D%7D%2C%22searchList%22%3A%5B%5D%2C%22scrollLeft%22%3A0%2C%22downloadTime%22%3A0%7D; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uSWQiOiJhZDM0NTUwNWU5NzU0NDRkOWIxMWM0M2ZlZjBhN2RkYSIsIm1lcmNoYW50QWNjdCI6InNjMDAiLCJ1c2VySWQiOiIyMDA5NjIyNjk5NjA0MzkzOTg0In0.bdt2tOADF1swp4g_M8rGMi5M6CLflZ_dBocaih1RUXw\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:05 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-1303\"\r\nExpires: Fri, 09 Jan 2026 14:16:05 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 248b3d938f1ff3179248655a787c53dd\r\ncache-status: EXPIRED\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4867,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, Unicode text, UTF-8 text, with very long lines (4858)","md5":"ba1932965e7379a0c8761e7ebab5c77f","sha1":"f7767b50455fdb341b34722c06ad9a92fcfcb2aa","sha256":"974c2ba95339d513a361a152d0f77530a3d8550e27d99fe7b25a3253f4cf4d04","sha512":"fd9d06d4be4c93e97fc827ad228daa8f484159eef474f64267f956c85b16565ab8a6f1ca39ab448bac871c2c8908fdeef6378085ff9b9c8ba3784e09fb242225","ssdeep":"96:YpRQKKdz3waOof6S8CehWvNhhsvA0UGhqtl/kVKtipq7srV:YpRIdjwalSZCrVcHoO7V","tlshash":"76a1f24cf100e6bdd71f15b4846c4c0dab4b3ed8e9fa820963b9991fa781cb27a48774","first_seen":"2025-10-16T06:08:09.866301Z","last_seen":"2026-02-28T19:40:37.433854Z","times_seen":170,"resource_available":true,"data":null}},"time_used":299,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":296,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/CLqSQTZj.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:00.712Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/CLqSQTZj.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-f65\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 44f47d9d4b539a760237c2efcefe4cc6\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3941,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (3940)","md5":"31c488f7454b9c1f74a2d200dc963869","sha1":"5695c197c0c39a64bf482d0a9acf8cdc6ebaf388","sha256":"b30893cf8a0e3f83b62580a01ff46a9653e5275244f6b7b8660ccde77b387ec0","sha512":"88c3bfa8633c0fddac1115759bbe38b56ebf52fe23e72b7960f78ead3f95b010987ab9b6465aacb16dbe0ea15a2efc549a97a2b29e2d31dd6148cd40094a0c41","ssdeep":"","tlshash":"bc8153d9d0924b3d284fc5afb856fd846d4c9362d9b7fde9e805c4262636220816e32a","first_seen":"2025-10-16T06:08:09.838604Z","last_seen":"2026-02-28T19:40:37.449254Z","times_seen":171,"resource_available":true,"data":null}},"time_used":609,"timings":{"blocked":398,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/BP7QvQo8.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:00.730Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/BP7QvQo8.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-1d3a\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: da0ba54c543f5be1b5d6af924dd9910f\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7482,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, Unicode text, UTF-8 text, with very long lines (7327)","md5":"4eb6992de693a987050868c43f955a7c","sha1":"52ba69593d44cad0c129795ffdb140d230f7f832","sha256":"bc8e9955d7bc5130880db91f0510fdcca762f71d0bd44927dc3ed20988ee73f8","sha512":"06754657681e3734f65b439bbd7f957765856371ad3ae9056bf2f20b9bdde3c4e84283ddfd0577d84e18d43250748329242faf189cb75d9cd193a5efd6046faa","ssdeep":"192:eC78ycUJWiT0rxOW0dQhkRRZWU0gFkRRZRR9Py9+:e0MxiTipYRZWOYRZRn","tlshash":"12f1b6c66016c6bca48b5524696dfc01b00f7fdae65b9a1392fcc42633459e9fe8a334","first_seen":"2025-10-16T06:08:09.627203Z","last_seen":"2026-02-28T19:40:37.477017Z","times_seen":171,"resource_available":true,"data":null}},"time_used":1175,"timings":{"blocked":972,"dns":0,"connect":0,"send":0,"wait":203,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-12-29/22/2005640922480107520.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:05.580Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"GET /image/2025-12-29/22/2005640922480107520.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://tqyy5mv8.top/\r\nresponsetype: arraybuffer\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:05 GMT\r\ncontent-type: text/plain\r\nlast-modified: Mon, 29 Dec 2025 14:03:54 GMT\r\nx-wasabi-cm-reference-id: 1767115046809 154.18.200.100 ConID:1233585324/EngineConID:11835946/Core:78\r\netag: W/\"0d411f5eb9c6f84f82655ea0918be377\"\r\nvia: 1.1 d7f09a5d605b8be5db2506580e49606a.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: HKG54-P2\r\nx-amz-cf-id: -qLI-gAjJt4uiAKGLNOOE2Fj0-NyrqvRNqjGh14djNm-Xf9w-3moKw==\r\nage: 65038\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-expose-headers: *\r\nx-cache-status: HIT\r\ncontent-encoding: br\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":218136,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"0d411f5eb9c6f84f82655ea0918be377","sha1":"2218902a3d3fb9cc67dac9951f15cc40ffdc4c56","sha256":"cb121827e01913d5299205ca85dc2e812c78bf814143c68262314c5977a71bdb","sha512":"718df07b02611982e99df5ed3132236acdf02065ea6020c15cda1c0e657773ffe0b8147af9501bb30572d9b84d0ecde420ad348e5fcf94cd7f515dafd54b7a6c","ssdeep":"3072:QFirV9p4AKecX3fTkRsI3sRldmOfjm962swGj7V5KI0vCF4jDyGzjCL/0:/mreO3fTCsRzdmwV2KnaK4jDyYGL/0","tlshash":"652412cdf93825a0022c7580e0fb865672334856ceab73b616ca6aff5735703d662c4a","first_seen":"2025-12-30T11:55:33.770646Z","last_seen":"2026-01-13T10:58:15.144497Z","times_seen":112,"resource_available":false,"data":null}},"time_used":1102,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1102,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/n7Z_Ltok.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:06.168Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/n7Z_Ltok.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/CvUKjgFw.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278; deviceId=37PEwMPYrDXTaEZEdYFaxb7i; userStore=%7B%22info%22%3A%7B%22userId%22%3A%222009622699604393984%22%2C%22uniqueId%22%3A%22204e50f4eea5492e9eaa812b9543f557%22%2C%22phone%22%3Anull%2C%22userCode%22%3A%223338FY6W%22%2C%22nickname%22%3A%22%E6%B8%B8%E5%AE%A2%22%2C%22deviceType%22%3A3%2C%22avatar%22%3Anull%2C%22signature%22%3Anull%2C%22gender%22%3Anull%2C%22city%22%3Anull%2C%22experience%22%3Anull%2C%22expLevel%22%3Anull%2C%22account%22%3Anull%2C%22userType%22%3A0%2C%22parentCode%22%3Anull%2C%22agentCode%22%3A%22JNO2R7YK%22%2C%22agentAcct%22%3A%22sc00_03%22%2C%22masterAcct%22%3A%22sc00%22%2C%22merchantAcct%22%3A%22sc00%22%2C%22coinBalance%22%3A0%2C%22pointBalance%22%3A0%2C%22vipBegin%22%3Anull%2C%22vipEnd%22%3Anull%2C%22vipFlag%22%3Afalse%2C%22userJob%22%3A2%2C%22deviceId%22%3A%2237PEwMPYrDXTaEZEdYFaxb7i%22%2C%22roles%22%3A%5B%5D%7D%2C%22searchList%22%3A%5B%5D%2C%22scrollLeft%22%3A0%2C%22downloadTime%22%3A0%7D; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uSWQiOiJhZDM0NTUwNWU5NzU0NDRkOWIxMWM0M2ZlZjBhN2RkYSIsIm1lcmNoYW50QWNjdCI6InNjMDAiLCJ1c2VySWQiOiIyMDA5NjIyNjk5NjA0MzkzOTg0In0.bdt2tOADF1swp4g_M8rGMi5M6CLflZ_dBocaih1RUXw\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:06 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-2162\"\r\nExpires: Fri, 09 Jan 2026 14:16:06 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 849dd7c4b890b49880250b5740802f9f\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8546,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (8545)","md5":"601df375fefdf23d996e629ec08c2d8c","sha1":"0759aea946fc942f1d0033cf8797a07d621eae01","sha256":"63f471ecbf1c0211f0a9b281c3d6a4e2bac2d35fb62677445624b20a6c041858","sha512":"c62913917e2d560532d29e2fc8034b1c6cfbd30dbc36381e825e252354ca93797d3f401b6d23d7403208b060bb9bc2b6b51f395c0665f723e9072b32d28a187a","ssdeep":"192:uXX84mprN5N4L1qPYVQlx3VEMYp/zWyOSLRGXJIx822Rue7LRSPkLQ41u9VEP:ucfL5N4L/VcxVAdROSLsXJIoke7L9LQI","tlshash":"4a022b94f848a9b7d7ba65a41018408052682fd4f027cad8f03f7d2b27dc9d43abae19","first_seen":"2025-10-16T06:08:09.565139Z","last_seen":"2026-02-28T19:40:37.466572Z","times_seen":170,"resource_available":true,"data":null}},"time_used":210,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":210,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/BCOmTdJo.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:08.265Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/BCOmTdJo.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/KGeZgdKO.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278; deviceId=37PEwMPYrDXTaEZEdYFaxb7i; userStore=%7B%22info%22%3A%7B%22userId%22%3A%222009622699604393984%22%2C%22uniqueId%22%3A%22204e50f4eea5492e9eaa812b9543f557%22%2C%22phone%22%3Anull%2C%22userCode%22%3A%223338FY6W%22%2C%22nickname%22%3A%22%E6%B8%B8%E5%AE%A2%22%2C%22deviceType%22%3A3%2C%22avatar%22%3Anull%2C%22signature%22%3Anull%2C%22gender%22%3Anull%2C%22city%22%3Anull%2C%22experience%22%3Anull%2C%22expLevel%22%3Anull%2C%22account%22%3Anull%2C%22userType%22%3A0%2C%22parentCode%22%3Anull%2C%22agentCode%22%3A%22JNO2R7YK%22%2C%22agentAcct%22%3A%22sc00_03%22%2C%22masterAcct%22%3A%22sc00%22%2C%22merchantAcct%22%3A%22sc00%22%2C%22coinBalance%22%3A0%2C%22pointBalance%22%3A0%2C%22vipBegin%22%3Anull%2C%22vipEnd%22%3Anull%2C%22vipFlag%22%3Afalse%2C%22userJob%22%3A2%2C%22deviceId%22%3A%2237PEwMPYrDXTaEZEdYFaxb7i%22%2C%22roles%22%3A%5B%5D%7D%2C%22searchList%22%3A%5B%5D%2C%22scrollLeft%22%3A0%2C%22downloadTime%22%3A0%7D; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uSWQiOiJhZDM0NTUwNWU5NzU0NDRkOWIxMWM0M2ZlZjBhN2RkYSIsIm1lcmNoYW50QWNjdCI6InNjMDAiLCJ1c2VySWQiOiIyMDA5NjIyNjk5NjA0MzkzOTg0In0.bdt2tOADF1swp4g_M8rGMi5M6CLflZ_dBocaih1RUXw\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:08 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-2072\"\r\nExpires: Fri, 09 Jan 2026 14:16:08 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 8fcce4a53a1ea2a97edbd2defe5f1770\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8306,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (8157)","md5":"b1d70a235174a5bbe17f15fd3259a86e","sha1":"307d943113f0221230d51196d88871a03e0262e0","sha256":"e0f710413129bc6e4b0a0183cb4442559ed3a007d13682add282925ebbb20c0b","sha512":"69e296853fac370ac0d2542e3e6ad969fcde4d2d7616a7254c10bbdc3035d9be0175016190a6af86936fdd71566e12c5676f49bfc0606185b3a77a3c9820b005","ssdeep":"192:sJ8HgWLkovhbkERqqrZ1yP1nn5/WQQbh75lGS8fD273+3n:sJSvnhbkEEqrZiXWphVldequ","tlshash":"c302e70cb079d4fa7ab74ca8507a545251081f4ed221ecf1f6ae5e272f97cd036a9339","first_seen":"2025-10-16T06:08:10.060452Z","last_seen":"2026-02-28T19:40:37.457834Z","times_seen":167,"resource_available":true,"data":null}},"time_used":211,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/index.BYApLHi8.css","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:45:59.184Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/index.BYApLHi8.css HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:45:59 GMT\r\nContent-Type: text/css\r\nContent-Length: 947\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nETag: \"68ef84a1-3b3\"\r\nExpires: Fri, 09 Jan 2026 14:15:59 GMT\r\nCache-Control: max-age=1800\r\nServer: layun.com\r\nX-Request-Id: 6697d4aaf99aa055a63248957f8e927b\r\ncache-status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":947,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (946)","md5":"bb1da0854dbde19f8103f0ef7bad8225","sha1":"9fec71972509b95dec3ef4bdc852de925a6ce860","sha256":"49ffb876721a00f33a541626916269402206962fa51da1c8df5b7f1d9dc40e1a","sha512":"0617815df723f05eae5e38cf39f21284aba07e59f561a236f84a20c18acae79e193ac1aadb99db70e718cf9d367ed1719a6f372a77ca7c088f5bd1c988e00818","ssdeep":"","tlshash":"ec11bbccb045a5392f12f0951b5aebc8b03df4618f53dad63051637894c3bfa2e62a02","first_seen":"2024-12-11T22:34:53.078869Z","last_seen":"2026-04-03T08:52:48.131579Z","times_seen":2712,"resource_available":false,"data":null}},"time_used":609,"timings":{"blocked":398,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/Bm7ddlXp.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:00.740Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/Bm7ddlXp.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:02 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-4a5\"\r\nExpires: Fri, 09 Jan 2026 14:16:02 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 9102c322dcceb7210d5347bfa5a92043\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1189,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (1188)","md5":"7129a1fb57f0e6fba13a56e46cdf8bf6","sha1":"709122464f8c6de3bfc9b9c44c9bf5f948890069","sha256":"0cf7bdeab7b345499662eeababda810f58b54d7b0ce27eb331ae65c2b7d3ab1a","sha512":"0f74446f1a7a4ca7c6e4d97a9c164e92af2a02536d3e4959fdb6dcbf48142a1ba7cebc38d98571a59a58a14df032017e12de1f56cf97ca0debb36da47f556032","ssdeep":"","tlshash":"6f21148cf459c579a7738cb805502c41b60c7f7cb52fa7e19ae817513a96c21e71e718","first_seen":"2025-10-16T06:08:09.93282Z","last_seen":"2026-02-28T19:40:37.428553Z","times_seen":171,"resource_available":true,"data":null}},"time_used":1426,"timings":{"blocked":1215,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-06-07/15/1931250622477885440.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.525Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"OPTIONS /image/2025-06-07/15/1931250622477885440.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: responsetype\r\nReferer: http://tqyy5mv8.top/\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:04 GMT\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: responsetype\r\ncontent-type: text/plain\r\ncontent-length: 0\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":1240,"timings":{"blocked":714,"dns":0,"connect":0,"send":0,"wait":526,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/CPDf43GW.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.585Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/CPDf43GW.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:05 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-1e95\"\r\nExpires: Fri, 09 Jan 2026 14:16:05 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 8f981e7700257822db7583a2636f94f8\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7829,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, Unicode text, UTF-8 text, with very long lines (7774)","md5":"36c5e2dd114338219a6686fc200a2121","sha1":"05b49724af447508ff0c5ac8b0cc3e992064f9a0","sha256":"2b7d325c193726264e5bfd3e9c6949dd2d8113bdab918345d2c8f381ff2450cf","sha512":"0028ed8074fb16bdfffba356523a6e0bf246b5f4a8cdbc0410112c095f3dc02870ea9f3854e2a8841736ab65adeaaeae984d33ac0d9c0d348d240c29154a9a04","ssdeep":"192:qoZzPizhY9CHxYQqcyY4v/d/eLrDn1GWkecVf7nq/rQgrg2R:qoZzqzacHq2r/Dn1GBecVDnq/rQbC","tlshash":"40f1f84cb03e44fdf276581886990483230c3b1ba1ba8de676f96f362351c5661bef75","first_seen":"2025-10-16T06:08:09.71159Z","last_seen":"2026-02-28T19:40:37.459337Z","times_seen":164,"resource_available":true,"data":null}},"time_used":1880,"timings":{"blocked":1649,"dns":0,"connect":0,"send":0,"wait":231,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/O2p0eN2I.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.591Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/O2p0eN2I.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:05 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-13ec\"\r\nExpires: Fri, 09 Jan 2026 14:16:05 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 318a0a7cb69f0f7d1df2f397afa4380b\r\ncache-status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5100,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (5099)","md5":"d5ec1d145b31fc1d368d1632c569e65c","sha1":"bc5007ec749c716aa9988ecac2a0e7c4adefa5f7","sha256":"8e486193f148311ddd976913a44cbde699cdbbe8fc301f7d5be61b1529b5a14b","sha512":"c039034775aef251bfdac85a884a9d138dd7d7bdb8247b18a8bbc2c53863781933e9e8bf979f9aa17abfe857fecdccabe0f23a0bee5611c54689a30a5deca145","ssdeep":"96:4yJqHoUq19XA/uX948XtZ9v7Ab95c56IBziMjXZ2ByKKlV7FU7U42H6jPm5uv:Dkq1AG9TdLv7AZOIIh1LZ29KZ6Dm0v","tlshash":"cdb1a4d57181f8b3d738e6ce005101e097ae97d03029c6edb15f8e03261acb866faa1e","first_seen":"2025-10-16T06:08:09.782718Z","last_seen":"2026-02-28T19:40:37.478745Z","times_seen":170,"resource_available":true,"data":null}},"time_used":1642,"timings":{"blocked":1312,"dns":0,"connect":0,"send":0,"wait":330,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-02-15/12/1890621623115440128.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:05.585Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"GET /image/2025-02-15/12/1890621623115440128.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://tqyy5mv8.top/\r\nresponsetype: arraybuffer\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:05 GMT\r\ncontent-type: text/plain\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-expose-headers: Date, Etag, Content-Length, Accept-Ranges, Content-Range, Server, Location, X-Amz-Version-Id, X-Amz-Checksum-Crc32, X-Amz-Checksum-Crc32c, X-Amz-Checksum-Crc64nvme, X-Amz-Checksum-Sha1, X-Amz-Checksum-Sha256\r\naccess-control-max-age: 86400\r\netag: W/\"d7e2ee4d8472700788ac49329de6deb2\"\r\nlast-modified: Sat, 19 Apr 2025 01:28:31 GMT\r\nx-amz-meta-mtime: 1739594296\r\nx-wasabi-cm-reference-id: 1767210320204 154.18.200.100 ConID:1267762454/EngineConID:12206860/Core:4\r\nvia: 1.1 85e1446ec73e61adff915b5f7ea53e88.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: SIN2-P5\r\nx-amz-cf-id: GKJecBMXqJWtUOFGhbdR-6O0t5wa-l7zdF37TL3KJSk_UPy8v2JqMA==\r\nage: 65044\r\nx-cache-status: HIT\r\ncontent-encoding: br\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":469676,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"d7e2ee4d8472700788ac49329de6deb2","sha1":"b6d86ab5f8e105d967382d1f3a23cf986bd2c60f","sha256":"011c6eb686e43e1f420d3e29f2ba566a81b089c79ebbd7dbb713188d96cc78f8","sha512":"2adb5e325dea5dcd6161c506b67c46fbfceb11abf086e85c513a8c351f8c8332fbd27db2ff3bc192de6b7c8e99615161d34650e2465ba4669adbec497fc7ebb9","ssdeep":"6144:SqOKdLR1a7zTYJCu2fnoIc9pumnp79V49q02HRLWOCeAe2JF90Pa63GU19dM67d+:TbQ7nYcu2fMpvtG12pfCeBO0PDzrtm1","tlshash":"8ba423206fa88ef9465ffa3c3ce35d6f24f086eac1480c4c93577dd7586e550885aea4","first_seen":"2025-05-23T03:23:52.066668Z","last_seen":"2026-04-03T08:52:48.196206Z","times_seen":785,"resource_available":false,"data":null}},"time_used":1088,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1088,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-04-24/13/1915284040347541504.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:05.605Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"GET /image/2025-04-24/13/1915284040347541504.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://tqyy5mv8.top/\r\nresponsetype: arraybuffer\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:05 GMT\r\ncontent-type: text/plain\r\netag: W/\"665eace5abe426098eb6eac29c9c5c46\"\r\nlast-modified: Fri, 25 Apr 2025 18:17:53 GMT\r\nx-amz-meta-mtime: 1745474275\r\nx-wasabi-cm-reference-id: 1767219789620 154.18.200.104 ConID:429993435/EngineConID:4154016/Core:14\r\nvia: 1.1 c5337f831ef13b6de20c6ba2cda2e028.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: HKG54-P2\r\nx-amz-cf-id: poesNLi9IxhWJOn-WvD7-jMlPqGmc6_-Afibj202Rz0nWArmb5H_Tw==\r\nage: 55661\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-expose-headers: *\r\nx-cache-status: HIT\r\ncontent-encoding: br\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":106688,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"665eace5abe426098eb6eac29c9c5c46","sha1":"2a0426e9518a7092d75d003256a34452d1e131ff","sha256":"37777271181bed2b188c01ce37854472068b3ac1e1ed811404798d42f02cb4ca","sha512":"391113e3272816dd7b8340990dc107b169730eee69026228f7cacceeb01c12179aee683e6e374b9a4a0ce4f78068fb12917d76905cdd8c69bfc2f75316a23a38","ssdeep":"3072:0bQvm4qzhqUeYmfLxEQVUW8PIYuWeVVv5/ja:cQu9h/enEQYuWyv1a","tlshash":"32a31220faca7f1c590ed298bebf5a27164848c5d0b2fc5d526b28c71a44f7791a3839","first_seen":"2025-05-23T03:23:52.094162Z","last_seen":"2026-04-03T08:52:48.110139Z","times_seen":922,"resource_available":false,"data":null}},"time_used":951,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":951,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/rQTPkNhF.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:06.172Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/rQTPkNhF.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/CvUKjgFw.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278; deviceId=37PEwMPYrDXTaEZEdYFaxb7i; userStore=%7B%22info%22%3A%7B%22userId%22%3A%222009622699604393984%22%2C%22uniqueId%22%3A%22204e50f4eea5492e9eaa812b9543f557%22%2C%22phone%22%3Anull%2C%22userCode%22%3A%223338FY6W%22%2C%22nickname%22%3A%22%E6%B8%B8%E5%AE%A2%22%2C%22deviceType%22%3A3%2C%22avatar%22%3Anull%2C%22signature%22%3Anull%2C%22gender%22%3Anull%2C%22city%22%3Anull%2C%22experience%22%3Anull%2C%22expLevel%22%3Anull%2C%22account%22%3Anull%2C%22userType%22%3A0%2C%22parentCode%22%3Anull%2C%22agentCode%22%3A%22JNO2R7YK%22%2C%22agentAcct%22%3A%22sc00_03%22%2C%22masterAcct%22%3A%22sc00%22%2C%22merchantAcct%22%3A%22sc00%22%2C%22coinBalance%22%3A0%2C%22pointBalance%22%3A0%2C%22vipBegin%22%3Anull%2C%22vipEnd%22%3Anull%2C%22vipFlag%22%3Afalse%2C%22userJob%22%3A2%2C%22deviceId%22%3A%2237PEwMPYrDXTaEZEdYFaxb7i%22%2C%22roles%22%3A%5B%5D%7D%2C%22searchList%22%3A%5B%5D%2C%22scrollLeft%22%3A0%2C%22downloadTime%22%3A0%7D; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uSWQiOiJhZDM0NTUwNWU5NzU0NDRkOWIxMWM0M2ZlZjBhN2RkYSIsIm1lcmNoYW50QWNjdCI6InNjMDAiLCJ1c2VySWQiOiIyMDA5NjIyNjk5NjA0MzkzOTg0In0.bdt2tOADF1swp4g_M8rGMi5M6CLflZ_dBocaih1RUXw\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:06 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-1a33\"\r\nExpires: Fri, 09 Jan 2026 14:16:06 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 7baaf11fd3d9d46d75fcda50ddd4fe86\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6707,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (6706)","md5":"f6e3c34d522ad49403460d1398d3a128","sha1":"cb60a67fba63f790c36006724a622f14f2ee6b1d","sha256":"e7dc20eca1febd0a8b5a73dcec495fb53a16f45b1f2cd567be135ae1fbf1899b","sha512":"f4509c9114a9bceebcd157cc84fc0aa8be8d18fc7451a66791ee50ae84f46eb88f14c9e2a19a14468d774ad83643e53740c1c09186681d3986e09bbdc2e953a9","ssdeep":"192:UvWjSQFRLDnxisHQSuzpF4KqN2BBeoUEfMpHzXx:4USQFtDnxiRTQKVjxE","tlshash":"30d1f9457999e477c97758e8a49e0020b9181b89e109c3b2f0be5d0d59fd8d0e1bbebc","first_seen":"2025-10-16T06:08:09.591678Z","last_seen":"2026-02-28T19:40:37.423986Z","times_seen":162,"resource_available":true,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":208,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/DO24JSDm.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:00.710Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/DO24JSDm.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-14ac\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: e31899ceb65dea4a4dba4a03d539764d\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5292,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (5291)","md5":"92872c95c57af3a4daa34799458745d2","sha1":"3d7328523c11d85b2cadeec48f0eb6e21a73f3ff","sha256":"d249211b11826095df9790885365eb4da5b10cb9b2b06403314b47f22ada0662","sha512":"5e352034a59a31a58894bf7da336d1f95677b3ed87bdbaba59c4c40e85bfd5184f725e34bcd32e5cd3a3ed3aa37dc522a74e0729280453d50edf28606e563fe2","ssdeep":"96:U1W+WoH5yuik1QsOikNG4PNYaGhJNUmPTFo9hPE2vhiV9qMYc:U1HWoHu6kl0mNsNwpif4c","tlshash":"0eb165e474e8d0dbbb768e81c033265260077ba96435f0d4e1b66d321167e249653b3f","first_seen":"2025-10-16T06:08:09.961497Z","last_seen":"2026-02-28T19:40:37.448712Z","times_seen":171,"resource_available":true,"data":null}},"time_used":609,"timings":{"blocked":397,"dns":0,"connect":0,"send":0,"wait":212,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/BP7QvQo8.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:02.144Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/BP7QvQo8.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/BGnZWUEv.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:02 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-1d3a\"\r\nExpires: Fri, 09 Jan 2026 14:16:02 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: edf3e17d4c8c3669f10209d0ed8f3b70\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7482,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, Unicode text, UTF-8 text, with very long lines (7327)","md5":"4eb6992de693a987050868c43f955a7c","sha1":"52ba69593d44cad0c129795ffdb140d230f7f832","sha256":"bc8e9955d7bc5130880db91f0510fdcca762f71d0bd44927dc3ed20988ee73f8","sha512":"06754657681e3734f65b439bbd7f957765856371ad3ae9056bf2f20b9bdde3c4e84283ddfd0577d84e18d43250748329242faf189cb75d9cd193a5efd6046faa","ssdeep":"192:eC78ycUJWiT0rxOW0dQhkRRZWU0gFkRRZRR9Py9+:e0MxiTipYRZWOYRZRn","tlshash":"12f1b6c66016c6bca48b5524696dfc01b00f7fdae65b9a1392fcc42633459e9fe8a334","first_seen":"2025-10-16T06:08:09.627203Z","last_seen":"2026-02-28T19:40:37.477017Z","times_seen":171,"resource_available":true,"data":null}},"time_used":228,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":228,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/index.CgYWZ5k5.css","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.574Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/index.CgYWZ5k5.css HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278; deviceId=37PEwMPYrDXTaEZEdYFaxb7i; userStore=%7B%22info%22%3A%7B%22userId%22%3A%222009622699604393984%22%2C%22uniqueId%22%3A%22204e50f4eea5492e9eaa812b9543f557%22%2C%22phone%22%3Anull%2C%22userCode%22%3A%223338FY6W%22%2C%22nickname%22%3A%22%E6%B8%B8%E5%AE%A2%22%2C%22deviceType%22%3A3%2C%22avatar%22%3Anull%2C%22signature%22%3Anull%2C%22gender%22%3Anull%2C%22city%22%3Anull%2C%22experience%22%3Anull%2C%22expLevel%22%3Anull%2C%22account%22%3Anull%2C%22userType%22%3A0%2C%22parentCode%22%3Anull%2C%22agentCode%22%3A%22JNO2R7YK%22%2C%22agentAcct%22%3A%22sc00_03%22%2C%22masterAcct%22%3A%22sc00%22%2C%22merchantAcct%22%3A%22sc00%22%2C%22coinBalance%22%3A0%2C%22pointBalance%22%3A0%2C%22vipBegin%22%3Anull%2C%22vipEnd%22%3Anull%2C%22vipFlag%22%3Afalse%2C%22userJob%22%3A2%2C%22deviceId%22%3A%2237PEwMPYrDXTaEZEdYFaxb7i%22%2C%22roles%22%3A%5B%5D%7D%2C%22searchList%22%3A%5B%5D%2C%22scrollLeft%22%3A0%2C%22downloadTime%22%3A0%7D; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uSWQiOiJhZDM0NTUwNWU5NzU0NDRkOWIxMWM0M2ZlZjBhN2RkYSIsIm1lcmNoYW50QWNjdCI6InNjMDAiLCJ1c2VySWQiOiIyMDA5NjIyNjk5NjA0MzkzOTg0In0.bdt2tOADF1swp4g_M8rGMi5M6CLflZ_dBocaih1RUXw\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:03 GMT\r\nContent-Type: text/css\r\nContent-Length: 160\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nETag: \"68ef84a1-a0\"\r\nExpires: Fri, 09 Jan 2026 14:16:03 GMT\r\nCache-Control: max-age=1800\r\nServer: layun.com\r\nX-Request-Id: 921a133b164ae649c74e24b37c5df167\r\ncache-status: EXPIRED\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":160,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"4aeb9dac66d0d9564594ac063c180ccb","sha1":"85960434e13bb26c581a882e1454d268e5f2f2d6","sha256":"8f16fd468be7551f14049bd077d2cd1420a81127d5935b05d2262eef15dbb104","sha512":"d8c8364de5db2ae0281ce730355d244ee8cc7c03f9852c42618bc3ffdfc498b2d4e5bc3142847a1c90572855d605027a8c4d4c1282491a8abc36c6865550aebc","ssdeep":"","tlshash":"2bc08c2b29821b8006336f0417a71524321610e34ca1ea5a4806ebfdcba3b43b6ac28b","first_seen":"2025-06-21T15:58:08.871482Z","last_seen":"2026-04-03T08:52:48.069009Z","times_seen":1124,"resource_available":false,"data":null}},"time_used":302,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":302,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/index.Bpg_qkgm.css","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.581Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/index.Bpg_qkgm.css HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278; deviceId=37PEwMPYrDXTaEZEdYFaxb7i; userStore=%7B%22info%22%3A%7B%22userId%22%3A%222009622699604393984%22%2C%22uniqueId%22%3A%22204e50f4eea5492e9eaa812b9543f557%22%2C%22phone%22%3Anull%2C%22userCode%22%3A%223338FY6W%22%2C%22nickname%22%3A%22%E6%B8%B8%E5%AE%A2%22%2C%22deviceType%22%3A3%2C%22avatar%22%3Anull%2C%22signature%22%3Anull%2C%22gender%22%3Anull%2C%22city%22%3Anull%2C%22experience%22%3Anull%2C%22expLevel%22%3Anull%2C%22account%22%3Anull%2C%22userType%22%3A0%2C%22parentCode%22%3Anull%2C%22agentCode%22%3A%22JNO2R7YK%22%2C%22agentAcct%22%3A%22sc00_03%22%2C%22masterAcct%22%3A%22sc00%22%2C%22merchantAcct%22%3A%22sc00%22%2C%22coinBalance%22%3A0%2C%22pointBalance%22%3A0%2C%22vipBegin%22%3Anull%2C%22vipEnd%22%3Anull%2C%22vipFlag%22%3Afalse%2C%22userJob%22%3A2%2C%22deviceId%22%3A%2237PEwMPYrDXTaEZEdYFaxb7i%22%2C%22roles%22%3A%5B%5D%7D%2C%22searchList%22%3A%5B%5D%2C%22scrollLeft%22%3A0%2C%22downloadTime%22%3A0%7D; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uSWQiOiJhZDM0NTUwNWU5NzU0NDRkOWIxMWM0M2ZlZjBhN2RkYSIsIm1lcmNoYW50QWNjdCI6InNjMDAiLCJ1c2VySWQiOiIyMDA5NjIyNjk5NjA0MzkzOTg0In0.bdt2tOADF1swp4g_M8rGMi5M6CLflZ_dBocaih1RUXw\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:04 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-62d\"\r\nExpires: Fri, 09 Jan 2026 14:16:04 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 66b51aac3fc9d181cb140cd88186d36c\r\ncache-status: EXPIRED\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1581,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1580)","md5":"9241739bb15398bdbaadc0390fe5a9c2","sha1":"c47b7295b488df08845373837496fabbaaefa72b","sha256":"6e7e7e18dab6e7dfb3821b7c00123c328b16cb0aebbd20959810a5fcf508a326","sha512":"b2cb48a071f00a19daa644e10501de0ea833e33f52cbffc4297920f117b8f7ce20b0da55cf98626dfd358acbfdfe0da90b646e1891b4fbfb3009e4e9de05eded","ssdeep":"","tlshash":"f9312b35f9906977dd227034b7e165c8a03cf171bea089aa702d7918cbaf6f4071b24b","first_seen":"2024-12-11T22:34:53.152769Z","last_seen":"2026-04-03T08:52:48.174467Z","times_seen":1302,"resource_available":false,"data":null}},"time_used":559,"timings":{"blocked":266,"dns":0,"connect":0,"send":0,"wait":292,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-12-22/10/2002929816582479872.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:05.555Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"GET /image/2025-12-22/10/2002929816582479872.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://tqyy5mv8.top/\r\nresponsetype: arraybuffer\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:05 GMT\r\ncontent-type: text/plain\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-expose-headers: Date, Etag, Content-Length, Accept-Ranges, Content-Range, Server, Location, X-Amz-Version-Id, X-Amz-Checksum-Crc32, X-Amz-Checksum-Crc32c, X-Amz-Checksum-Crc64nvme, X-Amz-Checksum-Sha1, X-Amz-Checksum-Sha256\r\naccess-control-max-age: 86400\r\netag: W/\"d843fdcc414ebc75533a24ce71db11b8\"\r\nlast-modified: Mon, 22 Dec 2025 02:30:56 GMT\r\nx-wasabi-cm-reference-id: 1767867011935 154.18.200.105 ConID:671151514/EngineConID:6454615/Core:51\r\nvia: 1.1 2f9cb80782dcb1efbdffbb82fa070340.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: HKG54-P2\r\nx-amz-cf-id: yqF8F4Rzt6QHwHGn6xYN_k3ac1Q0DU36BXCkebwGJrqD_Nhzxghvxw==\r\nage: 41717\r\nx-cache-status: HIT\r\ncontent-encoding: br\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":584472,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"d843fdcc414ebc75533a24ce71db11b8","sha1":"31384c74a0e1473c8be27a704c995c3c371d0218","sha256":"d96e7d757daa16129d9e05e560fe97ebc05066f550fc7d75f0f5946708826c38","sha512":"28dd3c5959ed9cee8e9a8cb0a7478c7131c960dc418e9caa4f9e8b90ada5d174b7bfc0184f63d186123598ef3ea4d0d45b3aa8d34cc5b42dcff7bc90d3c6ae5c","ssdeep":"12288:ostC9987SJICUF94rxsdLuRIuW2LRIuhtoJoCB15vtQJtOn:ogC9S7wRUF6rxsdL6IYFtuXBmJtO","tlshash":"88c42304c3879d549ad9c278b05fba3d148129b179ee2adb061bb5c305abfd714bf039","first_seen":"2025-10-15T02:28:41.807617Z","last_seen":"2026-02-07T08:49:49.352641Z","times_seen":690,"resource_available":false,"data":null}},"time_used":667,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":667,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-12-19/10/2001848674278170624.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:05.613Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"GET /image/2025-12-19/10/2001848674278170624.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://tqyy5mv8.top/\r\nresponsetype: arraybuffer\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:05 GMT\r\ncontent-type: text/plain\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-expose-headers: Date, Etag, Content-Length, Accept-Ranges, Content-Range, Server, Location, X-Amz-Version-Id, X-Amz-Checksum-Crc32, X-Amz-Checksum-Crc32c, X-Amz-Checksum-Crc64nvme, X-Amz-Checksum-Sha1, X-Amz-Checksum-Sha256\r\naccess-control-max-age: 86400\r\netag: W/\"3180db05fb78a13cba8097acb8353c3c\"\r\nlast-modified: Fri, 19 Dec 2025 02:54:51 GMT\r\nx-wasabi-cm-reference-id: 1767193429363 154.18.200.100 ConID:1261427289/EngineConID:12150644/Core:18\r\nvia: 1.1 4313fc64a6afe03d0bac7c0ec16021b8.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: NRT20-P9\r\nx-amz-cf-id: FF8UVdv5f75hjS-KXmAHu-mJFr4OlGBH2rzuJWPl1yB_dNskNqzqHw==\r\nage: 51275\r\nx-cache-status: HIT\r\ncontent-encoding: br\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":769304,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"3180db05fb78a13cba8097acb8353c3c","sha1":"0baea164890991f91eb05801f557e9d7c8bd64a0","sha256":"24a4511fd3b10311da6fc0675b8cb40f49384351ab907b6e9b4bdc1f2eed13b6","sha512":"60d1d724b87ec2e97cb687d24fddd3e886e0f71afd806c3e09902d32816dfdc0f3fb7508edd46f26d3ecb061a572dd8260e15479cb308bd8d84a5b0769dd22af","ssdeep":"12288:XH38+y3NzMeABI4bo/NPtnRyOVnWnYrAIW+4Nfqhr7vGMeaGBDR6ZI1aFDFRT:XX8sMXFqcGWA84JqYMmZRmzDP","tlshash":"41f4233196cadd6ab76d857c20df0f6b8ec0035d604dc3cd7bb320e610a77886959ab9","first_seen":"2025-12-19T07:57:46.479217Z","last_seen":"2026-01-19T00:18:55.936811Z","times_seen":265,"resource_available":false,"data":null}},"time_used":898,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":898,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/CcQyTwoe.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:00.725Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/CcQyTwoe.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-88b\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 0241c07c9569023ccf6407ec2d53b920\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2187,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (2186)","md5":"1b2c034e197bfc0aea2ea45e6a48d012","sha1":"d5e939b0ba487754751c00c2fe105d34d32b887b","sha256":"861143863498586d04fc4b62b782782327dd6902040f20bf56ee0c1d23f199e3","sha512":"a9b382c4f44d44f4c97faed6c54c9935085af899bf8ed0c1a8f1e89160f16702a7f026b90718390932b8390a5f6107b26b226bf5639338b63fcd577ee809a9be","ssdeep":"","tlshash":"ce4197cc46f94e74df9a014360540d23bc690e84a03b84e5e7bd0c48a7442c9a3fff0a","first_seen":"2025-10-16T06:08:09.746895Z","last_seen":"2026-02-28T19:40:37.438636Z","times_seen":165,"resource_available":true,"data":null}},"time_used":1017,"timings":{"blocked":806,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/DOUSyLD7.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:01.040Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/DOUSyLD7.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/B80mK0S0.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-713\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 7de16298c76961002ec7c09bf110353d\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1811,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (1810)","md5":"f318199bc885006e657cf7892e71b038","sha1":"cd5f06373c59ef3e89570b05c65676ff204e067e","sha256":"8d9b9424edc8927c826ed56461fb872830492bc95de8f28aa103f0962111c767","sha512":"65cc759a3d137a3cddf28679db7df4462f84423d51cb6346e2118a98d8d266885f612c5455c4c90c4eb72136933d965210465f12aee683db9e67fc9af60314e9","ssdeep":"","tlshash":"183122a8b4daadb810f7bd84d836314856081e493d35f0f4db8b4da71ba3010567e71a","first_seen":"2025-10-16T06:08:09.953904Z","last_seen":"2026-02-28T19:40:37.460364Z","times_seen":171,"resource_available":true,"data":null}},"time_used":776,"timings":{"blocked":573,"dns":0,"connect":0,"send":0,"wait":203,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-12-29/17/2005565730982584320.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.530Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"OPTIONS /image/2025-12-29/17/2005565730982584320.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: responsetype\r\nReferer: http://tqyy5mv8.top/\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:04 GMT\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: responsetype\r\ncontent-type: text/plain\r\ncontent-length: 0\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":1403,"timings":{"blocked":709,"dns":0,"connect":0,"send":0,"wait":694,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/index.DobJITLb.css","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.579Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/index.DobJITLb.css HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278; deviceId=37PEwMPYrDXTaEZEdYFaxb7i; userStore=%7B%22info%22%3A%7B%22userId%22%3A%222009622699604393984%22%2C%22uniqueId%22%3A%22204e50f4eea5492e9eaa812b9543f557%22%2C%22phone%22%3Anull%2C%22userCode%22%3A%223338FY6W%22%2C%22nickname%22%3A%22%E6%B8%B8%E5%AE%A2%22%2C%22deviceType%22%3A3%2C%22avatar%22%3Anull%2C%22signature%22%3Anull%2C%22gender%22%3Anull%2C%22city%22%3Anull%2C%22experience%22%3Anull%2C%22expLevel%22%3Anull%2C%22account%22%3Anull%2C%22userType%22%3A0%2C%22parentCode%22%3Anull%2C%22agentCode%22%3A%22JNO2R7YK%22%2C%22agentAcct%22%3A%22sc00_03%22%2C%22masterAcct%22%3A%22sc00%22%2C%22merchantAcct%22%3A%22sc00%22%2C%22coinBalance%22%3A0%2C%22pointBalance%22%3A0%2C%22vipBegin%22%3Anull%2C%22vipEnd%22%3Anull%2C%22vipFlag%22%3Afalse%2C%22userJob%22%3A2%2C%22deviceId%22%3A%2237PEwMPYrDXTaEZEdYFaxb7i%22%2C%22roles%22%3A%5B%5D%7D%2C%22searchList%22%3A%5B%5D%2C%22scrollLeft%22%3A0%2C%22downloadTime%22%3A0%7D; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uSWQiOiJhZDM0NTUwNWU5NzU0NDRkOWIxMWM0M2ZlZjBhN2RkYSIsIm1lcmNoYW50QWNjdCI6InNjMDAiLCJ1c2VySWQiOiIyMDA5NjIyNjk5NjA0MzkzOTg0In0.bdt2tOADF1swp4g_M8rGMi5M6CLflZ_dBocaih1RUXw\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:04 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-2167\"\r\nExpires: Fri, 09 Jan 2026 14:16:04 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: dbaec34aa4de2daac8d3535e4ce5ace5\r\ncache-status: EXPIRED\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8551,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (8550)","md5":"cb824f90114c1b819958ff9a7e2ed206","sha1":"6f9db7618c62c19e33de9d0c5be382480374eb43","sha256":"525346b6e9d877e43ee6c12fbcbda983e9424a15582ff4a2bfde2a2a1e910a06","sha512":"e0f8904cf1f7f09da280a6a1160fa554c2ca9410e05b8b777d5d61de6f2d6b34cd29a7379aefffb3dc30bba5a86b6f853990d332e92f8140689d5136602be82f","ssdeep":"96:YnMCwaDUSxr72j7tNY9goa/CGqUMSNBJjJJj5MBthBWvPpecNgRS7DT6UTxpT4ta:og7d/9c9f2rtbf8ct","tlshash":"db028c69eba090767f17b4a94b9b84edf13c69608c00dfb1f441a0394ecbff52623659","first_seen":"2025-04-17T11:34:23.119834Z","last_seen":"2026-02-28T19:40:37.441182Z","times_seen":263,"resource_available":false,"data":null}},"time_used":950,"timings":{"blocked":263,"dns":0,"connect":0,"send":0,"wait":686,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/CvUKjgFw.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.586Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/CvUKjgFw.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:05 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-c26e\"\r\nExpires: Fri, 09 Jan 2026 14:16:05 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 836314909d517849a2a4a60caa0d48e8\r\ncache-status: EXPIRED\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":49774,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (31192)","md5":"8ec8c5a192a70d61e3c277ae4664cc45","sha1":"6dc252e536b034e7a53ed513a3b043191d8f03eb","sha256":"b27efe285bffe40caba353c36a070ad52d0a8830d1a91dece4e1407b35217d22","sha512":"c1e5e9f3d3e1e5663372285421a8d6d74a8b21bd6f5de0892ad453d4ef9744260ac040696748fc9df08b0ab2e61cc5922228f57247932327e33a44a00bb4dbaf","ssdeep":"768:ryeAV3kkJ7f2bap3ac6qPb4/9ebB1GUwtltBjT3MVLrv27YMvZ14Q9QSkeDZy/9u:rc0eHN5VL/ZdjYfh","tlshash":"18235d40b474a578e77791ec509a4842266e2f4cf024c5e0f0bd9d193be6cf4ea9d73a","first_seen":"2025-10-16T06:08:09.632355Z","last_seen":"2026-02-28T19:40:37.453217Z","times_seen":163,"resource_available":true,"data":null}},"time_used":2201,"timings":{"blocked":1694,"dns":0,"connect":0,"send":0,"wait":303,"receive":204,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/C3oxHC-_.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:04.167Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/C3oxHC-_.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:05 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-624\"\r\nExpires: Fri, 09 Jan 2026 14:16:05 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: e9bdc11d85343fdc47994a2f62ff7e23\r\ncache-status: EXPIRED\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1572,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, Unicode text, UTF-8 text, with very long lines (1555)","md5":"d02ddcb541d286d00227266bcd875593","sha1":"341099afca2cf68a720ffe4e795437e2ecc59346","sha256":"c490a6d2b1ecf560e885d68686621e1c07ce4c1b8d0b00bf222003d5ad59c897","sha512":"2584ab445b95662de5ea9e1ac141873f1cc5303e3e616b8a50ac09036a1180b82638a02b464972c718a59900773269157d134c39abde9a8b0532fd9d7870410f","ssdeep":"","tlshash":"1131110df452c5f5a593045479e46855209e3faadbb09f81f1ec0fb13b028a1ad4f750","first_seen":"2025-10-16T06:08:09.66058Z","last_seen":"2026-02-28T19:40:37.442827Z","times_seen":157,"resource_available":true,"data":null}},"time_used":1271,"timings":{"blocked":509,"dns":0,"connect":0,"send":0,"wait":762,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-10-31/22/1984267176113070080.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:05.563Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"GET /image/2025-10-31/22/1984267176113070080.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://tqyy5mv8.top/\r\nresponsetype: arraybuffer\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:05 GMT\r\ncontent-type: text/plain\r\netag: W/\"f0c92c7ef51baea52e14a86bfd6cc2c1\"\r\nlast-modified: Fri, 31 Oct 2025 14:32:16 GMT\r\nx-wasabi-cm-reference-id: 1767205861608 154.18.200.100 ConID:1266280188/EngineConID:12146603/Core:54\r\nvia: 1.1 be5e873041a47635c5cc4c628d7093a8.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: HKG54-P2\r\nx-amz-cf-id: 1ggdR4C77VuxLNMMM2AdaKpPNiKKlWqbL9IOr1YqpKgdI8ZfBcul4Q==\r\nage: 69593\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-expose-headers: *\r\nx-cache-status: HIT\r\ncontent-encoding: br\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":1018284,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"f0c92c7ef51baea52e14a86bfd6cc2c1","sha1":"6a5e0295d0b32fc795540115237073423bfb9096","sha256":"3e3717806b7740491c64b2277a97687bde7c3c5273634db1a172fcc27f23a66a","sha512":"8753b21171d09d15a234397b90e425330f5262841c06501f5bbcfa5440bab1a22cc53627555eded5aabbd0a575472a882a8577ba9414c5aa0a92dd48ff16a8e7","ssdeep":"24576:DeATinWK4ZpK5Dnz5mRSNzV+wcFiIWT96BHgBBHFWHV9QCg/S:KfNqKak9M4mIhS","tlshash":"cd2523a38b2e9c3a546c9374327f7b1803960e9ad40c50a75380b94f2b9e7871e5f56f","first_seen":"2025-10-31T16:38:34.608444Z","last_seen":"2026-02-04T06:45:44.146038Z","times_seen":1010,"resource_available":false,"data":null}},"time_used":1254,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1254,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/FNsFDHSu.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:07.136Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/FNsFDHSu.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:08 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-a71\"\r\nExpires: Fri, 09 Jan 2026 14:16:08 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: be0b48de264054e635914a1e3afc5187\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2673,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, Unicode text, UTF-8 text, with very long lines (2442)","md5":"6275a6a1b1a3ae0e8f94e3250658aba8","sha1":"b7e058556ebf6c9df86014061513297e4a75493c","sha256":"fbdb3c383001ad396be9117fd48eeaeb4691f7da03990c2910028fff89d4ba3d","sha512":"f9dd62b78ef458a7907db2de87c5b35f12ce1160894b4ef66e0208b27df18cbd4b5a7fccb2663f072c603d4a07386a9996b9c2c95b46903d256f41af2c22f7dc","ssdeep":"","tlshash":"0b5185153cefebfd95b34868301a0820b009f75b9457aae596f949113c72f658ba6321","first_seen":"2025-10-16T06:08:09.757482Z","last_seen":"2026-02-28T19:40:37.45069Z","times_seen":154,"resource_available":true,"data":null}},"time_used":999,"timings":{"blocked":787,"dns":0,"connect":0,"send":0,"wait":211,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/CLJUqehc.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:00.715Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/CLJUqehc.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-677\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 80fdd8bc94119d42c31d77e383a80d2c\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1655,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1654)","md5":"9cb8a818f13aa29052bff0efa2fb106d","sha1":"7f70099f17cb9322798cd4865fdbea83e04e7087","sha256":"88bca5ef548587790383d2a7723f36c855c04ab93afa42f5ac1b82bbd8086ac3","sha512":"9feeaaebab4a7eda46989a0d4abfd3a86fd89c1370d4bf9e1c2331c08b840cc4b58ee6d72fbca74caf62d8dc65ad82779a1dcf871cb84b0d918a01ccb910d071","ssdeep":"","tlshash":"de31f0cd31c7f0b2675698f4f127204ab72d1de024592490f1b998737922174b753969","first_seen":"2025-10-16T06:08:09.729566Z","last_seen":"2026-02-28T19:40:37.421513Z","times_seen":171,"resource_available":true,"data":null}},"time_used":787,"timings":{"blocked":583,"dns":0,"connect":0,"send":0,"wait":204,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/B1gS06j0.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:01.024Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/B1gS06j0.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/B80mK0S0.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-2eba\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 57faf8a488a9b77b360533b7219b45cf\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11962,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (11961)","md5":"73d6a683c1307703acbbae9216eeafe4","sha1":"a10aee3e906cb8521e6853a9db2524770cfe5e80","sha256":"40c07a58b51457fd0d9f5370f5f3ed7b7bd7dead64520adac534101b5a4c760f","sha512":"3ec0395146341c90b939e9b92ce8c3afd59e052830c70f6e509d4e476e671da1f25d02287ebcdc6681efc65bf386a7832759e9f3dc7e4379237f8c23b7ea3070","ssdeep":"192:LEIC7jOM2E/9w0Y+tea71HtxzyVdCLRes9tkc5JnBC6P00eVUJHHLwE:LEhjzTG0Y+te2N+CLRes9tn7PFQUJHHP","tlshash":"3e326354e040b93719e7cc8ff015ad51e74c662ac836b8f6f566a1be17bb420e312b39","first_seen":"2025-10-16T06:08:09.707744Z","last_seen":"2026-02-28T19:40:37.432816Z","times_seen":165,"resource_available":true,"data":null}},"time_used":211,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-06-13/21/1933513914136911872.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.450Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"OPTIONS /image/2025-06-13/21/1933513914136911872.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: responsetype\r\nReferer: http://tqyy5mv8.top/\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:04 GMT\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: responsetype\r\ncontent-type: text/plain\r\ncontent-length: 0\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":1225,"timings":{"blocked":786,"dns":0,"connect":0,"send":0,"wait":439,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/index.D4iD1vL-.css","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.578Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/index.D4iD1vL-.css HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278; deviceId=37PEwMPYrDXTaEZEdYFaxb7i; userStore=%7B%22info%22%3A%7B%22userId%22%3A%222009622699604393984%22%2C%22uniqueId%22%3A%22204e50f4eea5492e9eaa812b9543f557%22%2C%22phone%22%3Anull%2C%22userCode%22%3A%223338FY6W%22%2C%22nickname%22%3A%22%E6%B8%B8%E5%AE%A2%22%2C%22deviceType%22%3A3%2C%22avatar%22%3Anull%2C%22signature%22%3Anull%2C%22gender%22%3Anull%2C%22city%22%3Anull%2C%22experience%22%3Anull%2C%22expLevel%22%3Anull%2C%22account%22%3Anull%2C%22userType%22%3A0%2C%22parentCode%22%3Anull%2C%22agentCode%22%3A%22JNO2R7YK%22%2C%22agentAcct%22%3A%22sc00_03%22%2C%22masterAcct%22%3A%22sc00%22%2C%22merchantAcct%22%3A%22sc00%22%2C%22coinBalance%22%3A0%2C%22pointBalance%22%3A0%2C%22vipBegin%22%3Anull%2C%22vipEnd%22%3Anull%2C%22vipFlag%22%3Afalse%2C%22userJob%22%3A2%2C%22deviceId%22%3A%2237PEwMPYrDXTaEZEdYFaxb7i%22%2C%22roles%22%3A%5B%5D%7D%2C%22searchList%22%3A%5B%5D%2C%22scrollLeft%22%3A0%2C%22downloadTime%22%3A0%7D; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uSWQiOiJhZDM0NTUwNWU5NzU0NDRkOWIxMWM0M2ZlZjBhN2RkYSIsIm1lcmNoYW50QWNjdCI6InNjMDAiLCJ1c2VySWQiOiIyMDA5NjIyNjk5NjA0MzkzOTg0In0.bdt2tOADF1swp4g_M8rGMi5M6CLflZ_dBocaih1RUXw\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:03 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-119e\"\r\nExpires: Fri, 09 Jan 2026 14:16:03 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: e86edfb1e927b820e071dcc1319883fa\r\ncache-status: EXPIRED\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4510,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (4509)","md5":"c2c1aa6a7f5efe98884046945704608d","sha1":"fec2621797d02b7024c6c616cc442ece6f272698","sha256":"156b642247231a6bdf7e17c2d8e9413ca7ae6e5f091192e121ca6722c4d6401e","sha512":"f674f4e3776bfbe0dfadd7f0d952b5505f2b9e74745977dda076ad308355100df1ce89c26c6d98ca3dcf5fe23478b07e7d7331dc517db64cb904e24cb0e969d9","ssdeep":"96:ihg0eWSM75WmJSN1DM9M0YJMvzM9MXAGmBrnlEVd9:2AlFhkz","tlshash":"2491d296a790d9393f52f065d74a59d8b03da7238c41c6aff00c60dcddd3ab2b2a3519","first_seen":"2025-04-09T20:43:24.815628Z","last_seen":"2026-04-03T08:52:48.181488Z","times_seen":1147,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":290,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/index.D_jSjtwd.css","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.580Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/index.D_jSjtwd.css HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278; deviceId=37PEwMPYrDXTaEZEdYFaxb7i; userStore=%7B%22info%22%3A%7B%22userId%22%3A%222009622699604393984%22%2C%22uniqueId%22%3A%22204e50f4eea5492e9eaa812b9543f557%22%2C%22phone%22%3Anull%2C%22userCode%22%3A%223338FY6W%22%2C%22nickname%22%3A%22%E6%B8%B8%E5%AE%A2%22%2C%22deviceType%22%3A3%2C%22avatar%22%3Anull%2C%22signature%22%3Anull%2C%22gender%22%3Anull%2C%22city%22%3Anull%2C%22experience%22%3Anull%2C%22expLevel%22%3Anull%2C%22account%22%3Anull%2C%22userType%22%3A0%2C%22parentCode%22%3Anull%2C%22agentCode%22%3A%22JNO2R7YK%22%2C%22agentAcct%22%3A%22sc00_03%22%2C%22masterAcct%22%3A%22sc00%22%2C%22merchantAcct%22%3A%22sc00%22%2C%22coinBalance%22%3A0%2C%22pointBalance%22%3A0%2C%22vipBegin%22%3Anull%2C%22vipEnd%22%3Anull%2C%22vipFlag%22%3Afalse%2C%22userJob%22%3A2%2C%22deviceId%22%3A%2237PEwMPYrDXTaEZEdYFaxb7i%22%2C%22roles%22%3A%5B%5D%7D%2C%22searchList%22%3A%5B%5D%2C%22scrollLeft%22%3A0%2C%22downloadTime%22%3A0%7D; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uSWQiOiJhZDM0NTUwNWU5NzU0NDRkOWIxMWM0M2ZlZjBhN2RkYSIsIm1lcmNoYW50QWNjdCI6InNjMDAiLCJ1c2VySWQiOiIyMDA5NjIyNjk5NjA0MzkzOTg0In0.bdt2tOADF1swp4g_M8rGMi5M6CLflZ_dBocaih1RUXw\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:04 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-cac\"\r\nExpires: Fri, 09 Jan 2026 14:16:04 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: e78c55e9ffba373c9309b2028f358252\r\ncache-status: EXPIRED\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3244,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3243)","md5":"233e51dce44f334cfb3a3c681e21d7a0","sha1":"920aef4401045bb95d3e7b252c2dd0dd7a05332d","sha256":"20796bb18dfde564a3da81b5491267cad15f20f9dd8161c1a8675fee54ebbb4d","sha512":"34419d1ab051349461f65f307632001b958d2383e99d8615dd8550dbc6e8d40ea7deb1c0ba4bd4382e33c026a35b8aaa848f85485a7f8ebfcc9a12ee0144edd2","ssdeep":"","tlshash":"46619876a3b0a13b9f02f67dab5aa9d8f03ce7315d01b3a5b241601888c7bfd1532817","first_seen":"2025-04-17T11:34:23.133445Z","last_seen":"2026-02-28T19:40:37.429037Z","times_seen":265,"resource_available":false,"data":null}},"time_used":1037,"timings":{"blocked":265,"dns":0,"connect":0,"send":0,"wait":772,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/rQTPkNhF.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.594Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/rQTPkNhF.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:04 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-1a33\"\r\nExpires: Fri, 09 Jan 2026 14:16:04 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 6e30cb2e958803bdffad5225c13fb0d6\r\ncache-status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6707,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (6706)","md5":"f6e3c34d522ad49403460d1398d3a128","sha1":"cb60a67fba63f790c36006724a622f14f2ee6b1d","sha256":"e7dc20eca1febd0a8b5a73dcec495fb53a16f45b1f2cd567be135ae1fbf1899b","sha512":"f4509c9114a9bceebcd157cc84fc0aa8be8d18fc7451a66791ee50ae84f46eb88f14c9e2a19a14468d774ad83643e53740c1c09186681d3986e09bbdc2e953a9","ssdeep":"192:UvWjSQFRLDnxisHQSuzpF4KqN2BBeoUEfMpHzXx:4USQFtDnxiRTQKVjxE","tlshash":"30d1f9457999e477c97758e8a49e0020b9181b89e109c3b2f0be5d0d59fd8d0e1bbebc","first_seen":"2025-10-16T06:08:09.591678Z","last_seen":"2026-02-28T19:40:37.423986Z","times_seen":162,"resource_available":true,"data":null}},"time_used":1387,"timings":{"blocked":1081,"dns":0,"connect":0,"send":0,"wait":306,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/BwZF-_3D.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:07.138Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/BwZF-_3D.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:08 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 513\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nETag: \"68ef84a1-201\"\r\nExpires: Fri, 09 Jan 2026 14:16:08 GMT\r\nCache-Control: max-age=1800\r\nServer: layun.com\r\nX-Request-Id: 7f0c5ac6c8fd37d46a0a5bbfe2868e3c\r\ncache-status: EXPIRED\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":513,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, Unicode text, UTF-8 text, with very long lines (502)","md5":"55a6713cfe3d1ebda0d5373e2f93e284","sha1":"7c332f09f2890c4a96371e7326c1a32359d174a3","sha256":"5edfbd9ff24166cc6ff332974c7a3087ab016776416e528dce246dfa1924d9aa","sha512":"65144ff17abd660eb4dd489bca30389b074058f7ae3eff75475ce1b2e161cb97f4c5fb245a327da053574cf407c71181240e69258f2ec53221855813a61b33dc","ssdeep":"","tlshash":"d9f0594cf993fab8499f4558a9246854f20e3dc8a21892e3a1ad8d633601815f6e9771","first_seen":"2025-10-16T06:08:09.831143Z","last_seen":"2026-02-28T19:40:37.437533Z","times_seen":168,"resource_available":true,"data":null}},"time_used":1161,"timings":{"blocked":868,"dns":0,"connect":0,"send":0,"wait":290,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/D51WYg2P.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:07.150Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/D51WYg2P.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/WK6v7wUJ.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278; deviceId=37PEwMPYrDXTaEZEdYFaxb7i; userStore=%7B%22info%22%3A%7B%22userId%22%3A%222009622699604393984%22%2C%22uniqueId%22%3A%22204e50f4eea5492e9eaa812b9543f557%22%2C%22phone%22%3Anull%2C%22userCode%22%3A%223338FY6W%22%2C%22nickname%22%3A%22%E6%B8%B8%E5%AE%A2%22%2C%22deviceType%22%3A3%2C%22avatar%22%3Anull%2C%22signature%22%3Anull%2C%22gender%22%3Anull%2C%22city%22%3Anull%2C%22experience%22%3Anull%2C%22expLevel%22%3Anull%2C%22account%22%3Anull%2C%22userType%22%3A0%2C%22parentCode%22%3Anull%2C%22agentCode%22%3A%22JNO2R7YK%22%2C%22agentAcct%22%3A%22sc00_03%22%2C%22masterAcct%22%3A%22sc00%22%2C%22merchantAcct%22%3A%22sc00%22%2C%22coinBalance%22%3A0%2C%22pointBalance%22%3A0%2C%22vipBegin%22%3Anull%2C%22vipEnd%22%3Anull%2C%22vipFlag%22%3Afalse%2C%22userJob%22%3A2%2C%22deviceId%22%3A%2237PEwMPYrDXTaEZEdYFaxb7i%22%2C%22roles%22%3A%5B%5D%7D%2C%22searchList%22%3A%5B%5D%2C%22scrollLeft%22%3A0%2C%22downloadTime%22%3A0%7D; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uSWQiOiJhZDM0NTUwNWU5NzU0NDRkOWIxMWM0M2ZlZjBhN2RkYSIsIm1lcmNoYW50QWNjdCI6InNjMDAiLCJ1c2VySWQiOiIyMDA5NjIyNjk5NjA0MzkzOTg0In0.bdt2tOADF1swp4g_M8rGMi5M6CLflZ_dBocaih1RUXw\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:07 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-891\"\r\nExpires: Fri, 09 Jan 2026 14:16:07 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 966cfb3943cd0481838f5d4f3b7b4f96\r\ncache-status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2193,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, Unicode text, UTF-8 text, with very long lines (2018)","md5":"7480415196a9c2b525193738c98be9bb","sha1":"6ec812c786bbc0af9c09a3ac9f31e43bec5a4ee9","sha256":"711d5c25a2e2d3ae5a34d6a40463a634f0ba8ad24fb1b07e1ec1df2eb760a539","sha512":"a4f627d2a337c762f4567815de5704f1904ed7a3d6e45cd3fc178ffa2ed8a564b33faf51c3ae707174992b4024371d699d1752482e79cfa3bcbd6069305676cd","ssdeep":"","tlshash":"a84195187c6fdbfd95735d28701905297008bb9ea656eddb83f905123cb2f86c929322","first_seen":"2025-10-16T06:08:09.818887Z","last_seen":"2026-02-28T19:40:37.462258Z","times_seen":154,"resource_available":true,"data":null}},"time_used":336,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":336,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-09-25/10/1971035290427449344.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:05.588Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"GET /image/2025-09-25/10/1971035290427449344.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://tqyy5mv8.top/\r\nresponsetype: arraybuffer\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:05 GMT\r\ncontent-type: text/plain\r\nlast-modified: Thu, 25 Sep 2025 02:13:28 GMT\r\nx-wasabi-cm-reference-id: 1766901489501 154.18.200.100 ConID:1162051867/EngineConID:11186398/Core:8\r\netag: W/\"8926a0c22312809245f1ef670b1a87f3\"\r\nvia: 1.1 85e1446ec73e61adff915b5f7ea53e88.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: SIN2-P5\r\nx-amz-cf-id: Jh6sgRLg7SuIrHi7HUCSZaUJkbqlJ6UVCSOdOFjvhJt-cYcNwYVHzw==\r\nage: 81997\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-expose-headers: *\r\nx-cache-status: HIT\r\ncontent-encoding: br\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":628460,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"8926a0c22312809245f1ef670b1a87f3","sha1":"b470bd9fa96c584952ba115d8d36d24d3acb0eff","sha256":"54ace2c9125cecc17dc6d7bf81fe63e6abc702a4520a5413bac1a32432b0a4d5","sha512":"391f2593bceff807a9a800a21d1c2a21052d0ce62e8df9a371e44ad3aba41f0b510b58ca43988bf9b13b2bc8a28af415ade1ac7aa4c382bc4a0c55350d88c34f","ssdeep":"12288:ReC7sndZO+y7oMHfqj4z2WlkLS5PJxPhFxsdzPq+FoLNbfiAioZhaCQAMQVQe:MFndZ7Syjy2ve5PJzXsJy+FoLNbhavAz","tlshash":"84d423117c151ceb6758a60e77c94ad977fd1e544ce4c6fb23f8e8a2a308b12246b06b","first_seen":"2025-09-25T14:57:26.657422Z","last_seen":"2026-02-01T22:42:51.306866Z","times_seen":957,"resource_available":false,"data":null}},"time_used":1051,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1051,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/BEu6Ldxs.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:01.032Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/BEu6Ldxs.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/B80mK0S0.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 361\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nETag: \"68ef84a1-169\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nServer: layun.com\r\nX-Request-Id: 18e55391900d1ab0a868c1027681a1aa\r\ncache-status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":361,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (360)","md5":"f763a28ca57db1035abb0ecc8ad7a4bb","sha1":"3afd0e2bc2c3938f9850e11299332030473c2f02","sha256":"affa82a5bf58f5442a1ed7d9ddfab14663ed8da0420a9f279eba26e8ee20bac5","sha512":"bb116a1ccf0a133a5c9d1844221e2df5ed11f63304849fbc14a8a04ec0a2039963ef1c8487e044fc6672579dcbad6fa0b4d9ecd49ed11ea85f8f0573322251bd","ssdeep":"","tlshash":"04e0c08e4010907446a38ee457140c19d204e710b3a9dface2cc883725a6037e24e31c","first_seen":"2025-10-16T06:08:09.893475Z","last_seen":"2026-02-28T19:40:37.422208Z","times_seen":171,"resource_available":true,"data":null}},"time_used":412,"timings":{"blocked":187,"dns":0,"connect":0,"send":0,"wait":225,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/BCVGuXkS.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.593Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/BCVGuXkS.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:04 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-a99\"\r\nExpires: Fri, 09 Jan 2026 14:16:04 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 3c16d9ca05f329d23ed94fd6739d8255\r\ncache-status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2713,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (2712)","md5":"ad204076c1f5ecd255d1e83c5366221d","sha1":"9497e9d2467306cfa4ea0e5b9a804ab2ee4f3526","sha256":"dfbe4699b21e17b2eaa44b52733e4714c84b257e0cf94dddf774aca3dfa1524b","sha512":"b0621f0d4acb90f4d5ccbe95489d8dd7888d9c76c0a75d0b3bd4f023ae75309f0258d05dc1d2da72a9b1b85907749712cc0e113f8d5a83d6dec9a8eadd51b4a1","ssdeep":"","tlshash":"7b51c19327bf762107a570a50c6a1858fb0bb53938c1056ab6e9baddec4e410dd3cf30","first_seen":"2025-10-16T06:08:09.587172Z","last_seen":"2026-02-28T19:40:37.429545Z","times_seen":170,"resource_available":true,"data":null}},"time_used":1394,"timings":{"blocked":1083,"dns":0,"connect":0,"send":0,"wait":311,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/CPDf43GW.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:04.056Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/CPDf43GW.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/WK6v7wUJ.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278; deviceId=37PEwMPYrDXTaEZEdYFaxb7i; userStore=%7B%22info%22%3A%7B%22userId%22%3A%222009622699604393984%22%2C%22uniqueId%22%3A%22204e50f4eea5492e9eaa812b9543f557%22%2C%22phone%22%3Anull%2C%22userCode%22%3A%223338FY6W%22%2C%22nickname%22%3A%22%E6%B8%B8%E5%AE%A2%22%2C%22deviceType%22%3A3%2C%22avatar%22%3Anull%2C%22signature%22%3Anull%2C%22gender%22%3Anull%2C%22city%22%3Anull%2C%22experience%22%3Anull%2C%22expLevel%22%3Anull%2C%22account%22%3Anull%2C%22userType%22%3A0%2C%22parentCode%22%3Anull%2C%22agentCode%22%3A%22JNO2R7YK%22%2C%22agentAcct%22%3A%22sc00_03%22%2C%22masterAcct%22%3A%22sc00%22%2C%22merchantAcct%22%3A%22sc00%22%2C%22coinBalance%22%3A0%2C%22pointBalance%22%3A0%2C%22vipBegin%22%3Anull%2C%22vipEnd%22%3Anull%2C%22vipFlag%22%3Afalse%2C%22userJob%22%3A2%2C%22deviceId%22%3A%2237PEwMPYrDXTaEZEdYFaxb7i%22%2C%22roles%22%3A%5B%5D%7D%2C%22searchList%22%3A%5B%5D%2C%22scrollLeft%22%3A0%2C%22downloadTime%22%3A0%7D; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uSWQiOiJhZDM0NTUwNWU5NzU0NDRkOWIxMWM0M2ZlZjBhN2RkYSIsIm1lcmNoYW50QWNjdCI6InNjMDAiLCJ1c2VySWQiOiIyMDA5NjIyNjk5NjA0MzkzOTg0In0.bdt2tOADF1swp4g_M8rGMi5M6CLflZ_dBocaih1RUXw\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:04 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-1e95\"\r\nExpires: Fri, 09 Jan 2026 14:16:04 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 26f585c62d5a3ec770eb3653523aec46\r\ncache-status: EXPIRED\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7829,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, Unicode text, UTF-8 text, with very long lines (7774)","md5":"36c5e2dd114338219a6686fc200a2121","sha1":"05b49724af447508ff0c5ac8b0cc3e992064f9a0","sha256":"2b7d325c193726264e5bfd3e9c6949dd2d8113bdab918345d2c8f381ff2450cf","sha512":"0028ed8074fb16bdfffba356523a6e0bf246b5f4a8cdbc0410112c095f3dc02870ea9f3854e2a8841736ab65adeaaeae984d33ac0d9c0d348d240c29154a9a04","ssdeep":"192:qoZzPizhY9CHxYQqcyY4v/d/eLrDn1GWkecVf7nq/rQgrg2R:qoZzqzacHq2r/Dn1GBecVDnq/rQbC","tlshash":"40f1f84cb03e44fdf276581886990483230c3b1ba1ba8de676f96f362351c5661bef75","first_seen":"2025-10-16T06:08:09.71159Z","last_seen":"2026-02-28T19:40:37.459337Z","times_seen":164,"resource_available":true,"data":null}},"time_used":548,"timings":{"blocked":228,"dns":0,"connect":0,"send":0,"wait":320,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/BCVGuXkS.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:06.171Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/BCVGuXkS.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/CvUKjgFw.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278; deviceId=37PEwMPYrDXTaEZEdYFaxb7i; userStore=%7B%22info%22%3A%7B%22userId%22%3A%222009622699604393984%22%2C%22uniqueId%22%3A%22204e50f4eea5492e9eaa812b9543f557%22%2C%22phone%22%3Anull%2C%22userCode%22%3A%223338FY6W%22%2C%22nickname%22%3A%22%E6%B8%B8%E5%AE%A2%22%2C%22deviceType%22%3A3%2C%22avatar%22%3Anull%2C%22signature%22%3Anull%2C%22gender%22%3Anull%2C%22city%22%3Anull%2C%22experience%22%3Anull%2C%22expLevel%22%3Anull%2C%22account%22%3Anull%2C%22userType%22%3A0%2C%22parentCode%22%3Anull%2C%22agentCode%22%3A%22JNO2R7YK%22%2C%22agentAcct%22%3A%22sc00_03%22%2C%22masterAcct%22%3A%22sc00%22%2C%22merchantAcct%22%3A%22sc00%22%2C%22coinBalance%22%3A0%2C%22pointBalance%22%3A0%2C%22vipBegin%22%3Anull%2C%22vipEnd%22%3Anull%2C%22vipFlag%22%3Afalse%2C%22userJob%22%3A2%2C%22deviceId%22%3A%2237PEwMPYrDXTaEZEdYFaxb7i%22%2C%22roles%22%3A%5B%5D%7D%2C%22searchList%22%3A%5B%5D%2C%22scrollLeft%22%3A0%2C%22downloadTime%22%3A0%7D; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uSWQiOiJhZDM0NTUwNWU5NzU0NDRkOWIxMWM0M2ZlZjBhN2RkYSIsIm1lcmNoYW50QWNjdCI6InNjMDAiLCJ1c2VySWQiOiIyMDA5NjIyNjk5NjA0MzkzOTg0In0.bdt2tOADF1swp4g_M8rGMi5M6CLflZ_dBocaih1RUXw\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:06 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-a99\"\r\nExpires: Fri, 09 Jan 2026 14:16:06 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 8d0af5c4f7acac79235c66219a4c1804\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2713,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (2712)","md5":"ad204076c1f5ecd255d1e83c5366221d","sha1":"9497e9d2467306cfa4ea0e5b9a804ab2ee4f3526","sha256":"dfbe4699b21e17b2eaa44b52733e4714c84b257e0cf94dddf774aca3dfa1524b","sha512":"b0621f0d4acb90f4d5ccbe95489d8dd7888d9c76c0a75d0b3bd4f023ae75309f0258d05dc1d2da72a9b1b85907749712cc0e113f8d5a83d6dec9a8eadd51b4a1","ssdeep":"","tlshash":"7b51c19327bf762107a570a50c6a1858fb0bb53938c1056ab6e9baddec4e410dd3cf30","first_seen":"2025-10-16T06:08:09.587172Z","last_seen":"2026-02-28T19:40:37.429545Z","times_seen":170,"resource_available":true,"data":null}},"time_used":211,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/CJJ_gbVK.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:00.737Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/CJJ_gbVK.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:02 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-e90\"\r\nExpires: Fri, 09 Jan 2026 14:16:02 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 13fd70c6cc6fdbe6e1d13fb8e56a73be\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3728,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, Unicode text, UTF-8 text, with very long lines (3667)","md5":"9d28df8087a048d071d95ca848c5ce45","sha1":"ddfce97c7e04915ecf4102cab5fe45fdc3bb37be","sha256":"4c5314fc020ee5c9d8ff1f4f1822513d7b7e276730a54c4c884cbaf50d6e4de3","sha512":"1e8173883febbdfc0205faec8d2ed70f3987ba6d484837c78fee28f39ee170bc43cad7354403e7b4733ea3a8dbaaa5587f73c3069b35611c7fa2a13db3fc52e7","ssdeep":"","tlshash":"f871658eb821dabcf1f3507550749408921c5f8df1b94696f0bc9c613a55c7aaadc36c","first_seen":"2025-10-16T06:08:09.561146Z","last_seen":"2026-02-28T19:40:37.473594Z","times_seen":170,"resource_available":true,"data":null}},"time_used":1371,"timings":{"blocked":1168,"dns":0,"connect":0,"send":0,"wait":203,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/CcQyTwoe.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:01.038Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/CcQyTwoe.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/B80mK0S0.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-88b\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: c238f38225a1fa18b0d908a44d421282\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2187,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (2186)","md5":"1b2c034e197bfc0aea2ea45e6a48d012","sha1":"d5e939b0ba487754751c00c2fe105d34d32b887b","sha256":"861143863498586d04fc4b62b782782327dd6902040f20bf56ee0c1d23f199e3","sha512":"a9b382c4f44d44f4c97faed6c54c9935085af899bf8ed0c1a8f1e89160f16702a7f026b90718390932b8390a5f6107b26b226bf5639338b63fcd577ee809a9be","ssdeep":"","tlshash":"ce4197cc46f94e74df9a014360540d23bc690e84a03b84e5e7bd0c48a7442c9a3fff0a","first_seen":"2025-10-16T06:08:09.746895Z","last_seen":"2026-02-28T19:40:37.438636Z","times_seen":165,"resource_available":true,"data":null}},"time_used":596,"timings":{"blocked":385,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-11-11/19/1988202816827547648.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.460Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"OPTIONS /image/2025-11-11/19/1988202816827547648.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: responsetype\r\nReferer: http://tqyy5mv8.top/\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:04 GMT\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: responsetype\r\ncontent-type: text/plain\r\ncontent-length: 0\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":1216,"timings":{"blocked":776,"dns":0,"connect":0,"send":0,"wait":440,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-09-25/10/1971035290427449344.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.526Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"OPTIONS /image/2025-09-25/10/1971035290427449344.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: responsetype\r\nReferer: http://tqyy5mv8.top/\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:04 GMT\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: responsetype\r\ncontent-type: text/plain\r\ncontent-length: 0\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":1239,"timings":{"blocked":713,"dns":0,"connect":0,"send":0,"wait":526,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/n7Z_Ltok.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.590Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/n7Z_Ltok.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:05 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-2162\"\r\nExpires: Fri, 09 Jan 2026 14:16:05 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 763403dbf0eb356519074fde6e9182f5\r\ncache-status: EXPIRED\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8546,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (8545)","md5":"601df375fefdf23d996e629ec08c2d8c","sha1":"0759aea946fc942f1d0033cf8797a07d621eae01","sha256":"63f471ecbf1c0211f0a9b281c3d6a4e2bac2d35fb62677445624b20a6c041858","sha512":"c62913917e2d560532d29e2fc8034b1c6cfbd30dbc36381e825e252354ca93797d3f401b6d23d7403208b060bb9bc2b6b51f395c0665f723e9072b32d28a187a","ssdeep":"192:uXX84mprN5N4L1qPYVQlx3VEMYp/zWyOSLRGXJIx822Rue7LRSPkLQ41u9VEP:ucfL5N4L/VcxVAdROSLsXJIoke7L9LQI","tlshash":"4a022b94f848a9b7d7ba65a41018408052682fd4f027cad8f03f7d2b27dc9d43abae19","first_seen":"2025-10-16T06:08:09.565139Z","last_seen":"2026-02-28T19:40:37.466572Z","times_seen":170,"resource_available":true,"data":null}},"time_used":2151,"timings":{"blocked":1392,"dns":0,"connect":0,"send":0,"wait":758,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-11-29/16/1994677896147361792.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:05.567Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"GET /image/2025-11-29/16/1994677896147361792.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://tqyy5mv8.top/\r\nresponsetype: arraybuffer\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:05 GMT\r\ncontent-type: text/plain\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-expose-headers: Date, Etag, Content-Length, Accept-Ranges, Content-Range, Server, Location, X-Amz-Version-Id, X-Amz-Checksum-Crc32, X-Amz-Checksum-Crc32c, X-Amz-Checksum-Crc64nvme, X-Amz-Checksum-Sha1, X-Amz-Checksum-Sha256\r\naccess-control-max-age: 86400\r\nlast-modified: Sat, 29 Nov 2025 08:00:45 GMT\r\nx-wasabi-cm-reference-id: 1766654279834 154.18.200.102 ConID:1088694639/EngineConID:10711964/Core:2\r\netag: W/\"893b79a3591fe0c92cdb1f78f76113ba\"\r\nvia: 1.1 bbfe3bf39152acbbb5b1b43203a512ca.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: HKG54-P2\r\nx-amz-cf-id: 3L7TjrMnA1MW87Vx7RrHCmwzAOlsNprAXxrCovo-bXiNzjv1oe2ijA==\r\nage: 20049\r\nx-cache-status: HIT\r\ncontent-encoding: br\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":354752,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"893b79a3591fe0c92cdb1f78f76113ba","sha1":"35f25046c764d46a0102648840ad3be3fb98536b","sha256":"a8d0f6f131cbe56b2e300f7ff18df59d53e891fde2d476549c4dab1a23e7ab6a","sha512":"453fe84029665c1e891e717e5adf0dcec4c71956dc88789b012352a08c9ab1f1ca2c5f66259760cbb856fa06d01ed478a6fa4878c25328b081e472f02e3e484d","ssdeep":"6144:TFhKbAEGAmG8P5FshdKbJhAKghMjaHuz2XyMIauf4yWOjPK4iJGE11:TF/BfGQbs2hAbhMjZUCaufFPiGE11","tlshash":"5c7423019fee1ea7da75c33d78ad0d48ac6d5ce109497d426540bbc73ff482688faa09","first_seen":"2025-11-29T11:18:08.721938Z","last_seen":"2026-01-30T06:30:15.019554Z","times_seen":854,"resource_available":false,"data":null}},"time_used":1185,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1185,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-12-19/13/2001884245369282560.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:05.610Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"GET /image/2025-12-19/13/2001884245369282560.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://tqyy5mv8.top/\r\nresponsetype: arraybuffer\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:05 GMT\r\ncontent-type: text/plain\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-expose-headers: Date, Etag, Content-Length, Accept-Ranges, Content-Range, Server, Location, X-Amz-Version-Id, X-Amz-Checksum-Crc32, X-Amz-Checksum-Crc32c, X-Amz-Checksum-Crc64nvme, X-Amz-Checksum-Sha1, X-Amz-Checksum-Sha256\r\naccess-control-max-age: 86400\r\netag: W/\"5db1050d4d552314dbfe8a24551f202f\"\r\nlast-modified: Fri, 19 Dec 2025 05:16:12 GMT\r\nx-wasabi-cm-reference-id: 1767275400445 154.18.200.104 ConID:447933822/EngineConID:4323806/Core:24\r\nvia: 1.1 bce9c7b70fec2e49575721b4707fb37a.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: HKG54-P2\r\nx-amz-cf-id: V5xBE4V8m5UxagzP_TrMBwPsc5qd3gI6ZBgfw7fhAoEdgowKI11Mfw==\r\nx-cache-status: HIT\r\ncontent-encoding: br\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":1255384,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"65f9306266788cc9a4c10eaacc1520ea","sha1":"b4dc6a91635e3154b51b45ce5799b27077206a07","sha256":"148302019b325fb65ecf4db7476c567f7c5b4c51661c3db686d6630102cddb43","sha512":"36db32461ad75375d4c9a4e14aa848d9b949d07d20aaf0f8003fe6717dfaf80a8373ccd97c824a8c467ded097407a667d2fe12eba10d0289155ea7abee5326f7","ssdeep":"24576:7nLRctAdy+ssq0LUz29U5Ir8NP0wQPpnoPfyVyJCVVjvNRJeMXxx:rL3E+ssWKo6zpoHyVhjThx","tlshash":"c32533a17faf2e8e8d2c116c74222f5a67751e67c0a7d6fc537830870e62b8591bbc14","first_seen":"2025-12-19T07:57:46.434596Z","last_seen":"2026-03-26T10:37:42.937124Z","times_seen":415,"resource_available":false,"data":null}},"time_used":915,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":915,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/D00SvkOZ.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:08.261Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/D00SvkOZ.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/KGeZgdKO.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278; deviceId=37PEwMPYrDXTaEZEdYFaxb7i; userStore=%7B%22info%22%3A%7B%22userId%22%3A%222009622699604393984%22%2C%22uniqueId%22%3A%22204e50f4eea5492e9eaa812b9543f557%22%2C%22phone%22%3Anull%2C%22userCode%22%3A%223338FY6W%22%2C%22nickname%22%3A%22%E6%B8%B8%E5%AE%A2%22%2C%22deviceType%22%3A3%2C%22avatar%22%3Anull%2C%22signature%22%3Anull%2C%22gender%22%3Anull%2C%22city%22%3Anull%2C%22experience%22%3Anull%2C%22expLevel%22%3Anull%2C%22account%22%3Anull%2C%22userType%22%3A0%2C%22parentCode%22%3Anull%2C%22agentCode%22%3A%22JNO2R7YK%22%2C%22agentAcct%22%3A%22sc00_03%22%2C%22masterAcct%22%3A%22sc00%22%2C%22merchantAcct%22%3A%22sc00%22%2C%22coinBalance%22%3A0%2C%22pointBalance%22%3A0%2C%22vipBegin%22%3Anull%2C%22vipEnd%22%3Anull%2C%22vipFlag%22%3Afalse%2C%22userJob%22%3A2%2C%22deviceId%22%3A%2237PEwMPYrDXTaEZEdYFaxb7i%22%2C%22roles%22%3A%5B%5D%7D%2C%22searchList%22%3A%5B%5D%2C%22scrollLeft%22%3A0%2C%22downloadTime%22%3A0%7D; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uSWQiOiJhZDM0NTUwNWU5NzU0NDRkOWIxMWM0M2ZlZjBhN2RkYSIsIm1lcmNoYW50QWNjdCI6InNjMDAiLCJ1c2VySWQiOiIyMDA5NjIyNjk5NjA0MzkzOTg0In0.bdt2tOADF1swp4g_M8rGMi5M6CLflZ_dBocaih1RUXw\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:08 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-10347\"\r\nExpires: Fri, 09 Jan 2026 14:16:08 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: d463d9f1b0722781cc2ebaf1d4b93190\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":66375,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (24383)","md5":"92cc1fd9dcb9e844070b8e343d172020","sha1":"cdce0a602d631104b73c77f24712b50188b6ee8e","sha256":"5728f5968e19cffab28a3f34de7f794627e1b18254c6db16c02ae12c5049c316","sha512":"1f835393f035b1aaeb22dc68822a9064c162fb64042290001fbad2986dd7dc4797ee67a3ccd0c8ed6131a311d1ea19e7b32fa33cfa5705a58abc3852f3555d5f","ssdeep":"768:7onQclkeAyltuHUSMO64WKMsgrTyBkcOYJSxv5JTDIfXSg2HxyYt+xM/M+xDZeYo:7WvltuHBMO6jPvTjyc4jDD7Nez0","tlshash":"215318a9354131376bd845d060eb2816703468287d4c90ecb97de9db5aa2a0e50ffffe","first_seen":"2025-10-16T06:08:09.596693Z","last_seen":"2026-02-28T19:40:37.443949Z","times_seen":164,"resource_available":true,"data":null}},"time_used":438,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":214,"receive":224,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/Dh5MGw4w.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:00.696Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/Dh5MGw4w.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-58c\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 9b1aeb69cd156f543df878be50fa8a66\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1420,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (1419)","md5":"c383980eeeb59fb4cd3f3d2e59e4eb8b","sha1":"040ee3cd7b691b4012202519f4d36f2811ac6b37","sha256":"23ce21c96f0d0e8f007d476d4e331019197b0fead912967af13062db338ada93","sha512":"1f076877483aa3f409a071309c0584ec4118a582c157992cb5d397d9759ed2f86911c5d3522dceda35f9298c1780a52074b774c02c392a78716442f657adb923","ssdeep":"","tlshash":"752146099499cb7e8aa20cb415785804271c5f48e93dc6d0e6bc1a77a787570b609728","first_seen":"2025-10-16T06:08:09.862004Z","last_seen":"2026-02-28T19:40:37.439725Z","times_seen":171,"resource_available":true,"data":null}},"time_used":643,"timings":{"blocked":198,"dns":20,"connect":211,"send":0,"wait":214,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/DYOUx22v.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:06.170Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/DYOUx22v.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/CvUKjgFw.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278; deviceId=37PEwMPYrDXTaEZEdYFaxb7i; userStore=%7B%22info%22%3A%7B%22userId%22%3A%222009622699604393984%22%2C%22uniqueId%22%3A%22204e50f4eea5492e9eaa812b9543f557%22%2C%22phone%22%3Anull%2C%22userCode%22%3A%223338FY6W%22%2C%22nickname%22%3A%22%E6%B8%B8%E5%AE%A2%22%2C%22deviceType%22%3A3%2C%22avatar%22%3Anull%2C%22signature%22%3Anull%2C%22gender%22%3Anull%2C%22city%22%3Anull%2C%22experience%22%3Anull%2C%22expLevel%22%3Anull%2C%22account%22%3Anull%2C%22userType%22%3A0%2C%22parentCode%22%3Anull%2C%22agentCode%22%3A%22JNO2R7YK%22%2C%22agentAcct%22%3A%22sc00_03%22%2C%22masterAcct%22%3A%22sc00%22%2C%22merchantAcct%22%3A%22sc00%22%2C%22coinBalance%22%3A0%2C%22pointBalance%22%3A0%2C%22vipBegin%22%3Anull%2C%22vipEnd%22%3Anull%2C%22vipFlag%22%3Afalse%2C%22userJob%22%3A2%2C%22deviceId%22%3A%2237PEwMPYrDXTaEZEdYFaxb7i%22%2C%22roles%22%3A%5B%5D%7D%2C%22searchList%22%3A%5B%5D%2C%22scrollLeft%22%3A0%2C%22downloadTime%22%3A0%7D; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uSWQiOiJhZDM0NTUwNWU5NzU0NDRkOWIxMWM0M2ZlZjBhN2RkYSIsIm1lcmNoYW50QWNjdCI6InNjMDAiLCJ1c2VySWQiOiIyMDA5NjIyNjk5NjA0MzkzOTg0In0.bdt2tOADF1swp4g_M8rGMi5M6CLflZ_dBocaih1RUXw\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:06 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 91\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nETag: \"68ef84a1-5b\"\r\nExpires: Fri, 09 Jan 2026 14:16:06 GMT\r\nCache-Control: max-age=1800\r\nServer: layun.com\r\nX-Request-Id: 3ee9080c33e54ecbaf6809444a0d2995\r\ncache-status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":91,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text","md5":"37af3e7d594b240dd85a51a4eb2070c0","sha1":"b4ccfdda617c5f63100079248a628d4e14fe2e6d","sha256":"4d6727fbbb9454c565702a256b233fc3779a338a96c72a7f897848404d23b171","sha512":"baf2a6c268a2b26b3fc48a79d6fb6e6373658215b7553868ef1090684bfb17b307cd28aad369e508810aa767dbd6c32a0f241e26c84be8e313bcd9096945f54f","ssdeep":"","tlshash":"3eb0120f044010394447088c23081432431058492bb519e052548a011761082a04eb02","first_seen":"2025-10-16T06:08:09.844914Z","last_seen":"2026-02-28T19:40:37.426032Z","times_seen":170,"resource_available":true,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/O2p0eN2I.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:06.173Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/O2p0eN2I.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/CvUKjgFw.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278; deviceId=37PEwMPYrDXTaEZEdYFaxb7i; userStore=%7B%22info%22%3A%7B%22userId%22%3A%222009622699604393984%22%2C%22uniqueId%22%3A%22204e50f4eea5492e9eaa812b9543f557%22%2C%22phone%22%3Anull%2C%22userCode%22%3A%223338FY6W%22%2C%22nickname%22%3A%22%E6%B8%B8%E5%AE%A2%22%2C%22deviceType%22%3A3%2C%22avatar%22%3Anull%2C%22signature%22%3Anull%2C%22gender%22%3Anull%2C%22city%22%3Anull%2C%22experience%22%3Anull%2C%22expLevel%22%3Anull%2C%22account%22%3Anull%2C%22userType%22%3A0%2C%22parentCode%22%3Anull%2C%22agentCode%22%3A%22JNO2R7YK%22%2C%22agentAcct%22%3A%22sc00_03%22%2C%22masterAcct%22%3A%22sc00%22%2C%22merchantAcct%22%3A%22sc00%22%2C%22coinBalance%22%3A0%2C%22pointBalance%22%3A0%2C%22vipBegin%22%3Anull%2C%22vipEnd%22%3Anull%2C%22vipFlag%22%3Afalse%2C%22userJob%22%3A2%2C%22deviceId%22%3A%2237PEwMPYrDXTaEZEdYFaxb7i%22%2C%22roles%22%3A%5B%5D%7D%2C%22searchList%22%3A%5B%5D%2C%22scrollLeft%22%3A0%2C%22downloadTime%22%3A0%7D; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uSWQiOiJhZDM0NTUwNWU5NzU0NDRkOWIxMWM0M2ZlZjBhN2RkYSIsIm1lcmNoYW50QWNjdCI6InNjMDAiLCJ1c2VySWQiOiIyMDA5NjIyNjk5NjA0MzkzOTg0In0.bdt2tOADF1swp4g_M8rGMi5M6CLflZ_dBocaih1RUXw\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:06 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-13ec\"\r\nExpires: Fri, 09 Jan 2026 14:16:06 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 7f14e1ab0b9d1b390ffa2092206ea9a7\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5100,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (5099)","md5":"d5ec1d145b31fc1d368d1632c569e65c","sha1":"bc5007ec749c716aa9988ecac2a0e7c4adefa5f7","sha256":"8e486193f148311ddd976913a44cbde699cdbbe8fc301f7d5be61b1529b5a14b","sha512":"c039034775aef251bfdac85a884a9d138dd7d7bdb8247b18a8bbc2c53863781933e9e8bf979f9aa17abfe857fecdccabe0f23a0bee5611c54689a30a5deca145","ssdeep":"96:4yJqHoUq19XA/uX948XtZ9v7Ab95c56IBziMjXZ2ByKKlV7FU7U42H6jPm5uv:Dkq1AG9TdLv7AZOIIh1LZ29KZ6Dm0v","tlshash":"cdb1a4d57181f8b3d738e6ce005101e097ae97d03029c6edb15f8e03261acb866faa1e","first_seen":"2025-10-16T06:08:09.782718Z","last_seen":"2026-02-28T19:40:37.478745Z","times_seen":170,"resource_available":true,"data":null}},"time_used":206,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":206,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/ClPwa5ej.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:00.702Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/ClPwa5ej.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-12c6\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: e85dea32c108c79b2f0d7bab23bd7f54\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4806,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (4805)","md5":"14add27a5a9186f3f4000b09f74f4245","sha1":"eb62386590dc3af076b242fd687e66b4aa599fe2","sha256":"b5eb4d5d4e64c74ad6b85c1df6dc12ee941675938e4b6c3af7c1adaad8c7d055","sha512":"709eda9c0621ee40efa0dbb37debbcfd8387c85708e71c9d6dc0caee8f200dbfcca80cc8a3b826da91c8c1b3d8e200d8830d1965602500dd2b452287f086a875","ssdeep":"96:oL1gZjXxJZzEVWDuPlBtW8Aw+sEeaa285k/wOFkQFwgHL:oL1gZjh3zEVRNBw8Aw+jea2AHL","tlshash":"aba1b6087540bc762b9769ce94971485b2141faad0b579e150af6cb83388d24a3ae33b","first_seen":"2025-10-16T06:08:09.622993Z","last_seen":"2026-02-28T19:40:37.452354Z","times_seen":165,"resource_available":true,"data":null}},"time_used":631,"timings":{"blocked":193,"dns":15,"connect":211,"send":0,"wait":212,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/C08VCnG4.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:00.706Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/C08VCnG4.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-1ea4\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 2fe5a8809a9567beb07dd663146c0ad1\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7844,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (4037)","md5":"859d861a262b441aca2e2b73829a898e","sha1":"30f71c696be84050440693a70767edd06c8f002c","sha256":"7f83fcc5c0dfbae734ae979570ba603f25a75117fd20203fb5cd4419809b6361","sha512":"7ac80f4ccaad4527da566b23d9f34744a419c15de7de832d9f3fdd0f4e8850cc6183e51ac87b36f42020a9b7b793c9c075a75c64a5ae80d3ae0a5643120b74c8","ssdeep":"192:K/NHM4sR4IDgBtxFD08DNDwAho7TaIYarQQpVxaF+CL4AnwVTJB64Spvkl3olr:KVHORbDg5FD08DNDwqo7GqBVxaF+64A5","tlshash":"4ff1e7f831c5707e63611ce0907e5404a54aef41b696c4e5e12fecb22cf245a227be3d","first_seen":"2025-10-16T06:08:09.986626Z","last_seen":"2026-02-28T19:40:37.468109Z","times_seen":171,"resource_available":true,"data":null}},"time_used":612,"timings":{"blocked":400,"dns":0,"connect":0,"send":0,"wait":211,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/FzNlH25k.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:01.039Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/FzNlH25k.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/B80mK0S0.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-77e\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: ba07f6e5a8d27b8f9ff3ee6b007dffc5\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1918,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (1917)","md5":"103da67b05cf794eebd8670565621b1d","sha1":"4bd434cf4b3c06e2ee050598e8ea3e09a2739c08","sha256":"43ed64f520240c3708a5937ee2a50fa69a07c05f01836816bfca9a2558b90a63","sha512":"2bf253199c7518fed8cb7a360ec3ab10815949d7b0e49fa47062265b3ce7e06405446718dae7796d942e3ad7f3c4e59d10ff43c80573bfaa3360c97e4e8800a4","ssdeep":"","tlshash":"06416dde35d5b7e9e28270b0f46f0146a2288b98499e5cf2b11af1c47930439a17bd6c","first_seen":"2025-10-16T06:08:09.651772Z","last_seen":"2026-02-28T19:40:37.439188Z","times_seen":171,"resource_available":true,"data":null}},"time_used":632,"timings":{"blocked":407,"dns":0,"connect":0,"send":0,"wait":225,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-12-22/20/2003086460528353280.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.507Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"OPTIONS /image/2025-12-22/20/2003086460528353280.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: responsetype\r\nReferer: http://tqyy5mv8.top/\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:04 GMT\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: responsetype\r\ncontent-type: text/plain\r\ncontent-length: 0\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":1250,"timings":{"blocked":730,"dns":0,"connect":0,"send":0,"wait":520,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/images/avatar.jpg","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.599Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/avatar.jpg HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278; deviceId=37PEwMPYrDXTaEZEdYFaxb7i; userStore=%7B%22info%22%3A%7B%22userId%22%3A%222009622699604393984%22%2C%22uniqueId%22%3A%22204e50f4eea5492e9eaa812b9543f557%22%2C%22phone%22%3Anull%2C%22userCode%22%3A%223338FY6W%22%2C%22nickname%22%3A%22%E6%B8%B8%E5%AE%A2%22%2C%22deviceType%22%3A3%2C%22avatar%22%3Anull%2C%22signature%22%3Anull%2C%22gender%22%3Anull%2C%22city%22%3Anull%2C%22experience%22%3Anull%2C%22expLevel%22%3Anull%2C%22account%22%3Anull%2C%22userType%22%3A0%2C%22parentCode%22%3Anull%2C%22agentCode%22%3A%22JNO2R7YK%22%2C%22agentAcct%22%3A%22sc00_03%22%2C%22masterAcct%22%3A%22sc00%22%2C%22merchantAcct%22%3A%22sc00%22%2C%22coinBalance%22%3A0%2C%22pointBalance%22%3A0%2C%22vipBegin%22%3Anull%2C%22vipEnd%22%3Anull%2C%22vipFlag%22%3Afalse%2C%22userJob%22%3A2%2C%22deviceId%22%3A%2237PEwMPYrDXTaEZEdYFaxb7i%22%2C%22roles%22%3A%5B%5D%7D%2C%22searchList%22%3A%5B%5D%2C%22scrollLeft%22%3A0%2C%22downloadTime%22%3A0%7D; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uSWQiOiJhZDM0NTUwNWU5NzU0NDRkOWIxMWM0M2ZlZjBhN2RkYSIsIm1lcmNoYW50QWNjdCI6InNjMDAiLCJ1c2VySWQiOiIyMDA5NjIyNjk5NjA0MzkzOTg0In0.bdt2tOADF1swp4g_M8rGMi5M6CLflZ_dBocaih1RUXw\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:05 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 5728\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:22 GMT\r\nETag: \"68ef84a2-1660\"\r\nExpires: Fri, 09 Jan 2026 14:16:05 GMT\r\nCache-Control: max-age=1800\r\nServer: layun.com\r\nX-Request-Id: 9bb5c0e814a295de73655d1ebb0cd1b9\r\ncache-status: EXPIRED\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5728,"size_decoded":0,"mime_type":"image/jpeg","magic":"PNG image data, 200 x 200, 8-bit colormap, non-interlaced","md5":"b68689835255ba0990c480c895a4bf66","sha1":"9d22513d183f3b9244bfce9eb9d00dfb68ff2d5f","sha256":"4efd44b1b593ae28611719ba640c4ee403d6869dbf35030bcf62e0e86ef91580","sha512":"c07a14826e698fe2a2be62e803b256b9bbe83bf62fb62006b171b00e269c1886d1e8c65c4c377911202b38ab9ba03fa80a6a4af95fe79e3cbe9d4477d839dbc7","ssdeep":"96:0UNfOl5Jl69Z1A9H9A4S6LJNe0bYhxDYoRhoQ+cmy4wAYD+3MqJJeGZ0iqjF:0YmP6189I6K06xDYoRr+c/D+3RTqR","tlshash":"53c17e7f09c681ad4319278da7f82e02ef6f3299a3e319dfb8e911613db920459cc105","first_seen":"2023-12-05T11:56:27Z","last_seen":"2026-04-03T08:52:48.144771Z","times_seen":1112,"resource_available":false,"data":null}},"time_used":1785,"timings":{"blocked":1077,"dns":0,"connect":0,"send":0,"wait":707,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/C3oxHC-_.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:05.681Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/C3oxHC-_.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/CLY0Q4BU.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278; deviceId=37PEwMPYrDXTaEZEdYFaxb7i; userStore=%7B%22info%22%3A%7B%22userId%22%3A%222009622699604393984%22%2C%22uniqueId%22%3A%22204e50f4eea5492e9eaa812b9543f557%22%2C%22phone%22%3Anull%2C%22userCode%22%3A%223338FY6W%22%2C%22nickname%22%3A%22%E6%B8%B8%E5%AE%A2%22%2C%22deviceType%22%3A3%2C%22avatar%22%3Anull%2C%22signature%22%3Anull%2C%22gender%22%3Anull%2C%22city%22%3Anull%2C%22experience%22%3Anull%2C%22expLevel%22%3Anull%2C%22account%22%3Anull%2C%22userType%22%3A0%2C%22parentCode%22%3Anull%2C%22agentCode%22%3A%22JNO2R7YK%22%2C%22agentAcct%22%3A%22sc00_03%22%2C%22masterAcct%22%3A%22sc00%22%2C%22merchantAcct%22%3A%22sc00%22%2C%22coinBalance%22%3A0%2C%22pointBalance%22%3A0%2C%22vipBegin%22%3Anull%2C%22vipEnd%22%3Anull%2C%22vipFlag%22%3Afalse%2C%22userJob%22%3A2%2C%22deviceId%22%3A%2237PEwMPYrDXTaEZEdYFaxb7i%22%2C%22roles%22%3A%5B%5D%7D%2C%22searchList%22%3A%5B%5D%2C%22scrollLeft%22%3A0%2C%22downloadTime%22%3A0%7D; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uSWQiOiJhZDM0NTUwNWU5NzU0NDRkOWIxMWM0M2ZlZjBhN2RkYSIsIm1lcmNoYW50QWNjdCI6InNjMDAiLCJ1c2VySWQiOiIyMDA5NjIyNjk5NjA0MzkzOTg0In0.bdt2tOADF1swp4g_M8rGMi5M6CLflZ_dBocaih1RUXw\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:05 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-624\"\r\nExpires: Fri, 09 Jan 2026 14:16:05 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 02bfa32254328321c4754519f3f20194\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1572,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, Unicode text, UTF-8 text, with very long lines (1555)","md5":"d02ddcb541d286d00227266bcd875593","sha1":"341099afca2cf68a720ffe4e795437e2ecc59346","sha256":"c490a6d2b1ecf560e885d68686621e1c07ce4c1b8d0b00bf222003d5ad59c897","sha512":"2584ab445b95662de5ea9e1ac141873f1cc5303e3e616b8a50ac09036a1180b82638a02b464972c718a59900773269157d134c39abde9a8b0532fd9d7870410f","ssdeep":"","tlshash":"1131110df452c5f5a593045479e46855209e3faadbb09f81f1ec0fb13b028a1ad4f750","first_seen":"2025-10-16T06:08:09.66058Z","last_seen":"2026-02-28T19:40:37.442827Z","times_seen":157,"resource_available":true,"data":null}},"time_used":233,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":232,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/index.BHJMvqfg.css","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:45:59.169Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/index.BHJMvqfg.css HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:45:59 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-7b9\"\r\nExpires: Fri, 09 Jan 2026 14:15:59 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 4758c22a0617f29ea113870bbf375fcf\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1977,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1976)","md5":"71f4b3d21e0ad214dfca33a39fee5d62","sha1":"d6f1ebe465b7a3ee66220005ba709e39d53c1023","sha256":"f840ad25ed21367359f4a3b06c60d40147c9af78e5a148818899829ff3a46cf4","sha512":"d45f627b33b92b7732acc7f511edf381147463cb218ef02647177f8f8f87536e8f65aab583a533d9066b800990e75cf1598a17c86c8ca3611b7eae3a1a091e2f","ssdeep":"","tlshash":"8e4169d85580ba3b2f17b0769bb786ddb93cb9a0ad00da787295b19805c7fb80723434","first_seen":"2025-04-17T11:34:23.148683Z","last_seen":"2026-04-03T08:52:48.143375Z","times_seen":1169,"resource_available":false,"data":null}},"time_used":637,"timings":{"blocked":200,"dns":13,"connect":211,"send":0,"wait":212,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/22V1J99o.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:00.731Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/22V1J99o.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-da08\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: d2900c1a15c719af0ba026c3a5afde2c\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":55816,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (42842)","md5":"513cc4012f5b8329aa557c250e94ebc9","sha1":"f76f2b14fdfdbe3d648d40e001af5bea5b35aec0","sha256":"26b8bd74790f95e2b3b7354afe85c55294d46cfb53c02389ef8fc3c6b5f0f3ec","sha512":"e689c776586124cbbd2d3501a74f5f8869e7bf270a6fae3138ee5d0c21626e7334e592c3cae030c343a31e88f05935929fe8be13317b1f384786deda89aa529c","ssdeep":"1536:nkVRRkeadSfFAgYsC7tuQZqnVat+qgKTId1Nnh5Bcmu4qryvUqyR3cLr:uTkVdLdsC7oWq/5HGRc","tlshash":"7f435c9c72a4b0f163bb45b9807f4407b3392e15900ee450b269cee92674d75e1bbb3e","first_seen":"2025-10-16T06:08:09.689838Z","last_seen":"2026-02-28T19:40:37.462765Z","times_seen":171,"resource_available":true,"data":null}},"time_used":1385,"timings":{"blocked":976,"dns":0,"connect":0,"send":0,"wait":204,"receive":205,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/CY-XXIsO.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:01.839Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/CY-XXIsO.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-2549\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: c59a14198a4b774bd1fd53a2d84165f5\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9545,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (9390)","md5":"a8cdb3ce71aec13e6093a691bc2b19af","sha1":"284e8708248c0d00c4e74d90062f6c3bdfc083fa","sha256":"17493389d6e0ce4d6191f6d9be61a93b30e0bb9d47c5de974ef18f8cd97d477b","sha512":"d051e6b33625b314739b51cbefef01ced07dbdc3002d54aec7675307fea37d4f009d02ec07a5e405012bca4bc59a417b37412729fc10eb2d4a08ea5e1f978935","ssdeep":"192:626Nc6CqwHfcWwhF0rJLzqJkRRottNdkRRB9dy9jfqVPJITEh:63N9fWwhDYRKYRFCTu","tlshash":"4a12c9cfb0128abce0dbd51854a9dc00a00e3f9bd5968252b1fdac757585cf9fa95338","first_seen":"2025-10-16T06:08:09.638902Z","last_seen":"2026-02-28T19:40:37.42287Z","times_seen":165,"resource_available":false,"data":null}},"time_used":223,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":223,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-05-22/12/1925409352718213120.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.441Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"OPTIONS /image/2025-05-22/12/1925409352718213120.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: responsetype\r\nReferer: http://tqyy5mv8.top/\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:04 GMT\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: responsetype\r\ncontent-type: text/plain\r\ncontent-length: 0\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":1233,"timings":{"blocked":795,"dns":0,"connect":0,"send":0,"wait":438,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/CGC4xlMU.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:06.166Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/CGC4xlMU.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/CvUKjgFw.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278; deviceId=37PEwMPYrDXTaEZEdYFaxb7i; userStore=%7B%22info%22%3A%7B%22userId%22%3A%222009622699604393984%22%2C%22uniqueId%22%3A%22204e50f4eea5492e9eaa812b9543f557%22%2C%22phone%22%3Anull%2C%22userCode%22%3A%223338FY6W%22%2C%22nickname%22%3A%22%E6%B8%B8%E5%AE%A2%22%2C%22deviceType%22%3A3%2C%22avatar%22%3Anull%2C%22signature%22%3Anull%2C%22gender%22%3Anull%2C%22city%22%3Anull%2C%22experience%22%3Anull%2C%22expLevel%22%3Anull%2C%22account%22%3Anull%2C%22userType%22%3A0%2C%22parentCode%22%3Anull%2C%22agentCode%22%3A%22JNO2R7YK%22%2C%22agentAcct%22%3A%22sc00_03%22%2C%22masterAcct%22%3A%22sc00%22%2C%22merchantAcct%22%3A%22sc00%22%2C%22coinBalance%22%3A0%2C%22pointBalance%22%3A0%2C%22vipBegin%22%3Anull%2C%22vipEnd%22%3Anull%2C%22vipFlag%22%3Afalse%2C%22userJob%22%3A2%2C%22deviceId%22%3A%2237PEwMPYrDXTaEZEdYFaxb7i%22%2C%22roles%22%3A%5B%5D%7D%2C%22searchList%22%3A%5B%5D%2C%22scrollLeft%22%3A0%2C%22downloadTime%22%3A0%7D; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uSWQiOiJhZDM0NTUwNWU5NzU0NDRkOWIxMWM0M2ZlZjBhN2RkYSIsIm1lcmNoYW50QWNjdCI6InNjMDAiLCJ1c2VySWQiOiIyMDA5NjIyNjk5NjA0MzkzOTg0In0.bdt2tOADF1swp4g_M8rGMi5M6CLflZ_dBocaih1RUXw\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:06 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-2ef6\"\r\nExpires: Fri, 09 Jan 2026 14:16:06 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 9ca6feac7174474e0aefe3109c0d3a37\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12022,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (12021)","md5":"ce126d9b5fec0178754a169a9b362046","sha1":"8c5f59063b07893e29c81f721d9652275ed1d62b","sha256":"bda556867f8226b195cd5dd215a9b67ca819c13c2f9a6bdd5d038e9e29b040f5","sha512":"2ffc04ad46c695801da6b6ce265d0e0334faf6dd97c1120bfd70561129d1cc3b60c3ac924c9cdf3b67b532d0a8e871371d38cf31e8197bee922dd4799d3ef9f3","ssdeep":"192:zypEMiGgp4hZD6Y0kHc7ybDjFntgQyJ6plkfyP6PCaa/9tTiecgW9LAVnBuIK2/K:zyY0ncebDjFtRy2l2yP6PCB7ue29cZY1","tlshash":"93420ac6b5c5a5716fbb64d4f0aa4052a44d5b09b01a80e0e07f9d042bdeec0bb7af3d","first_seen":"2025-10-16T06:08:09.971215Z","last_seen":"2026-02-28T19:40:37.473088Z","times_seen":163,"resource_available":true,"data":null}},"time_used":229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":229,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/DdzjdIBS.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:01.006Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/DdzjdIBS.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/B80mK0S0.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-202c\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 521881116cb2bb0695f144d28bb5efa4\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8236,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (8167)","md5":"33bcb92aed739580a4150bd8b32c8501","sha1":"369cbd00ff3fdaa1e55d5d90a17489c7d3dbde4a","sha256":"4dd7cce928880fa87157babd51b41c97f01b2fa764847cb0f6e848915f7a8891","sha512":"8e2ae0a1f1ac46264fb6066d412e0b60368979137581ae42c66a4f1a43402660668f4af3f2b39788c9d3de2cf4d05e149f4bf8fc0f9675aa44d335991972531f","ssdeep":"192:jvUT9JlEDIWGrVqaLNbObnH7zmzQgFVPOWxxE:jMTPOBuE4bObbzMQ+VWWzE","tlshash":"9202a609f01490b4f376ed94d8784c0a9e0b6fd556e880c8e4eade1b5366cb439e9b1c","first_seen":"2025-10-16T06:08:09.826209Z","last_seen":"2026-02-28T19:40:37.435081Z","times_seen":165,"resource_available":true,"data":null}},"time_used":227,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":227,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/CJJ_gbVK.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:02.149Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/CJJ_gbVK.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/BGnZWUEv.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:02 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-e90\"\r\nExpires: Fri, 09 Jan 2026 14:16:02 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 4963276bb28201fdc2be617284eafab1\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3728,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, Unicode text, UTF-8 text, with very long lines (3667)","md5":"9d28df8087a048d071d95ca848c5ce45","sha1":"ddfce97c7e04915ecf4102cab5fe45fdc3bb37be","sha256":"4c5314fc020ee5c9d8ff1f4f1822513d7b7e276730a54c4c884cbaf50d6e4de3","sha512":"1e8173883febbdfc0205faec8d2ed70f3987ba6d484837c78fee28f39ee170bc43cad7354403e7b4733ea3a8dbaaa5587f73c3069b35611c7fa2a13db3fc52e7","ssdeep":"","tlshash":"f871658eb821dabcf1f3507550749408921c5f8df1b94696f0bc9c613a55c7aaadc36c","first_seen":"2025-10-16T06:08:09.561146Z","last_seen":"2026-02-28T19:40:37.473594Z","times_seen":170,"resource_available":true,"data":null}},"time_used":213,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":213,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/DptArvn-.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:02.159Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/DptArvn-.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/BGnZWUEv.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:02 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 83\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nETag: \"68ef84a1-53\"\r\nExpires: Fri, 09 Jan 2026 14:16:02 GMT\r\nCache-Control: max-age=1800\r\nServer: layun.com\r\nX-Request-Id: 1670932fe5d464b4aceceb8f2e24d80b\r\ncache-status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":83,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text","md5":"f9df5b1f126b2eb2cf955311f48cead5","sha1":"396b77a173859b5f73a666b9da0d7b22f66413bd","sha256":"9cc5e9fabec00ccc8a355d4925f7c083c4c0b6f1d53f4c04057af45f5671b34e","sha512":"4e8f16e77942a7d978feed32c2529f83a6b9b29426ec0294142e238822a31d476aec016aaddbf3b29f532eaff70ccec499ea81e13f736957bae1e17afa3aadab","ssdeep":"","tlshash":"f2a0122d084001b700411cc85306a2a107200408176047d044084a2203214c7644da00","first_seen":"2025-10-16T06:08:09.886213Z","last_seen":"2026-02-28T19:40:37.432352Z","times_seen":171,"resource_available":true,"data":null}},"time_used":405,"timings":{"blocked":198,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/Ww8WnoUa.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.583Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/Ww8WnoUa.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:05 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-16f0\"\r\nExpires: Fri, 09 Jan 2026 14:16:05 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 63a5ef13246d49459c9b7ef858db2ce0\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5872,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, Unicode text, UTF-8 text, with very long lines (5837)","md5":"a6e2fa6440590bee0b441e20a98f5db7","sha1":"1472aeab176dfcaa1b3922a4f7f90c48ab6eb9ac","sha256":"d6017e5510f4d8d517b9ced4adda3a5aba14d469c27ca0d8ad4bd1daff96130f","sha512":"b55736462fa78eec35720e8906c6ccf72804951176a8278924379a8df886340db39e22a4591bf1a27515114373d31447a7a93d8e8626c57faa34e25224b03638","ssdeep":"96:QGtpQhV2RoqNgFikq7A0LHGns/yoGygpN4BGXdaQ5OJLHFnA:jtpQmoqNgFikq7A0bGnjegnyuPO1FnA","tlshash":"94c1b80df578a8b9f37ae9a4c0615809870a379612da89d5b1bfdd235310cb078ad77c","first_seen":"2025-10-16T06:08:09.810724Z","last_seen":"2026-02-28T19:40:37.463258Z","times_seen":164,"resource_available":true,"data":null}},"time_used":1615,"timings":{"blocked":1404,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/B49QR4hx.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:07.146Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/B49QR4hx.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:07 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-6e7\"\r\nExpires: Fri, 09 Jan 2026 14:16:07 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 42c33141a0784750306f102801c4b4fa\r\ncache-status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1767,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (1766)","md5":"79a4c4cd2414061a120667b3b5cce535","sha1":"58293f4e7c8dd914565d5b2c0685575702c942cc","sha256":"2ee168b68121100f293a97e385dbacd24a784365b82a3c569fcae22c6a898cc6","sha512":"b20a24efc3d57312d028a829c31a175af4eb770fd1a2444da40552128676bfad7609ca581457b951e4fd8540c2272d2f82373ed200206cea9c7498f676c7c9df","ssdeep":"","tlshash":"7c31d8caf8dac43da32bcc894028441051143f8e603cc1d6b6672b0ce739ed8ae1561d","first_seen":"2025-10-16T06:08:09.696598Z","last_seen":"2026-02-28T19:40:37.431342Z","times_seen":168,"resource_available":true,"data":null}},"time_used":883,"timings":{"blocked":562,"dns":0,"connect":0,"send":0,"wait":313,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/entry.DQUDWu3P.css","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:45:59.156Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/entry.DQUDWu3P.css HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:45:59 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-fc38\"\r\nExpires: Fri, 09 Jan 2026 14:15:59 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 0262c59651b4b80c298f70b12298d075\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":64568,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (64049)","md5":"4dfff52573b89ef0645e02fec6773ed5","sha1":"bfb2a178cdf137ab993ab722cf804fd0dd4b2a15","sha256":"cd3c2678bb7eb21b7d0f575b9ae250352121f454dc25bd47da5cda6d16248c02","sha512":"0784856f9a15df0722886766297b1809b4eb1b83f0f9b272e9b43873f1c3251523b4afdc6f6d08cec8dd0b2b74581c56638bb9923ed1ff8d9204aa82f0fb050d","ssdeep":"768:QIXeueqmBZBi3MFYaQj768z+wsI4sWvDIBFV+xGQJxCfVow6i53iOzqISRd:QIyNBi3MFYaQj7ZCwsBlDOFIxuVoxaSz","tlshash":"3b53e6e4d9c451fc2f29d1628b4732e8b129f572cd819c94f00a925d0edbbb60667f3a","first_seen":"2025-06-16T23:22:36.799217Z","last_seen":"2026-02-28T19:40:37.480222Z","times_seen":314,"resource_available":false,"data":null}},"time_used":860,"timings":{"blocked":204,"dns":15,"connect":202,"send":0,"wait":224,"receive":214,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/i01Blr7r.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:00.705Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/i01Blr7r.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-4ac\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 3ec8bc2c6580eee270f70492be3e8c4f\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1196,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (1195)","md5":"826f5fdb6ee79ff4506a59db01680676","sha1":"da5044530cd0d0a7963ad8902c2f71df88796fa7","sha256":"af56f6b6e78a55a3810ce208fa4f86359a156aaff3f2cda993c44c885bb88e67","sha512":"80b5d02cc1e925d4cc2e2da3d969d9096aebead5046e316e294955ad712527717a77572475e1183398a238420a7a22bf188a8bd6330ae5685b2e26fdb286dd48","ssdeep":"","tlshash":"4f21449db149907f3eba1dd04127184292225f0a6920b7f5e1564ff301b3d14e16ef7e","first_seen":"2025-10-16T06:08:09.804764Z","last_seen":"2026-02-28T19:40:37.445078Z","times_seen":171,"resource_available":true,"data":null}},"time_used":591,"timings":{"blocked":388,"dns":0,"connect":0,"send":0,"wait":203,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/0xlt7eT7.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:00.719Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/0xlt7eT7.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-2844\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 8e3f9062c584126f79edd83d9dc2cde4\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10308,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (10259)","md5":"7520c7f08b1151b07b6927bda1828d9e","sha1":"e2940e90446ead59c5ad1b3b0ea963e275aad24e","sha256":"90ffed836332a30190edb82bde3bd1710c3ac7373c36a24be14561aabe0dc857","sha512":"b335376d6fc09811ac4d2629295ccf34f5a1a0f6046f6ec87f8e2fbe41b18b023f5abf94c7abe4ed04f2c060d7c7876767786fa631630a7fe578cac451be7974","ssdeep":"192:qbRBZvxP1xAZjxWzZxgWhwsDmNvPGFj0P9eaCj6j6s:CRVjYo1qsDmNvu90P9ejj+6s","tlshash":"10222389f1459aae824b1170445d5c0c964b7fa4ceeb8a4a33f4ed4af386cb67988734","first_seen":"2025-10-16T06:08:09.876092Z","last_seen":"2026-02-28T19:40:37.424996Z","times_seen":171,"resource_available":true,"data":null}},"time_used":819,"timings":{"blocked":602,"dns":0,"connect":0,"send":0,"wait":217,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/DQG20OtQ.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:02.158Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/DQG20OtQ.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/BGnZWUEv.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:02 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-14b1\"\r\nExpires: Fri, 09 Jan 2026 14:16:02 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: f7c5f9ce051175e9189363ab75e0e7c8\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5297,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (5296)","md5":"848e083ac2f03c4e621c8294ddd42d02","sha1":"50f736063069b656dedbaf6e6a8eb80e8f81eb72","sha256":"888f64c36c876ee8206cd227dc30662fe808e37dea283a65623ed1f13da22bb3","sha512":"708e519bec0b5e0e58a70ddeaf290ddea3abbc847950beb6bebde1731bb5a4fb0a43ec93b33b1a00d0e7d23ac345324edf35e29fa43e6e2b08dc9d5e2c447211","ssdeep":"96:L2Y/QlGuIsPGoBtaQAvj3aaRhVm5ARLjRY96yYQXRFJ18QInGLA6Daa6+RQej:yYKO4tpAj3/LmeRvRY90Qh/1TLP2J+Rx","tlshash":"e3b1b7e5fd49bc378c37fc1845db54122a081bb5e118b6f1e5ea28491ae627075f0f71","first_seen":"2025-10-16T06:08:09.601427Z","last_seen":"2026-02-28T19:40:37.425516Z","times_seen":171,"resource_available":true,"data":null}},"time_used":403,"timings":{"blocked":198,"dns":0,"connect":0,"send":0,"wait":204,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/BYxiyo0l.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.595Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/BYxiyo0l.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/WK6v7wUJ.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278; deviceId=37PEwMPYrDXTaEZEdYFaxb7i; userStore=%7B%22info%22%3A%7B%22userId%22%3A%222009622699604393984%22%2C%22uniqueId%22%3A%22204e50f4eea5492e9eaa812b9543f557%22%2C%22phone%22%3Anull%2C%22userCode%22%3A%223338FY6W%22%2C%22nickname%22%3A%22%E6%B8%B8%E5%AE%A2%22%2C%22deviceType%22%3A3%2C%22avatar%22%3Anull%2C%22signature%22%3Anull%2C%22gender%22%3Anull%2C%22city%22%3Anull%2C%22experience%22%3Anull%2C%22expLevel%22%3Anull%2C%22account%22%3Anull%2C%22userType%22%3A0%2C%22parentCode%22%3Anull%2C%22agentCode%22%3A%22JNO2R7YK%22%2C%22agentAcct%22%3A%22sc00_03%22%2C%22masterAcct%22%3A%22sc00%22%2C%22merchantAcct%22%3A%22sc00%22%2C%22coinBalance%22%3A0%2C%22pointBalance%22%3A0%2C%22vipBegin%22%3Anull%2C%22vipEnd%22%3Anull%2C%22vipFlag%22%3Afalse%2C%22userJob%22%3A2%2C%22deviceId%22%3A%2237PEwMPYrDXTaEZEdYFaxb7i%22%2C%22roles%22%3A%5B%5D%7D%2C%22searchList%22%3A%5B%5D%2C%22scrollLeft%22%3A0%2C%22downloadTime%22%3A0%7D; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uSWQiOiJhZDM0NTUwNWU5NzU0NDRkOWIxMWM0M2ZlZjBhN2RkYSIsIm1lcmNoYW50QWNjdCI6InNjMDAiLCJ1c2VySWQiOiIyMDA5NjIyNjk5NjA0MzkzOTg0In0.bdt2tOADF1swp4g_M8rGMi5M6CLflZ_dBocaih1RUXw\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:04 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 562\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nETag: \"68ef84a1-232\"\r\nExpires: Fri, 09 Jan 2026 14:16:04 GMT\r\nCache-Control: max-age=1800\r\nServer: layun.com\r\nX-Request-Id: adfebf31f6aa6482deb953bb10931eb6\r\ncache-status: EXPIRED\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":562,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (561)","md5":"a8620d23c4609529f22e3dd37b487d71","sha1":"36d584080568418d741030d5cd0d58c5edad0f5f","sha256":"8a7e6f788993cabf72cd537d623ed8b7a82461ee4722e8abd8c4da00fec83189","sha512":"c519e0803f8007ab4b899560f195b662e7f47167733bad156e6fa963c93e2d485fdc02151eb36c4391215cb68f1c3993c4ca94be60aeac751c7fed2b64edef04","ssdeep":"","tlshash":"c1f0200bc4914ab44972ccf0c429c9710a7785bb0bd6e734e6cf93312360032e05eb07","first_seen":"2025-10-16T06:08:09.581666Z","last_seen":"2026-02-28T19:40:37.461742Z","times_seen":165,"resource_available":true,"data":null}},"time_used":1322,"timings":{"blocked":544,"dns":0,"connect":0,"send":0,"wait":776,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-06-13/21/1933513914136911872.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:05.523Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"GET /image/2025-06-13/21/1933513914136911872.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://tqyy5mv8.top/\r\nresponsetype: arraybuffer\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:05 GMT\r\ncontent-type: text/plain\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-expose-headers: Date, Etag, Content-Length, Accept-Ranges, Content-Range, Server, Location, X-Amz-Version-Id, X-Amz-Checksum-Crc32, X-Amz-Checksum-Crc32c, X-Amz-Checksum-Crc64nvme, X-Amz-Checksum-Sha1, X-Amz-Checksum-Sha256\r\naccess-control-max-age: 86400\r\netag: W/\"8696ee1c3256ecdfc867745da5e9b6ee\"\r\nlast-modified: Fri, 13 Jun 2025 13:16:55 GMT\r\nx-wasabi-cm-reference-id: 1767210419506 154.18.200.104 ConID:427550134/EngineConID:4102176/Core:94\r\nvia: 1.1 b0e86881f2888131e8e2022e585486ea.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: HKG54-P2\r\nx-amz-cf-id: 6VLmQz00idLD_sVOSKKO6TVS892aWk8kVQ2H6cUHzxkXMeNRpbcimw==\r\nage: 65036\r\nx-cache-status: HIT\r\ncontent-encoding: br\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":404416,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"8696ee1c3256ecdfc867745da5e9b6ee","sha1":"b517ea54e5891aecc5dbd59803a3f856f41ece45","sha256":"480d6e3b88466eb39b3501ae0e2458b7425cd790c62f1f48db9f342a6c5065b7","sha512":"27140770d9aa38b797df0266254a02e4036e8e3d55accaf702436fae84161c50b0e463fb87f8f14d94ccd59d0a3c461a59a352665c693a5664d4e7cf1a5f27b8","ssdeep":"12288:j6pcOd/TgQi40nty87VaWRjZONV4Wnrt0thcbZ:j6eUbUtyCakIvt31","tlshash":"60842335526c67bb89dc1b101384234873b5ffc1a0d936aa9ff0baca554ceba1df6049","first_seen":"2025-06-16T23:22:36.742356Z","last_seen":"2026-04-03T08:52:48.194206Z","times_seen":782,"resource_available":false,"data":null}},"time_used":1428,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1428,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-08-22/20/1958868497000816640.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:05.558Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"GET /image/2025-08-22/20/1958868497000816640.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://tqyy5mv8.top/\r\nresponsetype: arraybuffer\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:05 GMT\r\ncontent-type: text/plain\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-expose-headers: Date, Etag, Content-Length, Accept-Ranges, Content-Range, Server, Location, X-Amz-Version-Id, X-Amz-Checksum-Crc32, X-Amz-Checksum-Crc32c, X-Amz-Checksum-Crc64nvme, X-Amz-Checksum-Sha1, X-Amz-Checksum-Sha256\r\naccess-control-max-age: 86400\r\nlast-modified: Fri, 22 Aug 2025 12:26:59 GMT\r\nx-wasabi-cm-reference-id: 1766954251086 154.18.200.101 ConID:1179403183/EngineConID:11313734/Core:85\r\netag: W/\"0505d30b64a50a1b956035b5329ee96e\"\r\nvia: 1.1 4843510c0b6664a808a022fd8ec75bde.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: SIN2-P5\r\nx-amz-cf-id: wGPGuwg_0dPkchA-k7fNDpS4w6LOGW9cAZvadOsZs4-KE9A8njQtmA==\r\nage: 65041\r\nx-cache-status: HIT\r\ncontent-encoding: br\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":1049728,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"d42c68bf2bbf4f3b912819fc06bd6bf2","sha1":"69b6d242f3df69316dd3635e02601ef6c1f74485","sha256":"d16bafa91f0ad5fe72c70b75cf4655cdcde467365ad16ca248da8274460a256e","sha512":"c79255cae5027ea2514d272ecb5ecf9225a8a54cf6b57466867b030cd5559ff6e3d04dfc1f5a91cfeb44d1d307136fddec9f46b84ed82f60fe8f57b29f66fb5c","ssdeep":"24576:6SzN/7bfHFTMgpl8J5yh/F6wjmRocj+7/MEjS5Epoqy3lm8a:6g1PJCnypHM2Mwgpha","tlshash":"18252384c6913f5c0a1c9eace42d5d8cfaba0f9f425ce0d2d7b098df437a764209b656","first_seen":"2025-08-23T07:34:05.061042Z","last_seen":"2026-02-09T11:47:25.479049Z","times_seen":1191,"resource_available":false,"data":null}},"time_used":1324,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1324,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/_id_.D8dlaRQq.css","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:07.130Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/_id_.D8dlaRQq.css HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278; deviceId=37PEwMPYrDXTaEZEdYFaxb7i; userStore=%7B%22info%22%3A%7B%22userId%22%3A%222009622699604393984%22%2C%22uniqueId%22%3A%22204e50f4eea5492e9eaa812b9543f557%22%2C%22phone%22%3Anull%2C%22userCode%22%3A%223338FY6W%22%2C%22nickname%22%3A%22%E6%B8%B8%E5%AE%A2%22%2C%22deviceType%22%3A3%2C%22avatar%22%3Anull%2C%22signature%22%3Anull%2C%22gender%22%3Anull%2C%22city%22%3Anull%2C%22experience%22%3Anull%2C%22expLevel%22%3Anull%2C%22account%22%3Anull%2C%22userType%22%3A0%2C%22parentCode%22%3Anull%2C%22agentCode%22%3A%22JNO2R7YK%22%2C%22agentAcct%22%3A%22sc00_03%22%2C%22masterAcct%22%3A%22sc00%22%2C%22merchantAcct%22%3A%22sc00%22%2C%22coinBalance%22%3A0%2C%22pointBalance%22%3A0%2C%22vipBegin%22%3Anull%2C%22vipEnd%22%3Anull%2C%22vipFlag%22%3Afalse%2C%22userJob%22%3A2%2C%22deviceId%22%3A%2237PEwMPYrDXTaEZEdYFaxb7i%22%2C%22roles%22%3A%5B%5D%7D%2C%22searchList%22%3A%5B%5D%2C%22scrollLeft%22%3A0%2C%22downloadTime%22%3A0%7D; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uSWQiOiJhZDM0NTUwNWU5NzU0NDRkOWIxMWM0M2ZlZjBhN2RkYSIsIm1lcmNoYW50QWNjdCI6InNjMDAiLCJ1c2VySWQiOiIyMDA5NjIyNjk5NjA0MzkzOTg0In0.bdt2tOADF1swp4g_M8rGMi5M6CLflZ_dBocaih1RUXw\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:07 GMT\r\nContent-Type: text/css\r\nContent-Length: 326\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nETag: \"68ef84a1-146\"\r\nExpires: Fri, 09 Jan 2026 14:16:07 GMT\r\nCache-Control: max-age=1800\r\nServer: layun.com\r\nX-Request-Id: 2cb8d35891de3fa3e83d5f9b48de9f30\r\ncache-status: EXPIRED\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":326,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (325)","md5":"44b8da8dc5354d53450bb760d7208098","sha1":"833699d3108c2df4c431415547e79871353f4c5e","sha256":"c523dbd84e19b38bc20921d6824304509f4ebb6239b6ece28d69c6cb2dfa4052","sha512":"0896f479a5986b0729c7c402f696794c9c148e20eba6905bf55fc72059f13044f22dab0a744c4945bb6472c55ac9b963a85bc3b30274df7d12c6fad3860fd858","ssdeep":"","tlshash":"09e04f2b76042c1d73cfb3fa0f321012190e6f81f0028814baa61029c9376bd3077063","first_seen":"2025-07-01T03:50:14.595188Z","last_seen":"2026-02-28T19:40:37.456305Z","times_seen":252,"resource_available":false,"data":null}},"time_used":367,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":362,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/BM0e--Ef.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:01.838Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/BM0e--Ef.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-a31\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 3783cb9abf8a021efd9e1c84213eaf57\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2609,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (2608)","md5":"658be090238672dcc04271b45a3e80d9","sha1":"77d9b563ad631b8f81c79d8558a7dc75b77bbe83","sha256":"bffe60222c4bbe23db190bdbb89654a46391c3d7edc00dee547379f54c817bac","sha512":"37e4c315f792ef2189250415655f2f004be8d3030c5e890d456d1f1865b9f480849f1028a4265986b4752cba66b029626050dcbed3075fb8c2fc3b26626a5560","ssdeep":"","tlshash":"5a51414af058927062abd8dcd0a09e38539c7f9e966597f0f0ff1e2127a4cb0e55c229","first_seen":"2025-10-16T06:08:09.966646Z","last_seen":"2026-02-28T19:40:37.479734Z","times_seen":165,"resource_available":true,"data":null}},"time_used":220,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":220,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/member/uploaderPage","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.037Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /member/uploaderPage HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\napp-type: stationGroup\r\ncontent-type: application/json\r\nm-acct: sc00\r\nContent-Length: 232\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278; deviceId=37PEwMPYrDXTaEZEdYFaxb7i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":232,"data":"{\"requestId\":\"FkkpY6c3h3YnY4BEsfJp5YBTW5hEzWGt\",\"appId\":\"sc00\",\"time\":1767966363029,\"sign\":\"1d7778ea06f2bb49547bd22f6396b8c7\",\"body\":\"3ca20a5652f58e710ddec5108f8d5bbf6fcd17ae2372665e88bc19d4d173dbd9bea930f12d9051ddbf5ed8f0ddc4c77d\"}"}},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:03 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Robots-Tag: index, follow, max-image-preview:large, max-snippet:-1, max-video-preview:-1\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 64b7d5f1e5954d30103c1a7f8cfbd1f8\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10906,"size_decoded":0,"mime_type":"application/json","magic":"ASCII text, with very long lines (10906), with no line terminators","md5":"348581ec917ad0c6732fd7130d57da0b","sha1":"e6d5daa94229cc75d2b09d315202e1e4b35bff1f","sha256":"31571aaa174b1285fae7c939d85634e511010a1b56fa014ae264ac0cd591892c","sha512":"28b07429aa9f3ed31086e9248875440fd716da27f74eaf6ff1f6e3ed29abc5b939d1e232cd23d64f7725cfc84767993f2dd6d04ac1aa13cc3ea10503b04ad5e8","ssdeep":"192:DxGFzjJDuL7jyv7O10Wzwo5xewrtC0moku4UjCGMv8ComuKfBTG+qfkIEp19uSAS:D+9r67E+zIQav8frcBTGhob9Rl","tlshash":"2022bf8f99735a7f6a1fd64ca84bca2e48651c26feeb66a5406f2273c32880d7d46044","first_seen":"2026-01-09T13:46:53.924483Z","last_seen":"2026-01-09T13:46:53.924483Z","times_seen":1,"resource_available":false,"data":null}},"time_used":808,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":807,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-12-23/10/2003290036806606848.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.502Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"OPTIONS /image/2025-12-23/10/2003290036806606848.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: responsetype\r\nReferer: http://tqyy5mv8.top/\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:04 GMT\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: responsetype\r\ncontent-type: text/plain\r\ncontent-length: 0\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":1252,"timings":{"blocked":735,"dns":0,"connect":0,"send":0,"wait":517,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/KGeZgdKO.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:07.137Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/KGeZgdKO.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:08 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-2af7\"\r\nExpires: Fri, 09 Jan 2026 14:16:08 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 9645e9dd62875d636f849f2526f23f08\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10999,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (10878)","md5":"e89fda158cdee0b899ab8763a1d3c65f","sha1":"bf0863b57646d0af21b77c5a007c9bc0cad0b502","sha256":"dbfee3bab623f82de9f2dc2e7dd141228277a152fd30ac3f76d6fd3074b5048d","sha512":"246c2b7b9b2e6ced8bf12b097fa32d40c261fb4b809136466834225d94ea4d29844745e49caca6b755d15407bfef592b5cc58b070e187df1d00e1c7aab509385","ssdeep":"192:t7qVgDRgFIsPSidbEXJmXbGykf/Xk6msa0x/HPd+SocRxnu6g:tVDRgGivdE+bGXXkjt0x/HPWT","tlshash":"4832750df110f679e73bc8d4c4a849056a0bb75946e882b1a1fafe1fc2d5c74ba48735","first_seen":"2025-10-16T06:08:09.751343Z","last_seen":"2026-02-28T19:40:37.430337Z","times_seen":165,"resource_available":true,"data":null}},"time_used":1075,"timings":{"blocked":869,"dns":0,"connect":0,"send":0,"wait":205,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/FNsFDHSu.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:07.152Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/FNsFDHSu.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/WK6v7wUJ.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278; deviceId=37PEwMPYrDXTaEZEdYFaxb7i; userStore=%7B%22info%22%3A%7B%22userId%22%3A%222009622699604393984%22%2C%22uniqueId%22%3A%22204e50f4eea5492e9eaa812b9543f557%22%2C%22phone%22%3Anull%2C%22userCode%22%3A%223338FY6W%22%2C%22nickname%22%3A%22%E6%B8%B8%E5%AE%A2%22%2C%22deviceType%22%3A3%2C%22avatar%22%3Anull%2C%22signature%22%3Anull%2C%22gender%22%3Anull%2C%22city%22%3Anull%2C%22experience%22%3Anull%2C%22expLevel%22%3Anull%2C%22account%22%3Anull%2C%22userType%22%3A0%2C%22parentCode%22%3Anull%2C%22agentCode%22%3A%22JNO2R7YK%22%2C%22agentAcct%22%3A%22sc00_03%22%2C%22masterAcct%22%3A%22sc00%22%2C%22merchantAcct%22%3A%22sc00%22%2C%22coinBalance%22%3A0%2C%22pointBalance%22%3A0%2C%22vipBegin%22%3Anull%2C%22vipEnd%22%3Anull%2C%22vipFlag%22%3Afalse%2C%22userJob%22%3A2%2C%22deviceId%22%3A%2237PEwMPYrDXTaEZEdYFaxb7i%22%2C%22roles%22%3A%5B%5D%7D%2C%22searchList%22%3A%5B%5D%2C%22scrollLeft%22%3A0%2C%22downloadTime%22%3A0%7D; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uSWQiOiJhZDM0NTUwNWU5NzU0NDRkOWIxMWM0M2ZlZjBhN2RkYSIsIm1lcmNoYW50QWNjdCI6InNjMDAiLCJ1c2VySWQiOiIyMDA5NjIyNjk5NjA0MzkzOTg0In0.bdt2tOADF1swp4g_M8rGMi5M6CLflZ_dBocaih1RUXw\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:07 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-a71\"\r\nExpires: Fri, 09 Jan 2026 14:16:07 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: b0eb80e89e31bf17a1149a9e8ee289e4\r\ncache-status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2673,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, Unicode text, UTF-8 text, with very long lines (2442)","md5":"6275a6a1b1a3ae0e8f94e3250658aba8","sha1":"b7e058556ebf6c9df86014061513297e4a75493c","sha256":"fbdb3c383001ad396be9117fd48eeaeb4691f7da03990c2910028fff89d4ba3d","sha512":"f9dd62b78ef458a7907db2de87c5b35f12ce1160894b4ef66e0208b27df18cbd4b5a7fccb2663f072c603d4a07386a9996b9c2c95b46903d256f41af2c22f7dc","ssdeep":"","tlshash":"0b5185153cefebfd95b34868301a0820b009f75b9457aae596f949113c72f658ba6321","first_seen":"2025-10-16T06:08:09.757482Z","last_seen":"2026-02-28T19:40:37.45069Z","times_seen":154,"resource_available":true,"data":null}},"time_used":655,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":655,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/bnqxLtY9.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:08.268Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/bnqxLtY9.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/KGeZgdKO.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278; deviceId=37PEwMPYrDXTaEZEdYFaxb7i; userStore=%7B%22info%22%3A%7B%22userId%22%3A%222009622699604393984%22%2C%22uniqueId%22%3A%22204e50f4eea5492e9eaa812b9543f557%22%2C%22phone%22%3Anull%2C%22userCode%22%3A%223338FY6W%22%2C%22nickname%22%3A%22%E6%B8%B8%E5%AE%A2%22%2C%22deviceType%22%3A3%2C%22avatar%22%3Anull%2C%22signature%22%3Anull%2C%22gender%22%3Anull%2C%22city%22%3Anull%2C%22experience%22%3Anull%2C%22expLevel%22%3Anull%2C%22account%22%3Anull%2C%22userType%22%3A0%2C%22parentCode%22%3Anull%2C%22agentCode%22%3A%22JNO2R7YK%22%2C%22agentAcct%22%3A%22sc00_03%22%2C%22masterAcct%22%3A%22sc00%22%2C%22merchantAcct%22%3A%22sc00%22%2C%22coinBalance%22%3A0%2C%22pointBalance%22%3A0%2C%22vipBegin%22%3Anull%2C%22vipEnd%22%3Anull%2C%22vipFlag%22%3Afalse%2C%22userJob%22%3A2%2C%22deviceId%22%3A%2237PEwMPYrDXTaEZEdYFaxb7i%22%2C%22roles%22%3A%5B%5D%7D%2C%22searchList%22%3A%5B%5D%2C%22scrollLeft%22%3A0%2C%22downloadTime%22%3A0%7D; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uSWQiOiJhZDM0NTUwNWU5NzU0NDRkOWIxMWM0M2ZlZjBhN2RkYSIsIm1lcmNoYW50QWNjdCI6InNjMDAiLCJ1c2VySWQiOiIyMDA5NjIyNjk5NjA0MzkzOTg0In0.bdt2tOADF1swp4g_M8rGMi5M6CLflZ_dBocaih1RUXw\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:08 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 926\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nETag: \"68ef84a1-39e\"\r\nExpires: Fri, 09 Jan 2026 14:16:08 GMT\r\nCache-Control: max-age=1800\r\nServer: layun.com\r\nX-Request-Id: 7992d13d56e7cb73d809a9a9a4b443b1\r\ncache-status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":926,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, Unicode text, UTF-8 text, with very long lines (917)","md5":"9b9f593c4f183837d4142c51f6569cc4","sha1":"39eacc5fe2bb2efb1ab3e8070787317067401dd2","sha256":"b276261f86a4d226e01e1a543465a1d4eef694f57d2757f5c26aaf59a3e07d5a","sha512":"67e0eb740fb27cafe78663de80a4a068e860a6f18a52fe2b60e494514788a97832aaef6f99486d9d56855e3be3624b8952bb757245ec75a2d11d9e11dd4dbab6","ssdeep":"","tlshash":"fc11d048b401863ed4adac9881580931234c7e9f06b8c5b0b4fee7209762454ba4ef31","first_seen":"2025-10-16T06:08:09.606373Z","last_seen":"2026-02-28T19:40:37.456809Z","times_seen":168,"resource_available":true,"data":null}},"time_used":221,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":212,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/logo-lang.png","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:45:59.192Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /logo-lang.png HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:45:59 GMT\r\nContent-Type: image/png\r\nContent-Length: 5808\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:22 GMT\r\nETag: \"68ef84a2-16b0\"\r\nExpires: Fri, 09 Jan 2026 14:15:59 GMT\r\nCache-Control: max-age=1800\r\nServer: layun.com\r\nX-Request-Id: 57bbc21b94ead4b5aa595eeebcfadef7\r\ncache-status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5808,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 435 x 199, 8-bit colormap, non-interlaced","md5":"e22bb2b4a1969c0a438c274362e9af66","sha1":"35fdae97669f2ddcbd1783b3302d6aeb92fe119e","sha256":"e9d93a8a33f857087759a692cd4c1d6587182141c583097c6836f5cd162fb140","sha512":"0bfabf73d77918b79e570150353280a50b43baee616dc4d34767e2daa8cf1c2cd635c8a9ab779b73d15d56de29c159eddd8480d8d6fd40515302283685152641","ssdeep":"96:9prpJmVJ0YjTiyngn5UM1FdvF4krtwjeFgLHuow04j7GnpygmFYVfPGJ9LD0njEN:9prqOuTiyGUMpvFjtwjC+HuowV3Gpyge","tlshash":"19c16d6e142f411ab86ff5b546a028e8d9e0e0a7c361c54c7af7a0dc1f64d94d414679","first_seen":"2023-07-10T20:08:14Z","last_seen":"2026-04-01T17:56:55.76059Z","times_seen":250,"resource_available":false,"data":null}},"time_used":830,"timings":{"blocked":624,"dns":0,"connect":0,"send":0,"wait":205,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/DdzjdIBS.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:00.693Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/DdzjdIBS.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:00 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-202c\"\r\nExpires: Fri, 09 Jan 2026 14:16:00 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: fbb69dbcce0f3127f862adffd8eab4ad\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8236,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (8167)","md5":"33bcb92aed739580a4150bd8b32c8501","sha1":"369cbd00ff3fdaa1e55d5d90a17489c7d3dbde4a","sha256":"4dd7cce928880fa87157babd51b41c97f01b2fa764847cb0f6e848915f7a8891","sha512":"8e2ae0a1f1ac46264fb6066d412e0b60368979137581ae42c66a4f1a43402660668f4af3f2b39788c9d3de2cf4d05e149f4bf8fc0f9675aa44d335991972531f","ssdeep":"192:jvUT9JlEDIWGrVqaLNbObnH7zmzQgFVPOWxxE:jMTPOBuE4bObbzMQ+VWWzE","tlshash":"9202a609f01490b4f376ed94d8784c0a9e0b6fd556e880c8e4eade1b5366cb439e9b1c","first_seen":"2025-10-16T06:08:09.826209Z","last_seen":"2026-02-28T19:40:37.435081Z","times_seen":165,"resource_available":true,"data":null}},"time_used":622,"timings":{"blocked":195,"dns":19,"connect":204,"send":0,"wait":204,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/member/register/deviceId","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.028Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /member/register/deviceId HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\napp-type: stationGroup\r\ncontent-type: application/json\r\nm-acct: sc00\r\nContent-Length: 264\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":264,"data":"{\"requestId\":\"GNXGXNxHkbG3fccsQBjsGikMPtbfzArb\",\"appId\":\"sc00\",\"time\":1767966363009,\"sign\":\"aca9bff165d86bb1e1939128d0757d3a\",\"body\":\"af184e2939d4ad7ba5cf912c3e60b8e095c910c25417bc98c8c424629ad5d59853bf2e1ab2be03dc521d2c4078a884446ee9c1371040e372b50da84733794a41\"}"}},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:03 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Robots-Tag: index, follow, max-image-preview:large, max-snippet:-1, max-video-preview:-1\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: d61c2a34a36480b9946419489574f2d1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1050,"size_decoded":0,"mime_type":"application/json","magic":"ASCII text, with very long lines (1050), with no line terminators","md5":"1d3b50323341ed27599d193206be2b37","sha1":"56c5f72465f0969f17bb096852f06673aa990900","sha256":"b7a93230b431dc9de8776713aafe2178208326b6ba1a259240649de8656d83f3","sha512":"f30276bbf34795a7f2325dbddcb587e72eb02b214dfeb2c17fe6aa6f8ddf237bf160ff83dbc7342d28e2df5675dab5681de490f9510303c8f75954890f759ef5","ssdeep":"","tlshash":"5a111882f3d1890697c3b19f0eba580aee074a77e5bbd2520953c10837efd80c8d4c81","first_seen":"2026-01-09T13:46:53.926813Z","last_seen":"2026-01-09T13:46:53.926813Z","times_seen":1,"resource_available":false,"data":null}},"time_used":382,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":382,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/omETxrfd.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.594Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/omETxrfd.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:06 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-16e1e\"\r\nExpires: Fri, 09 Jan 2026 14:16:06 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 81785f907a5fb978bb9ef4918ca7b094\r\ncache-status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":93726,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (59892)","md5":"fe5564590addaa5ffad8309b3a70ee26","sha1":"a9a4e784ce42a0dc065af731c186c17fe9f58a0d","sha256":"96d715abff4c7c5a671fdd6d984dd5785b211350bcb8ce0307db56cd04146fb0","sha512":"8a61544269f74a9f124ac4fb5b523dcb5651afc7840c25f2ed4bda999fe2df10ac358143c0d4f0a8438feacce37d3a24fa2a111b1e8e1edab4de1c4ef28d669b","ssdeep":"1536:KXE8PF+mmIyiNDyfESeZky+4jkiC3EOxrml3bu:qPUIyIysSeKy+4jki+d83bu","tlshash":"fe9371ccb696b06643a774b0807f600bf23b7c99184c4924f259d5e63db9a0c963bf6d","first_seen":"2025-10-16T06:08:09.739481Z","last_seen":"2026-02-28T19:40:37.443392Z","times_seen":169,"resource_available":true,"data":null}},"time_used":3304,"timings":{"blocked":1755,"dns":0,"connect":0,"send":0,"wait":771,"receive":778,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/Ww8WnoUa.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.596Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/Ww8WnoUa.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/WK6v7wUJ.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278; deviceId=37PEwMPYrDXTaEZEdYFaxb7i; userStore=%7B%22info%22%3A%7B%22userId%22%3A%222009622699604393984%22%2C%22uniqueId%22%3A%22204e50f4eea5492e9eaa812b9543f557%22%2C%22phone%22%3Anull%2C%22userCode%22%3A%223338FY6W%22%2C%22nickname%22%3A%22%E6%B8%B8%E5%AE%A2%22%2C%22deviceType%22%3A3%2C%22avatar%22%3Anull%2C%22signature%22%3Anull%2C%22gender%22%3Anull%2C%22city%22%3Anull%2C%22experience%22%3Anull%2C%22expLevel%22%3Anull%2C%22account%22%3Anull%2C%22userType%22%3A0%2C%22parentCode%22%3Anull%2C%22agentCode%22%3A%22JNO2R7YK%22%2C%22agentAcct%22%3A%22sc00_03%22%2C%22masterAcct%22%3A%22sc00%22%2C%22merchantAcct%22%3A%22sc00%22%2C%22coinBalance%22%3A0%2C%22pointBalance%22%3A0%2C%22vipBegin%22%3Anull%2C%22vipEnd%22%3Anull%2C%22vipFlag%22%3Afalse%2C%22userJob%22%3A2%2C%22deviceId%22%3A%2237PEwMPYrDXTaEZEdYFaxb7i%22%2C%22roles%22%3A%5B%5D%7D%2C%22searchList%22%3A%5B%5D%2C%22scrollLeft%22%3A0%2C%22downloadTime%22%3A0%7D; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uSWQiOiJhZDM0NTUwNWU5NzU0NDRkOWIxMWM0M2ZlZjBhN2RkYSIsIm1lcmNoYW50QWNjdCI6InNjMDAiLCJ1c2VySWQiOiIyMDA5NjIyNjk5NjA0MzkzOTg0In0.bdt2tOADF1swp4g_M8rGMi5M6CLflZ_dBocaih1RUXw\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:04 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-16f0\"\r\nExpires: Fri, 09 Jan 2026 14:16:04 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 013039289fc387645e9be493a23bbcb8\r\ncache-status: EXPIRED\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5872,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, Unicode text, UTF-8 text, with very long lines (5837)","md5":"a6e2fa6440590bee0b441e20a98f5db7","sha1":"1472aeab176dfcaa1b3922a4f7f90c48ab6eb9ac","sha256":"d6017e5510f4d8d517b9ced4adda3a5aba14d469c27ca0d8ad4bd1daff96130f","sha512":"b55736462fa78eec35720e8906c6ccf72804951176a8278924379a8df886340db39e22a4591bf1a27515114373d31447a7a93d8e8626c57faa34e25224b03638","ssdeep":"96:QGtpQhV2RoqNgFikq7A0LHGns/yoGygpN4BGXdaQ5OJLHFnA:jtpQmoqNgFikq7A0bGnjegnyuPO1FnA","tlshash":"94c1b80df578a8b9f37ae9a4c0615809870a379612da89d5b1bfdd235310cb078ad77c","first_seen":"2025-10-16T06:08:09.810724Z","last_seen":"2026-02-28T19:40:37.463258Z","times_seen":164,"resource_available":true,"data":null}},"time_used":1426,"timings":{"blocked":659,"dns":0,"connect":0,"send":0,"wait":767,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/CvUKjgFw.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:05.675Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/CvUKjgFw.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/WK6v7wUJ.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278; deviceId=37PEwMPYrDXTaEZEdYFaxb7i; userStore=%7B%22info%22%3A%7B%22userId%22%3A%222009622699604393984%22%2C%22uniqueId%22%3A%22204e50f4eea5492e9eaa812b9543f557%22%2C%22phone%22%3Anull%2C%22userCode%22%3A%223338FY6W%22%2C%22nickname%22%3A%22%E6%B8%B8%E5%AE%A2%22%2C%22deviceType%22%3A3%2C%22avatar%22%3Anull%2C%22signature%22%3Anull%2C%22gender%22%3Anull%2C%22city%22%3Anull%2C%22experience%22%3Anull%2C%22expLevel%22%3Anull%2C%22account%22%3Anull%2C%22userType%22%3A0%2C%22parentCode%22%3Anull%2C%22agentCode%22%3A%22JNO2R7YK%22%2C%22agentAcct%22%3A%22sc00_03%22%2C%22masterAcct%22%3A%22sc00%22%2C%22merchantAcct%22%3A%22sc00%22%2C%22coinBalance%22%3A0%2C%22pointBalance%22%3A0%2C%22vipBegin%22%3Anull%2C%22vipEnd%22%3Anull%2C%22vipFlag%22%3Afalse%2C%22userJob%22%3A2%2C%22deviceId%22%3A%2237PEwMPYrDXTaEZEdYFaxb7i%22%2C%22roles%22%3A%5B%5D%7D%2C%22searchList%22%3A%5B%5D%2C%22scrollLeft%22%3A0%2C%22downloadTime%22%3A0%7D; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uSWQiOiJhZDM0NTUwNWU5NzU0NDRkOWIxMWM0M2ZlZjBhN2RkYSIsIm1lcmNoYW50QWNjdCI6InNjMDAiLCJ1c2VySWQiOiIyMDA5NjIyNjk5NjA0MzkzOTg0In0.bdt2tOADF1swp4g_M8rGMi5M6CLflZ_dBocaih1RUXw\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:05 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-c26e\"\r\nExpires: Fri, 09 Jan 2026 14:16:05 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 06af6ca9c18c2740423e6be1750cd539\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":49774,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (31192)","md5":"8ec8c5a192a70d61e3c277ae4664cc45","sha1":"6dc252e536b034e7a53ed513a3b043191d8f03eb","sha256":"b27efe285bffe40caba353c36a070ad52d0a8830d1a91dece4e1407b35217d22","sha512":"c1e5e9f3d3e1e5663372285421a8d6d74a8b21bd6f5de0892ad453d4ef9744260ac040696748fc9df08b0ab2e61cc5922228f57247932327e33a44a00bb4dbaf","ssdeep":"768:ryeAV3kkJ7f2bap3ac6qPb4/9ebB1GUwtltBjT3MVLrv27YMvZ14Q9QSkeDZy/9u:rc0eHN5VL/ZdjYfh","tlshash":"18235d40b474a578e77791ec509a4842266e2f4cf024c5e0f0bd9d193be6cf4ea9d73a","first_seen":"2025-10-16T06:08:09.632355Z","last_seen":"2026-02-28T19:40:37.453217Z","times_seen":163,"resource_available":true,"data":null}},"time_used":459,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":232,"receive":227,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/index.BHRJe94r.css","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:45:59.175Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/index.BHRJe94r.css HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:45:59 GMT\r\nContent-Type: text/css\r\nContent-Length: 781\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nETag: \"68ef84a1-30d\"\r\nExpires: Fri, 09 Jan 2026 14:15:59 GMT\r\nCache-Control: max-age=1800\r\nServer: layun.com\r\nX-Request-Id: 37ff14f1b81ba02db20ccbce7879d88b\r\ncache-status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":781,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (780)","md5":"882a880061ce19550bc5625b61c35849","sha1":"fd9e118a911e6377fac661a4c81cc3c35e89d79a","sha256":"795ca5db3b16747ca0f4914807486c3d2f949fa715c46a3fde42a483ae0a115a","sha512":"b1c670b5edd6e6ac0a20599f7363ec5dd83d920d1fd275102b010561a2bc92374018ff2947038bcd4888bdc95d15ac274fbbebb25076124dc4d86605c46159e4","ssdeep":"","tlshash":"fc01ad9f5760e53abe233d65fbe776f8a03e89414d1e85a97380500d48cb6f63326225","first_seen":"2024-12-11T22:34:53.074056Z","last_seen":"2026-04-03T08:52:48.075644Z","times_seen":1391,"resource_available":false,"data":null}},"time_used":686,"timings":{"blocked":201,"dns":21,"connect":219,"send":0,"wait":244,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/HRf1EEH4.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:00.694Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/HRf1EEH4.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:00 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-550\"\r\nExpires: Fri, 09 Jan 2026 14:16:00 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: d43f3f422e032e51fce271eea1712481\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1360,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (1359)","md5":"a116ac339fcb6f9815fa22f42b5f48bc","sha1":"da529f8161aa74387829643285f287861243a4bd","sha256":"5d356e6e20509f056b7ecb24ce5e6ca55daf6e97bea83d236504d665f502eee6","sha512":"ced9540777fa752bf18c052bcbedbb7fce078306ebff32cf415c50d5e355ebe7481256e4e54c7d2dfc7b8d788980ebfec9d35b66968df3280767c8afb6d2b4c7","ssdeep":"","tlshash":"d921614cf855f2b9893a0028590c7c2621487fa8e2269340f3b4867aef18c63fa98335","first_seen":"2025-10-16T06:08:09.635793Z","last_seen":"2026-02-28T19:40:37.459841Z","times_seen":171,"resource_available":true,"data":null}},"time_used":632,"timings":{"blocked":197,"dns":12,"connect":208,"send":0,"wait":215,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/DptArvn-.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:00.736Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/DptArvn-.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:02 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 83\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nETag: \"68ef84a1-53\"\r\nExpires: Fri, 09 Jan 2026 14:16:02 GMT\r\nCache-Control: max-age=1800\r\nServer: layun.com\r\nX-Request-Id: ef0e1ae9e0ffde4d2328facbfe33cca7\r\ncache-status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":83,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text","md5":"f9df5b1f126b2eb2cf955311f48cead5","sha1":"396b77a173859b5f73a666b9da0d7b22f66413bd","sha256":"9cc5e9fabec00ccc8a355d4925f7c083c4c0b6f1d53f4c04057af45f5671b34e","sha512":"4e8f16e77942a7d978feed32c2529f83a6b9b29426ec0294142e238822a31d476aec016aaddbf3b29f532eaff70ccec499ea81e13f736957bae1e17afa3aadab","ssdeep":"","tlshash":"f2a0122d084001b700411cc85306a2a107200408176047d044084a2203214c7644da00","first_seen":"2025-10-16T06:08:09.886213Z","last_seen":"2026-02-28T19:40:37.432352Z","times_seen":171,"resource_available":true,"data":null}},"time_used":1370,"timings":{"blocked":1168,"dns":0,"connect":0,"send":0,"wait":202,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/builds/meta/d082ab04-5987-45d5-bdd4-782ecdce94ec.json","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:45:59.189Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/builds/meta/d082ab04-5987-45d5-bdd4-782ecdce94ec.json HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:00 GMT\r\nContent-Type: application/json\r\nContent-Length: 139\r\nConnection: keep-alive\r\ncache-control: public, max-age=31536000, immutable\r\nX-Robots-Tag: index, follow, max-image-preview:large, max-snippet:-1, max-video-preview:-1\r\nVary: Accept-Encoding\r\nETag: \"8b-WQ1B2uU3XVOtEhaXxYppQgxAAeA\"\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nServer: layun.com\r\nX-Request-Id: 0f276ead301bd03302cc6e1ff7dc3604\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":139,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b689c6ec2954b741ecabfa2d70ca10f4","sha1":"590d41dae5375d53ad121697c58a69420c4001e0","sha256":"85508f2b6fac8761ff1c750254ba19b0b49b5ae9fb64f44e3b86d3fe0a0d6b8d","sha512":"6aa8ce5eb63de867f6e6282dd6e3619893447ee4d499dabdfa182905f3ded7f8c751677204b33dce45a723829adbd7f6eb780988b0de827d879a28052b0bc60c","ssdeep":"","tlshash":"1fc02b36064079e37810ca31c4082021ec6a026294bca4a504242d3f035c06e3104137","first_seen":"2025-10-16T06:08:09.918893Z","last_seen":"2026-02-28T19:40:37.458318Z","times_seen":172,"resource_available":false,"data":null}},"time_used":1189,"timings":{"blocked":404,"dns":0,"connect":0,"send":0,"wait":784,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-12-30/21/2005989969518780416.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.414Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"OPTIONS /image/2025-12-30/21/2005989969518780416.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: responsetype\r\nReferer: http://tqyy5mv8.top/\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:04 GMT\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: responsetype\r\ncontent-type: text/plain\r\ncontent-length: 0\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":2604,"timings":{"blocked":1018,"dns":348,"connect":366,"send":0,"wait":501,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/CCn-0ZJN.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.584Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/CCn-0ZJN.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:05 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-1303\"\r\nExpires: Fri, 09 Jan 2026 14:16:05 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 1077e0b5b5319c95dfc5e981cf5b1072\r\ncache-status: EXPIRED\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4867,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, Unicode text, UTF-8 text, with very long lines (4858)","md5":"ba1932965e7379a0c8761e7ebab5c77f","sha1":"f7767b50455fdb341b34722c06ad9a92fcfcb2aa","sha256":"974c2ba95339d513a361a152d0f77530a3d8550e27d99fe7b25a3253f4cf4d04","sha512":"fd9d06d4be4c93e97fc827ad228daa8f484159eef474f64267f956c85b16565ab8a6f1ca39ab448bac871c2c8908fdeef6378085ff9b9c8ba3784e09fb242225","ssdeep":"96:YpRQKKdz3waOof6S8CehWvNhhsvA0UGhqtl/kVKtipq7srV:YpRIdjwalSZCrVcHoO7V","tlshash":"76a1f24cf100e6bdd71f15b4846c4c0dab4b3ed8e9fa820963b9991fa781cb27a48774","first_seen":"2025-10-16T06:08:09.866301Z","last_seen":"2026-02-28T19:40:37.433854Z","times_seen":170,"resource_available":true,"data":null}},"time_used":2381,"timings":{"blocked":1615,"dns":0,"connect":0,"send":0,"wait":766,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-11-22/14/1992123313063714816.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:05.553Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"GET /image/2025-11-22/14/1992123313063714816.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://tqyy5mv8.top/\r\nresponsetype: arraybuffer\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:05 GMT\r\ncontent-type: text/plain\r\netag: W/\"9a8aabe1f90bd27c743c4d30bf9e13f0\"\r\nlast-modified: Sat, 22 Nov 2025 06:49:45 GMT\r\nx-wasabi-cm-reference-id: 1767243601932 154.18.200.104 ConID:436715149/EngineConID:4223615/Core:4\r\nvia: 1.1 d268ba3c598821e39e57e8a484b64be6.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: SIN2-P5\r\nx-amz-cf-id: UgCuNnawrHQqaEc1ep515iqT7dkfYjA--kUUon18h9vQBtwvMr1BDw==\r\nage: 31809\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-expose-headers: *\r\nx-cache-status: HIT\r\ncontent-encoding: br\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":502144,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"9a8aabe1f90bd27c743c4d30bf9e13f0","sha1":"f40273a8aed17efd6a7855345858c8d57b1f9304","sha256":"f5068e15e7cae3de4b7d96d233d4fbe561b77274f9e82c42e8523fc78c67969b","sha512":"8e9c13f4d8470b1b747784db089f88828e00d489614a6bf00161f3cc6656ac42e643c9c1e573aa9626536a01c4a9b0c81204fe6b470b27f2e1f20796de163a48","ssdeep":"12288:GD/NNGZ0gIqO8QiFj17fCuGmaNBUddQNTu:g/NwyhqO8rdxF7QJu","tlshash":"ddb423636e823e3fdc14a9a4415aee041bf01fc3ddd476a3244a3bea3196b253937d25","first_seen":"2025-11-22T09:25:04.726799Z","last_seen":"2026-01-22T07:53:23.062054Z","times_seen":914,"resource_available":false,"data":null}},"time_used":1370,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1370,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2026-01-01/1/2006410820382744576.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:05.607Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"GET /image/2026-01-01/1/2006410820382744576.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://tqyy5mv8.top/\r\nresponsetype: arraybuffer\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:05 GMT\r\ncontent-type: text/plain\r\netag: W/\"b9d78939aa43975dfabf5104abcc4324\"\r\nlast-modified: Wed, 31 Dec 2025 17:03:12 GMT\r\nx-wasabi-cm-reference-id: 1767202080152 154.18.200.102 ConID:1287265644/EngineConID:12619240/Core:72\r\nvia: 1.1 be44d003490e0ce1bc7306c03d03336c.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: HKG54-P2\r\nx-amz-cf-id: M50BtAM8FDSxelso0v5lMpJJzXx1aBHhtXTo4oXygqhiCsuZlqdUQg==\r\nage: 73349\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-expose-headers: *\r\nx-cache-status: HIT\r\ncontent-encoding: br\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":197548,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"b9d78939aa43975dfabf5104abcc4324","sha1":"f8f7d63e9561c358c18d0fb95a83273a0486e8df","sha256":"8bd636ab7ae3eb718babeead92a641abdb2a26181772c62ebdf86681b6436d26","sha512":"d7d6a2858b54a4b78a67cbf48f94d0bbbbe822bd0b2c0577a6d5195eac838b9192acd9ac31a616326de348974239c9561e141d1671d9b45287e42ce9a7928363","ssdeep":"6144:P/qA24cNjcBRYhkDqdnZW8nNPqvrgmoNmRsj:P/X20mUqZW8NKr+NmRsj","tlshash":"45141390182661f8527cb4bc3856000773cf02e569a5f1676acff17fe1d56a2c0bba6b","first_seen":"2025-12-31T23:08:58.343798Z","last_seen":"2026-01-18T07:43:11.233292Z","times_seen":147,"resource_available":false,"data":null}},"time_used":934,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":934,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/B1gS06j0.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:00.703Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/B1gS06j0.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-2eba\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: cc465a146d6ff9bd616d6d551c10718c\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11962,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (11961)","md5":"73d6a683c1307703acbbae9216eeafe4","sha1":"a10aee3e906cb8521e6853a9db2524770cfe5e80","sha256":"40c07a58b51457fd0d9f5370f5f3ed7b7bd7dead64520adac534101b5a4c760f","sha512":"3ec0395146341c90b939e9b92ce8c3afd59e052830c70f6e509d4e476e671da1f25d02287ebcdc6681efc65bf386a7832759e9f3dc7e4379237f8c23b7ea3070","ssdeep":"192:LEIC7jOM2E/9w0Y+tea71HtxzyVdCLRes9tkc5JnBC6P00eVUJHHLwE:LEhjzTG0Y+te2N+CLRes9tn7PFQUJHHP","tlshash":"3e326354e040b93719e7cc8ff015ad51e74c662ac836b8f6f566a1be17bb420e312b39","first_seen":"2025-10-16T06:08:09.707744Z","last_seen":"2026-02-28T19:40:37.432816Z","times_seen":165,"resource_available":true,"data":null}},"time_used":593,"timings":{"blocked":389,"dns":0,"connect":0,"send":0,"wait":204,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/DV_8Za2T.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:01.036Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/DV_8Za2T.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/B80mK0S0.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-f5c\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 5317aada1b44c45b23386fc68a2f8164\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3932,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, Unicode text, UTF-8 text, with very long lines (3907)","md5":"c7ae8e3f8f678477e6e2fe3f9a2c5f8f","sha1":"5581b096f22243785364b964aa27deaa3cf07e92","sha256":"ff948a6f62ebee4a5056224d4c1242f87173133bde7c2b20e3872c5dbb7fc632","sha512":"75c145fdcd57ff6c2db358d8a3072beea456a75171b49444aa85b5808976cd61fbd466fefaa460eb6bf853552c8cf2e6f3a1347fb95af4ec1c27d594a187ef4d","ssdeep":"","tlshash":"1e81ffcdb08986fea35b0530048d5818624e3eecdaeb874b52f98d59b386dd5b86d370","first_seen":"2025-10-16T06:08:09.761706Z","last_seen":"2026-02-28T19:40:37.458827Z","times_seen":171,"resource_available":true,"data":null}},"time_used":591,"timings":{"blocked":381,"dns":0,"connect":0,"send":0,"wait":210,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/22V1J99o.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:02.147Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/22V1J99o.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/BGnZWUEv.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:02 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-da08\"\r\nExpires: Fri, 09 Jan 2026 14:16:02 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: ee4f24e095a8ceca9b1fa134d8394e0a\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":55816,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (42842)","md5":"513cc4012f5b8329aa557c250e94ebc9","sha1":"f76f2b14fdfdbe3d648d40e001af5bea5b35aec0","sha256":"26b8bd74790f95e2b3b7354afe85c55294d46cfb53c02389ef8fc3c6b5f0f3ec","sha512":"e689c776586124cbbd2d3501a74f5f8869e7bf270a6fae3138ee5d0c21626e7334e592c3cae030c343a31e88f05935929fe8be13317b1f384786deda89aa529c","ssdeep":"1536:nkVRRkeadSfFAgYsC7tuQZqnVat+qgKTId1Nnh5Bcmu4qryvUqyR3cLr:uTkVdLdsC7oWq/5HGRc","tlshash":"7f435c9c72a4b0f163bb45b9807f4407b3392e15900ee450b269cee92674d75e1bbb3e","first_seen":"2025-10-16T06:08:09.689838Z","last_seen":"2026-02-28T19:40:37.462765Z","times_seen":171,"resource_available":true,"data":null}},"time_used":457,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":225,"receive":232,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/Bm7ddlXp.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:02.154Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/Bm7ddlXp.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/BGnZWUEv.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:02 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-4a5\"\r\nExpires: Fri, 09 Jan 2026 14:16:02 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 9db41d4d96115133836252485db0cde4\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1189,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (1188)","md5":"7129a1fb57f0e6fba13a56e46cdf8bf6","sha1":"709122464f8c6de3bfc9b9c44c9bf5f948890069","sha256":"0cf7bdeab7b345499662eeababda810f58b54d7b0ce27eb331ae65c2b7d3ab1a","sha512":"0f74446f1a7a4ca7c6e4d97a9c164e92af2a02536d3e4959fdb6dcbf48142a1ba7cebc38d98571a59a58a14df032017e12de1f56cf97ca0debb36da47f556032","ssdeep":"","tlshash":"6f21148cf459c579a7738cb805502c41b60c7f7cb52fa7e19ae817513a96c21e71e718","first_seen":"2025-10-16T06:08:09.93282Z","last_seen":"2026-02-28T19:40:37.428553Z","times_seen":171,"resource_available":true,"data":null}},"time_used":211,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-12-31/1/2006055327961309184.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.516Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"OPTIONS /image/2025-12-31/1/2006055327961309184.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: responsetype\r\nReferer: http://tqyy5mv8.top/\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:04 GMT\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: responsetype\r\ncontent-type: text/plain\r\ncontent-length: 0\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":1244,"timings":{"blocked":723,"dns":0,"connect":0,"send":0,"wait":521,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tqyy5mv8.top/","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-09T13:45:52.020Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":1762,"timings":{"blocked":1762,"dns":0,"connect":206,"send":0,"wait":0,"receive":0,"ssl":223},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-09T13:45:55Z","timestamp":1767966355,"ip_dst":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"ip_src":{"addr":"172.18.0.35","port":43776,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2026-01-09T13:45:55.200319+0000\",\"flow_id\":1935308078871793,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.35\",\"src_port\":43776,\"dest_ip\":\"45.202.214.180\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"tqyy5mv8.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1075},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":669,\"bytes_toclient\":4613,\"start\":\"2026-01-09T13:45:54.226545+0000\"}}"}],"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-09T13:45:54.227Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:45:55 GMT\r\nContent-Type: text/html;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Robots-Tag: index, follow, max-image-preview:large, max-snippet:-1, max-video-preview:-1\r\nx-powered-by: Nuxt\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: b23183bb09c23613aaa3801a82c629bb\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"Nuxt.js","description":"Nuxt is a Vue framework for developing modern web applications.","website":"https://nuxt.com","common_platform_enumeration":"","icon":"Nuxt.js.svg","categories":["JavaScript frameworks","Web frameworks","Web servers","Static site generator"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":433325,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (59952)","md5":"1f2c14514b10415895eb078489a3d3a2","sha1":"6f558d44a41926ed8a46175aa2a9d05ef98033fc","sha256":"f87948ec7f995ab6a9fa95c0a981739a7e0f2048118b465205fbdb61e395da49","sha512":"463e67b3b29cccfe127cb8563c0d9c56702e029a577a85aab853742cbddb6e7259233d60f2f3554768d44f8063229cd9bcabecec5c78bba96ce199e1a03431d1","ssdeep":"6144:EH1NjnxchEmJe8hs/NsaL23pIbk/S93jYpiKcWw44R12A602XLSSwr0t1juLg2Ly:qjnxwEIe8hmpwmEU8B","tlshash":"9e941b78e978467f5e23c8f4a5b8fe8c60e67244de07dfc1698ec1280be7ea52815354","first_seen":"2026-01-09T13:46:53.935471Z","last_seen":"2026-01-09T13:46:53.935471Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5923,"timings":{"blocked":204,"dns":1,"connect":203,"send":0,"wait":770,"receive":4744,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-09T13:45:55Z","timestamp":1767966355,"ip_dst":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"ip_src":{"addr":"172.18.0.35","port":43776,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2026-01-09T13:45:55.200319+0000\",\"flow_id\":1935308078871793,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.35\",\"src_port\":43776,\"dest_ip\":\"45.202.214.180\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"tqyy5mv8.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1075},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":669,\"bytes_toclient\":4613,\"start\":\"2026-01-09T13:45:54.226545+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/WK6v7wUJ.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:00.666Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/WK6v7wUJ.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:00 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-62927\"\r\nExpires: Fri, 09 Jan 2026 14:16:00 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: fc4ddab69cbe449de4270dc2af8fda3f\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":403751,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (24890)","md5":"ba2c1db780414260bf9f1c27d6b707b4","sha1":"b31d88b1ad7a7cd47d80b4f3b6bb007a7ca95289","sha256":"209bec5e822efef7719fec8d0c0b7709f61e759eecf3eb764f5b33d37e13d238","sha512":"424318a3d197ead5e691379053aa80a84baa7389da4e4ae4af17f83d2fa68e10e4f3376b4a1c5019a6443f61c9ba705c4a1957106b0bd12e73a4e425b3c038e8","ssdeep":"6144:UPrhxWg1WRCrnGQVXmAJJjskVu08ILFODtuq6Z+pa9Lhu7:UPHzOCzGPmtY08I676Z+pOK","tlshash":"818449e83196b0b253f629e1807f0006f2392925384dc4d4f16dedea3ab655991bbf3d","first_seen":"2025-10-16T06:08:09.686192Z","last_seen":"2026-02-28T19:40:37.467597Z","times_seen":171,"resource_available":true,"data":null}},"time_used":1255,"timings":{"blocked":220,"dns":18,"connect":202,"send":0,"wait":205,"receive":610,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/BEu6Ldxs.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:00.716Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/BEu6Ldxs.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":361,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (360)","md5":"f763a28ca57db1035abb0ecc8ad7a4bb","sha1":"3afd0e2bc2c3938f9850e11299332030473c2f02","sha256":"affa82a5bf58f5442a1ed7d9ddfab14663ed8da0420a9f279eba26e8ee20bac5","sha512":"bb116a1ccf0a133a5c9d1844221e2df5ed11f63304849fbc14a8a04ec0a2039963ef1c8487e044fc6672579dcbad6fa0b4d9ecd49ed11ea85f8f0573322251bd","ssdeep":"","tlshash":"04e0c08e4010907446a38ee457140c19d204e710b3a9dface2cc883725a6037e24e31c","first_seen":"2025-10-16T06:08:09.893475Z","last_seen":"2026-02-28T19:40:37.422208Z","times_seen":171,"resource_available":true,"data":null}},"time_used":814,"timings":{"blocked":602,"dns":0,"connect":0,"send":0,"wait":212,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/Dh5MGw4w.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:01.018Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/Dh5MGw4w.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/B80mK0S0.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-58c\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 865f655f35e397acf87ceab4f09fd108\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1420,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (1419)","md5":"c383980eeeb59fb4cd3f3d2e59e4eb8b","sha1":"040ee3cd7b691b4012202519f4d36f2811ac6b37","sha256":"23ce21c96f0d0e8f007d476d4e331019197b0fead912967af13062db338ada93","sha512":"1f076877483aa3f409a071309c0584ec4118a582c157992cb5d397d9759ed2f86911c5d3522dceda35f9298c1780a52074b774c02c392a78716442f657adb923","ssdeep":"","tlshash":"752146099499cb7e8aa20cb415785804271c5f48e93dc6d0e6bc1a77a787570b609728","first_seen":"2025-10-16T06:08:09.862004Z","last_seen":"2026-02-28T19:40:37.439725Z","times_seen":171,"resource_available":true,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-12-29/0/2005311181931798528.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.387Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"OPTIONS /image/2025-12-29/0/2005311181931798528.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: responsetype\r\nReferer: http://tqyy5mv8.top/\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:04 GMT\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: responsetype\r\ncontent-type: text/plain\r\ncontent-length: 0\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":2182,"timings":{"blocked":849,"dns":355,"connect":262,"send":0,"wait":437,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-05-22/12/1925409368123891712.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.509Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"OPTIONS /image/2025-05-22/12/1925409368123891712.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: responsetype\r\nReferer: http://tqyy5mv8.top/\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:04 GMT\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: responsetype\r\ncontent-type: text/plain\r\ncontent-length: 0\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":1248,"timings":{"blocked":728,"dns":0,"connect":0,"send":0,"wait":520,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-05-26/16/1926917911492157440.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.529Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"OPTIONS /image/2025-05-26/16/1926917911492157440.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: responsetype\r\nReferer: http://tqyy5mv8.top/\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:04 GMT\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: responsetype\r\ncontent-type: text/plain\r\ncontent-length: 0\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":1403,"timings":{"blocked":710,"dns":0,"connect":0,"send":0,"wait":693,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/index.B3CbyE0_.css","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:45:59.187Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/index.B3CbyE0_.css HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:45:59 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-1247\"\r\nExpires: Fri, 09 Jan 2026 14:15:59 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 9e44692c1539506ec74881757ee475d7\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4679,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (4678)","md5":"68ace99066020f9cf4f43d3a0cbcffbc","sha1":"175df65151b9e19eb5a692517de123b6afedee4f","sha256":"e04ab6053e4bd5387aa102dc379228ce5d2581a56730fa9576e5250962c4813e","sha512":"c9370f6810e2b89714a9e5c115598a30ada8b66b50d45796500f1cbdf9a16d36dcd405778c32cccf484477a13875e4a52c65c13600af1500f639d0560084084a","ssdeep":"96:dfb2UJGVh22BjosVKtoSYqo79oV51pdlHsKrPTtMgao0PoqZi87KbVP+h75m7MEu:d6U0yXNY","tlshash":"c4a168d6629cbdbcaf16a6f5a7572ddaf13ca8509c01a391f10c62230bc3bf43613619","first_seen":"2025-01-03T17:44:54.155144Z","last_seen":"2026-02-28T19:40:37.454794Z","times_seen":469,"resource_available":false,"data":null}},"time_used":629,"timings":{"blocked":405,"dns":0,"connect":0,"send":0,"wait":223,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-10-31/22/1984267176113070080.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.505Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"OPTIONS /image/2025-10-31/22/1984267176113070080.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: responsetype\r\nReferer: http://tqyy5mv8.top/\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:04 GMT\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: responsetype\r\ncontent-type: text/plain\r\ncontent-length: 0\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":1251,"timings":{"blocked":732,"dns":0,"connect":0,"send":0,"wait":519,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/api/_nuxt_icon/heroicons.json?icons=chevron-left-20-solid%2Cchevron-right-20-solid","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.537Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /api/_nuxt_icon/heroicons.json?icons=chevron-left-20-solid%2Cchevron-right-20-solid HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278; deviceId=37PEwMPYrDXTaEZEdYFaxb7i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:04 GMT\r\nContent-Type: application/json\r\nContent-Length: 639\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nlast-modified: Wed, 07 Jan 2026 11:40:00 GMT\r\netag: W/\"xNHupgoh9s\"\r\ncache-control: s-maxage=604800, stale-while-revalidate\r\nServer: layun.com\r\nX-Request-Id: 1e7bdc5a9c766f4a73ce0a5c8a35499d\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":639,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b4f3085ad4e64d27c64db5d7c971abb2","sha1":"68694b636d901fa97fe580b7045e7e1f139d3555","sha256":"6cbbe1554d46b455d2da350f5d004312ecacd53e16d94c6f7db1ee39b758cd84","sha512":"73167f3b2fde6321e77be78307a24dbd5e54e827542650e0ab62e33725b87200ceadc665ee4507a728a994083e9eba92b783b462a8007398eacda776edf397e1","ssdeep":"","tlshash":"d2f0f4a0243ca0bf5507863fc9ba02a98f7e6cd0366ca4a4163ef47064376ac4667950","first_seen":"2025-09-27T01:18:46.981952Z","last_seen":"2026-04-03T08:52:48.178179Z","times_seen":954,"resource_available":false,"data":null}},"time_used":780,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":779,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-12-31/1/2006055327961309184.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:05.578Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"GET /image/2025-12-31/1/2006055327961309184.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://tqyy5mv8.top/\r\nresponsetype: arraybuffer\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:05 GMT\r\ncontent-type: text/plain\r\nlast-modified: Tue, 30 Dec 2025 17:30:36 GMT\r\nx-wasabi-cm-reference-id: 1767117023851 154.18.200.104 ConID:394521615/EngineConID:3782609/Core:68\r\netag: W/\"e7be0c1d6820bb20746c9f9dba9cae91\"\r\nvia: 1.1 2b02de48585f486d7a41b12f1f5d9150.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: SIN2-P5\r\nx-amz-cf-id: bjcxu5pcwq4av82G98I9xNHvCHUG4ubEGMwYtcAFpvR6CNv-pXlN9w==\r\nage: 65286\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-expose-headers: *\r\nx-cache-status: HIT\r\ncontent-encoding: br\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":2742252,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"28eb244d3c92b7f7a1d1fe268c7af1f9","sha1":"4491133cff74244c01b6d7dacb8e2e3b0aebf8a3","sha256":"a6f371ff7badcd17804a6dc54481a35bd91cd80f5ccf41c8b9800106b8c0f4e2","sha512":"cfe00905b1b74df1d3f6bdc4577af57be7e6473c8f1906344fcdbf708102328ac3ede2ba9096cd093833aaa6444fdbeb14fa00a82f6704a4cfa45a2afb59c42f","ssdeep":"24576:KopMKJztHmcZqezgcF7AkxE7qnBzrTW3BedGbXoIXfD:AKJzpdlAkxRlUdD","tlshash":"f32523232ef28f9a8f6891a071772f5f0da74e85a4c886db4ad058dbc5cfe45083f459","first_seen":"2025-12-31T01:51:36.334338Z","last_seen":"2026-01-31T15:51:42.983863Z","times_seen":215,"resource_available":false,"data":null}},"time_used":1120,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1120,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-05-26/16/1926917911492157440.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:05.601Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"GET /image/2025-05-26/16/1926917911492157440.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://tqyy5mv8.top/\r\nresponsetype: arraybuffer\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:05 GMT\r\ncontent-type: text/plain\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-expose-headers: Date, Etag, Content-Length, Accept-Ranges, Content-Range, Server, Location, X-Amz-Version-Id, X-Amz-Checksum-Crc32, X-Amz-Checksum-Crc32c, X-Amz-Checksum-Crc64nvme, X-Amz-Checksum-Sha1, X-Amz-Checksum-Sha256\r\naccess-control-max-age: 86400\r\nlast-modified: Mon, 26 May 2025 08:26:46 GMT\r\nx-wasabi-cm-reference-id: 1766949905128 154.18.200.104 ConID:338960329/EngineConID:3279273/Core:24\r\netag: W/\"619d5b65ce746ae532a4cd201421e0b4\"\r\nvia: 1.1 89e2121ce1bfb4f8fdcd5075e7c32078.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: NRT20-P9\r\nx-amz-cf-id: mmU1ycl6cALVWi4Mm-29NR5ANszQXMmGZHvV0dh3a285sal5FWVGOw==\r\nage: 43658\r\nx-cache-status: HIT\r\ncontent-encoding: br\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":670700,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"619d5b65ce746ae532a4cd201421e0b4","sha1":"ebad78f2a05d239ddd429283f2c4a008cb91d499","sha256":"feff48a487b07a4b07d5e4206fe2682ce8abdde56a261278bd099ea207eee48a","sha512":"56be6c812b2ee2a9ccf49db407bf15cc34cc4afad465c808dc9419ae7fb0bd22c585817135ae02c0fd02cf93cfef0fea05413e52e82ef6452fb154e46e332cf9","ssdeep":"12288:q3diTtWo//MrfvMELrzA20zK8MgiUXs+6R/c+fJaYpOEPSjQ:qMxEvFzP0zliAmcshOEPB","tlshash":"afe4231d8fde99254428ce4e305f0a1aab55ffca88d641835bf7b6c550b9b01a33f839","first_seen":"2025-06-01T02:28:37.571291Z","last_seen":"2026-04-03T08:52:48.138524Z","times_seen":869,"resource_available":false,"data":null}},"time_used":981,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":981,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-12-30/21/2005989969518780416.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:05.619Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"GET /image/2025-12-30/21/2005989969518780416.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://tqyy5mv8.top/\r\nresponsetype: arraybuffer\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:05 GMT\r\ncontent-type: text/plain\r\nlast-modified: Tue, 30 Dec 2025 13:10:53 GMT\r\nx-wasabi-cm-reference-id: 1767115312797 154.18.200.100 ConID:1233689414/EngineConID:11892619/Core:14\r\netag: W/\"5eb6584a075b5830d8bd2bde408682f4\"\r\nvia: 1.1 5ea68ce5bef1d36a6ddbd05326ec4050.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: SIN2-P5\r\nx-amz-cf-id: iLEFiZvJAMYxxrtm7If4XbLpU0zwrEBeRlfDxTUAmSKoVJnvHPkXWg==\r\nage: 65043\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-expose-headers: *\r\nx-cache-status: HIT\r\ncontent-encoding: br\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":579692,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"5eb6584a075b5830d8bd2bde408682f4","sha1":"c7c335c314ae09ddd288e34b5942db73708a632b","sha256":"6c9b54f6935058f3536fb78d7dd6b4d3f22ce0141636bb369dad72989e7dae9b","sha512":"08f10f9ae29c3c0b0e12792e6ffb2ba94b9c6bf6d513bacf073ec54fa9739b8f06191c079149c563bdabc11634e47b73e9afe11365b1b686af42bf23e98cab0c","ssdeep":"12288:ReJ6A79XvnBCLdLCYY67GyVcBRaCiW/Jw+b57L4:Re3/nBCLpQ67GyVsJbK","tlshash":"8dc423da5fe6bef781a8a308113b2c6e1bc54432c93c99f743e271f35662f56894e520","first_seen":"2025-12-31T01:51:36.370129Z","last_seen":"2026-01-30T06:30:14.967616Z","times_seen":227,"resource_available":false,"data":null}},"time_used":1021,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1021,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/omETxrfd.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:06.175Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/omETxrfd.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/CvUKjgFw.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278; deviceId=37PEwMPYrDXTaEZEdYFaxb7i; userStore=%7B%22info%22%3A%7B%22userId%22%3A%222009622699604393984%22%2C%22uniqueId%22%3A%22204e50f4eea5492e9eaa812b9543f557%22%2C%22phone%22%3Anull%2C%22userCode%22%3A%223338FY6W%22%2C%22nickname%22%3A%22%E6%B8%B8%E5%AE%A2%22%2C%22deviceType%22%3A3%2C%22avatar%22%3Anull%2C%22signature%22%3Anull%2C%22gender%22%3Anull%2C%22city%22%3Anull%2C%22experience%22%3Anull%2C%22expLevel%22%3Anull%2C%22account%22%3Anull%2C%22userType%22%3A0%2C%22parentCode%22%3Anull%2C%22agentCode%22%3A%22JNO2R7YK%22%2C%22agentAcct%22%3A%22sc00_03%22%2C%22masterAcct%22%3A%22sc00%22%2C%22merchantAcct%22%3A%22sc00%22%2C%22coinBalance%22%3A0%2C%22pointBalance%22%3A0%2C%22vipBegin%22%3Anull%2C%22vipEnd%22%3Anull%2C%22vipFlag%22%3Afalse%2C%22userJob%22%3A2%2C%22deviceId%22%3A%2237PEwMPYrDXTaEZEdYFaxb7i%22%2C%22roles%22%3A%5B%5D%7D%2C%22searchList%22%3A%5B%5D%2C%22scrollLeft%22%3A0%2C%22downloadTime%22%3A0%7D; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uSWQiOiJhZDM0NTUwNWU5NzU0NDRkOWIxMWM0M2ZlZjBhN2RkYSIsIm1lcmNoYW50QWNjdCI6InNjMDAiLCJ1c2VySWQiOiIyMDA5NjIyNjk5NjA0MzkzOTg0In0.bdt2tOADF1swp4g_M8rGMi5M6CLflZ_dBocaih1RUXw\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:06 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-16e1e\"\r\nExpires: Fri, 09 Jan 2026 14:16:06 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 3351a6f6dc29ce79806feaad8c35983c\r\ncache-status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":93726,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (59892)","md5":"fe5564590addaa5ffad8309b3a70ee26","sha1":"a9a4e784ce42a0dc065af731c186c17fe9f58a0d","sha256":"96d715abff4c7c5a671fdd6d984dd5785b211350bcb8ce0307db56cd04146fb0","sha512":"8a61544269f74a9f124ac4fb5b523dcb5651afc7840c25f2ed4bda999fe2df10ac358143c0d4f0a8438feacce37d3a24fa2a111b1e8e1edab4de1c4ef28d669b","ssdeep":"1536:KXE8PF+mmIyiNDyfESeZky+4jkiC3EOxrml3bu:qPUIyIysSeKy+4jki+d83bu","tlshash":"fe9371ccb696b06643a774b0807f600bf23b7c99184c4924f259d5e63db9a0c963bf6d","first_seen":"2025-10-16T06:08:09.739481Z","last_seen":"2026-02-28T19:40:37.443392Z","times_seen":169,"resource_available":true,"data":null}},"time_used":750,"timings":{"blocked":198,"dns":0,"connect":0,"send":0,"wait":298,"receive":254,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/index.DlFlpvi9.css","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:45:59.161Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/index.DlFlpvi9.css HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:45:59 GMT\r\nContent-Type: text/css\r\nContent-Length: 276\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nETag: \"68ef84a1-114\"\r\nExpires: Fri, 09 Jan 2026 14:15:59 GMT\r\nCache-Control: max-age=1800\r\nServer: layun.com\r\nX-Request-Id: 4c78649150ac2c4208d5c9a7a8df1a84\r\ncache-status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":276,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"d77fc4a121ef7f040f119a28bf98c190","sha1":"bc36eb11276aa9c2ed4c74ef71142525224b677e","sha256":"2e25686572097f5895c3cb8d212db35102b785f8219dc88f8498f22c9f13e069","sha512":"193e21fc1a35b34bb00e8f3f1a829820b4113f72d4bcea14994d195118956ded85f78e10a7b8ce8cfee3e3183cfa2fa80c12494c59e654c602d70a893c610b9f","ssdeep":"","tlshash":"2dd012b1248dd235483b9896222b8cca73c9e816d791963b9b98f89075c6847f831169","first_seen":"2025-06-26T04:14:59.535349Z","last_seen":"2026-04-03T08:52:48.130333Z","times_seen":1212,"resource_available":false,"data":null}},"time_used":647,"timings":{"blocked":202,"dns":11,"connect":206,"send":0,"wait":228,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/BJTiVmqf.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:00.722Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/BJTiVmqf.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-7b6\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 61ae48c8f9c563a27e7e245f1d1c3884\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1974,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (1973)","md5":"f8f547444557edd63f784a5559e1e0ca","sha1":"e6b107251281dd71e70bf4e6a248d26c17e9ed7f","sha256":"22d4dfa068093b64f39ffcaac5536d7b5aefd3c6cb0a0c52ac3a9ac1ba015c8a","sha512":"9b27473460d3ceccaeb2a13ee313155f151fd45df8dd0aa333119bf3cc786f40d169b6ecb7f42144b31759282c16adb013166251eac384ba04fd3386110c53df","ssdeep":"","tlshash":"6941b6d068f16b769b0ba0a93a53083225946784e0064efc937d0d5b3ac98f0f67d61f","first_seen":"2025-10-16T06:08:09.556163Z","last_seen":"2026-02-28T19:40:37.460858Z","times_seen":165,"resource_available":true,"data":null}},"time_used":984,"timings":{"blocked":780,"dns":0,"connect":0,"send":0,"wait":204,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/C6NNx1pl.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:00.735Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/C6NNx1pl.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-43e\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 08120d5fe4a41a3c52f20217092871ab\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1086,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (1085)","md5":"b8147d961c8677310bbd6bcebeb098ce","sha1":"16eed3a339fe95f5044a711559958109a4bfbfdb","sha256":"565f4c7f6b212fd740539e9bc0f4362f631d5d2f3e20f0e8bfdde40ab9101977","sha512":"ed6ec8a1a3c6fa81ce45be654842fd0f1b0c4738422944ae874d83308358abbbb0802ce1aa4a12d602ac70d0e1917b36fd6955826eeb57b80103583cc4febe38","ssdeep":"","tlshash":"d41127cee5a80522727e8ddc91bb227305257b2b2075e2e0219a8f861729b6007e5e76","first_seen":"2025-10-16T06:08:09.674229Z","last_seen":"2026-02-28T19:40:37.423439Z","times_seen":171,"resource_available":true,"data":null}},"time_used":1225,"timings":{"blocked":1014,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/HRf1EEH4.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:01.015Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/HRf1EEH4.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/B80mK0S0.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-550\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 1fed48d325d3e6a9ebcdb3edd810e4ba\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1360,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (1359)","md5":"a116ac339fcb6f9815fa22f42b5f48bc","sha1":"da529f8161aa74387829643285f287861243a4bd","sha256":"5d356e6e20509f056b7ecb24ce5e6ca55daf6e97bea83d236504d665f502eee6","sha512":"ced9540777fa752bf18c052bcbedbb7fce078306ebff32cf415c50d5e355ebe7481256e4e54c7d2dfc7b8d788980ebfec9d35b66968df3280767c8afb6d2b4c7","ssdeep":"","tlshash":"d921614cf855f2b9893a0028590c7c2621487fa8e2269340f3b4867aef18c63fa98335","first_seen":"2025-10-16T06:08:09.635793Z","last_seen":"2026-02-28T19:40:37.459841Z","times_seen":171,"resource_available":true,"data":null}},"time_used":203,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":203,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/i01Blr7r.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:01.025Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/i01Blr7r.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/B80mK0S0.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-4ac\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 0097f6659baa872c435ed7d19562b48d\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1196,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (1195)","md5":"826f5fdb6ee79ff4506a59db01680676","sha1":"da5044530cd0d0a7963ad8902c2f71df88796fa7","sha256":"af56f6b6e78a55a3810ce208fa4f86359a156aaff3f2cda993c44c885bb88e67","sha512":"80b5d02cc1e925d4cc2e2da3d969d9096aebead5046e316e294955ad712527717a77572475e1183398a238420a7a22bf188a8bd6330ae5685b2e26fdb286dd48","ssdeep":"","tlshash":"4f21449db149907f3eba1dd04127184292225f0a6920b7f5e1564ff301b3d14e16ef7e","first_seen":"2025-10-16T06:08:09.804764Z","last_seen":"2026-02-28T19:40:37.445078Z","times_seen":171,"resource_available":true,"data":null}},"time_used":204,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":204,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/BGnZWUEv.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:01.919Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/BGnZWUEv.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/WK6v7wUJ.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:02 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-1caa\"\r\nExpires: Fri, 09 Jan 2026 14:16:02 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: b7e9fdea4ca4b68494c8e048487b36db\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7338,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, Unicode text, UTF-8 text, with very long lines (7325)","md5":"4c4ce5295bcf036398597803da51292c","sha1":"edf9243a3c349724d1d74d89b55cb7805fd2b49d","sha256":"b8cff8537b38f959e5d7c03e1a3c4a26bd5caf3b4b2cda8773c916644515cc1b","sha512":"fad071b88fe04936c75dba5436a60ddd0d718d508b4e052eb9d7261841df027c911d5b74a74705970595073bc58f44ee0f272b0ec8921f7c03b1d8ad0f4f0110","ssdeep":"192:5+ssWAOy34EODNfyQ/Pnl+Qz9OEU9L+yC+fkkhVM:5+s3AOaF6Nfym82nUfkP","tlshash":"a0e1a71ff02846b572bb494c40a48988a2490b1f9152dee6e1fdde303345ff5adb93b9","first_seen":"2025-10-16T06:08:09.765703Z","last_seen":"2026-02-28T19:40:37.436147Z","times_seen":170,"resource_available":true,"data":null}},"time_used":211,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-04-24/13/1915284040347541504.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.535Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"OPTIONS /image/2025-04-24/13/1915284040347541504.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: responsetype\r\nReferer: http://tqyy5mv8.top/\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:04 GMT\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: responsetype\r\ncontent-type: text/plain\r\ncontent-length: 0\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":1398,"timings":{"blocked":704,"dns":0,"connect":0,"send":0,"wait":694,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-12-29/20/2005612937769246720.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.436Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"OPTIONS /image/2025-12-29/20/2005612937769246720.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: responsetype\r\nReferer: http://tqyy5mv8.top/\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:04 GMT\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: responsetype\r\ncontent-type: text/plain\r\ncontent-length: 0\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":2598,"timings":{"blocked":1007,"dns":352,"connect":366,"send":0,"wait":491,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-12-22/20/2003086460528353280.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:05.565Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"GET /image/2025-12-22/20/2003086460528353280.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://tqyy5mv8.top/\r\nresponsetype: arraybuffer\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:05 GMT\r\ncontent-type: text/plain\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-expose-headers: Date, Etag, Content-Length, Accept-Ranges, Content-Range, Server, Location, X-Amz-Version-Id, X-Amz-Checksum-Crc32, X-Amz-Checksum-Crc32c, X-Amz-Checksum-Crc64nvme, X-Amz-Checksum-Sha1, X-Amz-Checksum-Sha256\r\naccess-control-max-age: 86400\r\netag: W/\"7f2c8c04577a328a1b7ebff02a0c8d4c\"\r\nlast-modified: Mon, 22 Dec 2025 12:53:23 GMT\r\nx-wasabi-cm-reference-id: 1767255394560 154.18.200.102 ConID:1304163049/EngineConID:12748989/Core:96\r\nvia: 1.1 e356100ddad8d3e5373bcedb8e103884.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: SIN2-P5\r\nx-amz-cf-id: 7cd57tdln9U8p3UZSp0zz6wE7-jfJqLDtctUfEt1Q6KVe-ZP7Zjc_A==\r\nage: 20049\r\nx-cache-status: HIT\r\ncontent-encoding: br\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":95596,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"7f2c8c04577a328a1b7ebff02a0c8d4c","sha1":"962a4ee3779fa4f27603442c86e6d6107aa28286","sha256":"cf5e8cdd0133a3cf0596e4e71a28266e9cca10342062c0a55b0ed32b7a3a8b4e","sha512":"695d2bcd9348c938d3b89553905e4d5be08fb790f7c850d16c01f20d2b5417972da24a129721bc85d497b4a6456aaedc5c81547653b405cf1197679394419ff8","ssdeep":"1536:s4v3fPudZk1TGYEtvqJboX+w+Kv3BKDx6rGCRJu3Ed1f0jfTMVSq3rZ:LPE/vuboX+wb3BKDk6QsI1f0/MVSq7Z","tlshash":"0c9312b8285b0dd14ed8f9a55a518e4cfff67969c3e6e34381a20dff161bb3902d9011","first_seen":"2025-03-26T07:08:43.295493Z","last_seen":"2026-03-19T03:04:13.307003Z","times_seen":334,"resource_available":false,"data":null}},"time_used":1370,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1370,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-05-22/12/1925409360544784384.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:05.573Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"GET /image/2025-05-22/12/1925409360544784384.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://tqyy5mv8.top/\r\nresponsetype: arraybuffer\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:05 GMT\r\ncontent-type: text/plain\r\netag: W/\"61e7f2130c305c168d61be400ca165c1\"\r\nlast-modified: Thu, 22 May 2025 04:32:19 GMT\r\nx-wasabi-cm-reference-id: 1767198462222 154.18.200.105 ConID:423197317/EngineConID:4081264/Core:21\r\nvia: 1.1 fd34111749e107e100ac4e8c8b82b284.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: SIN2-P5\r\nx-amz-cf-id: XgmpwitmqOxMYkVXdzPbn4Q4iazz2ckt97EympFyeb7HXAmFzotupQ==\r\nage: 76994\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-expose-headers: *\r\nx-cache-status: HIT\r\ncontent-encoding: br\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":605292,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"61e7f2130c305c168d61be400ca165c1","sha1":"09750d0b7a35f4d37b14dbb5eba1373e6bb0dae8","sha256":"8dddc0ddf85ac14edfe232668057631efcdd79e4b6dae5576202c8f13797d933","sha512":"1147f880ca08a0a4ebe7b02fceb170cb4ad8bdc9f8cc61f060b99c8574051d56f5388bc72c92704ec6059d32cce87942481ba92bbc90988b5b38a209c1db6493","ssdeep":"12288:yhGDmE4ICbHS0BvL5pPcFCPEpgqy6ZXHcy/cR3jWsxWlThwjArJog9X:ydEOyQ0MEpFOy/cR3qdrwlg9X","tlshash":"15d423059fbabea74734517c95bf2e1819c10ee418119cc612c9f2e1e588de20fbf6a6","first_seen":"2025-05-23T03:23:52.1079Z","last_seen":"2026-04-03T08:52:48.126658Z","times_seen":796,"resource_available":false,"data":null}},"time_used":1148,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1148,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/BwZF-_3D.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:08.247Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/BwZF-_3D.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/KGeZgdKO.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278; deviceId=37PEwMPYrDXTaEZEdYFaxb7i; userStore=%7B%22info%22%3A%7B%22userId%22%3A%222009622699604393984%22%2C%22uniqueId%22%3A%22204e50f4eea5492e9eaa812b9543f557%22%2C%22phone%22%3Anull%2C%22userCode%22%3A%223338FY6W%22%2C%22nickname%22%3A%22%E6%B8%B8%E5%AE%A2%22%2C%22deviceType%22%3A3%2C%22avatar%22%3Anull%2C%22signature%22%3Anull%2C%22gender%22%3Anull%2C%22city%22%3Anull%2C%22experience%22%3Anull%2C%22expLevel%22%3Anull%2C%22account%22%3Anull%2C%22userType%22%3A0%2C%22parentCode%22%3Anull%2C%22agentCode%22%3A%22JNO2R7YK%22%2C%22agentAcct%22%3A%22sc00_03%22%2C%22masterAcct%22%3A%22sc00%22%2C%22merchantAcct%22%3A%22sc00%22%2C%22coinBalance%22%3A0%2C%22pointBalance%22%3A0%2C%22vipBegin%22%3Anull%2C%22vipEnd%22%3Anull%2C%22vipFlag%22%3Afalse%2C%22userJob%22%3A2%2C%22deviceId%22%3A%2237PEwMPYrDXTaEZEdYFaxb7i%22%2C%22roles%22%3A%5B%5D%7D%2C%22searchList%22%3A%5B%5D%2C%22scrollLeft%22%3A0%2C%22downloadTime%22%3A0%7D; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uSWQiOiJhZDM0NTUwNWU5NzU0NDRkOWIxMWM0M2ZlZjBhN2RkYSIsIm1lcmNoYW50QWNjdCI6InNjMDAiLCJ1c2VySWQiOiIyMDA5NjIyNjk5NjA0MzkzOTg0In0.bdt2tOADF1swp4g_M8rGMi5M6CLflZ_dBocaih1RUXw\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:08 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 513\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nETag: \"68ef84a1-201\"\r\nExpires: Fri, 09 Jan 2026 14:16:08 GMT\r\nCache-Control: max-age=1800\r\nServer: layun.com\r\nX-Request-Id: 906fd4b02d05c4dd07a5a43a48bc4151\r\ncache-status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":513,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, Unicode text, UTF-8 text, with very long lines (502)","md5":"55a6713cfe3d1ebda0d5373e2f93e284","sha1":"7c332f09f2890c4a96371e7326c1a32359d174a3","sha256":"5edfbd9ff24166cc6ff332974c7a3087ab016776416e528dce246dfa1924d9aa","sha512":"65144ff17abd660eb4dd489bca30389b074058f7ae3eff75475ce1b2e161cb97f4c5fb245a327da053574cf407c71181240e69258f2ec53221855813a61b33dc","ssdeep":"","tlshash":"d9f0594cf993fab8499f4558a9246854f20e3dc8a21892e3a1ad8d633601815f6e9771","first_seen":"2025-10-16T06:08:09.831143Z","last_seen":"2026-02-28T19:40:37.437533Z","times_seen":168,"resource_available":true,"data":null}},"time_used":226,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":226,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/WK6v7wUJ.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:45:59.190Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/WK6v7wUJ.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:45:59 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-62927\"\r\nExpires: Fri, 09 Jan 2026 14:15:59 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 97f4c910d6afb0eefdcdba9e815f5c40\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":403751,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (24890)","md5":"ba2c1db780414260bf9f1c27d6b707b4","sha1":"b31d88b1ad7a7cd47d80b4f3b6bb007a7ca95289","sha256":"209bec5e822efef7719fec8d0c0b7709f61e759eecf3eb764f5b33d37e13d238","sha512":"424318a3d197ead5e691379053aa80a84baa7389da4e4ae4af17f83d2fa68e10e4f3376b4a1c5019a6443f61c9ba705c4a1957106b0bd12e73a4e425b3c038e8","ssdeep":"6144:UPrhxWg1WRCrnGQVXmAJJjskVu08ILFODtuq6Z+pa9Lhu7:UPHzOCzGPmtY08I676Z+pOK","tlshash":"818449e83196b0b253f629e1807f0006f2392925384dc4d4f16dedea3ab655991bbf3d","first_seen":"2025-10-16T06:08:09.686192Z","last_seen":"2026-02-28T19:40:37.467597Z","times_seen":171,"resource_available":true,"data":null}},"time_used":1391,"timings":{"blocked":432,"dns":0,"connect":0,"send":0,"wait":238,"receive":721,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/BGnZWUEv.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:00.729Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/BGnZWUEv.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-1caa\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 08a6e98637271d036f1ef768e2a55b6f\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7338,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, Unicode text, UTF-8 text, with very long lines (7325)","md5":"4c4ce5295bcf036398597803da51292c","sha1":"edf9243a3c349724d1d74d89b55cb7805fd2b49d","sha256":"b8cff8537b38f959e5d7c03e1a3c4a26bd5caf3b4b2cda8773c916644515cc1b","sha512":"fad071b88fe04936c75dba5436a60ddd0d718d508b4e052eb9d7261841df027c911d5b74a74705970595073bc58f44ee0f272b0ec8921f7c03b1d8ad0f4f0110","ssdeep":"192:5+ssWAOy34EODNfyQ/Pnl+Qz9OEU9L+yC+fkkhVM:5+s3AOaF6Nfym82nUfkP","tlshash":"a0e1a71ff02846b572bb494c40a48988a2490b1f9152dee6e1fdde303345ff5adb93b9","first_seen":"2025-10-16T06:08:09.765703Z","last_seen":"2026-02-28T19:40:37.436147Z","times_seen":170,"resource_available":true,"data":null}},"time_used":1174,"timings":{"blocked":972,"dns":0,"connect":0,"send":0,"wait":202,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/DQG20OtQ.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:00.733Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/DQG20OtQ.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-14b1\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 5759377613f0d15b87ec1166b135722b\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5297,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (5296)","md5":"848e083ac2f03c4e621c8294ddd42d02","sha1":"50f736063069b656dedbaf6e6a8eb80e8f81eb72","sha256":"888f64c36c876ee8206cd227dc30662fe808e37dea283a65623ed1f13da22bb3","sha512":"708e519bec0b5e0e58a70ddeaf290ddea3abbc847950beb6bebde1731bb5a4fb0a43ec93b33b1a00d0e7d23ac345324edf35e29fa43e6e2b08dc9d5e2c447211","ssdeep":"96:L2Y/QlGuIsPGoBtaQAvj3aaRhVm5ARLjRY96yYQXRFJ18QInGLA6Daa6+RQej:yYKO4tpAj3/LmeRvRY90Qh/1TLP2J+Rx","tlshash":"e3b1b7e5fd49bc378c37fc1845db54122a081bb5e118b6f1e5ea28491ae627075f0f71","first_seen":"2025-10-16T06:08:09.601427Z","last_seen":"2026-02-28T19:40:37.425516Z","times_seen":171,"resource_available":true,"data":null}},"time_used":1222,"timings":{"blocked":1010,"dns":0,"connect":0,"send":0,"wait":211,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/CLJUqehc.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:01.031Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/CLJUqehc.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/B80mK0S0.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-677\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 19cc4edfbd9a997bcc15db0cd7dc6108\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1655,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1654)","md5":"9cb8a818f13aa29052bff0efa2fb106d","sha1":"7f70099f17cb9322798cd4865fdbea83e04e7087","sha256":"88bca5ef548587790383d2a7723f36c855c04ab93afa42f5ac1b82bbd8086ac3","sha512":"9feeaaebab4a7eda46989a0d4abfd3a86fd89c1370d4bf9e1c2331c08b840cc4b58ee6d72fbca74caf62d8dc65ad82779a1dcf871cb84b0d918a01ccb910d071","ssdeep":"","tlshash":"de31f0cd31c7f0b2675698f4f127204ab72d1de024592490f1b998737922174b753969","first_seen":"2025-10-16T06:08:09.729566Z","last_seen":"2026-02-28T19:40:37.421513Z","times_seen":171,"resource_available":true,"data":null}},"time_used":389,"timings":{"blocked":180,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/B-uGL23L.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:01.034Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/B-uGL23L.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/B80mK0S0.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 475\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nETag: \"68ef84a1-1db\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nServer: layun.com\r\nX-Request-Id: c43d57b2b9ec8e52d5ec01249932e61f\r\ncache-status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":475,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, Unicode text, UTF-8 text, with very long lines (466)","md5":"65b1cb5bed3d597222c7971f9b69c26a","sha1":"7d613b63d5b250ad8cc87b63b25190c713864512","sha256":"35d5bdbf6a8188aa0d715ab3808cbcd6408d5afee8100950fc314bdc862aa1cc","sha512":"d32fe09c3d0906067b4836438687ce95176165fdb21b61e737a340c9f5e2d1a30428caa0fe8247627fdd3a3011d06d7e30652313d943ee9f59f5721358623d51","ssdeep":"","tlshash":"a3f097dca0869bb095d3082136444c13620e2ee5fa389a85b3ce293737d50bad98e325","first_seen":"2025-10-16T06:08:09.701864Z","last_seen":"2026-02-28T19:40:37.435596Z","times_seen":171,"resource_available":true,"data":null}},"time_used":593,"timings":{"blocked":373,"dns":0,"connect":0,"send":0,"wait":220,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/favicon.ico","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:02.604Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:02 GMT\r\nContent-Type: image/vnd.microsoft.icon\r\nContent-Length: 33310\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: \"821e-wNEVi5vIuUIK3wXtgvuxVV8xvO8\"\r\nLast-Modified: Wed, 15 Oct 2025 11:25:22 GMT\r\nServer: layun.com\r\nExpires: Fri, 09 Jan 2026 14:16:02 GMT\r\nCache-Control: max-age=1800\r\nX-Request-Id: dc60dccee01d0e6a98c87d2c5f345df8\r\ncache-status: EXPIRED\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":33310,"size_decoded":0,"mime_type":"image/vnd.microsoft.icon","magic":"MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel","md5":"99b2334adaca1ba0389878804af8bf67","sha1":"c0d1158b9bc8b9420adf05ed82fbb1555f31bcef","sha256":"b43588997cdf6bd49a1dd1ecdbd0b66f611420743daaded573e34e29d2266df5","sha512":"5e7323425f6880cecbb1e1ee2981397e7137979ab993fb35c14b2fa08bfa9baa71cea48d51235d90e3054164836bbf6023ec2089dbd92081880190997d800342","ssdeep":"192:JB5Vyhr792lXW6LeYvgggHmPLD8bPFh29cULFbxkkK+DSGL4XPcB288WPoOpd8pp:JTVO2lG4xgggDjFc91rKbPu28IObiS","tlshash":"fde21de6a10347a0f698cfb27d50e94462a73e73e82c725f9c39755d0af30dbd922492","first_seen":"2025-06-16T23:22:36.781837Z","last_seen":"2026-04-03T08:52:48.13972Z","times_seen":1156,"resource_available":false,"data":null}},"time_used":374,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":372,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-02-15/12/1890621413773533184.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.500Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"OPTIONS /image/2025-02-15/12/1890621413773533184.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: responsetype\r\nReferer: http://tqyy5mv8.top/\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:04 GMT\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: responsetype\r\ncontent-type: text/plain\r\ncontent-length: 0\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":1178,"timings":{"blocked":737,"dns":0,"connect":0,"send":0,"wait":441,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-11-29/16/1994677896147361792.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.511Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"OPTIONS /image/2025-11-29/16/1994677896147361792.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: responsetype\r\nReferer: http://tqyy5mv8.top/\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:04 GMT\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: responsetype\r\ncontent-type: text/plain\r\ncontent-length: 0\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":1247,"timings":{"blocked":727,"dns":0,"connect":0,"send":0,"wait":520,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/Carousel.D63Le5sj.css","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:45:59.166Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/Carousel.D63Le5sj.css HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:45:59 GMT\r\nContent-Type: text/css\r\nContent-Length: 140\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nETag: \"68ef84a1-8c\"\r\nExpires: Fri, 09 Jan 2026 14:15:59 GMT\r\nCache-Control: max-age=1800\r\nServer: layun.com\r\nX-Request-Id: 85035666e4e08ddd4eda265cb16f8753\r\ncache-status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":140,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"101cf93f219ecdf8d553564074fc4fc6","sha1":"f4d92b3733c43e5166724da1e5578f49164d0c5e","sha256":"bc6e352806341947c352e6d8b111be71626363feb7e1633b830535606ba14545","sha512":"462127a39705c060787bc6d6dfb5e16d28a2d3d3b0fc30031261b0681bc0979e1592da60c9a2bff11264a24884c08cf9dc4441b3a6b3ddcfe062193a14139f60","ssdeep":"","tlshash":"33c04c27919c598d30fbe40cc8ed772f214462631789048427fceb286e0a7357220235","first_seen":"2025-06-24T15:37:29.010311Z","last_seen":"2026-04-03T08:52:48.192187Z","times_seen":1160,"resource_available":false,"data":null}},"time_used":650,"timings":{"blocked":198,"dns":18,"connect":206,"send":0,"wait":228,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"collect-v6.51.la/v6/collect?dt=4","fqdn":"collect-v6.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"43.159.107.113","port":80,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:00.290Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /v6/collect?dt=4 HTTP/1.1\r\nHost: collect-v6.51.la\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Length: 465\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 210 Unknown Status\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: http://tqyy5mv8.top\r\nAccess-Control-Allow-Credentials: true\r\nServer: TencentEdgeOne\r\nContent-Length: 0\r\nConnection: keep-alive\r\nDate: Fri, 09 Jan 2026 13:46:00 GMT\r\nEO-LOG-UUID: 9903811253153369707\r\nEO-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"210","status_text":"Unknown Status","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":421,"timings":{"blocked":54,"dns":32,"connect":22,"send":0,"wait":313,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/B80mK0S0.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:00.687Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/B80mK0S0.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:00 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 849\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nETag: \"68ef84a1-351\"\r\nExpires: Fri, 09 Jan 2026 14:16:00 GMT\r\nCache-Control: max-age=1800\r\nServer: layun.com\r\nX-Request-Id: 55553fdca69c7d98503fb6f6d5540922\r\ncache-status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":849,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (848)","md5":"2df3fb3be242718954cc7533f145fbdf","sha1":"80f0848ebe7ffb73647ecf56b9cf3226616bbc41","sha256":"28d8f52125e8a6a8ca815c4a893e6d812595c0aa99331c63649a977e18a938be","sha512":"8b8e4c312bb1c02f2ffcf60211a0f17799030cf0240a8e3b03e924606c9aa47a77d9a5ac22f37c65f40300ba645dce89373b11ebdabeec8fff3361e8dbb37e3a","ssdeep":"","tlshash":"9001850bc4625ab47563dcf0c420c632163b72b70be6ebb4e1df9b312765071d18a513","first_seen":"2025-10-16T06:08:09.574938Z","last_seen":"2026-02-28T19:40:37.42755Z","times_seen":165,"resource_available":true,"data":null}},"time_used":633,"timings":{"blocked":198,"dns":25,"connect":203,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/CLqSQTZj.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:01.029Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/CLqSQTZj.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/B80mK0S0.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-f65\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: ff712d961719ec6b5fbd43d054a29d88\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3941,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (3940)","md5":"31c488f7454b9c1f74a2d200dc963869","sha1":"5695c197c0c39a64bf482d0a9acf8cdc6ebaf388","sha256":"b30893cf8a0e3f83b62580a01ff46a9653e5275244f6b7b8660ccde77b387ec0","sha512":"88c3bfa8633c0fddac1115759bbe38b56ebf52fe23e72b7960f78ead3f95b010987ab9b6465aacb16dbe0ea15a2efc549a97a2b29e2d31dd6148cd40094a0c41","ssdeep":"","tlshash":"bc8153d9d0924b3d284fc5afb856fd846d4c9362d9b7fde9e805c4262636220816e32a","first_seen":"2025-10-16T06:08:09.838604Z","last_seen":"2026-02-28T19:40:37.449254Z","times_seen":171,"resource_available":true,"data":null}},"time_used":387,"timings":{"blocked":177,"dns":0,"connect":0,"send":0,"wait":210,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/BJTiVmqf.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:01.037Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/BJTiVmqf.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/B80mK0S0.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-7b6\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 0d02715d4d757f04ae313fdb2bd52bb4\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1974,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (1973)","md5":"f8f547444557edd63f784a5559e1e0ca","sha1":"e6b107251281dd71e70bf4e6a248d26c17e9ed7f","sha256":"22d4dfa068093b64f39ffcaac5536d7b5aefd3c6cb0a0c52ac3a9ac1ba015c8a","sha512":"9b27473460d3ceccaeb2a13ee313155f151fd45df8dd0aa333119bf3cc786f40d169b6ecb7f42144b31759282c16adb013166251eac384ba04fd3386110c53df","ssdeep":"","tlshash":"6941b6d068f16b769b0ba0a93a53083225946784e0064efc937d0d5b3ac98f0f67d61f","first_seen":"2025-10-16T06:08:09.556163Z","last_seen":"2026-02-28T19:40:37.460858Z","times_seen":165,"resource_available":true,"data":null}},"time_used":594,"timings":{"blocked":384,"dns":0,"connect":0,"send":0,"wait":210,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/Cia70r_F.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:01.836Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/Cia70r_F.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 410\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nETag: \"68ef84a1-19a\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nServer: layun.com\r\nX-Request-Id: 7d159b57ce1811b3874a61fc6b9bd4cb\r\ncache-status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":410,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (409)","md5":"5ed323a1eebcce022f42c5a98873ff1a","sha1":"5dc51cd834ec2a7ebb17519329284b8ba8eb3694","sha256":"b7c41c2143b9f8f990e8197c32c8cc04c290d11dd26b949b5c294fbc2e1ece87","sha512":"fe26a5be9f80cafe6e6cb4a022b2122b74cc225bb53740ec6a69999637efc8ae68edc7cf858bc4dafc06bb946a7ab41df6a1644251c1d3e6b325adcca5401315","ssdeep":"","tlshash":"80e0f14e7095d9f4502f08851212b71c27050f101214e0c4f1a807613d20c23fe4936d","first_seen":"2025-10-16T06:08:10.051976Z","last_seen":"2026-02-28T19:40:37.440239Z","times_seen":165,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":231,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-11-22/14/1992123313063714816.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.463Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"OPTIONS /image/2025-11-22/14/1992123313063714816.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: responsetype\r\nReferer: http://tqyy5mv8.top/\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:04 GMT\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: responsetype\r\ncontent-type: text/plain\r\ncontent-length: 0\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":1214,"timings":{"blocked":774,"dns":0,"connect":0,"send":0,"wait":440,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/DV_8Za2T.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:00.720Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/DV_8Za2T.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-f5c\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: ec26e9c21773e45ccf48dac1fc1446fc\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3932,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, Unicode text, UTF-8 text, with very long lines (3907)","md5":"c7ae8e3f8f678477e6e2fe3f9a2c5f8f","sha1":"5581b096f22243785364b964aa27deaa3cf07e92","sha256":"ff948a6f62ebee4a5056224d4c1242f87173133bde7c2b20e3872c5dbb7fc632","sha512":"75c145fdcd57ff6c2db358d8a3072beea456a75171b49444aa85b5808976cd61fbd466fefaa460eb6bf853552c8cf2e6f3a1347fb95af4ec1c27d594a187ef4d","ssdeep":"","tlshash":"1e81ffcdb08986fea35b0530048d5818624e3eecdaeb874b52f98d59b386dd5b86d370","first_seen":"2025-10-16T06:08:09.761706Z","last_seen":"2026-02-28T19:40:37.458827Z","times_seen":171,"resource_available":true,"data":null}},"time_used":982,"timings":{"blocked":779,"dns":0,"connect":0,"send":0,"wait":203,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/ClPwa5ej.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:01.022Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/ClPwa5ej.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/B80mK0S0.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-12c6\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 6323ca4e5846882e28fb9ee6891da41c\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4806,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (4805)","md5":"14add27a5a9186f3f4000b09f74f4245","sha1":"eb62386590dc3af076b242fd687e66b4aa599fe2","sha256":"b5eb4d5d4e64c74ad6b85c1df6dc12ee941675938e4b6c3af7c1adaad8c7d055","sha512":"709eda9c0621ee40efa0dbb37debbcfd8387c85708e71c9d6dc0caee8f200dbfcca80cc8a3b826da91c8c1b3d8e200d8830d1965602500dd2b452287f086a875","ssdeep":"96:oL1gZjXxJZzEVWDuPlBtW8Aw+sEeaa285k/wOFkQFwgHL:oL1gZjh3zEVRNBw8Aw+jea2AHL","tlshash":"aba1b6087540bc762b9769ce94971485b2141faad0b579e150af6cb83388d24a3ae33b","first_seen":"2025-10-16T06:08:09.622993Z","last_seen":"2026-02-28T19:40:37.452354Z","times_seen":165,"resource_available":true,"data":null}},"time_used":212,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":211,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2026-01-01/1/2006410820382744576.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.399Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"OPTIONS /image/2026-01-01/1/2006410820382744576.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: responsetype\r\nReferer: http://tqyy5mv8.top/\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:04 GMT\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: responsetype\r\ncontent-type: text/plain\r\ncontent-length: 0\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":2499,"timings":{"blocked":898,"dns":362,"connect":300,"send":0,"wait":636,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-12-19/13/2001884245369282560.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.405Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"OPTIONS /image/2025-12-19/13/2001884245369282560.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: responsetype\r\nReferer: http://tqyy5mv8.top/\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:04 GMT\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: responsetype\r\ncontent-type: text/plain\r\ncontent-length: 0\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":2624,"timings":{"blocked":1017,"dns":368,"connect":351,"send":0,"wait":512,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-02-15/12/1890621946705993728.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.512Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"OPTIONS /image/2025-02-15/12/1890621946705993728.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: responsetype\r\nReferer: http://tqyy5mv8.top/\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:04 GMT\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: responsetype\r\ncontent-type: text/plain\r\ncontent-length: 0\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":1246,"timings":{"blocked":725,"dns":0,"connect":0,"send":0,"wait":521,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-12-22/10/2002929816582479872.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.474Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"OPTIONS /image/2025-12-22/10/2002929816582479872.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: responsetype\r\nReferer: http://tqyy5mv8.top/\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:04 GMT\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: responsetype\r\ncontent-type: text/plain\r\ncontent-length: 0\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":1204,"timings":{"blocked":763,"dns":0,"connect":0,"send":0,"wait":440,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/index.D1UmJ0uP.css","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.576Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/index.D1UmJ0uP.css HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278; deviceId=37PEwMPYrDXTaEZEdYFaxb7i; userStore=%7B%22info%22%3A%7B%22userId%22%3A%222009622699604393984%22%2C%22uniqueId%22%3A%22204e50f4eea5492e9eaa812b9543f557%22%2C%22phone%22%3Anull%2C%22userCode%22%3A%223338FY6W%22%2C%22nickname%22%3A%22%E6%B8%B8%E5%AE%A2%22%2C%22deviceType%22%3A3%2C%22avatar%22%3Anull%2C%22signature%22%3Anull%2C%22gender%22%3Anull%2C%22city%22%3Anull%2C%22experience%22%3Anull%2C%22expLevel%22%3Anull%2C%22account%22%3Anull%2C%22userType%22%3A0%2C%22parentCode%22%3Anull%2C%22agentCode%22%3A%22JNO2R7YK%22%2C%22agentAcct%22%3A%22sc00_03%22%2C%22masterAcct%22%3A%22sc00%22%2C%22merchantAcct%22%3A%22sc00%22%2C%22coinBalance%22%3A0%2C%22pointBalance%22%3A0%2C%22vipBegin%22%3Anull%2C%22vipEnd%22%3Anull%2C%22vipFlag%22%3Afalse%2C%22userJob%22%3A2%2C%22deviceId%22%3A%2237PEwMPYrDXTaEZEdYFaxb7i%22%2C%22roles%22%3A%5B%5D%7D%2C%22searchList%22%3A%5B%5D%2C%22scrollLeft%22%3A0%2C%22downloadTime%22%3A0%7D; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uSWQiOiJhZDM0NTUwNWU5NzU0NDRkOWIxMWM0M2ZlZjBhN2RkYSIsIm1lcmNoYW50QWNjdCI6InNjMDAiLCJ1c2VySWQiOiIyMDA5NjIyNjk5NjA0MzkzOTg0In0.bdt2tOADF1swp4g_M8rGMi5M6CLflZ_dBocaih1RUXw\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:04 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-2018\"\r\nExpires: Fri, 09 Jan 2026 14:16:04 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 8287369b8715c7b933e4d2b99a985e6b\r\ncache-status: EXPIRED\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8216,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (8215)","md5":"886791010e6da58bfcc74627e5378cb2","sha1":"6c5b765e40885b2fbf2b70ef9586432849aa21ce","sha256":"1a710fb4bd558e97e591c882f538142f17ec38cd9d441214dd04d43f1c436c0f","sha512":"38eb97b9028542f47007f0f08d9dea889b47fa0ce3d7bcd584f6ab46393e58c3c161f987e448d0f1f462c1515b75d16a9037e6dd4327b947f63acae845ba00bc","ssdeep":"96:f4nqtE9TfqqMwM0BHi9/9eKZm7tRs4we5cxtMkJM/p/MRGtbs:9xMV0uRs856rr","tlshash":"3b023b9eabd8a575ef4d78e97746d1e8b238a730cd02d3a2f31055a90bc3af31612135","first_seen":"2025-04-17T11:34:23.157361Z","last_seen":"2026-04-03T08:52:48.072349Z","times_seen":1126,"resource_available":false,"data":null}},"time_used":1127,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1127,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/DYOUx22v.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.592Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/DYOUx22v.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:05 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 91\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nETag: \"68ef84a1-5b\"\r\nExpires: Fri, 09 Jan 2026 14:16:05 GMT\r\nCache-Control: max-age=1800\r\nServer: layun.com\r\nX-Request-Id: e622fcb9128971eaa3f94e2b268ca2f4\r\ncache-status: EXPIRED\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":91,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text","md5":"37af3e7d594b240dd85a51a4eb2070c0","sha1":"b4ccfdda617c5f63100079248a628d4e14fe2e6d","sha256":"4d6727fbbb9454c565702a256b233fc3779a338a96c72a7f897848404d23b171","sha512":"baf2a6c268a2b26b3fc48a79d6fb6e6373658215b7553868ef1090684bfb17b307cd28aad369e508810aa767dbd6c32a0f241e26c84be8e313bcd9096945f54f","ssdeep":"","tlshash":"3eb0120f044010394447088c23081432431058492bb519e052548a011761082a04eb02","first_seen":"2025-10-16T06:08:09.844914Z","last_seen":"2026-02-28T19:40:37.426032Z","times_seen":170,"resource_available":true,"data":null}},"time_used":1755,"timings":{"blocked":1083,"dns":0,"connect":0,"send":0,"wait":672,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/DWL2iDpk.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:00.713Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/DWL2iDpk.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-1303\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: ab09ad377261df0114040403f6890bed\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4867,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (4866)","md5":"3406c51b0beccd1dcc4ca6ad0d821a6c","sha1":"a47bd5c82fa05eaed51e4c774076682adee1b081","sha256":"c8616b3261e9bcf2198cfc23c170082ea0f766a15bfc8dc2b41ab32ebf700fa7","sha512":"6800b2616f9559ebd5ca6999025716382f698afa24f4861bfc8e7613b8a00cd7a2a5e3f78633eee6946a83636f2a7c1922b9cffba0e65231d3a04bc66a9c42e0","ssdeep":"96:WcI2wiTDiXaU/sffYFn2VIlVNejT3oQuak2ponGXm4IViAf6PCbpBy6pAF074GF0:jI2wgDPU/aYFn2VCVNevWJnGXP65yK/U","tlshash":"9ca1d7a839a4303163b98d8ae0f78256632979403117d0e4e06e5f9a2d7aea251f7d4e","first_seen":"2025-10-16T06:08:09.794904Z","last_seen":"2026-02-28T19:40:37.455311Z","times_seen":171,"resource_available":true,"data":null}},"time_used":786,"timings":{"blocked":583,"dns":0,"connect":0,"send":0,"wait":203,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/DO24JSDm.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:01.028Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/DO24JSDm.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/B80mK0S0.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-14ac\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: ca20057a53db4564c28c21d4c2e4d0e8\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5292,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (5291)","md5":"92872c95c57af3a4daa34799458745d2","sha1":"3d7328523c11d85b2cadeec48f0eb6e21a73f3ff","sha256":"d249211b11826095df9790885365eb4da5b10cb9b2b06403314b47f22ada0662","sha512":"5e352034a59a31a58894bf7da336d1f95677b3ed87bdbaba59c4c40e85bfd5184f725e34bcd32e5cd3a3ed3aa37dc522a74e0729280453d50edf28606e563fe2","ssdeep":"96:U1W+WoH5yuik1QsOikNG4PNYaGhJNUmPTFo9hPE2vhiV9qMYc:U1HWoHu6kl0mNsNwpif4c","tlshash":"0eb165e474e8d0dbbb768e81c033265260077ba96435f0d4e1b66d321167e249653b3f","first_seen":"2025-10-16T06:08:09.961497Z","last_seen":"2026-02-28T19:40:37.448712Z","times_seen":171,"resource_available":true,"data":null}},"time_used":381,"timings":{"blocked":177,"dns":0,"connect":0,"send":0,"wait":204,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-02-15/12/1890621623115440128.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.522Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"OPTIONS /image/2025-02-15/12/1890621623115440128.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: responsetype\r\nReferer: http://tqyy5mv8.top/\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:04 GMT\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: responsetype\r\ncontent-type: text/plain\r\ncontent-length: 0\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":1242,"timings":{"blocked":716,"dns":0,"connect":0,"send":0,"wait":526,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/BYxiyo0l.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.582Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/BYxiyo0l.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:04 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 562\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nETag: \"68ef84a1-232\"\r\nExpires: Fri, 09 Jan 2026 14:16:04 GMT\r\nCache-Control: max-age=1800\r\nServer: layun.com\r\nX-Request-Id: 468dd548727a323e81c8cb434716cb68\r\ncache-status: EXPIRED\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":562,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (561)","md5":"a8620d23c4609529f22e3dd37b487d71","sha1":"36d584080568418d741030d5cd0d58c5edad0f5f","sha256":"8a7e6f788993cabf72cd537d623ed8b7a82461ee4722e8abd8c4da00fec83189","sha512":"c519e0803f8007ab4b899560f195b662e7f47167733bad156e6fa963c93e2d485fdc02151eb36c4391215cb68f1c3993c4ca94be60aeac751c7fed2b64edef04","ssdeep":"","tlshash":"c1f0200bc4914ab44972ccf0c429c9710a7785bb0bd6e734e6cf93312360032e05eb07","first_seen":"2025-10-16T06:08:09.581666Z","last_seen":"2026-02-28T19:40:37.461742Z","times_seen":165,"resource_available":true,"data":null}},"time_used":1399,"timings":{"blocked":1093,"dns":0,"connect":0,"send":0,"wait":305,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-12-29/0/2005311181931798528.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:04.967Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"GET /image/2025-12-29/0/2005311181931798528.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://tqyy5mv8.top/\r\nresponsetype: arraybuffer\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:04 GMT\r\ncontent-type: text/plain\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-expose-headers: Date, Etag, Content-Length, Accept-Ranges, Content-Range, Server, Location, X-Amz-Version-Id, X-Amz-Checksum-Crc32, X-Amz-Checksum-Crc32c, X-Amz-Checksum-Crc64nvme, X-Amz-Checksum-Sha1, X-Amz-Checksum-Sha256\r\naccess-control-max-age: 86400\r\netag: W/\"59c01b12d8db101c63ffe74d392f4c9d\"\r\nlast-modified: Sun, 28 Dec 2025 16:13:38 GMT\r\nx-wasabi-cm-reference-id: 1767255320697 154.18.200.101 ConID:1281409283/EngineConID:12363520/Core:19\r\nvia: 1.1 ff773c46b9656e6740829193cd32d18a.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: HKG54-P2\r\nx-amz-cf-id: n43TXSoZ3HCIsujfWjIrGqF8SJHqZJ9LmwSxwrOl4SWAfC9UTl3aZQ==\r\nage: 20050\r\nx-cache-status: HIT\r\ncontent-encoding: br\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":129280,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"59c01b12d8db101c63ffe74d392f4c9d","sha1":"39eda71ca62e990b60d242a11b47772f796bbd13","sha256":"32e7e8098bc97b4d84069a2f4a80b1862ef8d43e55120882c33862488a42b2b3","sha512":"377920b548229b8b56b465abc6aa6f2c073fd3ccebdcd3ac0343d2cc77cb79180d569327e81a551a1f0e777fea6e72300cb5a1ddc61b17a3d3b6bedf7a71c556","ssdeep":"3072:xQ/FQkNnWKnRHWahM7PY/mXGHGbm8egklkd:xQak5R2a2z1bmT38","tlshash":"fbc312ecef70d2ec7f745735a0b7f728acc908619c4861b18560e6af6bb57866007361","first_seen":"2025-12-28T18:55:55.723184Z","last_seen":"2026-04-03T08:52:48.195534Z","times_seen":302,"resource_available":false,"data":null}},"time_used":317,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":317,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-11-11/19/1988202816827547648.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:05.526Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"GET /image/2025-11-11/19/1988202816827547648.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://tqyy5mv8.top/\r\nresponsetype: arraybuffer\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:05 GMT\r\ncontent-type: text/plain\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-expose-headers: Date, Etag, Content-Length, Accept-Ranges, Content-Range, Server, Location, X-Amz-Version-Id, X-Amz-Checksum-Crc32, X-Amz-Checksum-Crc32c, X-Amz-Checksum-Crc64nvme, X-Amz-Checksum-Sha1, X-Amz-Checksum-Sha256\r\naccess-control-max-age: 86400\r\netag: W/\"05bf41d2714396688630d563d7ffba18\"\r\nlast-modified: Tue, 11 Nov 2025 11:11:05 GMT\r\nx-wasabi-cm-reference-id: 1767255285811 154.18.200.100 ConID:1281395632/EngineConID:12335852/Core:30\r\nvia: 1.1 6880261b790d5cc587761918ac637c2a.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: SIN2-P5\r\nx-amz-cf-id: gunRwwdhy8NIPHuJyNgERNRanV-VNjlrN5f6nm5HmcZzV7LOvScZog==\r\nage: 20050\r\nx-cache-status: HIT\r\ncontent-encoding: br\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":401324,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"05bf41d2714396688630d563d7ffba18","sha1":"7deac4c99b1f854129fcb21cb57b27ed55dc56e1","sha256":"cb17b655670bb9239e83ef3523051df1fb37493a9609d41f0359c9710a593d1b","sha512":"e884a0096941df43fc032e6160c2e49d185f1ffa6a90ab899cd3a207e3bd93c07147e9754f1194f94ed023ab71c23c8ff7442ec6c4a550acc7bbd0fc736578f4","ssdeep":"12288:uzVtgaQVExXk/MVpAiLQu0EcP1e9WcXW9GSD3ZlWBF:uznvN3Q5EcP7JfW7","tlshash":"8d842381c7a6975f883c4e1f32fafe443db4859dbc3a14d9a6a9608f4098375277ac70","first_seen":"2025-11-11T17:35:11.19157Z","last_seen":"2026-02-09T11:47:25.485316Z","times_seen":823,"resource_available":false,"data":null}},"time_used":1386,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1386,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-06-07/15/1931250622477885440.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:05.587Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"GET /image/2025-06-07/15/1931250622477885440.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://tqyy5mv8.top/\r\nresponsetype: arraybuffer\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:05 GMT\r\ncontent-type: text/plain\r\nlast-modified: Sat, 07 Jun 2025 07:23:24 GMT\r\nx-wasabi-cm-reference-id: 1767167438647 154.18.200.103 ConID:1273763967/EngineConID:11966833/Core:85\r\netag: W/\"fd6d28a760986fb5f50d6f60a5020c5e\"\r\nvia: 1.1 9a06a86043ac92b5eef02a04c8811096.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: HKG54-P2\r\nx-amz-cf-id: e1Ih-PbavYIkUfIePX8oN5U8pvGURtISg33wRGexr_sDCNX4I7ynDg==\r\nage: 20049\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-expose-headers: *\r\nx-cache-status: HIT\r\ncontent-encoding: br\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":41880,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with very long lines (41880), with no line terminators","md5":"fd6d28a760986fb5f50d6f60a5020c5e","sha1":"f501f761d13b2e947a4a0de90067a9743385a386","sha256":"460e5ccaed9ed558a80b153ac4c952f042acf4b1c62b13a102d7a195b09eca2e","sha512":"67886eaad76f7d6354af1cf52cb7b776c6ee88313f9e40cb4c5147ebe584765c72aa1975adf25c0a0de86900711ddf7c7356cd3f2fb4e263d60ddc9483174866","ssdeep":"768:K3YTBZtruVV8rCGOliuuJMDrr3sfmKfJZhXiDlruThXwjzrO6V7SEVMcfh/:m8HtCBuaDP8RRZhQruKTV7SaHf5","tlshash":"9013f1844a201f6079cf9ac5a3dc43a813c35bb075c8c1be62ea39ae457b157d3b56ec","first_seen":"2025-06-16T23:22:36.721814Z","last_seen":"2026-03-26T07:53:56.086049Z","times_seen":1641,"resource_available":false,"data":null}},"time_used":1071,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1071,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-12-29/17/2005565730982584320.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:05.603Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"GET /image/2025-12-29/17/2005565730982584320.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://tqyy5mv8.top/\r\nresponsetype: arraybuffer\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:05 GMT\r\ncontent-type: text/plain\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-expose-headers: Date, Etag, Content-Length, Accept-Ranges, Content-Range, Server, Location, X-Amz-Version-Id, X-Amz-Checksum-Crc32, X-Amz-Checksum-Crc32c, X-Amz-Checksum-Crc64nvme, X-Amz-Checksum-Sha1, X-Amz-Checksum-Sha256\r\naccess-control-max-age: 86400\r\nlast-modified: Mon, 29 Dec 2025 09:05:07 GMT\r\nx-wasabi-cm-reference-id: 1767165536931 154.18.200.100 ConID:1250791658/EngineConID:12033055/Core:36\r\netag: W/\"22b40b612c36e45bcd27e67f307f1d59\"\r\nvia: 1.1 9ceb6f6178c8096ab5d16ef9ff7d1016.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: HKG54-P2\r\nx-amz-cf-id: iZ2E4dK48Mo6IvTKn2RfstAyr3a1mSwIL7FROQ28XJQzRISCuieIhQ==\r\nage: 20050\r\nx-cache-status: HIT\r\ncontent-encoding: br\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":338712,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"22b40b612c36e45bcd27e67f307f1d59","sha1":"7b47ef8e3de44751598593058a95b727090001b6","sha256":"9e854d6fcd78bafa7e1f67d7e4f4306cca74ea19ee865de01272a823d4ddc110","sha512":"65073589f708b538bf01e7dcb6b08d5e135e2f342dd1e277e9c8d5df074c043f9dae1c23b22ab6ad0c2913daa98b456ace924083e16a514efc63c59e3f4f05d4","ssdeep":"6144:xzWNRlC7VetJ70mMEji1IYWCiAJMQ6zGO40HLqlOtexSpaKjf:xz2nCeJ7lMEjiILfQqGO4MYxSw8f","tlshash":"ce74237d2a069c72313caab410f7eb4257e00fd554d09a6343ee4f5cb686a5bc79e80e","first_seen":"2025-11-29T11:18:08.736342Z","last_seen":"2026-01-28T22:21:50.865646Z","times_seen":336,"resource_available":false,"data":null}},"time_used":966,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":966,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/DWL2iDpk.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:01.030Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/DWL2iDpk.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/B80mK0S0.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-1303\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: b38485f163639173f566bbdf7b06be2b\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4867,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (4866)","md5":"3406c51b0beccd1dcc4ca6ad0d821a6c","sha1":"a47bd5c82fa05eaed51e4c774076682adee1b081","sha256":"c8616b3261e9bcf2198cfc23c170082ea0f766a15bfc8dc2b41ab32ebf700fa7","sha512":"6800b2616f9559ebd5ca6999025716382f698afa24f4861bfc8e7613b8a00cd7a2a5e3f78633eee6946a83636f2a7c1922b9cffba0e65231d3a04bc66a9c42e0","ssdeep":"96:WcI2wiTDiXaU/sffYFn2VIlVNejT3oQuak2ponGXm4IViAf6PCbpBy6pAF074GF0:jI2wgDPU/aYFn2VCVNevWJnGXP65yK/U","tlshash":"9ca1d7a839a4303163b98d8ae0f78256632979403117d0e4e06e5f9a2d7aea251f7d4e","first_seen":"2025-10-16T06:08:09.794904Z","last_seen":"2026-02-28T19:40:37.455311Z","times_seen":171,"resource_available":true,"data":null}},"time_used":393,"timings":{"blocked":180,"dns":0,"connect":0,"send":0,"wait":212,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/0xlt7eT7.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:01.035Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/0xlt7eT7.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/B80mK0S0.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-2844\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 2d6522c7166a142836dfe82b6ba1836c\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10308,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (10259)","md5":"7520c7f08b1151b07b6927bda1828d9e","sha1":"e2940e90446ead59c5ad1b3b0ea963e275aad24e","sha256":"90ffed836332a30190edb82bde3bd1710c3ac7373c36a24be14561aabe0dc857","sha512":"b335376d6fc09811ac4d2629295ccf34f5a1a0f6046f6ec87f8e2fbe41b18b023f5abf94c7abe4ed04f2c060d7c7876767786fa631630a7fe578cac451be7974","ssdeep":"192:qbRBZvxP1xAZjxWzZxgWhwsDmNvPGFj0P9eaCj6j6s:CRVjYo1qsDmNvu90P9ejj+6s","tlshash":"10222389f1459aae824b1170445d5c0c964b7fa4ceeb8a4a33f4ed4af386cb67988734","first_seen":"2025-10-16T06:08:09.876092Z","last_seen":"2026-02-28T19:40:37.424996Z","times_seen":171,"resource_available":true,"data":null}},"time_used":577,"timings":{"blocked":374,"dns":0,"connect":0,"send":0,"wait":203,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/C2VePTmI.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:02.155Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/C2VePTmI.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/BGnZWUEv.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:02 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-1423\"\r\nExpires: Fri, 09 Jan 2026 14:16:02 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: d1328ccd7a3b1dfa0ef81cbbb9a41526\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5155,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (5154)","md5":"fa45f7eb2cad4068363e0aa03da6796e","sha1":"6715b5552d68fec3a599c57899a84bde73c10a8d","sha256":"fde96455ba7b5a92f894bcd866ec94c34ddb06f3970e49de6c60f30d49453838","sha512":"81330cc0dca1c1fd6619b318e43850d8a6192f3ba2eec8c57acb17df59ba727b3b0f1c3a9ec22c2b82d189d6e3438e2c566fd514dd77611f500b285fa6db5dc4","ssdeep":"96:HEK1FgiB560eoaIMizohzhI+hVXJY8OOCxkD0iZ8vqbX6F66Flm2s69B:HEK/gi60eob8h99LZrvCa38c1U6u","tlshash":"dbb14244f425fdf79fe7485450a04a40e9242b6a9470b8f7d3ab6eacd32ac4077e6738","first_seen":"2025-10-16T06:08:09.992486Z","last_seen":"2026-02-28T19:40:37.469821Z","times_seen":171,"resource_available":true,"data":null}},"time_used":212,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":212,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-12-26/17/2004488023989805056.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.527Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"OPTIONS /image/2025-12-26/17/2004488023989805056.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: responsetype\r\nReferer: http://tqyy5mv8.top/\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:04 GMT\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: responsetype\r\ncontent-type: text/plain\r\ncontent-length: 0\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":1238,"timings":{"blocked":712,"dns":0,"connect":0,"send":0,"wait":526,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-05-22/12/1925409368123891712.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:05.566Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"GET /image/2025-05-22/12/1925409368123891712.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://tqyy5mv8.top/\r\nresponsetype: arraybuffer\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:05 GMT\r\ncontent-type: text/plain\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-expose-headers: Date, Etag, Content-Length, Accept-Ranges, Content-Range, Server, Location, X-Amz-Version-Id, X-Amz-Checksum-Crc32, X-Amz-Checksum-Crc32c, X-Amz-Checksum-Crc64nvme, X-Amz-Checksum-Sha1, X-Amz-Checksum-Sha256\r\naccess-control-max-age: 86400\r\netag: W/\"e842b8f4067484386bcebae0ac7bedc7\"\r\nlast-modified: Thu, 22 May 2025 04:32:21 GMT\r\nx-wasabi-cm-reference-id: 1767193455340 154.18.200.100 ConID:1261440077/EngineConID:12074088/Core:94\r\nvia: 1.1 f029e884f66a16243240b96473ec87b2.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: NRT20-P9\r\nx-amz-cf-id: i1850OyWJo7Wf66zw0k3oqg4LhAda9naz5zx8BdIiwrgOyZjcVPWeA==\r\nage: 74182\r\nx-cache-status: HIT\r\ncontent-encoding: br\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":587500,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"e842b8f4067484386bcebae0ac7bedc7","sha1":"249804525ec9f10bc677d9bcc2b1f0bda32c28a4","sha256":"3aff8f361d12b7c88485e1e1a0ce27f99089dd540b42a88ffdcfa3dc9bf619c2","sha512":"a0d9c0cda23f45c4ac63d85470904a5f3d5e2b7f4bcb8be622143ac2793332726703230b901e7b688b69a575e61b1c2c2d6de69b50ec910a6cf797a960ac71b9","ssdeep":"12288:QamgN5577JkCX/aVCldwpqhTeNF1UtHtZOTY:QaF7JmAwsB68ZP","tlshash":"acc42300ecfe4df28868e391379edf5eaca02fd4885ce49af9e171dec608a0545a7351","first_seen":"2025-05-23T03:23:52.117186Z","last_seen":"2026-04-03T08:52:48.115881Z","times_seen":787,"resource_available":false,"data":null}},"time_used":1208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1208,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/index.6J27li-8.css","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:07.109Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/index.6J27li-8.css HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278; deviceId=37PEwMPYrDXTaEZEdYFaxb7i; userStore=%7B%22info%22%3A%7B%22userId%22%3A%222009622699604393984%22%2C%22uniqueId%22%3A%22204e50f4eea5492e9eaa812b9543f557%22%2C%22phone%22%3Anull%2C%22userCode%22%3A%223338FY6W%22%2C%22nickname%22%3A%22%E6%B8%B8%E5%AE%A2%22%2C%22deviceType%22%3A3%2C%22avatar%22%3Anull%2C%22signature%22%3Anull%2C%22gender%22%3Anull%2C%22city%22%3Anull%2C%22experience%22%3Anull%2C%22expLevel%22%3Anull%2C%22account%22%3Anull%2C%22userType%22%3A0%2C%22parentCode%22%3Anull%2C%22agentCode%22%3A%22JNO2R7YK%22%2C%22agentAcct%22%3A%22sc00_03%22%2C%22masterAcct%22%3A%22sc00%22%2C%22merchantAcct%22%3A%22sc00%22%2C%22coinBalance%22%3A0%2C%22pointBalance%22%3A0%2C%22vipBegin%22%3Anull%2C%22vipEnd%22%3Anull%2C%22vipFlag%22%3Afalse%2C%22userJob%22%3A2%2C%22deviceId%22%3A%2237PEwMPYrDXTaEZEdYFaxb7i%22%2C%22roles%22%3A%5B%5D%7D%2C%22searchList%22%3A%5B%5D%2C%22scrollLeft%22%3A0%2C%22downloadTime%22%3A0%7D; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uSWQiOiJhZDM0NTUwNWU5NzU0NDRkOWIxMWM0M2ZlZjBhN2RkYSIsIm1lcmNoYW50QWNjdCI6InNjMDAiLCJ1c2VySWQiOiIyMDA5NjIyNjk5NjA0MzkzOTg0In0.bdt2tOADF1swp4g_M8rGMi5M6CLflZ_dBocaih1RUXw\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:07 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-8f0a\"\r\nExpires: Fri, 09 Jan 2026 14:16:07 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: e4206b24653772f818e8436b6a740f5a\r\ncache-status: EXPIRED\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":36618,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (36617)","md5":"00594673755fb580920539874f3b1ebc","sha1":"6935c2d6732903bdfeaaec702dd2419d04ec97aa","sha256":"5acbfddebeaeef58636fa0be88e8f6d680b634ede1b361288ca5ab991f42f028","sha512":"e6e4c522357bc9f1f0e99f7d929521adae9670d300aecc33abe8b9d23929c8e93bb9cbf8889bc31a5bd34de09c1ba3275e61fcf19a4034e4d2b506a8eca5e925","ssdeep":"768:of7WhfDk2e3rK27eseyA8H76ulUoTWCP+HneOT0s:mWhfDk2e3rK27eseyA8H76ulUoTWCP+l","tlshash":"9cf22031ba1b01587027b9d2e8c0a78b30788d4ed963d34ef615b56dce9f395243b26b","first_seen":"2025-03-04T06:14:37.944677Z","last_seen":"2026-04-03T08:52:48.194868Z","times_seen":1175,"resource_available":false,"data":null}},"time_used":588,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":384,"receive":204,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/index.Ba1_nNd3.css","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:07.118Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/index.Ba1_nNd3.css HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278; deviceId=37PEwMPYrDXTaEZEdYFaxb7i; userStore=%7B%22info%22%3A%7B%22userId%22%3A%222009622699604393984%22%2C%22uniqueId%22%3A%22204e50f4eea5492e9eaa812b9543f557%22%2C%22phone%22%3Anull%2C%22userCode%22%3A%223338FY6W%22%2C%22nickname%22%3A%22%E6%B8%B8%E5%AE%A2%22%2C%22deviceType%22%3A3%2C%22avatar%22%3Anull%2C%22signature%22%3Anull%2C%22gender%22%3Anull%2C%22city%22%3Anull%2C%22experience%22%3Anull%2C%22expLevel%22%3Anull%2C%22account%22%3Anull%2C%22userType%22%3A0%2C%22parentCode%22%3Anull%2C%22agentCode%22%3A%22JNO2R7YK%22%2C%22agentAcct%22%3A%22sc00_03%22%2C%22masterAcct%22%3A%22sc00%22%2C%22merchantAcct%22%3A%22sc00%22%2C%22coinBalance%22%3A0%2C%22pointBalance%22%3A0%2C%22vipBegin%22%3Anull%2C%22vipEnd%22%3Anull%2C%22vipFlag%22%3Afalse%2C%22userJob%22%3A2%2C%22deviceId%22%3A%2237PEwMPYrDXTaEZEdYFaxb7i%22%2C%22roles%22%3A%5B%5D%7D%2C%22searchList%22%3A%5B%5D%2C%22scrollLeft%22%3A0%2C%22downloadTime%22%3A0%7D; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uSWQiOiJhZDM0NTUwNWU5NzU0NDRkOWIxMWM0M2ZlZjBhN2RkYSIsIm1lcmNoYW50QWNjdCI6InNjMDAiLCJ1c2VySWQiOiIyMDA5NjIyNjk5NjA0MzkzOTg0In0.bdt2tOADF1swp4g_M8rGMi5M6CLflZ_dBocaih1RUXw\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:07 GMT\r\nContent-Type: text/css\r\nContent-Length: 558\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nETag: \"68ef84a1-22e\"\r\nExpires: Fri, 09 Jan 2026 14:16:07 GMT\r\nCache-Control: max-age=1800\r\nServer: layun.com\r\nX-Request-Id: 885f5529c1fe37b7c82742c494e200f0\r\ncache-status: EXPIRED\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":558,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (557)","md5":"2c325a69f24d01719cdb3f6c7b567ed6","sha1":"414d5c3a227b41ff55bbd24413235e3f518fb8b1","sha256":"0eef66e522bf16d1071c4096be8d2ae200726a4ccaea0f81a09fc5a81f3e3073","sha512":"ef1b654323141552304851f5344ca902a6542ee54e6d64ab3691b3c1bff785f5d6adb97f27822878b1996c35fa50f9a1420b488e2cc60d390a5d2fa826744e6c","ssdeep":"","tlshash":"5ff0afc66274e53c3fd4307b131974e4a02ce88b8e22c5a5b29783089cc38f22f21210","first_seen":"2024-12-28T19:44:44.811303Z","last_seen":"2026-04-03T08:52:48.140804Z","times_seen":1169,"resource_available":false,"data":null}},"time_used":372,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":361,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/D51WYg2P.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:07.134Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/D51WYg2P.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:07 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-891\"\r\nExpires: Fri, 09 Jan 2026 14:16:07 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: e13eee6491c3de41c4e0c98215453912\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2193,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, Unicode text, UTF-8 text, with very long lines (2018)","md5":"7480415196a9c2b525193738c98be9bb","sha1":"6ec812c786bbc0af9c09a3ac9f31e43bec5a4ee9","sha256":"711d5c25a2e2d3ae5a34d6a40463a634f0ba8ad24fb1b07e1ec1df2eb760a539","sha512":"a4f627d2a337c762f4567815de5704f1904ed7a3d6e45cd3fc178ffa2ed8a564b33faf51c3ae707174992b4024371d699d1752482e79cfa3bcbd6069305676cd","ssdeep":"","tlshash":"a84195187c6fdbfd95735d28701905297008bb9ea656eddb83f905123cb2f86c929322","first_seen":"2025-10-16T06:08:09.818887Z","last_seen":"2026-02-28T19:40:37.462258Z","times_seen":154,"resource_available":true,"data":null}},"time_used":788,"timings":{"blocked":574,"dns":0,"connect":0,"send":0,"wait":212,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/B-uGL23L.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:00.717Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/B-uGL23L.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 475\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nETag: \"68ef84a1-1db\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nServer: layun.com\r\nX-Request-Id: 9c39ae8c195e2c91b24b8f55a9afb592\r\ncache-status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":475,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, Unicode text, UTF-8 text, with very long lines (466)","md5":"65b1cb5bed3d597222c7971f9b69c26a","sha1":"7d613b63d5b250ad8cc87b63b25190c713864512","sha256":"35d5bdbf6a8188aa0d715ab3808cbcd6408d5afee8100950fc314bdc862aa1cc","sha512":"d32fe09c3d0906067b4836438687ce95176165fdb21b61e737a340c9f5e2d1a30428caa0fe8247627fdd3a3011d06d7e30652313d943ee9f59f5721358623d51","ssdeep":"","tlshash":"a3f097dca0869bb095d3082136444c13620e2ee5fa389a85b3ce293737d50bad98e325","first_seen":"2025-10-16T06:08:09.701864Z","last_seen":"2026-02-28T19:40:37.435596Z","times_seen":171,"resource_available":true,"data":null}},"time_used":812,"timings":{"blocked":601,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/C2VePTmI.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:00.734Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/C2VePTmI.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-1423\"\r\nExpires: Fri, 09 Jan 2026 14:16:01 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 9dd18a01866c3dc705229fed07583edb\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5155,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (5154)","md5":"fa45f7eb2cad4068363e0aa03da6796e","sha1":"6715b5552d68fec3a599c57899a84bde73c10a8d","sha256":"fde96455ba7b5a92f894bcd866ec94c34ddb06f3970e49de6c60f30d49453838","sha512":"81330cc0dca1c1fd6619b318e43850d8a6192f3ba2eec8c57acb17df59ba727b3b0f1c3a9ec22c2b82d189d6e3438e2c566fd514dd77611f500b285fa6db5dc4","ssdeep":"96:HEK1FgiB560eoaIMizohzhI+hVXJY8OOCxkD0iZ8vqbX6F66Flm2s69B:HEK/gi60eob8h99LZrvCa38c1U6u","tlshash":"dbb14244f425fdf79fe7485450a04a40e9242b6a9470b8f7d3ab6eacd32ac4077e6738","first_seen":"2025-10-16T06:08:09.992486Z","last_seen":"2026-02-28T19:40:37.469821Z","times_seen":171,"resource_available":true,"data":null}},"time_used":1229,"timings":{"blocked":1011,"dns":0,"connect":0,"send":0,"wait":218,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/C6NNx1pl.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:02.157Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/C6NNx1pl.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/BGnZWUEv.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:02 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-43e\"\r\nExpires: Fri, 09 Jan 2026 14:16:02 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 231ef1a0af9d5ab1f04778b3c8bc0be0\r\ncache-status: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1086,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (1085)","md5":"b8147d961c8677310bbd6bcebeb098ce","sha1":"16eed3a339fe95f5044a711559958109a4bfbfdb","sha256":"565f4c7f6b212fd740539e9bc0f4362f631d5d2f3e20f0e8bfdde40ab9101977","sha512":"ed6ec8a1a3c6fa81ce45be654842fd0f1b0c4738422944ae874d83308358abbbb0802ce1aa4a12d602ac70d0e1917b36fd6955826eeb57b80103583cc4febe38","ssdeep":"","tlshash":"d41127cee5a80522727e8ddc91bb227305257b2b2075e2e0219a8f861729b6007e5e76","first_seen":"2025-10-16T06:08:09.674229Z","last_seen":"2026-02-28T19:40:37.423439Z","times_seen":171,"resource_available":true,"data":null}},"time_used":203,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":203,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-08-22/20/1958868497000816640.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.476Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"OPTIONS /image/2025-08-22/20/1958868497000816640.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: responsetype\r\nReferer: http://tqyy5mv8.top/\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:04 GMT\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: responsetype\r\ncontent-type: text/plain\r\ncontent-length: 0\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":1202,"timings":{"blocked":761,"dns":0,"connect":0,"send":0,"wait":441,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/index.VyU0_i5f.css","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.577Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/index.VyU0_i5f.css HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278; deviceId=37PEwMPYrDXTaEZEdYFaxb7i; userStore=%7B%22info%22%3A%7B%22userId%22%3A%222009622699604393984%22%2C%22uniqueId%22%3A%22204e50f4eea5492e9eaa812b9543f557%22%2C%22phone%22%3Anull%2C%22userCode%22%3A%223338FY6W%22%2C%22nickname%22%3A%22%E6%B8%B8%E5%AE%A2%22%2C%22deviceType%22%3A3%2C%22avatar%22%3Anull%2C%22signature%22%3Anull%2C%22gender%22%3Anull%2C%22city%22%3Anull%2C%22experience%22%3Anull%2C%22expLevel%22%3Anull%2C%22account%22%3Anull%2C%22userType%22%3A0%2C%22parentCode%22%3Anull%2C%22agentCode%22%3A%22JNO2R7YK%22%2C%22agentAcct%22%3A%22sc00_03%22%2C%22masterAcct%22%3A%22sc00%22%2C%22merchantAcct%22%3A%22sc00%22%2C%22coinBalance%22%3A0%2C%22pointBalance%22%3A0%2C%22vipBegin%22%3Anull%2C%22vipEnd%22%3Anull%2C%22vipFlag%22%3Afalse%2C%22userJob%22%3A2%2C%22deviceId%22%3A%2237PEwMPYrDXTaEZEdYFaxb7i%22%2C%22roles%22%3A%5B%5D%7D%2C%22searchList%22%3A%5B%5D%2C%22scrollLeft%22%3A0%2C%22downloadTime%22%3A0%7D; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uSWQiOiJhZDM0NTUwNWU5NzU0NDRkOWIxMWM0M2ZlZjBhN2RkYSIsIm1lcmNoYW50QWNjdCI6InNjMDAiLCJ1c2VySWQiOiIyMDA5NjIyNjk5NjA0MzkzOTg0In0.bdt2tOADF1swp4g_M8rGMi5M6CLflZ_dBocaih1RUXw\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:04 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-f15\"\r\nExpires: Fri, 09 Jan 2026 14:16:04 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 018ecb489e07b905da2cc1ef6b0e28a5\r\ncache-status: EXPIRED\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3861,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3860)","md5":"10c29fcc14cb10e6380eb34b766e1a94","sha1":"9bfec80b523e636d6936905c86ed8c8e0056b5fd","sha256":"502a85118a6f360ba335408c7bb47337e80cbd50fc70a36b3cc514dd992168da","sha512":"c8067d42facf797b6269dc086eebd6a926db739e30f7cf23ee157ecfdecf72baa805c71fbe29b09a4448887f480c10f095b6fc5a4e8ed1fb8f2e38d23d68be09","ssdeep":"","tlshash":"01811569bd9282bf7e6ba3183adfc5c4a62c2d508fc1c720ed22546649ff5713532390","first_seen":"2025-04-17T11:34:23.156078Z","last_seen":"2026-04-03T08:52:48.073155Z","times_seen":1172,"resource_available":false,"data":null}},"time_used":705,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":704,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.iconify.design/heroicons.json?icons=chevron-left-20-solid%2Cchevron-right-20-solid","fqdn":"api.iconify.design","domain":"iconify.design","tld":"design"},"ip":{"addr":"104.26.12.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:04.121Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iconify.design","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 28 Nov 2025 02:44:50 GMT","end":"Thu, 26 Feb 2026 03:44:47 GMT"},"fingerprint":{"sha1":"16:D5:1A:12:51:59:5F:98:FA:18:F5:A5:61:9A:55:CE:24:8F:31:40","sha256":"71:5B:CE:48:56:9D:12:EF:6E:B1:89:DE:16:64:0C:2C:91:E7:C8:CF:94:D2:12:AC:64:17:70:D9:6B:61:16:5F"}}},"request":{"raw":"GET /heroicons.json?icons=chevron-left-20-solid%2Cchevron-right-20-solid HTTP/1.1\r\nHost: api.iconify.design\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://tqyy5mv8.top/\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 09 Jan 2026 13:46:04 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, OPTIONS\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding\r\naccess-control-max-age: 86400\r\ncross-origin-resource-policy: cross-origin\r\ncache-control: public, max-age=604800, min-refresh=604800, immutable\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vDtuzoMWeboBJuFVlst4Ig6bIgb8t79vUSsU1cqwoukZ9JTFtlUjuSPaXajdGXsp%2BMF%2Ft4%2FQR%2B5M9R6eomphbiqJkqBc2Ix8ublXaMXn4g%3D%3D\"}]}\r\nvary: accept-encoding\r\nlast-modified: Fri, 09 Jan 2026 13:46:04 GMT\r\ncf-cache-status: MISS\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9bb460f36f57568e-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":639,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"b4f3085ad4e64d27c64db5d7c971abb2","sha1":"68694b636d901fa97fe580b7045e7e1f139d3555","sha256":"6cbbe1554d46b455d2da350f5d004312ecacd53e16d94c6f7db1ee39b758cd84","sha512":"73167f3b2fde6321e77be78307a24dbd5e54e827542650e0ab62e33725b87200ceadc665ee4507a728a994083e9eba92b783b462a8007398eacda776edf397e1","ssdeep":"","tlshash":"d2f0f4a0243ca0bf5507863fc9ba02a98f7e6cd0366ca4a4163ef47064376ac4667950","first_seen":"2025-09-27T01:18:46.981952Z","last_seen":"2026-04-03T08:52:48.178179Z","times_seen":954,"resource_available":false,"data":null}},"time_used":653,"timings":{"blocked":555,"dns":1,"connect":1,"send":0,"wait":72,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/KEEe2ipC.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:07.143Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/KEEe2ipC.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:07 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-8cc\"\r\nExpires: Fri, 09 Jan 2026 14:16:07 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 605dbf8f0062c01e643703b0ce04f054\r\ncache-status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2252,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (2086)","md5":"6cc892113f75dbb5d6dd66c4a3408c1c","sha1":"2d66edc07b13401985b6f6065c1d29c0f7f36dfa","sha256":"e7d2c3e3b04055106e7fd97eb8ebfa470c5fcd1f2f87f2c427c3687c9a3ff971","sha512":"7ad0cdc3468281b110cb401af9d31a1dff18ccaf101bdae339f3ed8a86835be9998a689abc37826b92eb235f8603018585eea0e8d8abbce812f8e45aeea2c11e","ssdeep":"","tlshash":"8441461ebcadea79caa22c90f8e5444016190f1cb4f879e1e69d2f341767ca0d90d378","first_seen":"2025-10-16T06:08:09.677474Z","last_seen":"2026-02-28T19:40:37.430809Z","times_seen":168,"resource_available":true,"data":null}},"time_used":887,"timings":{"blocked":566,"dns":0,"connect":0,"send":0,"wait":321,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/KGeZgdKO.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:07.156Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/KGeZgdKO.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://tqyy5mv8.top/_nuxt/WK6v7wUJ.js\r\nCookie: __vtins__KpRFCR70SZIqvH3Z=%7B%22sid%22%3A%20%221cf15420-f014-5f72-9571-3e5ac99affbf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767968160271%2C%20%22ct%22%3A%201767966360271%7D; __51uvsct__KpRFCR70SZIqvH3Z=1; __51vcke__KpRFCR70SZIqvH3Z=741b9b78-d70c-57a0-86b5-d7329b89456f; __51vuft__KpRFCR70SZIqvH3Z=1767966360278; deviceId=37PEwMPYrDXTaEZEdYFaxb7i; userStore=%7B%22info%22%3A%7B%22userId%22%3A%222009622699604393984%22%2C%22uniqueId%22%3A%22204e50f4eea5492e9eaa812b9543f557%22%2C%22phone%22%3Anull%2C%22userCode%22%3A%223338FY6W%22%2C%22nickname%22%3A%22%E6%B8%B8%E5%AE%A2%22%2C%22deviceType%22%3A3%2C%22avatar%22%3Anull%2C%22signature%22%3Anull%2C%22gender%22%3Anull%2C%22city%22%3Anull%2C%22experience%22%3Anull%2C%22expLevel%22%3Anull%2C%22account%22%3Anull%2C%22userType%22%3A0%2C%22parentCode%22%3Anull%2C%22agentCode%22%3A%22JNO2R7YK%22%2C%22agentAcct%22%3A%22sc00_03%22%2C%22masterAcct%22%3A%22sc00%22%2C%22merchantAcct%22%3A%22sc00%22%2C%22coinBalance%22%3A0%2C%22pointBalance%22%3A0%2C%22vipBegin%22%3Anull%2C%22vipEnd%22%3Anull%2C%22vipFlag%22%3Afalse%2C%22userJob%22%3A2%2C%22deviceId%22%3A%2237PEwMPYrDXTaEZEdYFaxb7i%22%2C%22roles%22%3A%5B%5D%7D%2C%22searchList%22%3A%5B%5D%2C%22scrollLeft%22%3A0%2C%22downloadTime%22%3A0%7D; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uSWQiOiJhZDM0NTUwNWU5NzU0NDRkOWIxMWM0M2ZlZjBhN2RkYSIsIm1lcmNoYW50QWNjdCI6InNjMDAiLCJ1c2VySWQiOiIyMDA5NjIyNjk5NjA0MzkzOTg0In0.bdt2tOADF1swp4g_M8rGMi5M6CLflZ_dBocaih1RUXw\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:07 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-2af7\"\r\nExpires: Fri, 09 Jan 2026 14:16:07 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 3a9a6a332813a5b205fd81eb20818741\r\ncache-status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10999,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (10878)","md5":"e89fda158cdee0b899ab8763a1d3c65f","sha1":"bf0863b57646d0af21b77c5a007c9bc0cad0b502","sha256":"dbfee3bab623f82de9f2dc2e7dd141228277a152fd30ac3f76d6fd3074b5048d","sha512":"246c2b7b9b2e6ced8bf12b097fa32d40c261fb4b809136466834225d94ea4d29844745e49caca6b755d15407bfef592b5cc58b070e187df1d00e1c7aab509385","ssdeep":"192:t7qVgDRgFIsPSidbEXJmXbGykf/Xk6msa0x/HPd+SocRxnu6g:tVDRgGivdE+bGXXkjt0x/HPWT","tlshash":"4832750df110f679e73bc8d4c4a849056a0bb75946e882b1a1fafe1fc2d5c74ba48735","first_seen":"2025-10-16T06:08:09.751343Z","last_seen":"2026-02-28T19:40:37.430337Z","times_seen":165,"resource_available":true,"data":null}},"time_used":647,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":646,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-12-19/10/2001848674278170624.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:03.410Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"OPTIONS /image/2025-12-19/10/2001848674278170624.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: responsetype\r\nReferer: http://tqyy5mv8.top/\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:04 GMT\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: responsetype\r\ncontent-type: text/plain\r\ncontent-length: 0\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":2604,"timings":{"blocked":1021,"dns":345,"connect":366,"send":0,"wait":503,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gtb.lyb63.com/image/2025-12-29/20/2005612937769246720.webp","fqdn":"gtb.lyb63.com","domain":"lyb63.com","tld":"com"},"ip":{"addr":"120.203.230.7","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:05.623Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtb.lyb63.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 17:05:34 GMT","end":"Sun, 29 Mar 2026 17:05:33 GMT"},"fingerprint":{"sha1":"6D:EA:94:32:4C:D5:58:8B:3F:E6:95:D7:2C:31:FF:03:1E:A6:C1:19","sha256":"63:BE:81:35:7F:C3:D3:1C:BA:02:9D:F6:B2:11:F0:D2:41:E3:04:EC:2F:1E:62:B7:F1:C9:3E:63:DC:70:CA:DF"}}},"request":{"raw":"GET /image/2025-12-29/20/2005612937769246720.webp HTTP/1.1\r\nHost: gtb.lyb63.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://tqyy5mv8.top/\r\nresponsetype: arraybuffer\r\nOrigin: http://tqyy5mv8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: NgxFence\r\ndate: Fri, 09 Jan 2026 13:46:05 GMT\r\ncontent-type: text/plain\r\nlast-modified: Mon, 29 Dec 2025 12:12:42 GMT\r\nx-wasabi-cm-reference-id: 1767101741221 154.18.200.102 ConID:1249966208/EngineConID:12250653/Core:68\r\netag: W/\"4e560d0ed62ea27012894e8f0eeefebf\"\r\nvia: 1.1 cc18dd7fa2c068ac22479a63cf9e820e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: SIN2-P5\r\nx-amz-cf-id: TUiG-PoQ_DudIST2Z-wxK7ngl_CndONe48WplT70Yo9dpdG9Ww3SPQ==\r\nage: 80768\r\naccess-control-allow-origin: http://tqyy5mv8.top\r\naccess-control-expose-headers: *\r\nx-cache-status: HIT\r\ncontent-encoding: br\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":90796,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"4e560d0ed62ea27012894e8f0eeefebf","sha1":"80eef79f4e632ea7d4c41aa5b9008703a95b7dca","sha256":"7c202f06decf0bea5c071c37f61549ceb016351881e21e419c042d3f42296962","sha512":"99633af7b94aac4e0cf5082dc8baa05e8a2b1cc5f6536a0191a56c70444b8fcc71d264cd837123b30652da52985fe0bcbe8f1ac03dfe6f122be97b68a3f771ec","ssdeep":"1536:LRu4EAJRfK8XJfhLkltPX8j4nSejxuUl/UzQMVSsnNq4kAp+mAYyr9eNfFry+J4R:Y4i85JYvME7l/KQMdlk2uproHt4rN","tlshash":"4d9313aa13106b5e152a33ee80db656cc2b155c7a235ef4a323782ddc883f3d7759293","first_seen":"2025-12-29T22:52:08.780162Z","last_seen":"2026-01-09T13:46:53.960786Z","times_seen":97,"resource_available":false,"data":null}},"time_used":1004,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1004,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tqyy5mv8.top/_nuxt/D00SvkOZ.js","fqdn":"tqyy5mv8.top","domain":"tqyy5mv8.top","tld":"top"},"ip":{"addr":"45.202.214.180","port":80,"asn":984,"as":"OWS","country":"Mauritius","country_code":"MU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://tqyy5mv8.top/","date":"2026-01-09T13:46:07.141Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_nuxt/D00SvkOZ.js HTTP/1.1\r\nHost: tqyy5mv8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://tqyy5mv8.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 09 Jan 2026 13:46:07 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Oct 2025 11:25:21 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68ef84a1-10347\"\r\nExpires: Fri, 09 Jan 2026 14:16:07 GMT\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nServer: layun.com\r\nX-Request-Id: 36717617bd4e63657fa317bec5c16478\r\ncache-status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":66375,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (24383)","md5":"92cc1fd9dcb9e844070b8e343d172020","sha1":"cdce0a602d631104b73c77f24712b50188b6ee8e","sha256":"5728f5968e19cffab28a3f34de7f794627e1b18254c6db16c02ae12c5049c316","sha512":"1f835393f035b1aaeb22dc68822a9064c162fb64042290001fbad2986dd7dc4797ee67a3ccd0c8ed6131a311d1ea19e7b32fa33cfa5705a58abc3852f3555d5f","ssdeep":"768:7onQclkeAyltuHUSMO64WKMsgrTyBkcOYJSxv5JTDIfXSg2HxyYt+xM/M+xDZeYo:7WvltuHBMO6jPvTjyc4jDD7Nez0","tlshash":"215318a9354131376bd845d060eb2816703468287d4c90ecb97de9db5aa2a0e50ffffe","first_seen":"2025-10-16T06:08:09.596693Z","last_seen":"2026-02-28T19:40:37.443949Z","times_seen":164,"resource_available":true,"data":null}},"time_used":1103,"timings":{"blocked":567,"dns":0,"connect":0,"send":0,"wait":332,"receive":204,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tqyy5mv8.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}