{"report_id":"aa0fc651-7194-446f-aa96-8fb223719170","version":6,"status":"done","tags":[],"date":"2026-04-05T17:45:08Z","url":{"schema":"http","addr":"dksylmnl.upjswkg.top/","fqdn":"dksylmnl.upjswkg.top","domain":"upjswkg.top","tld":"top"},"ip":{"addr":"154.207.77.151","port":0,"asn":63888,"as":"DATAWING LIMITED","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"title":"911爆料网 - 吃瓜爆料黑料第一站｜网红翻车、明星八卦与娱乐热点黑料每日实时更新，真实爆料不掉线","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"dksylmnl.upjswkg.top/","fqdn":"dksylmnl.upjswkg.top","domain":"upjswkg.top","tld":"top"},"ip":{"addr":"154.207.77.151","port":0,"asn":63888,"as":"DATAWING LIMITED","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-10T17:45:08Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.upjswkg.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.upjswkg.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"ads.zyudkkup.com","ip":{"addr":"154.207.252.62","port":443,"asn":0,"as":"","country":"Seychelles","country_code":"SC"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-03-27T04:58:20.753308Z","last_seen":"2026-04-03T12:35:40.265266Z","alert_count":0,"request_count":2,"received_data":1489,"sent_data":1022,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.251.143.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-03-29T22:23:59.734728Z","alert_count":0,"request_count":1,"received_data":446205,"sent_data":401,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"dksylmnl.upjswkg.top","ip":{"addr":"154.207.127.62","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"domain_registered":"2025-06-25","domain_rank":0,"first_seen":"2026-04-05T17:45:15.088129Z","last_seen":"2026-04-05T17:45:15.088129Z","alert_count":2,"request_count":1,"received_data":233985,"sent_data":489,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"dksylmnl.mvbsghet.cc","ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-04-05T17:45:15.091207Z","last_seen":"2026-04-05T17:45:15.091207Z","alert_count":60,"request_count":60,"received_data":4220053,"sent_data":29238,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"jQuery:2.2.4","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Parsley.js","description":"Javascript forms validation script.","website":"https://parsleyjs.org","common_platform_enumeration":"","icon":"","categories":["JavaScript libraries"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Clipboard.js:2.0","description":"","website":"https://clipboardjs.com/","common_platform_enumeration":"","icon":"Clipboard.js.svg","categories":["JavaScript libraries"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"pic.lfvjpw.cn","ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"domain_registered":"2025-06-18","domain_rank":0,"first_seen":"2026-04-04T13:26:51.706474Z","last_seen":"2026-04-04T13:26:51.706474Z","alert_count":102,"request_count":102,"received_data":16644192,"sent_data":46788,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"75cabaa694772e45b2ee3d32608818ba","sha1":"5b7147b6b284896fdfd65020075e439ae00c4b02","sha256":"cdf91797af06c3d3ac64af3fbd511a25069729174cb1bf72a7fdc44fae38a20f","sha512":"d155d8e3e8b92461563b52e1031029d977b9047f405e874a0616a317d394bdcaab45303cc98e9e78eafcf7aa8455318edee51115daaea4f213f0e7725e221f24","ssdeep":"","tlshash":"d5c08ca780001213157bc022488631e00eb3199b04900859ca32efc2a0b4c6c090ecac","size":146,"data":"","first_seen":"2023-03-13T16:33:50Z","last_seen":"2026-04-05T19:59:31.462751Z","times_seen":13449,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"4c6b1e899ea889c8c1f2bd65cb501462","sha1":"557d6617d6ec538a904a1adcbeb98255f1183d10","sha256":"70f1febf28c9d1b25c33557f7b388570d321d6f78a275cc3a78de7b30e7ba215","sha512":"a047e2ca1976eb8a30aef7185739594ceb962306d317a641ebc1c14028099368e0e2cdfc439231e41fb3d852c4fa2c3f5eff56219181dd64934fa8e89b49bc4c","ssdeep":"","tlshash":"4fb0127eb99a5d0f0906355c32ca67dffdb9c356004646e1386947f5c1f12e25c46d08","size":104,"data":"","first_seen":"2026-03-14T08:10:57.674597Z","last_seen":"2026-04-05T18:47:57.563651Z","times_seen":140,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/plugins/ai/common/vue.prod.js","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"de7abf4d43f144b780fc86236b5eebd6","sha1":"487259535f3903caee0e2825d4d70e6c273e56f7","sha256":"a43ac70eed708306fcd8911a746c2a92064e529969a1556c1d3dd289e493bdb9","sha512":"43800eaba113898adb4c1c8e98912ac7f5566377d323552d39ea5cd13aa3be5b0280158d4ddbc98419dff57799df8b9bf9c9b4f8a09591d7a1f7fb013eebed0a","ssdeep":"","tlshash":"d51154b90c04f6133ab726d384476198e670402c70adf48525e8affd84a31fe9677f1a","size":1000,"data":"","first_seen":"2025-06-30T03:33:26.758879Z","last_seen":"2026-04-05T20:01:44.427108Z","times_seen":8570,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/themes/Mirages/static/jquery/2.2.4/jquery.min.js","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2f6b11a7e914718e0290410e85366fe9","sha1":"69bb69e25ca7d5ef0935317584e6153f3fd9a88c","sha256":"05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e","sha512":"0d40bccaa59fedecf7243d63b33c42592541d0330fefc78ec81a4c6b9689922d5b211011ca4be23ae22621cce4c658f52a1552c92d7ac3615241eb640f8514db","ssdeep":"1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2","tlshash":"1e83c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","size":85578,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-05T20:09:54.951687Z","times_seen":265460,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d1a7f8805bfaf711f28437f8ab936ca9","sha1":"6f6d4f865195ee84d2cb4349f785ac3e2529decb","sha256":"1c47e66880af5210a71b11dae6f3b7fd15259b6ca025b933604e17850d06d774","sha512":"20aebba0ad67acc54c70b1f7d703fbf3538dabef5b0de519cb75baaadc117eddd3dbb475a669bf0a2b049ed2d54c55110c79c950e1c5ef934947dabc2da0ae60","ssdeep":"","tlshash":"a201241dbae31458b61337389b3f4389787015032428db88f84ce681af60c2594feaf9","size":683,"data":"","first_seen":"2023-03-13T16:33:51Z","last_seen":"2026-04-05T20:11:58.576752Z","times_seen":25923,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"eventHandler","is_inline":false,"md5":"dc0ea1812fd40126011a611091393b96","sha1":"4a34210730ab9250b979f47333baabcd095039ee","sha256":"edc136620c5c1da57ae3ee3b8c7c4e3d111e038f32b23864c90664fe132ded35","sha512":"7a9e3ef0f091d0bc9f07861c5e88eedb72f2163b8106feb6d7217da7d070c68e05e8f17b7ac0e9a3a84b6e856d7d7d45d7171b29242431a15f30859c995f438c","ssdeep":"","tlshash":"c3c02b6b00b898fc374d058161f80a8e8054405f040a0e1230cd8c705d14b721003c10","size":135,"data":"","first_seen":"2026-04-04T23:38:07.753325Z","last_seen":"2026-04-05T19:37:44.055754Z","times_seen":142,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/plugins/DPlayer/assets/DPlayer.min.js?v=3","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"0d4c06fcdaf7eff11abe92dfc672cd32","sha1":"9ea7452a7e254d629a5b8228cac7f50963634b6c","sha256":"b56e3355bd9f367512b1b1280f3dad089ba306c0d43eca22793d52f9e9d0e074","sha512":"dbc8ccb227033be3fda38dce4a421198c9461630610f1a4ac31a9ca9868884fe8b4ee7a468d46dd105dbf1f726f90537bb1d95c2f2e0a45363f4d6614dc232e3","ssdeep":"","tlshash":"6c11571208888436024260d0874d9f0f7eb2633684995b53b3aeabec5b9ac5dcc2b462","size":1000,"data":"","first_seen":"2025-04-13T03:23:15.029327Z","last_seen":"2026-04-05T19:58:08.970071Z","times_seen":5811,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"209d4f7eca3bfd7087914fd5b978cbe2","sha1":"d9c62907900144a0780887c9f4a33abec46b7086","sha256":"a80086e1812094ae9561b201daf351cc4d86769e5133d23b63d15da23cf5bc96","sha512":"c8287ba5bfc11e98ff2ba49555206dccd7674ce8925e807f7fbbb0767658c1afa5978d44a7aa9f1efc5b2a7a3bed0fb911e619da829d0d12091fd55eb0f1dbea","ssdeep":"","tlshash":"674111694d06d22566451038ad0fe74127ca9367bc4cf701f2ecda486faea2ce4b9ce0","size":2016,"data":"","first_seen":"2026-03-30T17:27:30.677651Z","last_seen":"2026-04-05T19:58:13.689764Z","times_seen":499,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"e50ebfcefd6cb362885dc70437b0b101","sha1":"e6e5d4b64aac6e38387e236b4b02315fe29fab79","sha256":"f1f9bf4ad7f37b1525d117e49369dc6d7116efca1c61f2de3c9b2b837bad2d2b","sha512":"0ff4be125d40b9d058327b4a9878a0a340609b5bfddf9134d12f57e8efa05b2ce3625f97ea0c16e574b3fef4602d377552a5bb5c1e2ec49a66a1b96f3b70d7d6","ssdeep":"","tlshash":"cbc0929c80e3e080a55a2229729e838929f2800b2a96e72bbe1c81486f0059e45385b0","size":144,"data":"","first_seen":"2023-03-08T09:43:22Z","last_seen":"2026-04-05T20:11:58.593149Z","times_seen":25893,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"eventHandler","is_inline":false,"md5":"05c4ea308124346fa344376724ed2da8","sha1":"228961e4dd79a3caaa138b8a6f34d09a3ac3b1cb","sha256":"994992bac875eade5f959da7d71afb8552dd3245337ecee55f5f841aca4f571b","sha512":"c5e4aa113def48c5837acb301a1c1f10d1a769073897342ae9d3abe9a90a3394923e07a12eedba2a9a907f34ececaa60fdce1c59b8cfb187c51f7bda7191b344","ssdeep":"","tlshash":"c2c02b6600a468bc234b198161f80b85814840de1c0a0d7710cc8c712e15b711047850","size":135,"data":"","first_seen":"2026-04-04T23:38:07.772372Z","last_seen":"2026-04-05T19:37:44.054672Z","times_seen":130,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"6b830308a1a08943bc9e8432071fe5b6","sha1":"83d324a6f97ca383681c7556a2ad8d43dfd76fb6","sha256":"4e4fa5428df980edc4f74a0ece9e46669968de34a5c65b3836dec16c85e4a68c","sha512":"2c0707770ffc50e0de08e62db0f3aaef63d7ebc895f8b42bf971ed174e485003ecd5b60e5586681ec4829d6996721e094f1b443f719a01863feb5c5b8e11bd7e","ssdeep":"192:UDKhafGfAG/QN8QgVa5yvpLkq4mDycdJH06y7zN/0ovRJbVhZ8WRqh9fd5gMlpJM:Uehm1ERBzWSb9pi","tlshash":"1f220e0c9ef35079b127303e5b7f524872799113520ccf157e5ce290af60966aababf8","size":10527,"data":"","first_seen":"2025-12-11T23:03:23.672917Z","last_seen":"2026-04-05T19:37:44.039072Z","times_seen":571,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"bc102016899b24c77e9c95a22f063c13","sha1":"8c020ef51e507f0af8d6fd4bcad8c9457a4dfc6c","sha256":"3913329daf0872fefe111917f6584d602e95744e75d57208243f4698ec1f93c0","sha512":"226679eb8092047ba6fc32939662ee86baf76f91fed7f3b72407ae24cd1f004106edfddddfade06562cc52abd1133312c074eae7e9cb5063b6345a1c50ed945f","ssdeep":"","tlshash":"dd900202882b1dd82ca00009817d3c88f381299b01f0d4082804f056ce9008e0a081d0","size":55,"data":"","first_seen":"2023-03-08T09:43:22Z","last_seen":"2026-04-05T19:37:44.039614Z","times_seen":11523,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"1579c52ff61cdec128cf781b8e2a7553","sha1":"f7ab585d0ed7382e91cdb758e5811cac1c6ac055","sha256":"564c1538a6332ea0b951ef1f0b9ffabdde6327a6798bd4de82bcd3564c5f0d2b","sha512":"7d11fc459f35d90be08a6388b109c2936d57c5b42da1f37f25e82b3b2e730209b6d0ae7fb04b1740879957a8e8b1f861d3bb31151a0ce427d0ae3be0a3669c93","ssdeep":"","tlshash":"0ff00ea42cc8402543321125767bd1487139292a2c0eed18f18c84812f99ea808bb90c","size":506,"data":"","first_seen":"2025-06-15T17:16:56.772684Z","last_seen":"2026-04-05T19:37:44.047576Z","times_seen":774,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"eventHandler","is_inline":false,"md5":"51ef46f2b172aa641eeea13a82c153b3","sha1":"9112700c23f1dbae5985053cc955843e4e31231e","sha256":"64ad4dba05d0859829e988fa70f204ae27b2ff331a97db0cdfe792f2ce0bf350","sha512":"d5584ed979086b7e31e59597c7474cecad2bfa1b351dcbdaf6413f4207e51a8cbf0f30d1485b47e6ed37bf1d3feefe3b3eade2879a432d0033f1e47da27902ad","ssdeep":"","tlshash":"39c02b5a00a458fc238d228052fd0a89c688407d080e4d0250cd8c701d1cfb12807410","size":135,"data":"","first_seen":"2026-04-04T18:58:54.361828Z","last_seen":"2026-04-05T19:37:44.062182Z","times_seen":211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"0f644ded6bfc5d620f0c03a6978e7921","sha1":"3b83566660b779a041666866b7c81a28959ff40a","sha256":"003ca60c4cf5c0c65a3a2349a9ec7031584bbfb841829c5802b07bce41bcda61","sha512":"bf86cd65413307310fa5915f31d655c5630128345318effaba6d91f1b534fba5dd8b7cdcff7bba38781544fef2b36182ccf52b6dedde1b5713464606b318e023","ssdeep":"","tlshash":"5bf05005d0d386ebd9bb3b1216c74b843ba2698b7ec67f22719cd7499f004ec5478ac0","size":607,"data":"","first_seen":"2023-03-08T09:43:22Z","last_seen":"2026-04-05T20:11:58.601363Z","times_seen":25435,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"eventHandler","is_inline":false,"md5":"18fbbbc9f2d2df08a35952ba213e3378","sha1":"f84790334c17425338765528aed0a312cff2161f","sha256":"531fff95bcb462d80603a2634791260554d458b5d4f0284d096bd5f74f5ca531","sha512":"ebab14bbebd64f64510e74704fe48e0c24f0e9f8437790043ffd78709dc3f5819f94c0a5656fcaf13ec67bb9f0a2da6a2f306c8dbeb9e1f2a464b788fff47062","ssdeep":"","tlshash":"c4c09b6b41a5a4bc27591691a2f8069a92c8509d5c890d571cdd58715d54b721507411","size":135,"data":"","first_seen":"2026-04-04T18:58:54.399536Z","last_seen":"2026-04-05T19:30:53.6831Z","times_seen":207,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"eventHandler","is_inline":false,"md5":"e25784e39988e47db48972b47e967ff6","sha1":"c6dc749ab163ed72689ddfd8a8c10d22feb1986f","sha256":"2e55cab31b02b53199b482c54718dbba2a65370eeb911fe1f15617cb3d9eb635","sha512":"6ac89bcaaa11cc79082e8c3a9af190902d56b68e442d0ffc3d80059c56d32148a0eef05006928f01b1da6316a58c7e0846b21ad1ae90b5fc9ee6fa8fba0be468","ssdeep":"","tlshash":"15c02b6a00a4d4bc234e11c291f806a6c244005f04090d3224cc8c705e1deb11007810","size":135,"data":"","first_seen":"2026-04-04T23:38:07.798658Z","last_seen":"2026-04-05T19:37:44.060002Z","times_seen":137,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"36c5b99772d821752789e963ed9a3023","sha1":"602e8f9dca590d4922a2905a000dd0ff649574d8","sha256":"5f4794b8ef7384a1ba2983d8e1765f152d17a43dc479c4369903ce50b7c82e70","sha512":"bc1ddb43c233e304b61677916cffb54fa84b1eb41584f00fc05fc8d200092fdbcbd6b147bbeeaf9bb378bf2def24525fbe150ed36a64d50479e5fd6c08a64e72","ssdeep":"","tlshash":"0f1168cdc853067c166b0acb1ee306c82352a58be446c22732edd74e9fc42d458397c0","size":966,"data":"","first_seen":"2023-03-08T09:43:22Z","last_seen":"2026-04-05T20:11:58.604919Z","times_seen":23600,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"2962a9deb7687bf35e367f70cb282057","sha1":"358721449e402d5df67516e7971e51375f8824e3","sha256":"e03252e04637cfe29e4d5f0e8f9a43817b4e02d36b375c4ee41a72e4da74616e","sha512":"16f0347c20dbe7b3cae5fd184648b2a86a3e33be3691fa4c82ef03476ef950259eb104a28347fbd1492b8335f4f174370832230ec2e1f9e097ad3e9080b136ad","ssdeep":"","tlshash":"b6d012308721b420c42b0947aa26138a24c2420a5644c00af26ca4882f18d823aa88e6","size":222,"data":"","first_seen":"2025-07-23T02:12:35.127984Z","last_seen":"2026-04-05T19:37:44.050366Z","times_seen":689,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"eventHandler","is_inline":false,"md5":"e25784e39988e47db48972b47e967ff6","sha1":"c6dc749ab163ed72689ddfd8a8c10d22feb1986f","sha256":"2e55cab31b02b53199b482c54718dbba2a65370eeb911fe1f15617cb3d9eb635","sha512":"6ac89bcaaa11cc79082e8c3a9af190902d56b68e442d0ffc3d80059c56d32148a0eef05006928f01b1da6316a58c7e0846b21ad1ae90b5fc9ee6fa8fba0be468","ssdeep":"","tlshash":"15c02b6a00a4d4bc234e11c291f806a6c244005f04090d3224cc8c705e1deb11007810","size":135,"data":"","first_seen":"2026-04-04T23:38:07.798658Z","last_seen":"2026-04-05T19:37:44.060002Z","times_seen":137,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/plugins/ai/common/clipboard.min.js","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"15f52a1ee547f2bdd46e56747332ca2d","sha1":"9a7cb405f9beed005891587d41f76a0720893ffc","sha256":"e17a1d816e13c0826e0ed7febfabc3277f45571234bde0bf9120829a7169edc9","sha512":"ecee695e9734a0246bc64f1151f0d81609f49ced6dfa32ee20e41d38c469e003c1eee678bd28eca73a79cba603b43b385735124db5b304567f2ca2619f214e2b","ssdeep":"192:s6IMH3HEG9JVwkHg4LyAal318/NYusfkApXMdgmkpj:sy0G9J1zG3eFYP/XMmmkpj","tlshash":"77126399b291b0b15ae731a9412f920bf2766969708b90d0d239d4f0acbcdde4463f3d","size":9160,"data":"","first_seen":"2023-03-07T12:23:44Z","last_seen":"2026-04-05T20:11:58.372736Z","times_seen":23532,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"71e2bf9fa256ab74c3dca41eeffb3f41","sha1":"0af7be08dc46642590ce173fd133c3544e44c4af","sha256":"a6d2c1a4973c74c5a55469ef9101ec8d540412afa59af1359eb1139d4ae28073","sha512":"6fe5e1660a94b72b9c8ac0dbcb792213fd5e47bf3f5626ff126aceab1bc1b3a50972fb1e8d85616f9cfead158c457c1d02d0f89c40e3354d05166899c3057fd3","ssdeep":"","tlshash":"51f0c23a1a10987d461b438761b543edac51140fa805644a733c07982f4cd6e2232cbd","size":559,"data":"","first_seen":"2026-04-05T16:04:38.59803Z","last_seen":"2026-04-05T19:37:44.0517Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"b5b6789d638708aa10a33becbffe2089","sha1":"e4995b0d644c2503056fed8dcfa2bafb4d40a9e5","sha256":"90e7f043bc59c653bd82bfc78e9a71ec40ff37710a4d4a08770f5b1649c3de49","sha512":"dae81ce7a9afefe13825fe5a4fcc9f436c011e6edaa96b4e47dc038ef85e0a0e39cd2984c39577086244bb995df93c4f3d62358e9b0aded0d5a875c44ba97ad3","ssdeep":"","tlshash":"c9f0c2350a60e43e491b528743b643c9cd61150f3c05600e333c07d85f4cd6e5362c6a","size":559,"data":"","first_seen":"2026-04-04T18:58:54.372918Z","last_seen":"2026-04-05T19:37:44.052329Z","times_seen":198,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"eventHandler","is_inline":false,"md5":"da3e4ec585f842f82312b69342311883","sha1":"c127f25f257b4fc9b751f9df13aa88ba758a2f89","sha256":"1c0b369971cd7cf2c5262dd995a5f818a591a395f97f0f2a7bcdb1f83de5f5b8","sha512":"da304da2c89488832b5c18d73612d7ebed9d4bea4292afa82952e2f5ae54cb2540f28799c314efefb513041aa1d0b67fdc590f5dc077fb66105da6fe6b17f718","ssdeep":"","tlshash":"7ec02b5b00a9a4bc276d398152f817c5c18800ad080d0d5710dc48701d28fb11007410","size":135,"data":"","first_seen":"2026-04-04T23:38:07.782683Z","last_seen":"2026-04-05T19:37:44.046937Z","times_seen":130,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d038f9f8509a342920d800ee8554ef0c","sha1":"ece86a2bbef33e1c525a45e47a0fa9d70a085d34","sha256":"d0acb6e430eb427b6a2698f6f62fc2fe951fa1ea1442f2e93b3fa78fdd3dc919","sha512":"33e9d0bdb3cb3b0d020d98bb112f8057afd5f07ec43185df4bf435247b7982725b5f3af3fa246e7a9f83938a947e87ed9fc149970926e78c800102cad494b5b6","ssdeep":"","tlshash":"04f0c2730b259439420b829b42f64bca8d51145f3c09644e323d07981f5cd6f2232d6d","size":559,"data":"","first_seen":"2026-04-04T18:58:54.374444Z","last_seen":"2026-04-05T19:37:44.052953Z","times_seen":194,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"4bde45ed35fbd1f796416cae2a64dc43","sha1":"9e41ee4bd183cdeaf1367bdf629104e28951f4ec","sha256":"5f5d51933fff86bfc307c008c80d0fddf57ababb5d48f88d30c13669e5e06422","sha512":"50c8edccc811397917cb8393a407231958055df13be98a6e746317f8dffd92cdad426a6d9560bbb67e66df9c1116d97551ec51242fe4b56d2c1144093e3b8dea","ssdeep":"","tlshash":"6af08622025a84794b5b829b517513c5dc51380f680fb10a732c07cd5f88dad5122969","size":583,"data":"","first_seen":"2026-04-04T18:58:54.375856Z","last_seen":"2026-04-05T19:37:44.053554Z","times_seen":191,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d2f7f85681def06ccf18b8452fe5fd0f","sha1":"2ef68674c5cd1e59f8d3b3378432dd7bbed4d503","sha256":"2505374582cca06478bf715507eac9e8f0803d2e4c78c9c03f626a4f3a134126","sha512":"ce0596bb7fea3ca630389e6f3a10f7fdd2a34f54678eac7dc3c90c86f6d8ce4f230b09644132a8d00fa19d78bd9782ad8ef628c5fb518dd03b777ea9143327c2","ssdeep":"","tlshash":"2ef0c2b20e249839618a568b41b643c99d92240b3c07644a721c17d91f4cd7e36b2c65","size":559,"data":"","first_seen":"2026-04-04T18:58:54.377367Z","last_seen":"2026-04-05T19:37:44.054131Z","times_seen":186,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"73659188e672c53e071793fde9e9c802","sha1":"42ebce1cdcc4139e4aafa482f311dd251b666f98","sha256":"e44dea08118dd0df9ae4345d58f077c8e00a53cd52cd043e2d8dddba3a0d5f46","sha512":"c1df86a467dc687c6c700beb2759c1083faeb26890b7faf8717e16e743ae8472d407bc02f8e5a667fa2d4fc8eadf44b96721a95cd3d8177a03c33f70c5a9a466","ssdeep":"","tlshash":"0cf086211a56907946ab828f9a7557c6d952380f3801b40a33bd07c84f4cdee5161966","size":586,"data":"","first_seen":"2026-04-04T18:58:54.382014Z","last_seen":"2026-04-05T19:37:44.056291Z","times_seen":181,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"6d00d8243f9a47200a7200c892890ba8","sha1":"13fd88675f33ad68cf6945e3722a9e650ec37ea3","sha256":"39e5aec91edeebe4c1ebe351d463a0bc1d488eef7c654678b931701f38b64568","sha512":"7a014a73105daddfa56069e073221b12e6cf2cb46a0a7e1f8f50ad2594903b10b8d20644a51168c735646bb250fd78c15b90c28b8b2a13310b8bd40ecda97952","ssdeep":"","tlshash":"86f0c2730a10d439590a428762b543c99c61244b6c8aa08b333d1798df4cd7f1222d69","size":559,"data":"","first_seen":"2026-04-04T18:58:54.385783Z","last_seen":"2026-04-05T19:37:44.05943Z","times_seen":178,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"eventHandler","is_inline":false,"md5":"05c4ea308124346fa344376724ed2da8","sha1":"228961e4dd79a3caaa138b8a6f34d09a3ac3b1cb","sha256":"994992bac875eade5f959da7d71afb8552dd3245337ecee55f5f841aca4f571b","sha512":"c5e4aa113def48c5837acb301a1c1f10d1a769073897342ae9d3abe9a90a3394923e07a12eedba2a9a907f34ececaa60fdce1c59b8cfb187c51f7bda7191b344","ssdeep":"","tlshash":"c2c02b6600a468bc234b198161f80b85814840de1c0a0d7710cc8c712e15b711047850","size":135,"data":"","first_seen":"2026-04-04T23:38:07.772372Z","last_seen":"2026-04-05T19:37:44.054672Z","times_seen":130,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"5383c99eb3927a538b79eefcae78f5d4","sha1":"08fe1674d2a78da4b465448f083588e4106b0d0c","sha256":"3398a74b66b7d3db9f5e0a172fc38e4f91a6c564c2527fbf1534627fc4d6e25e","sha512":"4abbe9892690a1029b864913baf3f5824d5dd6e8e1103b252a15088bb1c0da5ecc1d80e510ae2251cb0bb99dc9a6c154af46ade6a2f65a747c4fdffafafdd874","ssdeep":"","tlshash":"42f026622a6291bd45d7c687122603c9b815280f2c01700e335c07cc0f8887d1522812","size":586,"data":"","first_seen":"2026-04-04T18:58:54.395238Z","last_seen":"2026-04-05T19:37:44.060985Z","times_seen":175,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-NGV4MXSYPX","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.143.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"211625afa02522acb331c4ff77b9bbd1","sha1":"0bf95456a06dc65a7456dd72d0c54e4516fdf840","sha256":"2bd545340711ef6be6308be43cf037e3142c0e3d1421ae44adb43ab601e1ddbe","sha512":"17fcae039b86ea1ee1a9c82be2e98e8cbf1546d4c801f6d8f715c6086bd8ae545b25aa79ac23ecb901fd8cf14e0a4d32e871539c356cda8ee6cc6d9e7fcaff29","ssdeep":"","tlshash":"05113a06f01aedb684219771f08d658672be88f147ec2800974e8e9c3ca58b13d3b627","size":1000,"data":"","first_seen":"2024-11-05T16:01:37.363662Z","last_seen":"2026-04-05T19:30:53.687943Z","times_seen":535,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"8b4bdbef75668f47490eb2d5640196b9","sha1":"02ed558cd5cbacd3281a8475ebd13ccf593dfc57","sha256":"8abe7119613ec5e1dd9818a088ca793e43a415918d32749afe3ae3fe26e6c297","sha512":"37b26a73e2168149baaf06f006c9c7d16e45d271921c5e255840d162e4a68f38bd9cfe9beb986d2d57d8d6e5bc7c22a67b44a6543632981d9b13e063b48f004e","ssdeep":"","tlshash":"bef026260676d47a46c6c29711b183c6a811298f6806b00a732c0bc84f4cc7e7121d66","size":586,"data":"","first_seen":"2026-04-04T18:58:54.397453Z","last_seen":"2026-04-05T19:37:44.061536Z","times_seen":172,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/plugins/tbxw/js/zzz.js","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"78dab9fcf576de8cba46edd716dd2309","sha1":"7113abe41f95159f9bfccf70d01bdda1055af2ad","sha256":"7c66d6c8e2c470780513a282b66e2b5b7429ed863d6a0ecd6054b38dcda004b5","sha512":"dbb858875e532b475f827c930c154cac09e9a952b20053a0f7e1b34a050100a0a3a41f8aabeeab4af2dd90082363fe3ced3a5957f7250a4918d305b49655e040","ssdeep":"768:J1Z4iiyfiD78x6l42SWRV4HC0o10LEnM9OT81agZnEpn6ZFCsUleZ:vZYDc6lXJd1mZpZEdq","tlshash":"da331bc5a19c609153a774d50d7f704bb4637526170d89acf228e8eeecfcaea9039d38","size":50811,"data":"","first_seen":"2023-03-13T16:33:51Z","last_seen":"2026-04-05T20:11:58.523702Z","times_seen":26927,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"804b04260679cd1cb44d89db38fced0a","sha1":"1527b03d0722d41566912d5d894d80e817502772","sha256":"dd02a05bdc4e7f3fba82da2717e2d99ec474b75ed658342b8f762f475f8c452b","sha512":"4aaf57ce4966538960fb3d7f54c7e30573ba959ed266a94fbff59807d0c18f18c3578111156ffdee5172891d9f754c82956eb30dd08bb92c64ee081f7dbcdd36","ssdeep":"","tlshash":"8ef0c2221e10e879491a528b91b983cb8c61144fb905a84e332c07d81f4ceaf6232d6d","size":559,"data":"","first_seen":"2026-04-04T18:58:54.404018Z","last_seen":"2026-04-05T19:37:44.062991Z","times_seen":168,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/plugins/DPlayer/plugin/hls.min.js","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6500d0819044b735b19e66a2af45c909","sha1":"ee22d2a41cf2da3445d6dc90b74c43057b7b1552","sha256":"dbb8a7c5a9bd757936e8dc0f0f1b3bb121d37eccfe5bc4b46820cc2e87611f67","sha512":"d2cc5b3677ef78331b5bbeaf21506ad64815b42a981340fc4fc41265326b871ae7875b6b3d43572ac09112f2ed6b818cfe204c06234e2d87571cc288bbf49405","ssdeep":"","tlshash":"3b118cdc7565f4e603c250e9842f2907f33c6a799869e4c44154f8f0acfa469875be16","size":1000,"data":"","first_seen":"2025-06-19T19:09:15.866863Z","last_seen":"2026-04-05T19:53:41.377075Z","times_seen":4804,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"eventHandler","is_inline":false,"md5":"5cc8e50b713cd79352ca77b9150db754","sha1":"583d97ce9f3c545fbc6dcc127fa2f87d8b2cd847","sha256":"d4ab2628000b2c1f1a24ca2078dcd88a1d8a7bb87f5e95f6c731f50fe8afd86d","sha512":"7206454eaa968c8fdb88d28e97763d3f0199a2a21878ff3e7d95009427ee838012a098a2968d50ee3a799bc3b84bf4688a8d9e6f90bc12703ee27824bb463216","ssdeep":"","tlshash":"cbc02ba600ac94bc335a019153fc068ed188405d040e0e5310cd4c711e2ca721003410","size":135,"data":"","first_seen":"2026-04-04T23:38:07.781314Z","last_seen":"2026-04-05T19:30:53.696549Z","times_seen":135,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"730fc438805379a419f8715fb6b05afd","sha1":"1e72dc72d9c6c9d09469ffc1bf5f0d8a33183708","sha256":"df2e89cadf3b2de182e8f52b69274c8a926b79c7a6fe82781353def2d4d8396a","sha512":"899596e54e5b0925d4b4191263e4d2cdcd5d6339ee05310484d7387dd242ef1da8d818c83560286538384b1fedd1f79e73e76647f6372c4170fbaedf2b7a7153","ssdeep":"","tlshash":"8ef0cd22167a943d4597c287557507c6dc51280f3802b84a332c07c96f48e6d6161d66","size":586,"data":"","first_seen":"2026-04-04T18:58:54.408474Z","last_seen":"2026-04-05T19:37:44.063486Z","times_seen":163,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/plugins/ai/common/parsley.js","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4e84bbf7a68d90ae5048b572c49df4a2","sha1":"164dcbde378818a3f947919726099dae440d24f6","sha256":"9f685169ab4ac17e2cf4e5a995213cc0d878e9cafd55793260d1609a4aee105b","sha512":"525864c838082d9e05d4e87229b4e95afe8d40c3f82cb3820f5126ec108998d4e2d2855aac8efcdfc718ca84c89cddff08fa69131734daecd990d95a7aa4948c","ssdeep":"","tlshash":"11110eec69e97021155721aada4fc446ba38c97311cc1c043e0d69b0aff457c17dab4e","size":1000,"data":"","first_seen":"2025-11-12T04:33:15.928399Z","last_seen":"2026-04-05T20:12:24.231512Z","times_seen":3564,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"eventHandler","is_inline":false,"md5":"dc0ea1812fd40126011a611091393b96","sha1":"4a34210730ab9250b979f47333baabcd095039ee","sha256":"edc136620c5c1da57ae3ee3b8c7c4e3d111e038f32b23864c90664fe132ded35","sha512":"7a9e3ef0f091d0bc9f07861c5e88eedb72f2163b8106feb6d7217da7d070c68e05e8f17b7ac0e9a3a84b6e856d7d7d45d7171b29242431a15f30859c995f438c","ssdeep":"","tlshash":"c3c02b6b00b898fc374d058161f80a8e8054405f040a0e1230cd8c705d14b721003c10","size":135,"data":"","first_seen":"2026-04-04T23:38:07.753325Z","last_seen":"2026-04-05T19:37:44.055754Z","times_seen":142,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/plugins/ai/common/vant.min.js","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8e7f17e24f74afcaa04f72a0f7e18bd4","sha1":"be2b895dbaec44939160a2b46fca1b4efd1f1f03","sha256":"254331bf0fa52650cd86f9f8fae9ee2483c81e5c3c44142ae33f62fd3778179f","sha512":"d22c99fa8fa9cbec950016a23c6950812c329767d69d855a1317d0afe2d91902056da906baf96a9c6c42ec802e918c55e7f86335743ee14931dc6719118e9ef9","ssdeep":"","tlshash":"a411c2953c12b451263724e6813f852fa075c43f95cc94b4f1d1acf2697357e8641e9a","size":1000,"data":"","first_seen":"2025-06-30T03:33:26.753852Z","last_seen":"2026-04-05T20:01:44.441194Z","times_seen":8460,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"61211e97ec2992c405784329e6440898","sha1":"222bc13497033952031f8974e0a2f654142b10d4","sha256":"35f06de6802ac1d2c7a7222233d2aeff3946fc3cc255eb64bfa861d4618b9283","sha512":"d4e4db13c25cde0a468a4868296e9707ea546da32e0f7cb5675a0bbd43d931fc5742210673f50b40ba112c78867c029846d7dfd94bdf2cce458b3d50c30ed68c","ssdeep":"","tlshash":"b7f0c2221e549879491aa2cf82b607ceec71145f3806b04e332c07d81f4ceaf6232c69","size":559,"data":"","first_seen":"2026-04-04T18:58:54.41111Z","last_seen":"2026-04-05T19:37:44.064032Z","times_seen":154,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"eventHandler","is_inline":false,"md5":"da3e4ec585f842f82312b69342311883","sha1":"c127f25f257b4fc9b751f9df13aa88ba758a2f89","sha256":"1c0b369971cd7cf2c5262dd995a5f818a591a395f97f0f2a7bcdb1f83de5f5b8","sha512":"da304da2c89488832b5c18d73612d7ebed9d4bea4292afa82952e2f5ae54cb2540f28799c314efefb513041aa1d0b67fdc590f5dc077fb66105da6fe6b17f718","ssdeep":"","tlshash":"7ec02b5b00a9a4bc276d398152f817c5c18800ad080d0d5710dc48701d28fb11007410","size":135,"data":"","first_seen":"2026-04-04T23:38:07.782683Z","last_seen":"2026-04-05T19:37:44.046937Z","times_seen":130,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"f11f9b3d2f9bf229dd1492119136cc0d","sha1":"9ec2c09849457322eb79e2cdab7a301dc7a47dfa","sha256":"a2834e63fa80c421ebaa7bdb84cb5a6a164a23274199d4c22704509a3605ccbf","sha512":"4042e287bce896506033151cc43d81b63903c1233f2da6223a168288174a8bf4ee9455707572e6435583e14093fc3015784c202c1b859c42a279cbafd92776ae","ssdeep":"","tlshash":"abf026210b25907a25ca828b016553c6a8b1295f380ab00a33ac07d80f8ddbe2170d25","size":586,"data":"","first_seen":"2026-04-04T18:58:54.412336Z","last_seen":"2026-04-05T19:37:44.072348Z","times_seen":149,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"37f96797fecd1e6442f3b02a6245fecc","sha1":"bc807ad6c913fb1e881f754354269e8a26296c2a","sha256":"73643ee4cd37355f0307673839e31255ab4e68f09a21ceb853ce1e69f33767bd","sha512":"82cb4d4773d7b6c780256c81b5f3fe70d990eb0ea4f0dff2f9cb6b9799db3cb0fc563e7179ad8256bc2970833eb281ca527c6ab5d6c4f61fe16d55942f81283a","ssdeep":"","tlshash":"c4f0c2720a61e87a428a96cb45b543cadd51340b2c05600a331d07d91f5ceae27b2c66","size":559,"data":"","first_seen":"2026-04-04T18:58:54.413708Z","last_seen":"2026-04-05T19:37:44.073402Z","times_seen":144,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/themes/Mirages/css/7.10.0/fonts/fontawesome-webfont.woff2?v=4.7.0","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.938Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dksylmnl.mvbsghet.cc/usr/themes/Mirages/css/7.10.0/mirages.min.css?v=6\u0026v=40\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: font/woff2\r\ncontent-length: 77160\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:02:02 GMT\r\nlast-modified: Sat, 22 Feb 2025 09:51:59 GMT\r\netag: \"67b99e3f-12d68\"\r\nexpires: Tue, 05 May 2026 17:02:02 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\naccept-ranges: bytes\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: IzWnk8Z7Tzd1cTyhH0VxpaWq3SGjO6nrCJhje3E9mq4VHljCu9ON6g==\r\nage: 2560\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":77160,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 77160, version 4.459","md5":"af7ae505a9eed503f8b8e6982036873e","sha1":"d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c","sha256":"2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe","sha512":"838fefdbc14901f41edf995a78fdac55764cd4912ccb734b8bea4909194582904d8f2afdf2b6c428667912ce4d65681a1044d045d1bc6de2b14113f0315fc892","ssdeep":"1536:/MkbAPfd1vyBKwHz4kco36ZvIaBfRPlajyXUA2jVTc:L0nXnHdfRVEAS2","tlshash":"7d7302e63b6c4943e03d6460708abe9f104b3ab42fe057e5c876db7f2722992b71552c","first_seen":"2023-04-05T03:30:47Z","last_seen":"2026-04-05T20:11:35.206325Z","times_seen":413912,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-03-18/f8e2e6bdc0078f7eabdab29647c06295.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.488Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-18/f8e2e6bdc0078f7eabdab29647c06295.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 18 Mar 2026 12:30:49 GMT\r\nEtag: \"0b0fdf9efe1395ca2e8bd6088f05ef94\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 18 Mar 2026 12:43:06 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 444\r\nContent-Length: 483104\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 5386971377526367799\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":483104,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"0b0fdf9efe1395ca2e8bd6088f05ef94","sha1":"d953f58f67c88b79b9543dc606d1ebb3f0b698c2","sha256":"50efb6697bdb71826148571cc334ecfca084e97aaa5457f3cea08da707df2701","sha512":"c6b1416b8ba3a54558dd04bb55e2d905fc449e11bd83e18d8d7fa924a6ba2b768bc3183d36d3f3f36268925973e973f216a4c212b47de1834bc8712b2cd9fd45","ssdeep":"12288:A3tpOCsReeKp3qsWwg8KXTtBtNEj1rlDbyPy0:6yCZRaPwg8KntNEprN2f","tlshash":"78a423dc7d5504c8c86ef85866f46f128c341a1983bb9a3f4b9b30b5c6f8306d5ba687","first_seen":"2026-03-18T21:18:37.787698Z","last_seen":"2026-04-05T20:11:58.519553Z","times_seen":5433,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20241108/2024110817202050499.png","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.811Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20241108/2024110817202050499.png HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 08 Nov 2024 09:39:59 GMT\r\nEtag: \"6de1cec53d03bfaa815997d1d6fc9f23\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 26 Jul 2025 08:46:37 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 9467\r\nContent-Length: 2704\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 8662445631512079656\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2704,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"6de1cec53d03bfaa815997d1d6fc9f23","sha1":"70dcdc42378060db8064389a3626e9fcefe8f9e9","sha256":"6be6773aca39a3e7a285ce1ca9fd0adda719dcc5746414c17590f1358b2ca256","sha512":"c786bba8bc2c5dd888777d5c50aa07f0b9e5f0db7f4b69a98f73f35469302d9da72c6e41fda3b5640c87e592a787b455cdd43773986ab67f3e53fa9a8416afae","ssdeep":"","tlshash":"c4515b72ab3631a858d6bf1f1200ae45f7186f4bee0cdb51908b45a8f70f4350b558ab","first_seen":"2025-02-08T20:55:59.133462Z","last_seen":"2026-04-05T19:37:43.984805Z","times_seen":850,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522335775130.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:44.054Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522335775130.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:34:12 GMT\r\nEtag: \"fd3ca210355c96d7aef272da9a2ae4c4\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:34:12 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 371\r\nContent-Length: 28224\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 11063445487169985323\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28224,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"fd3ca210355c96d7aef272da9a2ae4c4","sha1":"73c0839d8c437709f5a2cd644dfae281b3e12e8e","sha256":"836765cb6f25a4f272733361c118c1c97c96226abee186923847a5cba0278fb7","sha512":"2044246b44278b67c5548e0d4b05b6762ebd7ac254603630b9db6d1bb705546350e74756946c6cdf3d05a4b92dfdd68d8ff8f9815eeee685cd23c9cfc75c87cf","ssdeep":"768:UBmQVebsZP69NiUpcI3BK+ZTZmZjeqvxDv:mmLsZi9NiaHK+2ZaqJv","tlshash":"85c2f1ec4829c64b1bc8d7e4c191dec5f9cd85dc518cbfc0888a66fb1ea9708d96c923","first_seen":"2026-02-26T23:12:00.958235Z","last_seen":"2026-04-05T19:37:43.942135Z","times_seen":406,"resource_available":false,"data":null}},"time_used":68,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522372966388.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:44.055Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522372966388.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:37:38 GMT\r\nEtag: \"98063f2a65782c74b181be4fd4684bdc\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:37:38 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 164\r\nContent-Length: 31568\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 14227485402927712876\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31568,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"98063f2a65782c74b181be4fd4684bdc","sha1":"f328dc80b5a3ad68e34d34046baaa14c3497f6bb","sha256":"f7835973854f7ecc4eea0b46179053ee2ad3dd730fa43b5a3c2f741f98bcea0b","sha512":"2d0ca7c473106a9963b9caa198632fe9b4e074c895c7da4aeafcc4ed8f7ea3e7b906b4a3ccc26dc1490db1ee13a8f31f3a7725f69a49be6ad2d922c53cced941","ssdeep":"768:R1km0+DNxgIMEGSd43qp9iw61XBBkK7eZGCK6qm:R1kWNxdGt3qOXfHeqm","tlshash":"86e2e170254f98443c82592fbe16fb0e4c0e93b5a6031bbc0a531ad59454d1f5afbdde","first_seen":"2026-02-26T23:12:00.884403Z","last_seen":"2026-04-05T19:37:43.948003Z","times_seen":406,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-05T17:44:42.142Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:12:22 GMT\r\ncontent-encoding: gzip\r\nx-debug-host: airport.mvbsghet.cc\r\nya-status: hit\r\nx-server: web-node-1\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: 3sK5rMwRFGLUDopjiGqCOk8qm5lndhRCMWIIHdxq4VWdLWAE6zdegw==\r\nage: 1940\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"jQuery:2.2.4","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Parsley.js","description":"Javascript forms validation script.","website":"https://parsleyjs.org","common_platform_enumeration":"","icon":"","categories":["JavaScript libraries"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Clipboard.js:2.0","description":"","website":"https://clipboardjs.com/","common_platform_enumeration":"","icon":"Clipboard.js.svg","categories":["JavaScript libraries"]}],"data":{"size":233286,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2263), with CRLF, LF line terminators","md5":"dee37fa35e507de679a95c2df92c3101","sha1":"b9dc5b8f43058175f89e26f6cded85039851c931","sha256":"7c4a0ab04d5799199ba3413c39969e65146c9c2c54c3cdb42cb891cb3441ac65","sha512":"e855fafd3b4c36da7e29a460ebe3f9404805cd2ace95ad21500918bad39cc8c1e50df6b73ea02360c21b529b7eb1b3bcc8a3f7c36e095fab62435410af7850ca","ssdeep":"3072:BcwpNZ9JIUQQAuGNfyxE5tVrH8yP+gd/+IPiOPVFLI5x:rpNJIUQQAuyJH8DH","tlshash":"61342a562cf244b541a7b0d6a5f67b09fe80e00bd54add00b7accac4afc1eb294b3758","first_seen":"2026-04-05T17:38:42.519291Z","last_seen":"2026-04-05T17:46:03.336392Z","times_seen":3,"resource_available":true,"data":null}},"time_used":585,"timings":{"blocked":291,"dns":108,"connect":1,"send":0,"wait":2,"receive":0,"ssl":181},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/themes/Mirages/fonts/OpenSans/300.woff2","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.013Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/themes/Mirages/fonts/OpenSans/300.woff2 HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: font/woff2\r\ncontent-length: 16344\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:19:00 GMT\r\nlast-modified: Sat, 22 Feb 2025 09:51:59 GMT\r\netag: \"67b99e3f-3fd8\"\r\nexpires: Tue, 05 May 2026 17:19:00 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\naccept-ranges: bytes\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: JsqPwUObLD6Z1LPavw9YtrNnqkRcbRQvwX8xrvIQtymV3YWOhEewYw==\r\nage: 1543\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":16344,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16344, version 1.6554","md5":"c027111d6febba054f7cd5e5fddf2243","sha1":"7c6ebfb74210e4d368ba5df96b2c5aa448a3953e","sha256":"c347496b917562bd48ed65545fbced7c9fb2a3e48c1102708a7e615fd4fb2ed8","sha512":"1a819ee0993cbed2399265606b2adc0866dd34fcab1272b6d1798e08010cab4e38af1a2299d74a706690a3188d0081d92804568982fd23f6d2ce946ac29fb61c","ssdeep":"384:sO3z8BPeD5+oRjlrvO+uuGnSDKDPVb0fOovWO1aDDBAb:pgdeD5jRjpO+ugDKDPZ0mwV1aDD6b","tlshash":"ad72cf62810dd851e31137fd7c6622e0878cb0a392121bfc5bebd8ec09204e67ac43be","first_seen":"2023-08-07T12:25:19Z","last_seen":"2026-04-05T20:12:24.106236Z","times_seen":18260,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/themes/Mirages/images/navbar.png","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.717Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/themes/Mirages/images/navbar.png HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 362\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 16:50:03 GMT\r\nlast-modified: Tue, 25 Mar 2025 09:24:19 GMT\r\nexpires: Tue, 05 May 2026 16:50:03 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\naccept-ranges: bytes\r\netag: \"67e27643-16a\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: atS4vuwD2dOoS1d-qS96sDiY7NYry28E4c_E7tnqbi6OEkH5Wirjlw==\r\nage: 3279\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":362,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 104 x 104, 4-bit colormap, non-interlaced","md5":"0ada944a2614ca8436c842e3f3bf09b7","sha1":"8b14716e45dff592f9aa6f1d4e3b2c380fdb62d1","sha256":"3ecf6043d3ecdfbfd6da1b16b9836cd39f6d67395aa6b5e574310a05e7470fce","sha512":"31db68e0ad778b9e3460bfd1f9d4a96a1573891ddc0e8f37ec5d76b9aeadb9378033cb0f3b54c6ba5bb50d5b24320a10b1fc035beee4fffb84fb90ccc4b26b3c","ssdeep":"","tlshash":"3ce0c04276a9dc580bf02056847f644558185fa71560a812cd4ab054c47c445e983dd1","first_seen":"2025-04-02T09:15:20.124914Z","last_seen":"2026-04-05T19:37:43.993901Z","times_seen":863,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/themes/Mirages/js/7.10.0/mirages.main.min.js?v=5","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.774Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/themes/Mirages/js/7.10.0/mirages.main.min.js?v=5 HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:07:33 GMT\r\nlast-modified: Thu, 15 Jan 2026 02:59:10 GMT\r\ncontent-encoding: gzip\r\nexpires: Tue, 05 May 2026 17:07:33 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\netag: W/\"696857fe-344e3\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: w7j3WJO1XuUYW2Yo0sHJ0L_k8QI7O7LklZCfI6FjVHHCtuubZpDNRQ==\r\nage: 2228\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":214243,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (985)","md5":"6dbc496a147dd8ae7d4e63e53de8a7a5","sha1":"f3bcd398e132bbedeba105d2bfe3411be7658b28","sha256":"558d7487b635a6d575c7bddd0460eeab47dfacb2ecd05fd19e42281a13328faf","sha512":"b55623558649c982008cdc43cbfaa5cd1ba10677d807cf7cf6f32fcf7f3fd0da4dc43f6cd0b260f9d1913d1084f5d2a33e47cf7e7a95eb86e8be9f500d5edf8a","ssdeep":"1536:AmlzKVudAZc+N/w/NBsdywbQ2Z5caGGSI5D2iWBnAY5vnKxGgUr/lKTmcbJ9GmKf:W5VbdHY9KxrnBJguccjol+QRXsG","tlshash":"8324f60ea6f215325297f0b85a6f8d043235802b5a4adc687d6cd1dc5f1c83c57bafae","first_seen":"2026-01-15T06:34:04.271442Z","last_seen":"2026-04-05T19:37:43.963049Z","times_seen":470,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/plugins/ai/common/clipboard.min.js","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.785Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/plugins/ai/common/clipboard.min.js HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:37:28 GMT\r\nlast-modified: Mon, 01 Dec 2025 06:43:35 GMT\r\ncontent-encoding: gzip\r\nexpires: Tue, 05 May 2026 17:37:28 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\netag: W/\"692d3917-23c8\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: VKWB_uGSG2c8F1NkFo5HcSPChaIfGmUMPCmSaIVsTm4MOGDhYCG6VQ==\r\nage: 433\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9160,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (9067)","md5":"15f52a1ee547f2bdd46e56747332ca2d","sha1":"9a7cb405f9beed005891587d41f76a0720893ffc","sha256":"e17a1d816e13c0826e0ed7febfabc3277f45571234bde0bf9120829a7169edc9","sha512":"ecee695e9734a0246bc64f1151f0d81609f49ced6dfa32ee20e41d38c469e003c1eee678bd28eca73a79cba603b43b385735124db5b304567f2ca2619f214e2b","ssdeep":"192:s6IMH3HEG9JVwkHg4LyAal318/NYusfkApXMdgmkpj:sy0G9J1zG3eFYP/XMmmkpj","tlshash":"77126399b291b0b15ae731a9412f920bf2766969708b90d0d239d4f0acbcdde4463f3d","first_seen":"2023-03-07T12:23:44Z","last_seen":"2026-04-05T20:11:58.372736Z","times_seen":23532,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260405/2026040522461452323.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.023Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260405/2026040522461452323.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sun, 05 Apr 2026 14:46:20 GMT\r\nEtag: \"5b6dcd3c160f8ecd9c0b80a4931c4179\"\r\nContent-Type: binary/octet-stream\r\nDate: Sun, 05 Apr 2026 15:16:27 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 45\r\nContent-Length: 159088\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 7165607395257665947\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":159088,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"5b6dcd3c160f8ecd9c0b80a4931c4179","sha1":"e07da2e6c4498f05f615b80223d9ce6f34b45698","sha256":"0fd9039d85b56256b66e084520409c1a12b57e92315bbe20e7d2c4ea79178a25","sha512":"ee91f1ab61cd1b86eaf147d6b55b8f846c6d45fbe1006ff5300d3f7ac5642a88bdbade341b95594f0612e421038c7b63803ca4562d2d526ee39026364ae82e8b","ssdeep":"3072:H/BSxdwOAtBj+MifXVDU4ka6lA+w+l2AmFRgQ/1pIEjowRH6imU:fBa9AGt1brEl2AwFPjDRbmU","tlshash":"59f313782475bd9ea349aace1d5e1b4309d4b02d317f005f8196ae0c4aa4293bdfbb74","first_seen":"2026-04-05T16:04:38.141277Z","last_seen":"2026-04-05T19:37:43.995935Z","times_seen":33,"resource_available":false,"data":null}},"time_used":362,"timings":{"blocked":139,"dns":7,"connect":25,"send":0,"wait":21,"receive":49,"ssl":118},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/themes/ads-close.png","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:44.076Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/themes/ads-close.png HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 1443\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:17:14 GMT\r\nlast-modified: Sat, 22 Feb 2025 09:51:59 GMT\r\nexpires: Tue, 05 May 2026 17:17:14 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\naccept-ranges: bytes\r\netag: \"67b99e3f-5a3\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: 4dsOQX_OC7WB5AtFbqGbhhvepXhEUWyd7VoxmdP1sX67nU41RJ9MgQ==\r\nage: 1649\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1443,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 129 x 129, 8-bit colormap, non-interlaced","md5":"1840e82f933a7c08af8408edfc255011","sha1":"97006c40ff1f99238f8c3df3c98826ab2ca8eea2","sha256":"ca85e50e73e0552ea9467c120d2221c68cb29d5c30a4ab54b8ef6ea7330afc19","sha512":"fa0020bc21aeca4251213ec69ea2338f8452d1fa9bde26f003d7edffc55ec612fb2c7a21b447d2a1ccd874d0f53a390da40bb93721db9329df13c9d6e5220ae7","ssdeep":"","tlshash":"0321db42a8fabc5f4192405a7649f290a833ad07996bc671121d3efbd573c554c4f741","first_seen":"2023-08-13T16:34:45Z","last_seen":"2026-04-05T19:58:13.515623Z","times_seen":18063,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/themes/Mirages/fonts/OpenSans/300.woff2","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:44.936Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/themes/Mirages/fonts/OpenSans/300.woff2 HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nCookie: _ga_NGV4MXSYPX=GS2.1.s1775411083$o1$g0$t1775411083$j60$l0$h0; _ga=GA1.1.482702814.1775411084\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: font/woff2\r\ncontent-length: 16344\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:19:00 GMT\r\nlast-modified: Sat, 22 Feb 2025 09:51:59 GMT\r\netag: \"67b99e3f-3fd8\"\r\nexpires: Tue, 05 May 2026 17:19:00 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\naccept-ranges: bytes\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: M5uffQC6A3G9xyjvdQBFnfxXSkYKwigOxov4Mtk7bguq1RUeLEhGUQ==\r\nage: 1544\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":16344,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16344, version 1.6554","md5":"c027111d6febba054f7cd5e5fddf2243","sha1":"7c6ebfb74210e4d368ba5df96b2c5aa448a3953e","sha256":"c347496b917562bd48ed65545fbced7c9fb2a3e48c1102708a7e615fd4fb2ed8","sha512":"1a819ee0993cbed2399265606b2adc0866dd34fcab1272b6d1798e08010cab4e38af1a2299d74a706690a3188d0081d92804568982fd23f6d2ce946ac29fb61c","ssdeep":"384:sO3z8BPeD5+oRjlrvO+uuGnSDKDPVb0fOovWO1aDDBAb:pgdeD5jRjpO+ugDKDPZ0mwV1aDD6b","tlshash":"ad72cf62810dd851e31137fd7c6622e0878cb0a392121bfc5bebd8ec09204e67ac43be","first_seen":"2023-08-07T12:25:19Z","last_seen":"2026-04-05T20:12:24.106236Z","times_seen":18260,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/plugins/ai/common/parsley.js","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.780Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/plugins/ai/common/parsley.js HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:37:28 GMT\r\nlast-modified: Mon, 01 Dec 2025 06:43:35 GMT\r\ncontent-encoding: gzip\r\nexpires: Tue, 05 May 2026 17:37:28 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\netag: W/\"692d3917-1730b\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: DmgARvx_QSTb5b9wHHMkbCNZ2cG2rBma1iJFD4ukWod-ZI-4p4tLfw==\r\nage: 433\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":94987,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (885)","md5":"a442261f7fdcdb3396b2982e7d5ff2d3","sha1":"f2a873ba1e0a2400f6c5f165eb9d4f4d36b4e2dd","sha256":"be43eddbeae875bbc9b68f4a6a95de3fad6798b733dd55f2cdc2bf81a5a33848","sha512":"16aff01ee308ec0adaa0e2be8ee139a1820b2af48f7ba182e595999efa4e3bf64f76dc80dbd9fe6b99152cfe1768bc83cbd0f52013d8cdd17270edf72237743e","ssdeep":"1536:qAj0W4ZuOjkI33R+a0WQ09uH60SkAZzvH6KomR7Gi21l:qAQTuOjkInuH9Sk2vAl","tlshash":"f49371497ae221018d2730bc1fafa0067274811b5409ad94f98d93d0af94d7993faff9","first_seen":"2023-03-12T07:21:41Z","last_seen":"2026-04-05T20:11:58.541166Z","times_seen":18519,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/plugins/ai/common/axios.min.js","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.791Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/plugins/ai/common/axios.min.js HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:37:58 GMT\r\nlast-modified: Mon, 01 Dec 2025 06:43:35 GMT\r\ncontent-encoding: gzip\r\nexpires: Tue, 05 May 2026 17:37:58 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\netag: W/\"692d3917-cc17\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: czM_CMvS1BOasVEHPqXKNWpazuWYw6bdd56a7LPnB7lN8I5kw261UA==\r\nage: 404\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":52247,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (52208)","md5":"99714d221df650b50da3b7bf97e2987d","sha1":"493b74178a63429fff2aab081b3a1ca73d362085","sha256":"8ad11c4cb079bba93156727270f510292eedcc0716c6f21725074a59ec8b9b96","sha512":"2520851e12838a54d14577bd6a4fc5276f1d729389c7341a09ddd783c33217a5c58ce0e1cbf60c08cf075b44c50dc90d1d651ec16fa47ef8629f8de12ad27103","ssdeep":"768:Wjp+L+sl7x97+om+oCICTUOD3cQ3F1C+SqImCjL/hQBf/MEVgnyzB/c2OiwBaGcj:Up+b0GUOLMPLJQf/CEB6iwOj","tlshash":"2c33b6cd76d6f06243a77174802f610bf23aad16a44d8460f224ece6bcb854e9337f69","first_seen":"2024-05-21T19:06:10Z","last_seen":"2026-04-05T20:11:58.493337Z","times_seen":27551,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-03-21/87ea751bbec6f713c25bba0fa04a9289.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.709Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-21/87ea751bbec6f713c25bba0fa04a9289.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 21 Mar 2026 05:55:07 GMT\r\nEtag: \"e48e2b1d63fb2d2cd82346ca01d95f69\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 21 Mar 2026 05:55:08 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 924\r\nContent-Length: 146352\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 14140783512124366076\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146352,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"e48e2b1d63fb2d2cd82346ca01d95f69","sha1":"1ada1c6b080b469c287dd5531ce72c445b755269","sha256":"680ccc06b206fe8d5290efc4f2f68b436ed417f3a2edab0012976a2cd2f0614d","sha512":"bc483e72aa9650bf10e29a5fbf3cf8460920a71bfab65fcdf6120c6185219fc959519537346b92f593f8b447cf89c3c81dffc8f0a8c1062bcb60b38e2954c7a2","ssdeep":"3072:mKZQcw1suHEyuTa7HoRYXurvGwCz2PIhZP7qeaw3rJgbA4cYsSO0ErzGr:mKZXTHaqY6aiqOw3qz5sStErzGr","tlshash":"37e313d8aa917683c88e3c199a6b4ee8310c703f15dddb31b4b6c5e82ffe2654184d5b","first_seen":"2026-03-21T05:58:51.159978Z","last_seen":"2026-04-05T20:11:58.535312Z","times_seen":5201,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522393954237.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.992Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522393954237.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:39:48 GMT\r\nEtag: \"4890e3759c07b18a8a248633eb4e0383\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:39:48 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 32\r\nContent-Length: 23536\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 8458326629024942763\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23536,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"4890e3759c07b18a8a248633eb4e0383","sha1":"a0bd06f91f8c146f24b7a0b1b2ee72b5df506e46","sha256":"c22e23e3d4566e93825d4f7644cfff675e1275dcbf0def967d64363c2d387354","sha512":"98a25123170197326328a7119edab8a0f80f86e85fe33226c4cb2258c29c5b771f011e4f7c917003107761271037c8682f99fdd2d56335bfb57e25094ca00271","ssdeep":"384:lMTrabKHg6Kp/R2Hx3bmV35UNlf7nZAJm2qPVmAHZ8EQjGCjB/n9S17PU4Jw:GoKHGpQ10352VAg2omtEW/jB/ns1Yt","tlshash":"6ab2e0554a88ce6ce4e8e2a0f034a0f57d2efe9992f8dcedc9143900f14ae9c6341c96","first_seen":"2026-02-26T23:12:00.900812Z","last_seen":"2026-04-05T19:37:43.955027Z","times_seen":406,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522411183857.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.998Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522411183857.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:41:21 GMT\r\nEtag: \"a6784d09619121e2278e30b65838bb79\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:41:22 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1201\r\nContent-Length: 38112\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 14072037232010973053\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":38112,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"a6784d09619121e2278e30b65838bb79","sha1":"d15418906c6eee5c1997c017924f8f843f0a7932","sha256":"ecee0fa55ddcfa0c98d5216b683692968bd9f3aa86d51383b5f081342ea9e89b","sha512":"1da435ba448e7a013175f2800794fdc8313e444635629889aa7127945d2ac36d9b0504fbbb838f394067d5f9c66ae2fd52bf6c984a95a9c3bde655da37a2f12d","ssdeep":"768:yR6nRqfYCYTPVcQQCa891rj7iZGP8ER36UkphDsJvXwSf/TF7Cb2L:cy+YCuCLCRD3uGP806VpIXlTFM2L","tlshash":"2603f184fbbccd523b8a9de8f6da4fbcd94785b8027184537b98d4568f22c223212775","first_seen":"2026-02-26T23:12:00.891418Z","last_seen":"2026-04-05T19:37:43.953059Z","times_seen":406,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522384639960.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:44.059Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522384639960.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:38:56 GMT\r\nEtag: \"632dbfbb62843aaeea092df907e54edc\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:38:57 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 86\r\nContent-Length: 45280\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 15371305583111390233\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":45280,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"632dbfbb62843aaeea092df907e54edc","sha1":"820fed58caa40a823e793118439fe20c66b0ad18","sha256":"dd74becab8c9047863f702df5af5d9785d26635bcfd995667baf35107da84046","sha512":"a01a0bec22fed5b3cd17ee3db4b9a19b7661c05b13b8bf9d974bd53e3416723ea6c04eaffc5fee3ac8884a24b51ae82634239b27f4e3c3e1cb7ac5fc40cd730f","ssdeep":"768:oE5z87tVW2EiYdeBgoHOcEZhKfmCS5aC713EJuQL+27hQ7IfkqYTvmUX9BgQIppE:FQzWKfVEZTC0171BQLy+oXAHpE","tlshash":"5313010c2df1abf2686119c5056b5e75f82a4d48cbd55ec2ef4b90b0c2fdd85e04b89b","first_seen":"2026-02-26T23:12:00.855114Z","last_seen":"2026-04-05T19:37:43.932899Z","times_seen":406,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522400752891.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:44.067Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522400752891.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:40:19 GMT\r\nEtag: \"0188cfe90f8fb6e9f4f27c78fcb19060\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:40:22 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1261\r\nContent-Length: 38688\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 8847707546320570024\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":38688,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"0188cfe90f8fb6e9f4f27c78fcb19060","sha1":"509da0b06ed71de1c8951b2ea2ad5603cbec81a9","sha256":"d770a8d678d8af5143ef864a878af121ae62e776d5b923140e756f0c35473528","sha512":"35ecc4366bb53f2d1d33155dac2a876cdd6efdbd851066b1c706f5c1de3d8b8762afee05720a686aa726d06f1e4f25a72576810ce34c43f18396a09b9aef09e8","ssdeep":"768:zfNqD0xQqJvnEC3kaOKsAFkBN8OIHO9eYySoD8iiWAxqpApoXArw:yw9nUaOKlDfOwmo8TxqpdQU","tlshash":"b303f10c7e63606e4c12e05f17814449f26b8466d269e7e6c06661b5fd2cc0dfa7f1f9","first_seen":"2026-02-26T23:12:00.927446Z","last_seen":"2026-04-05T19:37:43.938294Z","times_seen":406,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/plugins/ai/common/vant.css","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.671Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/plugins/ai/common/vant.css HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:41:15 GMT\r\nlast-modified: Mon, 01 Dec 2025 06:43:35 GMT\r\ncontent-encoding: gzip\r\nexpires: Tue, 05 May 2026 17:41:15 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\netag: W/\"692d3917-30a89\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: tBC7gFq8V5JXMe-gQE2r2hjqxqVQ8075NFjdtU-3e446zlETt6fQrw==\r\nage: 207\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":199305,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"ec97f98b8f11e72ca35d2a8939500e67","sha1":"fcdcaecbd29eb74c4d507c0f23d3758052aba3eb","sha256":"52fcb2a7486d329611d7fc1562e0dbcde9f4494728b88dc26932388fee77391f","sha512":"16ec7dfa0d84e113ac71cf66bc4aa1659d3a9089fe76c8e2834d0bd1ee25db5fb2ad0dfe35dbb9ba2340957396a603a09c8ebbacf49c90a65df12f522d9b851d","ssdeep":"1536:VjQbFNJ+jqkiHckCwsBlDOFIxuVoxJPBik/1Al5aIzb2VTVaxA:VuClDsIxuVSmRdJA","tlshash":"ec149495e69091bcbf27f275ab8b96dcf23cf560ed01daa4f10051580ec7bf50623a1a","first_seen":"2025-06-27T04:20:30.581604Z","last_seen":"2026-04-05T20:11:58.450642Z","times_seen":26571,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-03-18/bf785b6683c6d8b88aa0995828df26b2.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.043Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-18/bf785b6683c6d8b88aa0995828df26b2.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 20 Mar 2026 06:15:41 GMT\r\nEtag: \"5d1dd297bc2ca2eb0dfc04fbb419a9a9\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 20 Mar 2026 06:15:43 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 2503\r\nContent-Length: 270368\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 15486245353189591459\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":270368,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"5d1dd297bc2ca2eb0dfc04fbb419a9a9","sha1":"a61939b92b0684081db1863a09b905198eaf0934","sha256":"63f7eaf59ceb8c5840214660d5eda7f54a219263a24d5c965c39b4b1db5e3415","sha512":"e1e7de486fdbab2dd81e0949c94fb5a9375a19fb504e38f23d8104c7b4bbdf931362f0e4468939bbed1c423ea0f9bfeb53cd9a18e91a6dfe30e448d640103565","ssdeep":"6144:mkAfyDfVyvE6UUNVKH1OOJINk4ryAa0k8l9B+LF:mkW8fVWEGDKHIi6k4rAClb+R","tlshash":"714423db5af64b8b7ae0d3612dd4ecc2e81f72a35e910431f9611a19a1a19943b3dc32","first_seen":"2026-03-20T14:34:11.063404Z","last_seen":"2026-04-05T19:58:13.605096Z","times_seen":481,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":95,"dns":12,"connect":8,"send":0,"wait":8,"receive":35,"ssl":82},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-04-01/04ee0d9a06a95226dd5aec4b0adef598.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.484Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-01/04ee0d9a06a95226dd5aec4b0adef598.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 01 Apr 2026 10:11:46 GMT\r\nEtag: \"90061ee5d89faf2cdfc8675b3a368808\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 01 Apr 2026 10:11:48 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 2141\r\nContent-Length: 247856\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 6471058321076887839\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":247856,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"90061ee5d89faf2cdfc8675b3a368808","sha1":"55d77572b07cbbcfc79c8e18b3a2c04683b31574","sha256":"680ec48e26dd2a307ca129536089d79c305fb1ee85e84bef87e0ec6fdaf351ef","sha512":"8119bde0c797d160b0d52e84e69c1df2c9769ceca74c495da18a3ba29720f966f12fe2a35079bd4f42784458fc2fa9c204d1b37e4f838b4d9b48129d97182aff","ssdeep":"6144:sIagddXlNgNADmnepYFd4K2scoNgCL4te2n3xQCxrYT7:Tag1NVDmXdNtdmxxrYn","tlshash":"b43423c6da538e1cf6d06a3b833244922d271354b5d7a0c6b4d76f7260b86ee7825b33","first_seen":"2026-04-01T09:04:27.1741Z","last_seen":"2026-04-05T20:29:30.318531Z","times_seen":808,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ads.zyudkkup.com/api/eventTracking/report.json","fqdn":"ads.zyudkkup.com","domain":"zyudkkup.com","tld":"com"},"ip":{"addr":"154.207.252.62","port":443,"asn":0,"as":"","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:48.565Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zyudkkup.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 03:53:19 GMT","end":"Sat, 20 Jun 2026 03:53:18 GMT"},"fingerprint":{"sha1":"27:F6:4D:51:9C:51:6A:20:E0:1F:AD:77:74:1B:F2:27:39:DB:A1:9A","sha256":"FE:29:F0:5A:06:E3:36:8C:30:6E:4B:70:DB:8C:55:00:E5:EC:C0:C9:64:E4:C5:E2:75:0E:6B:C4:BB:22:BC:07"}}},"request":{"raw":"OPTIONS /api/eventTracking/report.json HTTP/1.1\r\nHost: ads.zyudkkup.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Apr 2026 17:44:48 GMT\r\ncontent-type: text/html; charset=utf-8\r\np3p: CP=\"CAO PSA OUR\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: content-type, token, cf-ray-xf\r\naccess-control-allow-methods: *\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qdjs%2B6yg8Zu3heldMPff1Tw1ER3u%2FHwvBgCKaGM0Qy%2Flz7wd4eIhgmUw92g3nnDpl2%2FFA0gUeiJAMB53J87maNL6rJMQj1x43%2BOwYCg3T%2Fv%2BsJ4pshm8XVuy5P3MySnD4%2BU7\"}]}\r\ncf-ray: 9e7a5ce7d9b6dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T20:11:35.189242Z","times_seen":13391169,"resource_available":true,"data":null}},"time_used":297,"timings":{"blocked":45,"dns":21,"connect":2,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/themes/Mirages/css/7.10.0/fontawesome.min.css?v=6","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.658Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/fontawesome.min.css?v=6 HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nserver: nginx/1.22.1\r\ndate: Sun, 05 Apr 2026 17:39:24 GMT\r\ncontent-encoding: br\r\nlast-modified: Mon, 27 Oct 2025 03:29:54 GMT\r\nx-server: web-node-3\r\netag: W/\"68fee732-1e246\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: XNYJ_BfEkKiOERISsLPAMMKjzCzdwQn5-yRvD0pf5yNGQI2oDXIjSQ==\r\nage: 318\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":123462,"size_decoded":0,"mime_type":"text/css","magic":"troff or preprocessor input, Unicode text, UTF-8 text","md5":"417f7421b97c6afd64291893a2413c57","sha1":"d6814adc07329db04ca7568c2ac47ac7caaa8e91","sha256":"281042fb1eee007625e0664f02d94d7e2d4b19559f5c35401edf2875c7495b83","sha512":"2445756922ab1b51662e609fec9c2a905c8db359f8b7cb4721e6f353d04518f54e1dc4a993f4e8243f9bd1cdbf8e8c177a117002cd35e12990b4c52509df4174","ssdeep":"1536:Esm7msm8mGrmhmpm/oXLNge4DN5LMaTWAemlZk5ZMPTkzuOWyLnj5NL5o9vdbM:mpLNge4DN5LLTWAz6ZMPTkZWKNL5oRd4","tlshash":"02c31decd0fe18d4832ec48a6646b260f735b6b99d4f4c50d2a23e8ce5c167496c6bcd","first_seen":"2025-10-28T07:13:52.64176Z","last_seen":"2026-04-05T19:37:44.024476Z","times_seen":665,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/plugins/ai/common/index.css?v=10","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.702Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/plugins/ai/common/index.css?v=10 HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:41:15 GMT\r\nlast-modified: Fri, 13 Feb 2026 07:11:15 GMT\r\ncontent-encoding: gzip\r\netag: W/\"698ece93-20c4\"\r\nexpires: Tue, 05 May 2026 17:41:15 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: 9WudgpKOlrWSfEXkFaN071UCiUtvgvleomwbFsMe76sBs0Y7zO0GZA==\r\nage: 207\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8388,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"b7545144ffe1c4de968fdefceec497ff","sha1":"c730dd076fba5c80c7e8611a101b7cb98dfeecb5","sha256":"37c249d108f7ac7ea4f2231f4a1cf7cbafe25950e30d97ac51fb84745b022684","sha512":"6e6b12361c6ba2845cb612b7a149ceb29cadf9af653549be53bbeafb415de0716fdb2c541d38e388fee82219a6e1dc4b39e61fd9bb2a93cc5d84f0322e1a6942","ssdeep":"96:2XRNI2UFGs/Ssxpqiavl49+P8Pc/63m63mZl1Iy45mDd9ANBYhQM7+:2TI9FYsxpqiav+9+Ycj7HycDIW7+","tlshash":"bc0226522ea62408513ee5985ff91a9c162ed002ff074c2d72d77da5cf992c801bf9d7","first_seen":"2026-02-14T20:18:38.024772Z","last_seen":"2026-04-05T19:37:43.95066Z","times_seen":416,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":65,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/themes/Mirages/js/7.10.0/tjtag.2.0.8.js?v=1","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.815Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/themes/Mirages/js/7.10.0/tjtag.2.0.8.js?v=1 HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:37:28 GMT\r\nlast-modified: Sun, 05 Apr 2026 06:52:56 GMT\r\ncontent-encoding: gzip\r\nexpires: Tue, 05 May 2026 17:37:28 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\netag: W/\"69d206c8-8e05\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: FpMN-LA0L3Y9zRxz-KTPFY6to-To4kBwmA9vj4l8HaLKGNG8TuiMHg==\r\nage: 434\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":36357,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (35931), with no line terminators","md5":"21cac06c17dac848d04e4a3b19c31776","sha1":"358e035b67af349c7a234264452a79d02e66d54e","sha256":"7d63b2d27a1e2a93f27360046702417c3358b8e9611070ea58f1c4b76979dcb8","sha512":"2cf1c449ac707e0979e06822348de5ef3ad6e475a51448dffb2f94130904764221d13a02bd9c0775d79d8aebbfbc9885b47324828abe69b0f83cf4f969006c72","ssdeep":"768:SC608+KUD/uyH0xpO+KyXzErq9DnHmjqShYeOin8D486BaY/qAqY5nuNriFVDMUi:SC4ncAU1aLLiFSGfUZ/t","tlshash":"9df2d9916ed0a99523870fff632bb0d1d61b099f38854c8bd008bc6875e361be6f1635","first_seen":"2026-04-04T14:08:28.653805Z","last_seen":"2026-04-05T19:37:43.938785Z","times_seen":220,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260226/2026022621204948201.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.585Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260226/2026022621204948201.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 26 Feb 2026 13:20:54 GMT\r\nEtag: \"fd911fa16b333aab9930c00489853599\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 28 Feb 2026 16:31:14 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 2426\r\nContent-Length: 192304\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 8368539102420011442\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":192304,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"fd911fa16b333aab9930c00489853599","sha1":"7cc3340dd54110798342aa3fdc752472bc3f507e","sha256":"e96ba863f3392828835f64018610fcb2d1b81a7f265947354ca43e9bce85135d","sha512":"ef2de5dd6c67205bee97b431cc0d7d91fb60ae72024e4245127aad3bb44ec1b89962d80804842483a118e8bb1ecafc8d81e6ded49b5a9aec62e69414ed13ad82","ssdeep":"3072:3kIlGBQL2r7gLpGH/Z+d5vw2ci5njHmCro3MA2uubc1Xd9pe5heIOySvz/ufPKcZ:0IlS1qp0hC5ogmz3MA2uz7pe5hwHvzGh","tlshash":"521412a4b7895b0c5bfd04a5c8086c1c0ece352e939d9faf27d8d37434b88574aa7b49","first_seen":"2026-03-12T19:17:27.602743Z","last_seen":"2026-04-05T19:37:43.977743Z","times_seen":401,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-04-01/7b0db8d41769a5126956d5a2158069f0.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.700Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-01/7b0db8d41769a5126956d5a2158069f0.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 01 Apr 2026 10:55:04 GMT\r\nEtag: \"e8f402bbd7ca8d7bf927eaefed9bd9ed\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 01 Apr 2026 10:55:05 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1903\r\nContent-Length: 115744\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 3749717605883756282\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":115744,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"e8f402bbd7ca8d7bf927eaefed9bd9ed","sha1":"8bd4eeae4e7b015e73dc4dabecc4ebdb33336510","sha256":"1312386711b0f183412febf7ed9ed441f484b2b68819b7792ab4ef44a85feba3","sha512":"83a926a023b5138af3091f0064cb453f4dde8bd78cfadf8a4614b52033df8de30ed99abc70155bd2e44925e901c68943fa20965e1c2c09ce5d770ad56341f774","ssdeep":"3072:FYUGtrIeD1cFsiwpu9liXFRJI+4ZpIDKT3CCb:FmZIE1GwUuJCTSi","tlshash":"75b302fe476788fc1e0f092b641394b6a2705899b89cb2b72c5df78d8e8148c47f5839","first_seen":"2026-04-01T09:04:27.226803Z","last_seen":"2026-04-05T20:29:30.323097Z","times_seen":808,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522365912867.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:44.016Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522365912867.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:37:17 GMT\r\nEtag: \"072d6a60ecfeae74657875e78ab46b86\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:37:17 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 187\r\nContent-Length: 26272\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 3798184806953304134\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":26272,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"072d6a60ecfeae74657875e78ab46b86","sha1":"f0b1a8d7ade58dacdcd10f40a9c8aa6f46006c76","sha256":"d4b02f8ed34acf4f0c1b69c144e9f22bb5dc19fdd11f61e8a946696cada746c4","sha512":"1c63f4ecbd8b7c9339f197db468e8f9f9da3ee5412222a02a2fabb57315b3b4e4bbb31bf2a764083a5203b0a4ce294d45b6ba111624b1a173b4e8216e944c8d7","ssdeep":"384:+ly5mxLq6/o5WzP26dnhTfyOZLU91DUgoFzXq8MS6c7rNVy/Efq02OZZKML:+Q5mpJBXqmLIYgvS6oXNf7ZZX","tlshash":"c7c2f1bd0e0c0b2578762b1322c33866d26998e024589fdcbd727924169e3bc78d1aed","first_seen":"2026-02-26T23:12:00.908229Z","last_seen":"2026-04-05T19:37:43.947446Z","times_seen":406,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-NGV4MXSYPX","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.143.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.812Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:36:32 GMT","end":"Mon, 08 Jun 2026 08:36:31 GMT"},"fingerprint":{"sha1":"F1:EC:3B:52:4B:66:50:1D:0B:50:65:93:DD:B9:FD:40:BF:2D:6E:7B","sha256":"46:A7:13:4E:73:FB:45:6B:0B:73:AF:6C:C5:72:C7:83:79:46:1B:0D:3F:B2:A1:0C:AD:70:4A:EA:1E:4A:D1:2B"}}},"request":{"raw":"GET /gtag/js?id=G-NGV4MXSYPX HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sun, 05 Apr 2026 17:44:42 GMT\r\nexpires: Sun, 05 Apr 2026 17:44:42 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 150391\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":445601,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5930)","md5":"d3f2ac26cd3fb2975b319919c3d70f28","sha1":"2c398195be724ae421c6ec04f2b24402b284362d","sha256":"c8982af6459cfa1392dfb026fdafefe2d5c47c5221ed5c611a90bb9304b55036","sha512":"9b2670ef0bdb235db8966fbf70eb0aea70ba4f21129231ed1c06ad6b68f604e33811cbcb275785e957c061d8acdcfb30478f42d347c77a82a09676d5711d03f9","ssdeep":"6144:DOsP1r0F1KkX3t5SZEYGeddUYi8+WacQqXEJ4XKdu4tvyyEpkfa:r0/KkHmzdU98HEr2","tlshash":"5d941aceb3d674624396f478903f018ba57a29e2b44cc899f189cce42e7465a4277f7c","first_seen":"2026-04-05T09:39:29.753789Z","last_seen":"2026-04-05T18:04:55.013487Z","times_seen":15,"resource_available":false,"data":null}},"time_used":322,"timings":{"blocked":102,"dns":0,"connect":8,"send":0,"wait":22,"receive":28,"ssl":159},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260306/2026030615432382795.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.075Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260306/2026030615432382795.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 06 Mar 2026 07:43:28 GMT\r\nEtag: \"86f4bc36777e3ae6098121b375fd75de\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 06 Mar 2026 08:01:02 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1273\r\nContent-Length: 176720\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 13239927861780321880\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":176720,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"86f4bc36777e3ae6098121b375fd75de","sha1":"7b8270cd25ee21fdc5282b643d9408168f197ce2","sha256":"2b1c30051413bb7ef15c9824b6a0da8dda44a0d0982e92e3e54456ef9c152320","sha512":"67d91116477bbbc10f39d691c225e65e4d9d87675100b31f9f8491cc4de281036bb57c7b2628b0b25fc4a73eed00dd65998bb56297037b6eae31602ce1ecb207","ssdeep":"3072:PV+O8Wm/sN36Gu6v6pyFgzEwj6OcVEAA8iL/xU3AYuosNjSF9P6uo7Rk9tq:d+dBsNvug6py26BXA8UJUHuosNWFY1RV","tlshash":"f904129eeebaf15aea8813c675b867174beb3313606b381b11cf726da8cf401d5b0445","first_seen":"2026-03-12T19:17:27.575924Z","last_seen":"2026-04-05T19:37:43.939898Z","times_seen":402,"resource_available":false,"data":null}},"time_used":168,"timings":{"blocked":149,"dns":0,"connect":0,"send":0,"wait":15,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522402519697.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:44.068Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522402519697.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:40:35 GMT\r\nEtag: \"3158a4839e5bd7dc76669aff342fa8b1\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:42:37 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1126\r\nContent-Length: 23936\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 5595059487514785262\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23936,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"3158a4839e5bd7dc76669aff342fa8b1","sha1":"b99bd59298557f41d1f7a661c2541425c0585d61","sha256":"d68a769d0b0eecc4845634d767d580c36adf99c9c2c7dca89a5d81c41cfb33a6","sha512":"09171d1efdcc928552c6a25e4186776889bf7841f27836fe78eec8e1b66d68aeb64073592bbc1db383e311ff163e9b1d7f8893ddccaacb2ba9ebd5e411c2ac07","ssdeep":"384:3OyczDVD17W2hfmxNhAikHIJuE84lNbppaSfli6OLWmcWnBDOAL8a:3czTW2E3hA1IJuE8aNtpnflitajWBDKa","tlshash":"72b2e005aad4eb19df8f0612c3a1a23fd1fd42403d888dd6f34a9863519dca2d36a737","first_seen":"2026-02-26T23:12:00.866438Z","last_seen":"2026-04-05T19:37:43.935161Z","times_seen":406,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522412575550.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:44.071Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522412575550.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:41:36 GMT\r\nEtag: \"b3b22c871be4fef553fd32dfc71c145b\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:41:36 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1187\r\nContent-Length: 30224\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 8204701103271280999\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":30224,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"b3b22c871be4fef553fd32dfc71c145b","sha1":"a7a885fef791f70c7066c06c50684a05790d70cd","sha256":"a0467b523e30593128c1146c4200be68cf6eae1925c69c132bc3efa31cbf5e6c","sha512":"7c4486379fa0cf00fc50ace9a1033a737db2b893dd71aee4d5d926818dee5fa8e2a8fab99425095814f626950732ff296de3c3d2588b2f560d3f8193eca2506b","ssdeep":"768:jYFKr0dSzOFR3CGnjclG1N88VTbqoXBg64O6DtMP:jYMlzOFhrj4G15Q9pMP","tlshash":"b6d2e110d291e0df237e4724f6f96226098a17aa666d2d043cc5f53f7e9f746288c820","first_seen":"2026-02-26T23:12:00.85966Z","last_seen":"2026-04-05T19:37:43.990885Z","times_seen":406,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522421179664.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:44.075Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522421179664.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:42:23 GMT\r\nEtag: \"79b8310fc97e37a34611f4c56959bac3\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:42:23 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1140\r\nContent-Length: 22432\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 17095852758288884985\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22432,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"79b8310fc97e37a34611f4c56959bac3","sha1":"4f4e843f66ea5b29bc4866b92eb255a3a67ad096","sha256":"713331ce748583ff4aa1d91dabe6feba7ceba6462540362a99363849e8e3611b","sha512":"11937a1167b4ab508d6304ed04c19bfe1b3ea6532138d6ba96f11778a43df11daa51aa37d80b899b412c6ca382ceb0412a0d83bdc62ab38c9f64630f7bd39e1d","ssdeep":"384:437/pDZJpCOjrFiq7EMJ0MU0Vqtt2qh7+eNjnTKHWRfF8QD2SbxZk+1Vjafs5LUb:4FZJphJiRMJJ7Vquql++K27B2gk+1VHe","tlshash":"a7a2d1421c034a8eaacf1e871f9084c1eec5d715694927e293bbed400d666bac9fdcdc","first_seen":"2026-02-26T23:12:00.878579Z","last_seen":"2026-04-05T19:37:43.941049Z","times_seen":406,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/plugins/ai/common/popup.js","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.798Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/plugins/ai/common/popup.js HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:37:59 GMT\r\nlast-modified: Mon, 01 Dec 2025 06:43:35 GMT\r\ncontent-encoding: gzip\r\nexpires: Tue, 05 May 2026 17:37:59 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\netag: W/\"692d3917-1a0d\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: IUvJzvRowVnsBh4DL8QVWA3kNCTbe4Wja1jXkA9xfSUvEMnYfHJ7Sw==\r\nage: 403\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":6669,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"026709ed231cf8d920385fed59c17ca6","sha1":"19696886744402cb73a48a41e625b23f5acbb813","sha256":"3438d0b2d18590fa1f7f0c324a5ba9f42b699de78006ed372ad043bdf46a7e1e","sha512":"aa01a6f89fad627df9437b5bcf8c3feeb7bb9719d12f12ad8e00d031f3092d1de299ffa4cd98229ddbfd3c455a21934e0e391e1c06d979cfe65fbc0f08cf99e4","ssdeep":"96:P1spJ1L0gLrdAZLLCWICzj3nMjnjOSdFsCaxud:QTo3ZLLCvQj3nMjnjOSdFsCaxud","tlshash":"c4d12f9931f3213082abb27e6faba0143230a0477108dd197f4d5f900fc573a66e1bea","first_seen":"2025-11-08T04:26:01.83069Z","last_seen":"2026-04-05T20:11:58.307772Z","times_seen":18454,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522390583883.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.991Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522390583883.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:39:21 GMT\r\nEtag: \"952ed566543df992134681ae8481d53d\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:39:21 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 60\r\nContent-Length: 32080\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 8370709498298244996\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":32080,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"952ed566543df992134681ae8481d53d","sha1":"2022fa6ac623da9e8bce73ec7a748a10298623f8","sha256":"6138fe0e71a85954c1ef5d5b336a80a46bfa50e9aadc71a85b58607c6fa27459","sha512":"34bcb9e24ccef2373c4bb6514d07a1454d350a260e40fa92e384bf844b890e82233bf7f5b2d74a3cb2a382a4f4f6fccdb27cfe66d798946347d4ec1c020f4829","ssdeep":"768:2tW/9njd/k7e5nNF15r0chcQZCtzqRJnfYKfDkgjDB0:2MRmmNt03LmRJAotu","tlshash":"b0e202af3e65945cde44d0a4bfab860667a4ddf01ebee3c00b43ba1b851d236709e340","first_seen":"2026-02-26T23:12:00.84124Z","last_seen":"2026-04-05T19:37:43.974338Z","times_seen":406,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522421179664.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:44.021Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522421179664.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:42:23 GMT\r\nEtag: \"79b8310fc97e37a34611f4c56959bac3\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:42:23 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1140\r\nContent-Length: 22432\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 12799549956759196756\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22432,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"79b8310fc97e37a34611f4c56959bac3","sha1":"4f4e843f66ea5b29bc4866b92eb255a3a67ad096","sha256":"713331ce748583ff4aa1d91dabe6feba7ceba6462540362a99363849e8e3611b","sha512":"11937a1167b4ab508d6304ed04c19bfe1b3ea6532138d6ba96f11778a43df11daa51aa37d80b899b412c6ca382ceb0412a0d83bdc62ab38c9f64630f7bd39e1d","ssdeep":"384:437/pDZJpCOjrFiq7EMJ0MU0Vqtt2qh7+eNjnTKHWRfF8QD2SbxZk+1Vjafs5LUb:4FZJphJiRMJJ7Vquql++K27B2gk+1VHe","tlshash":"a7a2d1421c034a8eaacf1e871f9084c1eec5d715694927e293bbed400d666bac9fdcdc","first_seen":"2026-02-26T23:12:00.878579Z","last_seen":"2026-04-05T19:37:43.941049Z","times_seen":406,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/plugins/ai/js/index.js?v=4","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.801Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/plugins/ai/js/index.js?v=4 HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:37:28 GMT\r\nlast-modified: Tue, 20 Jan 2026 06:46:48 GMT\r\ncontent-encoding: gzip\r\nexpires: Tue, 05 May 2026 17:37:28 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\netag: W/\"696f24d8-f41e\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: 5aeZEZnm8RfTqWUjHAFtD-BFtT_uL5TaJ_impi3LdB5WsxmHogMU2A==\r\nage: 434\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":62494,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"9f0459cf55961523f3e7619524b4fad2","sha1":"9dcfdb4a73013dd087739e145d31843515ba5d78","sha256":"3547f4a1b16643ea6a4868d44a8fada832a38e5fe2e9c1ac426972130bb5efcd","sha512":"e06b5cbd5162fcb2117b49ea20d7459db73691ef0e8b9b915b33a895ea186b13d1e0ddcb551f0a5ad1fcb242640de896b1455b7638aa53398dddc976d857140e","ssdeep":"768:rRSlB98le/8BYkN1lT6ekRqcTEXEHkYRRQyTW7xbZxASgpK0zEXEHG4awMd+zHI6:kg+CN1J6v9RDyb03KkjxDzoTQgO","tlshash":"6d53756e22fa550a474330292f9f300a3210a4571d49ee9cbe0d9bd45fdd678d1f2be6","first_seen":"2026-01-20T08:32:48.338138Z","last_seen":"2026-04-05T19:37:43.984268Z","times_seen":451,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260310/2026031020184894663.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.081Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260310/2026031020184894663.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 10 Mar 2026 12:18:52 GMT\r\nEtag: \"7830e29d0b5c52f47e8512d32779e863\"\r\nContent-Type: binary/octet-stream\r\nDate: Tue, 10 Mar 2026 18:30:45 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 617\r\nContent-Length: 147104\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 10048704898635665716\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":147104,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"7830e29d0b5c52f47e8512d32779e863","sha1":"20812e861c19254b402ea4737a52b0ccb77a8648","sha256":"ec01b3b89fd52253a5c064fe4ec2bf98430c78d0b960aac0ee7cb26c480cbb71","sha512":"0d4c0441e1b2094afa339d2b4a52d6241201a4bba23c14373267911ca176c15915c1c7743e627798fbb31a1714fc6537a92a162dd066a80c5c7dad41bcf0a185","ssdeep":"3072:3kIcBTInJapr6Yhyj2RsrXT6ndg6/dhgFsDMm0YOCZLww:0tBau6YhfiTTud3dhKsDEi","tlshash":"e3e313a38533024e293bac546d927638ae96137cc245ac80d72f04b65d9ee7673dfec4","first_seen":"2026-03-12T19:17:27.550269Z","last_seen":"2026-04-05T19:37:43.934055Z","times_seen":402,"resource_available":false,"data":null}},"time_used":188,"timings":{"blocked":157,"dns":0,"connect":0,"send":0,"wait":28,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20241108/2024110818451580505.png","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.769Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20241108/2024110818451580505.png HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 08 Nov 2024 10:46:34 GMT\r\nEtag: \"2001f683716e4fbeb353c7d40bbd0362\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 26 Jul 2025 08:46:36 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 9467\r\nContent-Length: 288\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 17596789312377216448\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":288,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"2001f683716e4fbeb353c7d40bbd0362","sha1":"b588560d562a1656ae06afbada1823bfbf830e0e","sha256":"89924fc3c9399587455720b36af65bc7f559379841de342e235bc47f5fdc4564","sha512":"afc4730cb39fa235e118d92e632a53814f38b2021896f9e990dae0f6a94a6130a57a4647c6cd2e9eca6694f284bff4d1fefa6fcf83222956f449720d1bd9e948","ssdeep":"","tlshash":"d0d0eb0022300cba1b1666b0ccc08068c66100d8b10749368b7ecb0fca3a35adee55ec","first_seen":"2023-10-25T11:55:10Z","last_seen":"2026-04-05T20:11:58.512355Z","times_seen":19399,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522402519697.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.996Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522402519697.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:40:35 GMT\r\nEtag: \"3158a4839e5bd7dc76669aff342fa8b1\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:42:37 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1126\r\nContent-Length: 23936\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 3422650413268136988\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23936,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"3158a4839e5bd7dc76669aff342fa8b1","sha1":"b99bd59298557f41d1f7a661c2541425c0585d61","sha256":"d68a769d0b0eecc4845634d767d580c36adf99c9c2c7dca89a5d81c41cfb33a6","sha512":"09171d1efdcc928552c6a25e4186776889bf7841f27836fe78eec8e1b66d68aeb64073592bbc1db383e311ff163e9b1d7f8893ddccaacb2ba9ebd5e411c2ac07","ssdeep":"384:3OyczDVD17W2hfmxNhAikHIJuE84lNbppaSfli6OLWmcWnBDOAL8a:3czTW2E3hA1IJuE8aNtpnflitajWBDKa","tlshash":"72b2e005aad4eb19df8f0612c3a1a23fd1fd42403d888dd6f34a9863519dca2d36a737","first_seen":"2026-02-26T23:12:00.866438Z","last_seen":"2026-04-05T19:37:43.935161Z","times_seen":406,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522365912867.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:44.074Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522365912867.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:37:17 GMT\r\nEtag: \"072d6a60ecfeae74657875e78ab46b86\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:37:17 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 187\r\nContent-Length: 26272\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 1494267246871403568\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":26272,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"072d6a60ecfeae74657875e78ab46b86","sha1":"f0b1a8d7ade58dacdcd10f40a9c8aa6f46006c76","sha256":"d4b02f8ed34acf4f0c1b69c144e9f22bb5dc19fdd11f61e8a946696cada746c4","sha512":"1c63f4ecbd8b7c9339f197db468e8f9f9da3ee5412222a02a2fabb57315b3b4e4bbb31bf2a764083a5203b0a4ce294d45b6ba111624b1a173b4e8216e944c8d7","ssdeep":"384:+ly5mxLq6/o5WzP26dnhTfyOZLU91DUgoFzXq8MS6c7rNVy/Efq02OZZKML:+Q5mpJBXqmLIYgvS6oXNf7ZZX","tlshash":"c7c2f1bd0e0c0b2578762b1322c33866d26998e024589fdcbd727924169e3bc78d1aed","first_seen":"2026-02-26T23:12:00.908229Z","last_seen":"2026-04-05T19:37:43.947446Z","times_seen":406,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/plugins/DPlayer/assets/DPlayer.min.js?v=3","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.766Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/plugins/DPlayer/assets/DPlayer.min.js?v=3 HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:37:26 GMT\r\nlast-modified: Mon, 03 Nov 2025 04:28:42 GMT\r\ncontent-encoding: gzip\r\nexpires: Tue, 05 May 2026 17:37:26 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\netag: W/\"69082f7a-4a650\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: 2-yjpzDdtLcI70iodO-Q9g95dO2wlPVyPFeeplsjkCvUpm7EX4HNiA==\r\nage: 435\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":304720,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"4046f013cf323ea4de2e2518386c3d5a","sha1":"cc1bb7b97ba97a03c92593de7524a22ea87c78b0","sha256":"5c9811be07c774e5465097e43c4945941c501333fe482a90f5286cfb3c88e280","sha512":"b50531b05b763c25361b5fa23e258acf12f1c470bdcf0fd60d1a22451f1f954f55761446344067075cf4bc794177c83dbb9eec21565c2ffcde52bff93acbbae6","ssdeep":"1536:PFri4r9aKySaa3rzg7hSwaKySaa3ref7j3MEwOMEa8vTDadMcBjOsCSwixK1LzV+:HNDyMgjKbixKVhjLIR2INivkJ","tlshash":"4a54b20b364131340262afe8c6db534a36347310e9729729f65ef9de8f9d84c6427b7a","first_seen":"2025-11-01T05:08:56.775869Z","last_seen":"2026-04-05T20:11:58.429177Z","times_seen":27240,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260324/2026032416460550938.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.038Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260324/2026032416460550938.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 24 Mar 2026 08:46:09 GMT\r\nEtag: \"c6b2a4a1ca48ed8906e0b0f00129c18d\"\r\nContent-Type: binary/octet-stream\r\nDate: Tue, 24 Mar 2026 13:00:11 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 2396\r\nContent-Length: 94144\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 7569873596273889528\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":94144,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"c6b2a4a1ca48ed8906e0b0f00129c18d","sha1":"1041c11c2fbbe1084dd92e31bcbaea879f16d95e","sha256":"cc8a322e925e95e95eb2e6469d75be8eb347c8ce5f4d95697cfa6ebd60337eea","sha512":"d7f239bdc6413039fd31a67d263d055eb998a56f24ca6d56f390e08c891dcd09498f2704aa1888d5d9963b573fbaa69b796e2ca1ff39efc52f203244567eb5af","ssdeep":"1536:3kM+5OLBEyOvms3xrTCcg7U0JgCv98fE1YnBEES5kM3jJfT1jr+479T2Wf49WQ05:3kMW+qhT5BVMCjMkMDfTf4s1xz","tlshash":"9893124326f37e69fdd2e0e4681074ea4dd0a3bc859323466c7cbd58586fb8eb1205b9","first_seen":"2026-03-25T23:03:54.30215Z","last_seen":"2026-04-05T19:37:43.975327Z","times_seen":291,"resource_available":false,"data":null}},"time_used":356,"timings":{"blocked":144,"dns":1,"connect":22,"send":0,"wait":23,"receive":34,"ssl":128},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260306/2026030620142813450.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.047Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260306/2026030620142813450.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 06 Mar 2026 12:14:34 GMT\r\nEtag: \"e2ffffa26af419a748692c9dc0a00ee5\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 06 Mar 2026 22:45:35 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 19777\r\nContent-Length: 80176\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 7690420470200195221\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":80176,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"e2ffffa26af419a748692c9dc0a00ee5","sha1":"a3f9b0c2b766ac8e863c6671f2a98861826fecb3","sha256":"15af784a9d45b486ab26aa7be01a40d8a114328bb05fd7dbd5a1d7502d4a2887","sha512":"c2c45f780e2737fe3febbdb6c034d2f11fc078e7b2f6f899c3755f151a3bb72745f0e2a7d3e8026a61b8116e1fc941a9a9f5ad0d06c516be36d0a29a010f7de4","ssdeep":"1536:2rYeWI7mGIJkb1XFd51dvWritXCVkbPV6QlixsGPh5L5:2rYeWI7ek1XvtTtyOPV6eI5","tlshash":"a77312fc051f0145042d27ccc1fe98aefd22e884f583d905e30963ea6d8b8b0555bafa","first_seen":"2026-03-12T19:17:27.611985Z","last_seen":"2026-04-05T19:37:43.961553Z","times_seen":404,"resource_available":false,"data":null}},"time_used":206,"timings":{"blocked":73,"dns":1,"connect":22,"send":0,"wait":21,"receive":25,"ssl":59},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/themes/Mirages/images/hlj.png","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.739Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/themes/Mirages/images/hlj.png HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 26851\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 16:50:03 GMT\r\nlast-modified: Sat, 22 Feb 2025 09:54:55 GMT\r\nexpires: Tue, 05 May 2026 16:50:03 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\naccept-ranges: bytes\r\netag: \"67b99eef-68e3\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: jtmZquVXOsQD_3XAS0xJCCH3NKItWvHp-H_pda9OCj__y55jWHElOw==\r\nage: 3279\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":26851,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced","md5":"c78c2c2c3248e04a82e10d4e2d774c84","sha1":"372da4ba94a2f302f1da7d1dcc2b19c65225006a","sha256":"8fdb68e492e8c3ec2f8d8c736c6fe24924d580101067b0fcb839bddd3071b3f0","sha512":"23878316d8fd61bbeddae86791eb6cfac877fe8e07ecd6fdc9a6062fe205bf77723dd26d29346b172540e82bfb9c9f38ba58ce8631a9888c2a06eda581226add","ssdeep":"384:wVit8XAe3VWGluJGPcT2NmBCJct0g5WoE0k8L/Fr/h1+7FM/I:wVqsAsWIuQPcT2NmBCJsJFk8bph4Jh","tlshash":"37c2e141a42827d52d094a9e38524ea037cadd1f7fec4506a7b3bc60e74aa493ec09db","first_seen":"2024-05-18T06:57:58Z","last_seen":"2026-04-05T19:37:43.969542Z","times_seen":867,"resource_available":false,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/themes/Mirages/images/zw.png","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.762Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/themes/Mirages/images/zw.png HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 4801\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 16:50:03 GMT\r\nlast-modified: Sat, 22 Feb 2025 09:54:55 GMT\r\nexpires: Tue, 05 May 2026 16:50:03 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\naccept-ranges: bytes\r\netag: \"67b99eef-12c1\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: s5szMOmo_QpQzgK2ry1o-YwF4tuZw4KIScUeOumNpVC4beEAlWn9vQ==\r\nage: 3278\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":4801,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGB, non-interlaced","md5":"23673bece38ff4d9ce9b9732f1bf3f1e","sha1":"cfe5c4282ba0c167a31beb8dc60d9ab80b85354e","sha256":"6df8c2b9ca65f2b5635c3c62cdb308204084c4692b6b6f568dab1ed7bcf8a24b","sha512":"16fddfa778a0c2eb54179bdf0798c015d2aeaeca235daf06540c777bef200ecf19be9c5ae5d9a3a81add8e50502fead2416e6821c48a37761e954abf3bb0036f","ssdeep":"96:P22xsysNxVg7THf9K8WY+0tX8pXpsmP0rEbmRpdPioejZI:LmNE7TH4gOG7Eb6pdPN0I","tlshash":"7ba16c76d9458e215288d7528cd574b3da344e09f696e0b2ac8bcc1c0d588ff65ab8c3","first_seen":"2024-08-29T18:01:21.364742Z","last_seen":"2026-04-05T19:37:44.019332Z","times_seen":870,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260310/2026031021093348282.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.066Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260310/2026031021093348282.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 10 Mar 2026 13:09:39 GMT\r\nEtag: \"4d372e538c89870701436dcb83d4f9b9\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 11 Mar 2026 01:00:09 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1053\r\nContent-Length: 182576\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 16337545201785368396\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":182576,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"4d372e538c89870701436dcb83d4f9b9","sha1":"423afc28ac1afe63df5f9f6d6d1c1932ef3519d2","sha256":"f64bc55b89cf0984f6c426cdd02ca5881e5dd509e6863f7076ccc24f498e7612","sha512":"b237d2250d2eddd61bd97844f052bca31cab8cb33430ce814912becb7cf932a016b731d9ae0b23f688fd1ac1d1031eb5808743e60c8dffb4878376ef62227c89","ssdeep":"3072:Qlw7usBT14bRW2mG5A5Uhg7A/4+KwOv587uPk9DqEfC43q7Pae:Cul1+R15A5UyAjKwqSDq2e7F","tlshash":"a104123f6c2b96b1f5a176c918f5c3bb501983c49c1a98ceba80b84f2545704356cfba","first_seen":"2026-03-12T19:17:27.516767Z","last_seen":"2026-04-05T19:37:43.989419Z","times_seen":403,"resource_available":false,"data":null}},"time_used":121,"timings":{"blocked":108,"dns":0,"connect":0,"send":0,"wait":8,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-04-01/4b5cfbeecc9002070c1c7ca0dc5156d7.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.106Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-01/4b5cfbeecc9002070c1c7ca0dc5156d7.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 01 Apr 2026 10:41:28 GMT\r\nEtag: \"aa17b2abf016a6a67f1abc758d9f953b\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 01 Apr 2026 10:41:36 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 353\r\nContent-Length: 223536\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 11201108339779330650\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":223536,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"aa17b2abf016a6a67f1abc758d9f953b","sha1":"c6e40dc70565bd90849b6752ef3e0f878080b256","sha256":"5e0f020fc8b0c96f00a6a4b22b024f31de337fbd25ab451cafec5cd48afb8d65","sha512":"119bf79be647226e334d685c9898fdac7b4ea4a9e0736fa3a261483adf43aa84202201b55086e6c067d75ca49b0563a4f63b282ffeb1f4dcd3f195e6f63a97ac","ssdeep":"6144:I3CYPO50ViUpOZeYLeeYY7h91QTQpXCHcqzBp:I34k4ZLeeYYxXCH/7","tlshash":"6b242387013b903a7e17913b9daddda170009eb82802aca1c347a4c9d755facf99eb46","first_seen":"2026-04-01T11:04:29.225549Z","last_seen":"2026-04-05T20:11:58.486723Z","times_seen":4017,"resource_available":false,"data":null}},"time_used":172,"timings":{"blocked":151,"dns":0,"connect":0,"send":0,"wait":16,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-03-09/bddc014fb64915dc9e9488ca292b89d5.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.688Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-09/bddc014fb64915dc9e9488ca292b89d5.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 09 Mar 2026 13:55:05 GMT\r\nEtag: \"2fc5193c3f163cf8e9a1da7fab6369fd\"\r\nContent-Type: binary/octet-stream\r\nDate: Mon, 09 Mar 2026 13:55:05 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 350\r\nContent-Length: 193600\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 5808009393085705520\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":193600,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"2fc5193c3f163cf8e9a1da7fab6369fd","sha1":"2af1d9a1001e8b7afe2763152088550e502ef0cf","sha256":"956484e197ecfbb5d26a45efeea3da69cb86a8104267177ca87a6e8c19a260d3","sha512":"6fe419970b47a10294fecaf9275a3fae99ec9f0edc9edb05a574e28f5b18e24519fd69085b734a5447a4ae2e2b21c8658d2dca3746f20b07568b26ef6081b2ff","ssdeep":"3072:d0Vnbxt2TPIyg+8p/QLYEY+fubu3bXhAOE5vryyoPNV9TWRKzIbECC7ZTY2FdXLx:d0pbvLdp/QMEYSYdOE5DloTdIQdhLGA","tlshash":"0414122a0435df6ebfbfde2ed2da095589e3617827191d82080597180d0b1b8cafd7bd","first_seen":"2026-03-04T08:58:20.523655Z","last_seen":"2026-04-05T19:58:13.507425Z","times_seen":1264,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-04-01/1d8df9dda13821b7ca1131cb69644bb4.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.747Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-01/1d8df9dda13821b7ca1131cb69644bb4.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 01 Apr 2026 15:25:06 GMT\r\nEtag: \"a5744ad664e010338253087936c9f9b6\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 01 Apr 2026 15:26:07 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 611\r\nContent-Length: 217904\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 9070382853766556756\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":217904,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"a5744ad664e010338253087936c9f9b6","sha1":"c6a21f3621ed71ec12cffaef26ef183d8eca5222","sha256":"d4a688e68531a82ae6028df82cb397d8b30eb18cd591ada1885679c59287b96b","sha512":"b55e9a0a913607c2cbd47643356e42ccdb31a463caf7a8e394f362797535dee5091daacc056269ee854a7951332405a673c294dfbc34fd784ea4fda5b7e7fd85","ssdeep":"6144:QHMokeiABeGWZ3JLjhCSWOIBlEt5yOHJ+H/yvydZ:QHMofiAkZthC1OI38nXvy3","tlshash":"c324139d915194736e3746be9cc5f5a837c306cefa28c27902ad182e58d4a3f076a4f8","first_seen":"2026-03-28T16:22:38.383087Z","last_seen":"2026-04-05T20:11:58.448931Z","times_seen":4027,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":45,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522395210030.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.994Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522395210030.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:40:05 GMT\r\nEtag: \"9c21739ceb1ac380202e461fbfc6cf51\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:40:05 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 18\r\nContent-Length: 22240\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 8048311664684798612\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22240,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"9c21739ceb1ac380202e461fbfc6cf51","sha1":"180548584638ff4e7e3acc8c7f08a98938ef05d0","sha256":"d6b678f3994d78bdf4469c8848f26ccabe6b4e28f7a4da60c531cbcbd6202d93","sha512":"3f2808cf15321a6a08ac618d20b9c6b4f2d697bfcce0e1403607d272abe97058cb1c6f009ec44535926281c2996638cf9f3e9c3d63971d73add0161a5f49188e","ssdeep":"384:HitWrU+P35BrrMZuFI5N2LHpMWlW56GtU60Q3keeEGlnxSRFHil+6/9WW:Cef5B/MUGadkjt5YeeECxSRFHill9F","tlshash":"1aa2e199c2cae9b1bd70e0082f8f7586129c067e5c6b4918f70646ad4dad4a802fb7f5","first_seen":"2026-02-26T23:12:00.845257Z","last_seen":"2026-04-05T19:37:43.96617Z","times_seen":406,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/themes/Mirages/css/7.10.0/common.css?v=6\u0026v=4","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.664Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/common.css?v=6\u0026v=4 HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:09:27 GMT\r\nlast-modified: Thu, 18 Dec 2025 02:41:04 GMT\r\ncontent-encoding: gzip\r\netag: W/\"694369c0-1d41\"\r\nexpires: Tue, 05 May 2026 17:09:27 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: EYdFszfWw8FOQWQ_e5nnEoefOPkxYqzJX_kEPmQGxmlGNnIVhP9rmg==\r\nage: 2115\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":7489,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"1ba3739b7ac3382c17d56560665059fd","sha1":"0bb740085dcf707d5f69f478dc6a10feb28dd02c","sha256":"91d79d271d16cb33a88217a5f11171771388942e6e8b04c0c882714220deaecf","sha512":"25c482308ba0bb4fc0964755981ac6c3500147908f91725406069828794809337e716f400500f1b766a58939f7b18a3216347b38611cbf6171d1f0e5fa9401cc","ssdeep":"192:E9DbYNjO9wZ+XBYmU5qBQSUMuZsLtxrQoPvFKl2RqKkukvkf6:Q7d0VBcS","tlshash":"85f1130f16130248685b32696f6e1d94272d8007ef0bddad3bcf6648cf8d6b675b2b48","first_seen":"2025-12-18T08:52:15.762316Z","last_seen":"2026-04-05T19:37:43.985838Z","times_seen":619,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/themes/Mirages/js/layui/layui.js","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.779Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/themes/Mirages/js/layui/layui.js HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:37:28 GMT\r\nlast-modified: Sat, 22 Feb 2025 09:51:59 GMT\r\ncontent-encoding: gzip\r\nexpires: Tue, 05 May 2026 17:37:28 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\netag: W/\"67b99e3f-471d6\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: DnpLBkS5n_y2fiYbog76BH-zQVSId802iGIHfuhKctruGbkNNYK3pQ==\r\nage: 433\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":291286,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"70ed0e8151d23de969de514bfd802a56","sha1":"569e6c1b0ac0b8efaa7dc0015b691334947a9665","sha256":"92c7997b3dce6ab2368b1bdb34ff4b67ac77957898a126c7eba452a8080bec95","sha512":"947eeb19fb055b07a191ec89625941abbdc8b2247b447dbec2e3958ebd3aabc34ac07a79c559e4752bd49bc44db77d500913aab4fae300077556e347d084b1a9","ssdeep":"3072:tVo+F//NOM0SF0Mz0pZN6TPKWjZIpYCrYtJ+8CZrcNBf4XcIiOb9:Xo+FdO3SF0Mz0Z6TfIpPS+8grcNBQcIZ","tlshash":"02543a9d758574b3237360a6406f990eb17b093daa0a8060f166d4fa2dbdc885237f7f","first_seen":"2023-03-07T12:09:26Z","last_seen":"2026-04-05T20:11:58.444243Z","times_seen":27129,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-03-26/2f1827ae688142083f6831ad6f7d3665.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.093Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-26/2f1827ae688142083f6831ad6f7d3665.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 26 Mar 2026 01:50:50 GMT\r\nEtag: \"b484cbec8f0448f6cb559072486405a1\"\r\nContent-Type: binary/octet-stream\r\nDate: Thu, 26 Mar 2026 01:50:52 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 105\r\nContent-Length: 371856\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 7132878928641750905\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":371856,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"b484cbec8f0448f6cb559072486405a1","sha1":"5dce0e49ddf7802be5bf612df1b4e28af34e4a08","sha256":"6527f2adcdbe405a12a97a2a78aac9dd767d233574f766200322c5123097fff7","sha512":"05622a888f699f01b2924d8febf7c8f8f901aa0064a8254d8771ca7f057c82109d326c2b05e15d41f30a1fae30c30feab051a2a0900a1b7b1ca7509002f3803a","ssdeep":"6144:K1AlEeCnttURXTT4Hcz3H93LfCBsLCiUdQxiuIzUiQzscbC+uOLLPfZH0cpeW5q3:8IXw8zX93LfpLWQxiuYTutG+uOX/R5vS","tlshash":"64842390c9afe2648609f2da15c5226340d1271c7d73f44ea7a95cd3c0e196fa2af8dd","first_seen":"2026-03-25T23:03:54.32402Z","last_seen":"2026-04-05T19:58:13.593949Z","times_seen":450,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":154,"dns":0,"connect":0,"send":0,"wait":11,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20241108/2024110817201282400.png","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.815Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20241108/2024110817201282400.png HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 08 Nov 2024 10:33:59 GMT\r\nEtag: \"3b0410c984dfa15437b137d6be86aea5\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 25 Jul 2025 21:35:49 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 49715\r\nContent-Length: 1152\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 4678745814773560825\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1152,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"3b0410c984dfa15437b137d6be86aea5","sha1":"67244404669239dc3158bb6cde18783614db3b60","sha256":"3d896aecb1aec7f2ab593f5f7e5a44abd35950ce6e70cd53ef94ce17028ccb20","sha512":"f29977073034cf53c8e726ce48d0da0cc44260cf22f3aaca9942e7cbecaf450e4d55d48920ea26031f2ffd4036e1544da172f0d4da3a2ac18138b26856d161f6","ssdeep":"","tlshash":"5821a7b53fad0dbc48e04f495782978ebbac714e42a9b582b2228d4220ca0503658b3f","first_seen":"2025-02-08T20:55:59.130225Z","last_seen":"2026-04-05T19:37:43.959598Z","times_seen":850,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20241108/2024110817201129399.png","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.816Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20241108/2024110817201129399.png HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 08 Nov 2024 09:39:59 GMT\r\nEtag: \"5989971f99527a1d0ce46eb033540c81\"\r\nContent-Type: binary/octet-stream\r\nDate: Thu, 09 Oct 2025 17:47:11 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 31692\r\nContent-Length: 960\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 9347539105669940342\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":960,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"5989971f99527a1d0ce46eb033540c81","sha1":"1e81d36da96ee5d4721691ffbec9364e3b3df42f","sha256":"23b58157ccd4f63e4347917852aeaa92e4032c2b35f7b9d681a65b975bb99655","sha512":"bb60d9ed271148bc1f3bbea830c478399ac95bad1718c6455410109c1d80ab7fd827b7b600aa937ae2f3c1b7ec9bd6e08901893be727653398d866cb0c33db4f","ssdeep":"","tlshash":"e9118c441563d3e3d64c0144a912edc81a6533b8d88335cd7593c5b314713d6de26dae","first_seen":"2025-02-08T20:55:59.130975Z","last_seen":"2026-04-05T19:37:43.946906Z","times_seen":850,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522383436422.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:44.058Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522383436422.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:38:44 GMT\r\nEtag: \"2fe68b356a91db540172168746de7e6a\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:38:44 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 100\r\nContent-Length: 27056\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 18079472024298682698\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":27056,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"2fe68b356a91db540172168746de7e6a","sha1":"36ba5ea81df4e8b35907145f7ee401caa6c55087","sha256":"0532534dd49b108f45fd1a1becebc723cd5f2e6f4ee16212fc791f1000b83701","sha512":"319c518d677af81f5d64b3033f9067228ab8027793e1617bc6256e9be2c58d053234be1f40d44194eeaae075f9fa520cc32d132b21d1ff3e411c606199872db8","ssdeep":"384:xDhIvduEhdeb7QvhSY44GRVePKLyFNQWF8ij+6CAdJeLgQqxprd0j4Bc/liT3WM:xtxI+QSYMRVeXQF6+6CYU9M52j4ei3WM","tlshash":"67c2e1ca7147319b698140ab2120ee63de77ef313b3d8d017e32d1665a63b5d0e58bb8","first_seen":"2026-02-26T23:12:00.925793Z","last_seen":"2026-04-05T19:37:43.97372Z","times_seen":406,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":64,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20251110/2025111012542164782.png","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:44.093Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20251110/2025111012542164782.png HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 10 Nov 2025 04:55:04 GMT\r\nEtag: \"60af2c4d8abb6b3edfa7e5b3f0af2c90\"\r\nContent-Type: binary/octet-stream\r\nDate: Mon, 17 Nov 2025 09:41:23 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Miss from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nContent-Length: 139488\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 9729108645238126774\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":139488,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"60af2c4d8abb6b3edfa7e5b3f0af2c90","sha1":"ff01cec91d7ac12be695637f7f9bc1db1846b442","sha256":"33761d1d55e6319804742b0337b23716cfc9bdc57df7664750b11eb6b3b37976","sha512":"88283c6844b67a8bb6f85a933ba88699699caf084097ddd6fd536453892c7cd52f2e244807958a5fa597ddc43c4935cd286347d82fb65f446e8a3ca13df8060d","ssdeep":"3072:VW6g7V1QSflcmvjLY6EyrQatdxQbGxMLCBYIFDvdQpg/YR+rMToePvs:3gXl+CjLbrA5LCBYIFDvF/0+rMTrvs","tlshash":"76d312e10a29afb280c7534bb8925459dc02daf4c66fc66d0d923b1be67e73360945f3","first_seen":"2025-11-17T11:08:20.239469Z","last_seen":"2026-04-05T20:11:58.386496Z","times_seen":13663,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/plugins/DPlayer/plugin/hls.min.js","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.764Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/plugins/DPlayer/plugin/hls.min.js HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:37:26 GMT\r\nlast-modified: Wed, 27 Aug 2025 08:44:44 GMT\r\ncontent-encoding: gzip\r\nexpires: Tue, 05 May 2026 17:37:26 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\netag: W/\"68aec57c-805db\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: nC6KT-z1x4tbffZTe02TDemYuAKKo7woynTEJVlwEHTsPN2CcwRG-A==\r\nage: 435\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":525787,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"c6b4b0566933bbace745d354bbf66a45","sha1":"37421e0fdc0f834e9b76c83c86b8f8dc5a25f9f5","sha256":"98f063553824f201d7a46e124e1dabdeefbc517e35e800ba0c8cbeedd432ab67","sha512":"b972867cd30918e974a0603937c16d106aca52ae7b52ffecfb1096b093dd21778cc38eac17d777e53a709b9a3c451b5785d9ac2d3ead1b9ad5532dc718389dfc","ssdeep":"6144:tN52SSJ22f+rppL0uMRzXrpbQLTfUUD+6D5U7qKxnU3F4BsibLioRGJ8z0xEnFak:te22eppSRzbpbTiwqKxUHF84xfg","tlshash":"cbb43aed3695a01683c2b169903f5507633a7d0a284cc12cfa2be9db2d7994db13bf74","first_seen":"2025-07-08T11:22:48.878147Z","last_seen":"2026-04-05T20:11:58.463746Z","times_seen":25810,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/themes/Mirages/css/7.10.0/search.css?v=6\u0026v=6","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.668Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/search.css?v=6\u0026v=6 HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:41:15 GMT\r\nlast-modified: Thu, 15 Jan 2026 02:59:10 GMT\r\ncontent-encoding: gzip\r\nexpires: Tue, 05 May 2026 17:41:15 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\netag: W/\"696857fe-ed23\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: XtY5J8ITV9-wPqgh_Mw6Lb6ueKVnGvlTmZG9h2B54K_1_6inr1IIgA==\r\nage: 207\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":60707,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, Unicode text, UTF-8 text","md5":"a313206a8daacd8a2bf4f775a7addb08","sha1":"73029a8bdf2811a94c7a94a4a54637021260e7c5","sha256":"0afd31df6c00fab2606b8cf4755e658a40255ce574596d29113b7f092c2cde73","sha512":"216a58083e5a1771f7c19b8f5ed1d82fab3a212cdcc90475827d4b9907e847e47e952428a75988c9c6534581c2bc50f23ef75d882a4bdb3900954fb0aa1d0a88","ssdeep":"1536:SuMaE+qkZy8DLn/dGd5d2dLdbdkdykKLk9Z:xZy87kKLg","tlshash":"cf53be1a9b530125f9bb44ac2b6b7b842729c407ee05ceac7bcea544cfcf954b4617c8","first_seen":"2026-01-15T06:34:04.277746Z","last_seen":"2026-04-05T19:37:44.010384Z","times_seen":470,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/themes/Mirages/css/7.10.0/swiper-bundle.min.css?v=6\u0026v=4","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.670Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/swiper-bundle.min.css?v=6\u0026v=4 HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:41:15 GMT\r\nlast-modified: Mon, 01 Dec 2025 06:43:35 GMT\r\ncontent-encoding: gzip\r\nexpires: Tue, 05 May 2026 17:41:15 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\netag: W/\"692d3917-471a\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: VZjFxNhd2wmRbEXNS0N7ZuTyM3Gf_fhZx-fsavh0pAOrlxQ5s0M5rA==\r\nage: 207\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18202,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2242)","md5":"5cde23d8cd3bab0c546a595a1de28d86","sha1":"730ea3343088196d57d6847e126607b70a85f253","sha256":"50206dff50adaa6e3c703b1ec658b20fde42fa84ea9e2d7314e05d59d8ffd5d5","sha512":"70ccca9e815734ab7e3db11d30da07969619b13bc82298d7c047f4ee26cde5e6b6582463d8e298c4e3bad82d5039957b1a1fe636f8d90dc14a9f0d6973034ad6","ssdeep":"384:o6Ubeo9hhC8qYAsLWe31GtTMFZFmsHSyT3rin:oDbJ1LWeFGtTMFZFfSyW","tlshash":"eb82236413721c53661a4e660b7a4774eaa444c30a47cc39b3c1ad88ffb65fc325fae9","first_seen":"2025-07-26T05:03:20.430258Z","last_seen":"2026-04-05T19:37:43.957121Z","times_seen":2719,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/themes/Mirages/fonts/OpenSans/400.woff2","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.972Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/themes/Mirages/fonts/OpenSans/400.woff2 HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: font/woff2\r\ncontent-length: 16644\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:04:32 GMT\r\nlast-modified: Sat, 22 Feb 2025 09:51:59 GMT\r\netag: \"67b99e3f-4104\"\r\nexpires: Tue, 05 May 2026 17:04:32 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\naccept-ranges: bytes\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: cneDpUBPgWbpWhSrm5TeUebIdET80t8LZ-DsxN-oeC_b8nmPB_X-7A==\r\nage: 2410\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16644,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16644, version 1.6554","md5":"6276351c3fd3053a0cab736572d6ced1","sha1":"326b281cbcf5070d140fadedc4b1354f1a5d916c","sha256":"43640ab0efbdbd50a1162047c1f62f338fb84de407411b98bfa6a1f8666ef0af","sha512":"c9885c9fa086350a150efae1c40c9ab22314db0baf47b457c3de4be5c7e609313b9fec4f9000b133a9f8b365c2d5d3703bbff579833a8b81195062e5f6bfe5e7","ssdeep":"384:JK4eVLUx4mqjtgI4cwDn/HnhbXOU7WYb+KFqEevY5:Y4edUqmBIkD/HhjHWYb+KFGvY5","tlshash":"bf72cf83f467d9f0f42836305db116e3b979ef357761ace0621445aa1232bd02e847dc","first_seen":"2023-05-08T23:10:23Z","last_seen":"2026-04-05T20:12:24.147511Z","times_seen":20095,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522412575550.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:44.008Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522412575550.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:41:36 GMT\r\nEtag: \"b3b22c871be4fef553fd32dfc71c145b\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:41:36 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1187\r\nContent-Length: 30224\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 11212419244631819591\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":30224,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"b3b22c871be4fef553fd32dfc71c145b","sha1":"a7a885fef791f70c7066c06c50684a05790d70cd","sha256":"a0467b523e30593128c1146c4200be68cf6eae1925c69c132bc3efa31cbf5e6c","sha512":"7c4486379fa0cf00fc50ace9a1033a737db2b893dd71aee4d5d926818dee5fa8e2a8fab99425095814f626950732ff296de3c3d2588b2f560d3f8193eca2506b","ssdeep":"768:jYFKr0dSzOFR3CGnjclG1N88VTbqoXBg64O6DtMP:jYMlzOFhrj4G15Q9pMP","tlshash":"b6d2e110d291e0df237e4724f6f96226098a17aa666d2d043cc5f53f7e9f746288c820","first_seen":"2026-02-26T23:12:00.85966Z","last_seen":"2026-04-05T19:37:43.990885Z","times_seen":406,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/themes/Mirages/images/search/rank-3@3x.png","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:44.194Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/themes/Mirages/images/search/rank-3@3x.png HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dksylmnl.mvbsghet.cc/usr/themes/Mirages/css/7.10.0/search.css?v=6\u0026v=6\r\nCookie: _ga_NGV4MXSYPX=GS2.1.s1775411083$o1$g0$t1775411083$j60$l0$h0; _ga=GA1.1.482702814.1775411084\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 2496\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:18:09 GMT\r\nlast-modified: Mon, 27 Oct 2025 03:29:54 GMT\r\nexpires: Tue, 05 May 2026 17:18:09 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\naccept-ranges: bytes\r\netag: \"68fee732-9c0\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: UchIEX01C6BYkfCN_QYC9PBTjBsjUypBB1vdblEkLnUd_Z4I6F4b9A==\r\nage: 1595\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":2496,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"44b6dc38e9133c0cea22f7458442ec3e","sha1":"4963100db4a6f4e33837a07f0d62370524423673","sha256":"28a64014ea2e54dee4a96dfd9923ea4693ea6a0532cf6cf5cd1c8f1aaa1e543b","sha512":"7351991697ad02b03a4e5ba0dbe7595cd5c89eb88749fa4c4df353b97bc896d0741a485faf72198694af42e58610ec3981e32b4752042b14127415f972f3db15","ssdeep":"","tlshash":"40515bda280dcc1bc2261875342cb81de565582c41f3e4adfee3c5a066a8c98c2f9d43","first_seen":"2025-10-28T07:13:52.658458Z","last_seen":"2026-04-05T20:11:58.548843Z","times_seen":5300,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/themes/Mirages/fonts/OpenSans/400.woff2","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:44.932Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/themes/Mirages/fonts/OpenSans/400.woff2 HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nCookie: _ga_NGV4MXSYPX=GS2.1.s1775411083$o1$g0$t1775411083$j60$l0$h0; _ga=GA1.1.482702814.1775411084\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: font/woff2\r\ncontent-length: 16644\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:04:32 GMT\r\nlast-modified: Sat, 22 Feb 2025 09:51:59 GMT\r\netag: \"67b99e3f-4104\"\r\nexpires: Tue, 05 May 2026 17:04:32 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\naccept-ranges: bytes\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: 7lzRjuXAG5AYlPeWQzIISE4t58Kse67gm4XVj6aJPNgnLkhvw36O5g==\r\nage: 2412\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":16644,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16644, version 1.6554","md5":"6276351c3fd3053a0cab736572d6ced1","sha1":"326b281cbcf5070d140fadedc4b1354f1a5d916c","sha256":"43640ab0efbdbd50a1162047c1f62f338fb84de407411b98bfa6a1f8666ef0af","sha512":"c9885c9fa086350a150efae1c40c9ab22314db0baf47b457c3de4be5c7e609313b9fec4f9000b133a9f8b365c2d5d3703bbff579833a8b81195062e5f6bfe5e7","ssdeep":"384:JK4eVLUx4mqjtgI4cwDn/HnhbXOU7WYb+KFqEevY5:Y4edUqmBIkD/HhjHWYb+KFGvY5","tlshash":"bf72cf83f467d9f0f42836305db116e3b979ef357761ace0621445aa1232bd02e847dc","first_seen":"2023-05-08T23:10:23Z","last_seen":"2026-04-05T20:12:24.147511Z","times_seen":20095,"resource_available":false,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/plugins/tbxw/js/zzz.js","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.710Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/plugins/tbxw/js/zzz.js HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:08:24 GMT\r\nlast-modified: Sat, 22 Feb 2025 09:51:59 GMT\r\ncontent-encoding: gzip\r\nexpires: Tue, 05 May 2026 17:08:24 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\netag: W/\"67b99e3f-c67b\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: 6jYgbWXQxgJKZsKqi6Jo59r3jMJDVcjiXZmgcsyLhhrME-ndgYLG3w==\r\nage: 2178\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":50811,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (48316)","md5":"78dab9fcf576de8cba46edd716dd2309","sha1":"7113abe41f95159f9bfccf70d01bdda1055af2ad","sha256":"7c66d6c8e2c470780513a282b66e2b5b7429ed863d6a0ecd6054b38dcda004b5","sha512":"dbb858875e532b475f827c930c154cac09e9a952b20053a0f7e1b34a050100a0a3a41f8aabeeab4af2dd90082363fe3ced3a5957f7250a4918d305b49655e040","ssdeep":"768:J1Z4iiyfiD78x6l42SWRV4HC0o10LEnM9OT81agZnEpn6ZFCsUleZ:vZYDc6lXJd1mZpZEdq","tlshash":"da331bc5a19c609153a774d50d7f704bb4637526170d89acf228e8eeecfcaea9039d38","first_seen":"2023-03-13T16:33:51Z","last_seen":"2026-04-05T20:11:58.523702Z","times_seen":26927,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/themes/Mirages/images/logo-white.png","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.726Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/themes/Mirages/images/logo-white.png HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 3664\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 16:54:24 GMT\r\nlast-modified: Tue, 25 Mar 2025 09:24:19 GMT\r\nexpires: Tue, 05 May 2026 16:54:24 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\naccept-ranges: bytes\r\netag: \"67e27643-e50\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: nGa41zPQjF86vK7zhp2CTHekrdNBVPy7-1L0kDdpg83FSHYG5U-l9g==\r\nage: 3018\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":3664,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 204 x 144, 8-bit colormap, non-interlaced","md5":"3dd92f9d617a8cc847fd1d0a963cd0a5","sha1":"51c50a587125801aca99ef25dc64d8aea546d8c8","sha256":"00ecda60c06f6e0c3e08782b67de84ce4b3ed3a1f464eeb589cdf27a82ec30c4","sha512":"fb4f83913de58c22dac1cbccd2628d3122a69d0d6ecc545c71e318d32f3f3d15f7b8b4762d8482b069b9cca2b8850d66cb79de599978e98107213163e22e7add","ssdeep":"","tlshash":"1e718d026b0bda28d04232f9332f951027c81eb90b01798167427d79317ff2c93a9bb0","first_seen":"2025-04-02T09:15:20.115842Z","last_seen":"2026-04-05T19:37:43.942681Z","times_seen":862,"resource_available":false,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/plugins/ai/common/vant.min.js","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.789Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/plugins/ai/common/vant.min.js HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Mon, 01 Dec 2025 06:43:35 GMT\r\nx-server: web-node-3\r\ndate: Sun, 05 Apr 2026 17:08:03 GMT\r\nexpires: Tue, 05 May 2026 17:08:03 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\netag: W/\"692d3917-3b3ee\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: kZMItvdcyCtXgnSFdmPkBI8q7frkj2qUF7UCSrZWRLWgq79Mh9LH9Q==\r\nage: 2199\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":242670,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (36859)","md5":"48c71ec4ea36fdd75033bbb278a861f3","sha1":"b47d16bde5c94e468ef249bd2126b846a39afe73","sha256":"0b18e273bc785dd0e5cc43218ee879bce10461fdf3b1274a1f2c8962aaecb49a","sha512":"bd3e587cf0fa0c2d777e1918b2067a2a2cce648996ea7e490098d609b20bacec6c2fb6dbe682ac1e212eafe2c1e33364a8cde40439ab6d24638b9b23b69489a1","ssdeep":"6144:XEB3BhYNbHp+fvbtgMAgMgQ8dOq11tUxLEm+Om0RbU:XEBIHpevogQ8dOw1sEam0R4","tlshash":"d23439a0f685f42547b790e6507a0610e1290b48f009d1e0f57ded8e2aede94b6bef7c","first_seen":"2024-08-02T14:48:31Z","last_seen":"2026-04-05T20:11:58.439153Z","times_seen":26633,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/themes/clipboard-2.0.js","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.814Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/themes/clipboard-2.0.js HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:37:28 GMT\r\nlast-modified: Sat, 22 Feb 2025 09:51:59 GMT\r\ncontent-encoding: gzip\r\nexpires: Tue, 05 May 2026 17:37:28 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\netag: W/\"67b99e3f-234a\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: Surp9fwXrwMcVg-TbkaSofACwWLehBdfVFsVp_W4mg2CO2DxUyZQBw==\r\nage: 433\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":9034,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (8941)","md5":"ad98572d415d2f2452845a6068a913c0","sha1":"6674f81dd01c76be986cf0a8172d1073e56d7ef4","sha256":"baff7541be9c20f7f977f6993ce39cfa937a7bde69db6e7beebb8f68372682a1","sha512":"3c88ac453f2615f771c7df6032ced6018e46a7e0ad8d86312af17ddf0f32580bd7e78f1404d0031eeed091abe0afac911be6aca1ca9fba4e5cae335de73f6ce9","ssdeep":"192:RJBFlYPHiG9JyHg4LyAahp1v/N/MosfkApXMdgmkpj:R9yKG9JKziVF/MF/XMmmkpj","tlshash":"d7126599b291b0b15ad731a8412f920ff3766869708b90d0d279d4f0acbcdde4463f2d","first_seen":"2023-03-07T12:41:35Z","last_seen":"2026-04-05T19:59:31.431432Z","times_seen":16251,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2025-12-10/385c512282ab37d891e3b1fd2408209b.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.687Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2025-12-10/385c512282ab37d891e3b1fd2408209b.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 15 Dec 2025 12:09:50 GMT\r\nEtag: \"5fe63a8ee895001e580004282ce40b9e\"\r\nContent-Type: binary/octet-stream\r\nDate: Mon, 15 Dec 2025 12:10:33 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 172\r\nContent-Length: 280896\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 13715277211048361537\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":280896,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"5fe63a8ee895001e580004282ce40b9e","sha1":"2083c98872709c9e99646317549078e5a59acbd3","sha256":"a1df7884dc7cab15416d9598f9a04a1b0630b8296eb6fd14f3c76801bd7a54b0","sha512":"aa9f29864f8f7265ef42220b3aee39a0e9af1d8bfe01c0b956393bed616bdef8e6696f3e7753dedab02ce84ddb84e7ec7bfb6de612d93e4866c070b9f1b59a89","ssdeep":"6144:J7mNHQUriQWVybzSQ/uO0tzUD0n438lZSxWKyNejQyuR75:J74QBZVWzSQ/u7tw0BSx9yZ35","tlshash":"af54230065905c9f74867f6ed25bba2b6ecfe4d958750a6d13372e89fc3a1622cc700b","first_seen":"2024-09-28T02:15:42Z","last_seen":"2026-04-05T19:37:43.965096Z","times_seen":994,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522393954237.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:44.060Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522393954237.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:39:48 GMT\r\nEtag: \"4890e3759c07b18a8a248633eb4e0383\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:39:48 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 32\r\nContent-Length: 23536\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 8341813647459341639\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23536,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"4890e3759c07b18a8a248633eb4e0383","sha1":"a0bd06f91f8c146f24b7a0b1b2ee72b5df506e46","sha256":"c22e23e3d4566e93825d4f7644cfff675e1275dcbf0def967d64363c2d387354","sha512":"98a25123170197326328a7119edab8a0f80f86e85fe33226c4cb2258c29c5b771f011e4f7c917003107761271037c8682f99fdd2d56335bfb57e25094ca00271","ssdeep":"384:lMTrabKHg6Kp/R2Hx3bmV35UNlf7nZAJm2qPVmAHZ8EQjGCjB/n9S17PU4Jw:GoKHGpQ10352VAg2omtEW/jB/ns1Yt","tlshash":"6ab2e0554a88ce6ce4e8e2a0f034a0f57d2efe9992f8dcedc9143900f14ae9c6341c96","first_seen":"2026-02-26T23:12:00.900812Z","last_seen":"2026-04-05T19:37:43.955027Z","times_seen":406,"resource_available":false,"data":null}},"time_used":56,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":55,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/themes/Mirages/images/search/rank-2@3x.png","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:44.189Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/themes/Mirages/images/search/rank-2@3x.png HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dksylmnl.mvbsghet.cc/usr/themes/Mirages/css/7.10.0/search.css?v=6\u0026v=6\r\nCookie: _ga_NGV4MXSYPX=GS2.1.s1775411083$o1$g0$t1775411083$j60$l0$h0; _ga=GA1.1.482702814.1775411084\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 2600\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:18:09 GMT\r\nlast-modified: Mon, 27 Oct 2025 03:29:54 GMT\r\nexpires: Tue, 05 May 2026 17:18:09 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\naccept-ranges: bytes\r\netag: \"68fee732-a28\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: GOA4Ows41ehWeRMkflA7uu45luzPmV3W22cvMSo7KBiUq2Y4iepAjA==\r\nage: 1595\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":2600,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"3438e5aef62d0d9bebae0eb0b884de9e","sha1":"e1570b5c068b735a7367b83212a0524493913dfb","sha256":"490d481dc60eca11bff657185331c5a6ccc25f201b20bdf36c78ba833853293f","sha512":"104f434d690b6f3bf31d38487050c7d8e6b6a49ce380910313aeaed3dc0935c81898d917f9ba1a078af455a04ec4e0b2083b0acea69b04db762564f973873519","ssdeep":"","tlshash":"12514c68930cfcc6f060bde6017785a02af74e3b31b29acdde48ae206e79f84a4d1100","first_seen":"2025-10-28T07:13:52.634902Z","last_seen":"2026-04-05T20:11:58.572165Z","times_seen":5300,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/plugins/ai/css/index.css?v=10","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.706Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/plugins/ai/css/index.css?v=10 HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:41:15 GMT\r\nlast-modified: Fri, 13 Feb 2026 07:10:55 GMT\r\ncontent-encoding: gzip\r\netag: W/\"698ece7f-e264\"\r\nexpires: Tue, 05 May 2026 17:41:15 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: f_8E2NserAfLFKnreV8pLwWQMRFIByaQml1XA7J6nIEVCa6e0rzlBg==\r\nage: 207\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":57956,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"133a212631528bf007458251290ecc48","sha1":"929417ba6691b55731039ee38004f1ca1aac9644","sha256":"ba8e03a84576e2ff2e60a82add9add0e7def05b31fca11efa3c22b8db7adced2","sha512":"53c1c435c31b797cd3b032de8f78cb8c0303b1064b77ee3327ff3867028fec78ab55739fbdce719f75626e5494c228f901b102f910f96f3908883459c0a20655","ssdeep":"768:03jVjKBjwp2GofTdfsudyFi3RoKQRQqQoagvKFxXRCmYji:6msudyFi32KeBggvKFxXRCmYO","tlshash":"eb43440816230904785795babf7b17c56258c087cd0bc96d7fdfa649cf8e228b4b6bc9","first_seen":"2026-02-14T20:18:38.013485Z","last_seen":"2026-04-05T19:37:43.933519Z","times_seen":416,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/plugins/ai/js/swiper.js?v=1","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.803Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/plugins/ai/js/swiper.js?v=1 HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.22.1\r\ndate: Sun, 05 Apr 2026 17:37:29 GMT\r\ncontent-encoding: gzip\r\nlast-modified: Mon, 01 Dec 2025 06:43:35 GMT\r\nx-server: web-node-3\r\netag: W/\"692d3917-e04\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: 2bVLen6ZZk0d6lmIVYB0RQm_28m2eXrwYv92bMwAdeQV-smRfz5AmA==\r\nage: 433\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3588,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"91ba09fe8ed5abef61616489df41bb40","sha1":"fc923329fc7e7e317dea9fd005d823780bbe80b5","sha256":"29b1b6c7209175aeaef4ba3fe6032476ad5e5b1c32f8d229592e300a168c41c3","sha512":"e91e078cfc6f66a432a6d462d2def18161538cc5e76eee906119bceefdff07fd5a7a218bd7cf01706c940509a76a65d22d24f0ea253989dcc7aae301991e1623","ssdeep":"","tlshash":"1f7173a0b3ac253c43d6b194287917cef67c60a1aa0394adfc5c5c2d40bde7f81e8a95","first_seen":"2025-12-01T12:05:53.825675Z","last_seen":"2026-04-05T19:37:43.963915Z","times_seen":1670,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-04-02/104f8eb62d602703f03fd5259ef91ed5.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.705Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-02/104f8eb62d602703f03fd5259ef91ed5.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 02 Apr 2026 08:55:03 GMT\r\nEtag: \"3b0751e06ee092387edf1a05bf69a761\"\r\nContent-Type: binary/octet-stream\r\nDate: Thu, 02 Apr 2026 08:55:05 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 2756\r\nContent-Length: 60368\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 12281995290045266663\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":60368,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"3b0751e06ee092387edf1a05bf69a761","sha1":"b4982db75249800c35aa6ae1b955cde3161b694e","sha256":"f55cdb1123cb6c7a004830642d4b7e56ceb349aa6fbe25162559091d72bb79fb","sha512":"a7ba1689172c74ab2f9eef15a64cfe1a1c8f1215cbba5742a2061180e837d4c9831e65b7bc184ebe5a601f5288e2c0438e8a7760adc361398cbb0c7455da3c67","ssdeep":"1536:bUa7WKQZgoGfp7d2rtZl1tTtuQU+yepkwKNHgJ6OO:bUaSxHGdkDV5FU+yYknpr","tlshash":"514302e3ebe36a91d1084855c23a89dc456fb8acb1d37d3d3180964ee48ae5738b1e85","first_seen":"2026-04-02T13:50:10.036915Z","last_seen":"2026-04-05T20:29:30.385595Z","times_seen":799,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20241108/2024110817201410829.png","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.779Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20241108/2024110817201410829.png HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 08 Nov 2024 09:39:59 GMT\r\nEtag: \"6242dceccdce7959619cfcae5c3d2983\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 26 Jul 2025 08:46:36 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 9468\r\nContent-Length: 896\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 12977270849486013574\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":896,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"6242dceccdce7959619cfcae5c3d2983","sha1":"679c3ad134d175763b4a9becc066f383ee52bc2f","sha256":"1a0c0f92c7dee1410c4a2a189e6b9a39e42c2dd81fc705c6eb675d3f253e4531","sha512":"45a520bfc80f594ddab086c24984566d60719b474b283cc3a77005322c27f6e6a0569e00388d92410e408545ebda042c7f92d553263248833077c10d1f150bb4","ssdeep":"","tlshash":"1d11b7e0114e81c956b481456d082504230faf8e415ace258a22b5d39f6321bb7c695d","first_seen":"2025-02-08T20:55:59.132543Z","last_seen":"2026-04-05T19:37:44.016537Z","times_seen":850,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522380879450.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.931Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522380879450.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:38:27 GMT\r\nEtag: \"f62efcba757f798be829d425347051d6\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:38:27 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 114\r\nContent-Length: 34144\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 686833264828287281\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":34144,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"f62efcba757f798be829d425347051d6","sha1":"7c5c19ad132fa4d1e87a9be1731c04f4191f8d4a","sha256":"304ed4a19976afe1776e6e47b94e323a357c25295b2009d3126e2909e8212219","sha512":"f003d579510d026f7428222f81d4db11cca5a3b829371b87a2845592cb9356975a654220dc9f4e443318266030eefb85a8d71269019112524eb5b3a62758d6db","ssdeep":"768:2ykz7xiE3x1k9uLlXeziYPCdEYwotjfXuhI/+hq1/N:2TzQ2x1k4lX8pPCtwOf+W/+h6N","tlshash":"84e2f1a3756fc29144310eb75fe482f14aceb96f9b1ce67f500f02279ae68997af0114","first_seen":"2026-02-26T23:12:00.895125Z","last_seen":"2026-04-05T19:37:43.935689Z","times_seen":406,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-03-26/f054de8bba71fbd0c0977e54f16cfb38.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.737Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-26/f054de8bba71fbd0c0977e54f16cfb38.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 26 Mar 2026 07:55:07 GMT\r\nEtag: \"56e97081356b4cdbe834471cc492b95b\"\r\nContent-Type: binary/octet-stream\r\nDate: Thu, 26 Mar 2026 07:55:33 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 32\r\nContent-Length: 584704\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 10257804026412684606\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":584704,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"56e97081356b4cdbe834471cc492b95b","sha1":"d67ce5aa74e2a4251f44c63e447f99c1a3743db7","sha256":"1e4e7d73225028284447bf5f931e11ea3de9b9bb7a0be6ad221c19f330fe23d0","sha512":"59c8e2883b5962c00febe111abb951891b0768ad39ba0bea023b1b10a457900a997446804b57e811ba2679e3a8076bb906f347e1d529a08b9d661134c95f1c2b","ssdeep":"12288:8gBj1UC/hxPVvpJpEM6OZOShDr38rbs2Odol8ycvxiScSs+cZ0Fu:8gZJDvpJiXujdG+AjAcV","tlshash":"b6c4330457e5510b63aa0be1a78bf5c7df2768dcc826d0587caae3bb5149da3cf31460","first_seen":"2025-06-14T15:15:15.321259Z","last_seen":"2026-04-05T20:11:58.547335Z","times_seen":18869,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/themes/Mirages/js/layui/css/modules/layer/default/layer.css?v=3.5.1","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.908Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/themes/Mirages/js/layui/css/modules/layer/default/layer.css?v=3.5.1 HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:41:21 GMT\r\nlast-modified: Sat, 22 Feb 2025 09:51:59 GMT\r\ncontent-encoding: gzip\r\nexpires: Tue, 05 May 2026 17:41:21 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\netag: W/\"67b99e3f-37bf\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: ZwnkNKxxIFF0yuJ_BGxx7WWrNvorjmZxlrltZ5gccknXBlGkzhniCg==\r\nage: 202\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14271,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (14271), with no line terminators","md5":"c234eb06d5f32055092294e78957f17d","sha1":"f15ee0bcb9694f32f5e1d524f2653aa0dd043402","sha256":"5cdf3edb27b0c9f8e48918c486e9ae65a9e5beab806b64c4a7bc5bac53c0f540","sha512":"3f06b51116d7f8026d81c7eb6a3c4d871462d09fe0a5b8cc8b7feaf20cbc88b0b6a545f0ec7cbc17566a9ff609405f58fad6eddfb3a8b3f6d530ede8fa3fad5c","ssdeep":"96:mp+Ntha8qNEp+wRY1vUPXi0nMLPD2OtLzAyPHL/LztJDzyv2OQ7KGx1j9d2/nWUU:1ELr2Otzrzzt42OQ7KGx1j8WUq4S3cU","tlshash":"f75242e144911299b0278721d6dc7eba32f88d43e5630caef2573c1f874c6dba2b6647","first_seen":"2023-03-10T11:40:20Z","last_seen":"2026-04-05T20:11:58.293996Z","times_seen":43376,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522384639960.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.991Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522384639960.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:38:56 GMT\r\nEtag: \"632dbfbb62843aaeea092df907e54edc\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:38:57 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 86\r\nContent-Length: 45280\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 10624613516923832295\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":45280,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"632dbfbb62843aaeea092df907e54edc","sha1":"820fed58caa40a823e793118439fe20c66b0ad18","sha256":"dd74becab8c9047863f702df5af5d9785d26635bcfd995667baf35107da84046","sha512":"a01a0bec22fed5b3cd17ee3db4b9a19b7661c05b13b8bf9d974bd53e3416723ea6c04eaffc5fee3ac8884a24b51ae82634239b27f4e3c3e1cb7ac5fc40cd730f","ssdeep":"768:oE5z87tVW2EiYdeBgoHOcEZhKfmCS5aC713EJuQL+27hQ7IfkqYTvmUX9BgQIppE:FQzWKfVEZTC0171BQLy+oXAHpE","tlshash":"5313010c2df1abf2686119c5056b5e75f82a4d48cbd55ec2ef4b90b0c2fdd85e04b89b","first_seen":"2026-02-26T23:12:00.855114Z","last_seen":"2026-04-05T19:37:43.932899Z","times_seen":406,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522414777352.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:44.009Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522414777352.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:41:57 GMT\r\nEtag: \"dad6501874ae30094511250cd54d7633\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:42:38 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1125\r\nContent-Length: 24480\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 14438129666081234513\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":24480,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"dad6501874ae30094511250cd54d7633","sha1":"366d83f78263b2ca22df4ccd67affe04844bdc8d","sha256":"9673aca2bc3bc11de3733eaffe9eed1d8ca7c63f5da686bfc46a072d565970b6","sha512":"61962bb5325384918d49a27ab4724c73d25a256b2c2ee248fe9ec404103f3a36760aa38d72ae290d1d0ae02ba1a340ec846d1652a033c9797260afe1bec55300","ssdeep":"384:d5+UWB224C7aimatNxjQfA+ueybfN81BWbJjrEL0LgEvBHhS3ifJKLbeY01TA:dgUWB224JycAO0bJW0LgmS0iWA","tlshash":"6ab2d00f94f80997c1885ed93430c65fae26819b7649b6d5e0d4397fa82e013f873da7","first_seen":"2026-02-26T23:12:00.94429Z","last_seen":"2026-04-05T19:37:43.93621Z","times_seen":406,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522422825826.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:44.073Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522422825826.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:42:39 GMT\r\nEtag: \"430746ca8aae73ddff8829678f89bf93\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:42:40 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1807\r\nContent-Length: 28576\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 13451358368478282725\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28576,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"430746ca8aae73ddff8829678f89bf93","sha1":"aecf730287f03ddc414d1ea9baa6e373cd649211","sha256":"af52ad59ea6ca3fb2c908a8ae7b036c87f544b58d3bdf3c2f12d8f7eb3707e28","sha512":"866f3214f8858ab2b847ff2fc09f2be86b6956b9f708adb212ad8b5da17bc3ad97863f4e0aa723e5e61cf37d225aa26edd55bf57901bd88ae82fa3bcbd35c4e4","ssdeep":"768:ohj/RJM/BHys7nMFRpmEvnAQYqOiHUzmH7ORl/aBb/lL:oJ/R2uvvxYQHrORl/A/lL","tlshash":"9dd2f1a39c5ac89cd5a94c3b9aa505ca555c509094ef42ffd93023fb89e363ce81df24","first_seen":"2026-02-26T23:12:00.945718Z","last_seen":"2026-04-05T19:37:43.941606Z","times_seen":406,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/plugins/ai/images/ai.png","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.744Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/plugins/ai/images/ai.png HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 360\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 16:50:03 GMT\r\nlast-modified: Mon, 01 Dec 2025 06:43:35 GMT\r\nexpires: Tue, 05 May 2026 16:50:03 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\naccept-ranges: bytes\r\netag: \"692d3917-168\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: _XYE8CneVqBM_puQ1wT_nACAH3I2eMZqXmP6CaTSfwAAiPHptXf6Gw==\r\nage: 3279\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":360,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 22 x 19, 8-bit colormap, non-interlaced","md5":"bdfd73be05b313c5c343e02c19e69b35","sha1":"40a591d8ec0f5134270fad42812002458e1fa3b7","sha256":"ea22009d2eb53a8f88f109607d8ff75814059f83ad1e4c1aa54179f5b1385bc6","sha512":"e67420d8689d83569fef893f166ab041b5863fd33f1b8a34056044e25eca04836cdfde2000cc306d1efccaed4340889c643706420f9d927d309100d41cf40474","ssdeep":"","tlshash":"eae0c072728cff3a9cb10273089791f58a2a4f76516491065f15841c68e6644415278f","first_seen":"2025-11-08T04:26:01.793992Z","last_seen":"2026-04-05T20:11:58.551724Z","times_seen":17751,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260220/2026022018310057250.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.125Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260220/2026022018310057250.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 20 Feb 2026 10:31:04 GMT\r\nEtag: \"c2c599a41dd3eb7c0723e1e842339599\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 20 Feb 2026 10:31:05 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 3558\r\nContent-Length: 52848\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 2365073460541258553\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":52848,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"c2c599a41dd3eb7c0723e1e842339599","sha1":"b549fb39ffa17f7636030ec5d977be09e9a5d929","sha256":"4765a548ae126784b0e8cb041017793837b502b14bf7f1acb4e6773d4e59774b","sha512":"d490d1b0e9990e4d1f46cc580e647ad43f22720ddffa3bee0692429daab0fa496b9a5d1bb3c8da961f73393365fbd43ef54b3db888c8c41ea84d63660d081dc1","ssdeep":"1536:3koABRQZMFOoD7N9hukjD3Ap13ai1hKSSD0+C:3kHUZ8Oofhukv3Sj1cxm","tlshash":"8e33026209f55688d8c311b4f471ad84ea2de10a1e64c6de7967cb3281ecd22e73d9c7","first_seen":"2026-02-23T23:04:45.807974Z","last_seen":"2026-04-05T19:37:43.934614Z","times_seen":408,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":142,"dns":0,"connect":0,"send":0,"wait":11,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-03-10/2792261c0c54383c02c2e6d37841393a.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.685Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-10/2792261c0c54383c02c2e6d37841393a.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 10 Mar 2026 10:55:07 GMT\r\nEtag: \"9c396db6c7e057dad21b49fe0f13baa6\"\r\nContent-Type: binary/octet-stream\r\nDate: Tue, 10 Mar 2026 10:55:07 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 939\r\nContent-Length: 332160\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 2590201769238408833\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":332160,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"9c396db6c7e057dad21b49fe0f13baa6","sha1":"3fcd3e4cf8a533c6006a2e4f3fb1067e16ddbd53","sha256":"928a566bdf5a36fc89cede3e372989e0242203074582a751ce5b784b19d55225","sha512":"f461baf4b7853cfec7f568893c91c75ba720580fc5621ccfc65db926b5f39d86ecb556ecba3e7b2e39755cf3e318a4422f00b7bef959534b150a7864b18a0b82","ssdeep":"6144:JI7Gw1c1rOs+/lVHhXIuP7IWg6GdHCEjTuwbd1FasB19GktUtndkaCtT:JwcysGJXIu0WpGBfTf1TByktUtn21J","tlshash":"706423583426088f7583bb6cfb9aae5374b1e6232738e709a6c7c04d45173681b397e7","first_seen":"2026-03-11T10:46:45.242029Z","last_seen":"2026-04-05T19:58:13.493251Z","times_seen":1574,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522405611687.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.997Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522405611687.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:41:05 GMT\r\nEtag: \"1a410ffdefbd8397c2cccca4bd93e036\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:41:06 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1217\r\nContent-Length: 26640\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 8260899348057799923\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":26640,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"1a410ffdefbd8397c2cccca4bd93e036","sha1":"11ed9ed29c99b80947f1bdf785bb292be1aa216c","sha256":"2586bd272a3291c3a8d0d85a3a2d454f920a5529fd4dea1c7dced39ef0e2f5e9","sha512":"016d0cdbd7620b48434d726cd3d19205c2652aad2f47fb918bfd4b9acd3a105ae82a64c5ed283d2a78bc7bbda099ab36a61df91cef2850ab97e8603430daca5b","ssdeep":"768:PSpXRNmKO//S6Uac+HgDSVuhVhG6Hcc8ZDg:6UFUJ+HgDSMDQ6Hcc8y","tlshash":"abc2e154a0fb62588c337db1a8e5493f76d57f0dfa3c50f0c8ead07182101d2aa96839","first_seen":"2026-02-26T23:12:00.889881Z","last_seen":"2026-04-05T19:37:43.932261Z","times_seen":406,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522395210030.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:44.066Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522395210030.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:40:05 GMT\r\nEtag: \"9c21739ceb1ac380202e461fbfc6cf51\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:40:05 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 18\r\nContent-Length: 22240\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 7678114587904476607\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22240,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"9c21739ceb1ac380202e461fbfc6cf51","sha1":"180548584638ff4e7e3acc8c7f08a98938ef05d0","sha256":"d6b678f3994d78bdf4469c8848f26ccabe6b4e28f7a4da60c531cbcbd6202d93","sha512":"3f2808cf15321a6a08ac618d20b9c6b4f2d697bfcce0e1403607d272abe97058cb1c6f009ec44535926281c2996638cf9f3e9c3d63971d73add0161a5f49188e","ssdeep":"384:HitWrU+P35BrrMZuFI5N2LHpMWlW56GtU60Q3keeEGlnxSRFHil+6/9WW:Cef5B/MUGadkjt5YeeECxSRFHill9F","tlshash":"1aa2e199c2cae9b1bd70e0082f8f7586129c067e5c6b4918f70646ad4dad4a802fb7f5","first_seen":"2026-02-26T23:12:00.845257Z","last_seen":"2026-04-05T19:37:43.96617Z","times_seen":406,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/themes/Mirages/images/search/search@3x.png","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.010Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/themes/Mirages/images/search/search@3x.png HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dksylmnl.mvbsghet.cc/usr/themes/Mirages/css/7.10.0/search.css?v=6\u0026v=6\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 630\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 16:58:42 GMT\r\nlast-modified: Mon, 27 Oct 2025 03:29:54 GMT\r\nexpires: Tue, 05 May 2026 16:58:42 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\naccept-ranges: bytes\r\netag: \"68fee732-276\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: 2nLkqFt9QQ8tTJhcGUSHfOcQcGUPHmc-EQdDvSQvVQ6f8fcCRNPoHQ==\r\nage: 2761\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":630,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 4-bit colormap, non-interlaced","md5":"a4b5282346fb42d90c59fa556c76e8e0","sha1":"0a12261356eef879559d3bc1dae88cf08dc23a1e","sha256":"aa5da5e9cc04a263402c2c75dc6485c929de92186e8efb80ba3c7cd9604bf950","sha512":"c385c6f1f449891870f786d9fc9bf140cb4218633c39b09ce7895b0c8950ae918327a49036b63f793e58dfec8ba308050d2cef338caffc1b6c856eb31893e6ab","ssdeep":"","tlshash":"bdf00251822d7c9bb34b2916c0177762f858d915771113cfcf0aa83c59151d6c2fd209","first_seen":"2025-06-06T19:17:52.685678Z","last_seen":"2026-04-05T20:11:58.285334Z","times_seen":20134,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/themes/Mirages/css/7.10.0/webfonts/fa-solid-900.woff2","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.019Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dksylmnl.mvbsghet.cc/usr/themes/Mirages/css/7.10.0/fontawesome.min.css?v=6\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: font/woff2\r\ncontent-length: 157192\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:02:29 GMT\r\nlast-modified: Sat, 22 Feb 2025 09:51:59 GMT\r\netag: \"67b99e3f-26608\"\r\nexpires: Tue, 05 May 2026 17:02:29 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\naccept-ranges: bytes\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: uEjQ2s6Hx4rfD8kquNRqYsVX8X5lnGun0S1LpYUDlUgnBMRoOzlVTA==\r\nage: 2534\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":157192,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 157192, version 774.256","md5":"237f4a0afbdb652fb2330ee7e1567dd3","sha1":"69335cd6a6ac82253ea5545899cccde35af39131","sha256":"1f0189e087fcefbf654fad74a3a06668b782c01353a61d5c0b7f0bf23e33c020","sha512":"27e8e1f91507179c207f93a19485738ed5d372a977eb27d44a4ed163013097d38b117c7a5bf4336ecc9862ca514d78ffcd2b8a07e304bbfe1b2cce9c087baa38","ssdeep":"3072:Qeqp46DjdHdb7UT/IGFc27+78oGmfIXe0pGRDH9tQm1pbYqup:Q16n/IqpoG2IXZYTtxrbdO","tlshash":"5ce3125bf5e6dbe5525e6d64fb5478972b1030823ee11cf12ce2206eb889317399e08f","first_seen":"2024-07-18T18:39:32Z","last_seen":"2026-04-05T19:59:31.455536Z","times_seen":10115,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522422825826.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:44.015Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522422825826.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:42:39 GMT\r\nEtag: \"430746ca8aae73ddff8829678f89bf93\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:42:40 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1807\r\nContent-Length: 28576\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 2232726365535484126\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28576,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"430746ca8aae73ddff8829678f89bf93","sha1":"aecf730287f03ddc414d1ea9baa6e373cd649211","sha256":"af52ad59ea6ca3fb2c908a8ae7b036c87f544b58d3bdf3c2f12d8f7eb3707e28","sha512":"866f3214f8858ab2b847ff2fc09f2be86b6956b9f708adb212ad8b5da17bc3ad97863f4e0aa723e5e61cf37d225aa26edd55bf57901bd88ae82fa3bcbd35c4e4","ssdeep":"768:ohj/RJM/BHys7nMFRpmEvnAQYqOiHUzmH7ORl/aBb/lL:oJ/R2uvvxYQHrORl/A/lL","tlshash":"9dd2f1a39c5ac89cd5a94c3b9aa505ca555c509094ef42ffd93023fb89e363ce81df24","first_seen":"2026-02-26T23:12:00.945718Z","last_seen":"2026-04-05T19:37:43.941606Z","times_seen":406,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/themes/Mirages/images/search/rank-1@3x.png","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:44.188Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/themes/Mirages/images/search/rank-1@3x.png HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dksylmnl.mvbsghet.cc/usr/themes/Mirages/css/7.10.0/search.css?v=6\u0026v=6\r\nCookie: _ga_NGV4MXSYPX=GS2.1.s1775411083$o1$g0$t1775411083$j60$l0$h0; _ga=GA1.1.482702814.1775411084\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 2929\r\nserver: nginx/1.22.1\r\ndate: Sun, 05 Apr 2026 17:18:08 GMT\r\nlast-modified: Mon, 27 Oct 2025 03:29:54 GMT\r\nx-server: web-node-3\r\naccept-ranges: bytes\r\netag: \"68fee732-b71\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: sodEBHHHlM3PhvSz-7l5Wp_BfypXhjWTgBHjwlELSk0uKpKxUvJOdg==\r\nage: 1596\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":2929,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"abac25d37a9ac9344c49557ebfcccdb4","sha1":"83b9f56ec29cd0b56e34c938be11ad9bf1282c5c","sha256":"afe1b7a6d3f013b149bad9c96316fa9ab1bb259596d1fe5648e86f236115ac38","sha512":"ef44f375c46e4332861aff8d51407ea7297fe6b11c0f2b5a87f96f1ec3b72815ed608a052ad599147c271e1eace7ec85bd3f6fa523d0aaaac68dff00fb48ca19","ssdeep":"","tlshash":"4d515c8285ceb0f64b1ec36f4b51d4d9f0736c453982de95ada831c64bf1cb7d9816a0","first_seen":"2025-10-28T07:13:52.661811Z","last_seen":"2026-04-05T20:11:58.395828Z","times_seen":5301,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522420011520.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:44.072Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522420011520.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:42:10 GMT\r\nEtag: \"ee6b06566e8b84628f602f5a08f112f5\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:42:11 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1152\r\nContent-Length: 33792\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 13616729605380499659\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":33792,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"ee6b06566e8b84628f602f5a08f112f5","sha1":"491db5967f0ded087046ecd824fe43d81c532d8e","sha256":"ade0db90b0c3ff83a6775d18081b6fa999240b03df7f8470bbb6623efbfd2296","sha512":"83b9f5939bf5ad4f94d531a8446080db9fca3473edd61e5e28ec889eff12bc2ea600eab07c1ea0aa19d8c8a5ce0b99414e304923540e728c4d4a519e04e54142","ssdeep":"768:wK6wCEW9qxlILFEq0bFWNou8633YZk+e+WqdqlUVkls71:b6wBW9SFxfoIm1Pq4lUVk+1","tlshash":"1ee2e1d5dc31af985cb70e512d4ed8adfc1872c298ac9a935e6f60f8a44e6400ce59f2","first_seen":"2026-02-26T23:12:00.847692Z","last_seen":"2026-04-05T19:37:43.956563Z","times_seen":406,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/plugins/ai/common/vue.prod.js","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.786Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/plugins/ai/common/vue.prod.js HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.22.1\r\ncontent-encoding: br\r\nlast-modified: Mon, 01 Dec 2025 06:43:35 GMT\r\nx-server: web-node-3\r\ndate: Sun, 05 Apr 2026 17:08:03 GMT\r\nexpires: Tue, 05 May 2026 17:08:03 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\netag: W/\"692d3917-2f925\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: ddn3XPjHIcdAgEzjNRiEm8Y8mnbYWVjYCn0DTmsb_JyeBup6YgstLA==\r\nage: 2199\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":194853,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (28532)","md5":"9b14a30d9be6b89ccb5d9426baa70059","sha1":"e55a9116be9d0907b48698418b9e348d36bd3624","sha256":"97374c2e6815b02920dc02d8cca04507973d9a4d82aa5dafa20d04c2227ac9d2","sha512":"90840f4551f1ceeb2e764fed6a632d0eb39006fcbec40166664f0e7f0241347d8679fddf6e41658f939d0b00e893f1bf4ae97429f320c6dc60af0d87c4ef9dfc","ssdeep":"3072:c0RkBL/7KE2X44lDzvWUgT5Asswj2z+e7/72oIKc01DcUrIH:c0KuE2X44lDjWXT3j7e2KctH","tlshash":"2c1428b93181703217ea14e250bb0016f33a1525780984e8b5bde8df2d7695a61fffbe","first_seen":"2025-06-27T04:20:30.543622Z","last_seen":"2026-04-05T20:11:58.305312Z","times_seen":26624,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/plugins/ai/common/image.0821.js","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.789Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/plugins/ai/common/image.0821.js HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:37:28 GMT\r\nlast-modified: Mon, 01 Dec 2025 06:43:35 GMT\r\ncontent-encoding: gzip\r\nexpires: Tue, 05 May 2026 17:37:28 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\netag: W/\"692d3917-4b5b1\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: -_uB_4K1N2TzyC9SYGIkPlYElWQrs5OJVBNnO2r3-MwKm0ecaNElqA==\r\nage: 433\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":308657,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3229)","md5":"5e58c86a740cd6c1821106b20c0c7f48","sha1":"88ee6c584e88c228fa8d67d969d853c0aeb95ada","sha256":"9fead600c0800d0a226d684f2604f4c6f1eaf3528b2357fdac942d450538a442","sha512":"1b907e01624056461d591abaca6780eb3e33a23c0da393ad369e27895b3e09984922c68e8b536ce4794499c70aab341047d9529737c8a3afc4a3df5e00b5979d","ssdeep":"3072:LPP0McCvleCNzRxnnpa9PYetJYRw0qvl+itTRRnnpa9v4+tJ4xQU/9Au:LPP0LypY06pYU/l","tlshash":"1564104a9fe31194f513b43c6b3f6805a1e6b0275ad9dc0e791ca9e0cf29428c579bec","first_seen":"2025-11-08T04:26:01.795335Z","last_seen":"2026-04-05T20:11:58.465556Z","times_seen":18347,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260310/2026031020555571991.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.487Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260310/2026031020555571991.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 10 Mar 2026 12:56:00 GMT\r\nEtag: \"08cea89aad45447d4f74db25a2bd0bcf\"\r\nContent-Type: binary/octet-stream\r\nDate: Tue, 10 Mar 2026 13:10:22 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 154\r\nContent-Length: 251296\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 3224338624156214827\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":251296,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"08cea89aad45447d4f74db25a2bd0bcf","sha1":"9a079dd43807ca2f096dca3578276f466f8fccca","sha256":"e501cc462c4658ba5b4cc2a37e3fd3e44d1a1ff3449375397d8a8e3287c609cc","sha512":"2e59eaf4034593447f49ba9660694db6b8b7af6b78d2a749eb68ee1a6691a3d9f0013cb43cb71be026ba45ce01b1314e1c509b501e5502c0a8dcf4aad2db01b1","ssdeep":"6144:g8LY8HmmSQeYm/gXBqqFjjZjYb/6R47MLi3Y:g+RHmmve3oXBqK1BRau+Y","tlshash":"3c3423387afb688b31343839c0cab4c05d053f5e9e3946c758f7e2856a91d5e4a1dabc","first_seen":"2026-03-12T19:17:27.632167Z","last_seen":"2026-04-05T19:37:43.970543Z","times_seen":401,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-03-18/c0acf56523a1b4c8ae448fc3997ea08f.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.614Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-18/c0acf56523a1b4c8ae448fc3997ea08f.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 20 Mar 2026 06:25:08 GMT\r\nEtag: \"1a8f4d25dc836332d65507ae0ffd060b\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 20 Mar 2026 06:25:08 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1013\r\nContent-Length: 859312\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 7600460241950178477\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":859312,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"1a8f4d25dc836332d65507ae0ffd060b","sha1":"d2d35a00c540bfc8e7f06e0d52ce72b90346916b","sha256":"b162f005746f76fb98eba79523432e3488b727d07fdec4b12ee1d6f1b242c1de","sha512":"ea2cbcf50cc7b127bda0c3b9f57515f8ce9d5493f70efc7401c13646b809d835e2ca10d8e0bddf73ca59a55a9f4fc74ec91f0425438498e2ca84149fb4d44b1e","ssdeep":"24576:uCWkgAbQ7CkpSrGfFF/YhL1baF1eTip7CRQe:3b2hqGNFAhxbu1h2Qe","tlshash":"1f0533993269576cee5eb5acf0d762273001839ce9df6a048f3861fe4f7c264664a1cc","first_seen":"2026-03-20T14:34:11.055136Z","last_seen":"2026-04-05T19:58:13.531883Z","times_seen":483,"resource_available":false,"data":null}},"time_used":201,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":179,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-04-01/9a3ca0ec412f6d964e10314e0c3f02f7.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.699Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-01/9a3ca0ec412f6d964e10314e0c3f02f7.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 01 Apr 2026 10:55:04 GMT\r\nEtag: \"61b5d004bb8e2a9c005aa7180a66a8ed\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 01 Apr 2026 10:55:04 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1904\r\nContent-Length: 150544\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 11850986718028776930\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":150544,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"61b5d004bb8e2a9c005aa7180a66a8ed","sha1":"611e02b138efebc908cf88097ec1628a9dd5fc85","sha256":"dd9d4a44a5baee8d26ab61ffbda1b70148fcf307b30fb6b6ecfcd512c102ad47","sha512":"c9fbee0b4a6c0861b4b595756469f2fb1f2d34cb26c431c59eb6438dc1f9bd3374ae0b64650e02a2dd5d64afd63a5041d6e12e425d6329ca8fedcf0fda1c6f4a","ssdeep":"3072:Cu4OHV4Qx6B8iM7fQLGUf+mIBWNAyqWD24IA1lJtFLE1T3mVRv:GOM/M7fQtftI0N/vVIilBpF","tlshash":"27e31328cf1b4d9126b7ef8ec08d1d009436e9c28b3f2dec25566756d1094b9f4cae6d","first_seen":"2026-04-01T11:04:29.203387Z","last_seen":"2026-04-05T20:11:58.569044Z","times_seen":4033,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522374781066.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.929Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522374781066.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:38:00 GMT\r\nEtag: \"3558ce915146e7532c11c5048eb1902b\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:38:00 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 142\r\nContent-Length: 28208\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 2856022823547921074\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28208,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"3558ce915146e7532c11c5048eb1902b","sha1":"22f04accb685397ce1371960214b386c93bfef9b","sha256":"568c76e9b85f21ee7e527d97e1d4add950051bfd36416720285522893e088dc2","sha512":"33b4695e3e6348025e0a080e5ce6fc5b80275dab48d5df886a07102a1067692a12b68713853fd51efc124e14cb2b0fe6499eb35deb1da14d0030272188d0ac5e","ssdeep":"768:6u+YPsvxaNCAQAQwNR7BwD50TCXqPPjU5WqXLv:RNkJaNZYYD40WkcXLv","tlshash":"d4c2e17a129247727ccb968ddb2e163a7b7653b44d0f2e9b920c273d443fb19171c18a","first_seen":"2026-02-26T23:12:00.857601Z","last_seen":"2026-04-05T19:37:43.949028Z","times_seen":406,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522411183857.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:44.070Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522411183857.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:41:21 GMT\r\nEtag: \"a6784d09619121e2278e30b65838bb79\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:41:22 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1201\r\nContent-Length: 38112\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 6555239908303975218\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":38112,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"a6784d09619121e2278e30b65838bb79","sha1":"d15418906c6eee5c1997c017924f8f843f0a7932","sha256":"ecee0fa55ddcfa0c98d5216b683692968bd9f3aa86d51383b5f081342ea9e89b","sha512":"1da435ba448e7a013175f2800794fdc8313e444635629889aa7127945d2ac36d9b0504fbbb838f394067d5f9c66ae2fd52bf6c984a95a9c3bde655da37a2f12d","ssdeep":"768:yR6nRqfYCYTPVcQQCa891rj7iZGP8ER36UkphDsJvXwSf/TF7Cb2L:cy+YCuCLCRD3uGP806VpIXlTFM2L","tlshash":"2603f184fbbccd523b8a9de8f6da4fbcd94785b8027184537b98d4568f22c223212775","first_seen":"2026-02-26T23:12:00.891418Z","last_seen":"2026-04-05T19:37:43.953059Z","times_seen":406,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/themes/Mirages/js/7.10.0/search.js?v=28","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.807Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/themes/Mirages/js/7.10.0/search.js?v=28 HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:07:33 GMT\r\nlast-modified: Tue, 24 Mar 2026 07:27:28 GMT\r\ncontent-encoding: gzip\r\nexpires: Tue, 05 May 2026 17:07:33 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\netag: W/\"69c23ce0-761e\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: FVdLAYEU4EnoBqInTb7G2aff9uWYF8Lt5t6heoR0lMUPhLINHGesow==\r\nage: 2229\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":30238,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"6e642e47ca6a44785499558418319b31","sha1":"e59114a9dd988116a7c97adfa0d0136a974e347e","sha256":"00de394f2d258d97028f9722ed764302c62a2b36ddd76b9c4524925480fac4d1","sha512":"a0702da87e7ee09915f9aba81ee709caa72becc19275d3dfd05f731991822c8d0ed03765cc01d832626cc14ef5e6b02b728bfda503dd936e07e1158f820bd71b","ssdeep":"384:jUUnBZ5mRGaQEnQkwPwR1NJXtteEV+/LuAv:diQP44rv","tlshash":"c2d2211a21f710635db3b07d0fdfb5143621d417a94fca183d4d8b809fe1a29d7a2ada","first_seen":"2026-03-25T23:03:54.347291Z","last_seen":"2026-04-05T19:37:43.988889Z","times_seen":293,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-02-25/e1bf9a261cc242c669b76a473b8058fb.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.603Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-02-25/e1bf9a261cc242c669b76a473b8058fb.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 12:07:56 GMT\r\nEtag: \"f359e4e211f9ef0333facb7935ee2c6a\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 12:07:57 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 3198\r\nContent-Length: 501008\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 17462938505065404122\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":501008,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"f359e4e211f9ef0333facb7935ee2c6a","sha1":"9e022264cf40e011823b4460f13795cfc38afa8b","sha256":"d041ff5176b7f88072c72e38b0dd6f0b4fe15f6eb6a7ad7a8578a6e524025fbb","sha512":"e1312ed955c861fded1da75dd9cc86de0f04a4b498571a398052296445b41c0082c3e0cd34349ebeb5d63d4f399d0cd1d0ad7782ca67e68ee665a58b40d63989","ssdeep":"12288:UosHVKU3eFUqKTvVZE1JZvsIr/ue7weNbxnZgsBRotUeB:xsV3eTKTvVZE1X//weN1ZgstK","tlshash":"98b4239dd2c0c09a069572b0c458276fbda746e3f58c7b3c22e1269e77849899fc807f","first_seen":"2026-02-25T11:18:39.742443Z","last_seen":"2026-04-05T20:11:58.409421Z","times_seen":6418,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522403945282.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.996Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522403945282.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:40:49 GMT\r\nEtag: \"5d5006ed78c5819a4c1437222eeb178b\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:40:50 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1233\r\nContent-Length: 35136\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 10237019809997274163\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":35136,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"5d5006ed78c5819a4c1437222eeb178b","sha1":"406e9fcb105e197cf6b70881c4d566484faca858","sha256":"0cb19fbec1133fbe86ef18b1768eaa09b74aaba24e899e416aa405a994e0b352","sha512":"2b7597a9c4ddce79e73a29ba24afedc519e4f37466f307a69441ac120d25cca10f0a593a7a1e07286ac29c4a59f891a07c40ea4a31eb219a3c403723a773b52f","ssdeep":"768:8hpG08B9AYV63qrvBrxRO3oCoSpr4iTYrexrZj5CjYlm8ia9P4t:8hpXofr5tqB4i+mrnlmO96","tlshash":"edf2e1a66917ac6d601a519f960131d7a28fb8738b62d3f60c8e2c76103531bf8e3727","first_seen":"2026-02-26T23:12:00.887473Z","last_seen":"2026-04-05T19:37:43.985327Z","times_seen":406,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522374781066.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:44.056Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522374781066.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:38:00 GMT\r\nEtag: \"3558ce915146e7532c11c5048eb1902b\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:38:00 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 142\r\nContent-Length: 28208\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 17296616372563034522\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28208,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"3558ce915146e7532c11c5048eb1902b","sha1":"22f04accb685397ce1371960214b386c93bfef9b","sha256":"568c76e9b85f21ee7e527d97e1d4add950051bfd36416720285522893e088dc2","sha512":"33b4695e3e6348025e0a080e5ce6fc5b80275dab48d5df886a07102a1067692a12b68713853fd51efc124e14cb2b0fe6499eb35deb1da14d0030272188d0ac5e","ssdeep":"768:6u+YPsvxaNCAQAQwNR7BwD50TCXqPPjU5WqXLv:RNkJaNZYYD40WkcXLv","tlshash":"d4c2e17a129247727ccb968ddb2e163a7b7653b44d0f2e9b920c273d443fb19171c18a","first_seen":"2026-02-26T23:12:00.857601Z","last_seen":"2026-04-05T19:37:43.949028Z","times_seen":406,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/themes/Mirages/images/logo-red.png","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.713Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/themes/Mirages/images/logo-red.png HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 3468\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 16:50:01 GMT\r\nlast-modified: Tue, 25 Mar 2025 09:24:19 GMT\r\nexpires: Tue, 05 May 2026 16:50:01 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\naccept-ranges: bytes\r\netag: \"67e27643-d8c\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: plQ5KuIcMxmMiF-Ps7TD_IkjgIW9oAauZQrGT9aO6BHFb5W_dAi4Kw==\r\nage: 3281\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3468,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 206 x 144, 8-bit colormap, non-interlaced","md5":"6c12a8e4dbad585a63c5b34c7ef9edac","sha1":"5e5d6f3711734e40ee3d1770df5fe91a3fce78bc","sha256":"e48f4b4d0909e99fb3919c17a1bea7714868e8c0b9d59da8fcfdd73895516577","sha512":"1337b2c85a1e15f55ca976cb6382923d4ea57827ca87ee2b4de5669f1397a5960bdbde965d322ec84a2776aaf800f02121969b0968079cf1806df9e9a35f186e","ssdeep":"","tlshash":"9d616bcdb0216d7cb53898f1f098b62e0ace58cf2c094b6e0564b9169fb89d067d4e78","first_seen":"2025-04-02T09:15:20.111366Z","last_seen":"2026-04-05T19:37:43.987862Z","times_seen":870,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/plugins/FootMenu/assets/foot_menu.css?t=20241108","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.649Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/plugins/FootMenu/assets/foot_menu.css?t=20241108 HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:41:15 GMT\r\nlast-modified: Tue, 17 Jun 2025 07:42:05 GMT\r\ncontent-encoding: gzip\r\nexpires: Tue, 05 May 2026 17:41:15 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\netag: W/\"68511c4d-bac\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: p9xoEO8beAZFhamF58AaH58OshO16OAhez_p-I9Ded3HAhv-u14Vwg==\r\nage: 207\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":2988,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"06b458525b2110876268a168312dd2ea","sha1":"a456464fc18a9cded977a0df8257781e30ca7bde","sha256":"b769b5efb1840fc3139e8e305744afbd64cb83ae413197f4e90f6f1af6f37be7","sha512":"4f19d608d521900dd91ac5add163a2a3f50caa51179b25fc2b82de506ee14d7b0574c5d952ba29baaff52ecbc7e438e8f735320b27728f32ffed547e7d6bd055","ssdeep":"","tlshash":"eb51702966b30e6079634968bb994684b37ca2038d4dbd7ffd1913c48f8e494ad9134d","first_seen":"2025-06-18T23:34:14.279735Z","last_seen":"2026-04-05T19:37:43.979261Z","times_seen":854,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/themes/Mirages/static/jquery/2.2.4/jquery.min.js","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.708Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/themes/Mirages/static/jquery/2.2.4/jquery.min.js HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:37:26 GMT\r\nlast-modified: Sat, 22 Feb 2025 09:51:59 GMT\r\ncontent-encoding: gzip\r\nexpires: Tue, 05 May 2026 17:37:26 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\netag: W/\"67b99e3f-14e4a\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: e3ewEVoeYVS8W2BIl1wcw0H9Fr-tBkO2Gvx_tg55fOYIX-IsAWTTZg==\r\nage: 436\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85578,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32065)","md5":"2f6b11a7e914718e0290410e85366fe9","sha1":"69bb69e25ca7d5ef0935317584e6153f3fd9a88c","sha256":"05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e","sha512":"0d40bccaa59fedecf7243d63b33c42592541d0330fefc78ec81a4c6b9689922d5b211011ca4be23ae22621cce4c658f52a1552c92d7ac3615241eb640f8514db","ssdeep":"1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2","tlshash":"1e83c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-05T20:09:54.951687Z","times_seen":265460,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/themes/Mirages/images/page-next.png","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.748Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/themes/Mirages/images/page-next.png HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 232\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 16:50:13 GMT\r\nlast-modified: Sat, 22 Feb 2025 09:54:55 GMT\r\nexpires: Tue, 05 May 2026 16:50:13 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\naccept-ranges: bytes\r\netag: \"67b99eef-e8\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: n2d1dgk0PRGaaTrgUf7Fd94ZRLD0evLj115-GA-2JqDLXsDF4miyGw==\r\nage: 3269\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":232,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 30 x 30, 4-bit colormap, non-interlaced","md5":"621a92a5d53aaa1fab4a410c3c628d8d","sha1":"11ea4539f6a5ce0137226ac5300901e984512a95","sha256":"55d68b257bdc7eb363b09c9910fee3502eaa514058fa5313966e8748c5704f41","sha512":"a206fbf78acbf1fc9fa54c3d26f0d614f44e9becd1e3e3dd16f5837e6888ba1d1035c702def80c8fa9d2b53460af1b391d71c0b39d622a89a2fca1410badcf01","ssdeep":"","tlshash":"2ed022cbbd68bcc58a11a29b0370214098606e180820b21a49273a2a8939284d0c6347","first_seen":"2024-08-19T14:06:14.13525Z","last_seen":"2026-04-05T19:37:43.957648Z","times_seen":1031,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-03-25/e6232624e863a6d48a638b198a5f3cd9.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.698Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-25/e6232624e863a6d48a638b198a5f3cd9.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Mar 2026 12:55:08 GMT\r\nEtag: \"b13fd349b79bcc6bbe10d76239edeb7b\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Mar 2026 12:55:14 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 530\r\nContent-Length: 457856\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 573642047033634894\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":457856,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"b13fd349b79bcc6bbe10d76239edeb7b","sha1":"48fab8053771201eee46f509d15b96e82a6a00f7","sha256":"992b72e6d1157e09b8ead5690a67fb1619e831122f809e150c6929292b2e70a4","sha512":"b3a5635b33aade311be582283f9c2df11c6a574df2b19840fa888810d1a64178ebabe17220f1cdbb9b3a9ecdd8740c9d65a0dabd7a18fd84a047a830bddf3515","ssdeep":"12288:n+GItPF9xBmiFKfuWD6W1tnExWskLv9BTLea9CU:n+xx1FGucl1tvskLv91aU","tlshash":"2ea4236f1d8295871a564a03a2918ce1731c96c3c8d422ff976a7efd3fdb09db2811b4","first_seen":"2026-03-25T23:03:54.332537Z","last_seen":"2026-04-05T19:58:13.608235Z","times_seen":449,"resource_available":false,"data":null}},"time_used":56,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":29,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-04-04/821f855a78c37e5df50deb6c38e9adaa.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.736Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-04/821f855a78c37e5df50deb6c38e9adaa.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 04 Apr 2026 11:55:07 GMT\r\nEtag: \"7a8562eaef1218c2d110edcdd2b4b753\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 04 Apr 2026 11:55:30 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 422\r\nContent-Length: 161840\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 16604267378482276709\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":161840,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"7a8562eaef1218c2d110edcdd2b4b753","sha1":"c18f3de364374ddda01a0c767712d9e619a43eef","sha256":"c887413539bd26a496e8742d5868497e60833ea66251069e6aa30fc92af6f435","sha512":"5984c34b348de3bf31afc64331efd33804998bdd5005af46c5b0d86d07fa3f6ad2b9a56edfc414a0b355fe86d9199cd7781942b9ee3c58849d13688dcf9581f2","ssdeep":"3072:3cUYu4S6Vu7cixSLj4QwOUK76N6h0a5rI1+kx3TVxtXXOiVFlZHlg:Ma4S6M4ACwO/a6DrIZ35XX7VnPg","tlshash":"47f3238dc6af9de74a77b5d8b4fe6a5c098cf8c37b4ac4274091d046aa6414efb0f054","first_seen":"2026-04-04T12:09:03.731773Z","last_seen":"2026-04-05T20:29:30.359663Z","times_seen":911,"resource_available":false,"data":null}},"time_used":53,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522400752891.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.995Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522400752891.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:40:19 GMT\r\nEtag: \"0188cfe90f8fb6e9f4f27c78fcb19060\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:40:22 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1261\r\nContent-Length: 38688\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 1833878783422646960\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":38688,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"0188cfe90f8fb6e9f4f27c78fcb19060","sha1":"509da0b06ed71de1c8951b2ea2ad5603cbec81a9","sha256":"d770a8d678d8af5143ef864a878af121ae62e776d5b923140e756f0c35473528","sha512":"35ecc4366bb53f2d1d33155dac2a876cdd6efdbd851066b1c706f5c1de3d8b8762afee05720a686aa726d06f1e4f25a72576810ce34c43f18396a09b9aef09e8","ssdeep":"768:zfNqD0xQqJvnEC3kaOKsAFkBN8OIHO9eYySoD8iiWAxqpApoXArw:yw9nUaOKlDfOwmo8TxqpdQU","tlshash":"b303f10c7e63606e4c12e05f17814449f26b8466d269e7e6c06661b5fd2cc0dfa7f1f9","first_seen":"2026-02-26T23:12:00.927446Z","last_seen":"2026-04-05T19:37:43.938294Z","times_seen":406,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-01-03/564d68c95dd64407e1418e38f6bbea86.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.062Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-01-03/564d68c95dd64407e1418e38f6bbea86.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 03 Jan 2026 11:41:00 GMT\r\nEtag: \"41556904eb6abed489a07d9f146642f7\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 03 Jan 2026 11:41:03 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1717\r\nContent-Length: 305232\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 11122575613550031054\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":305232,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"41556904eb6abed489a07d9f146642f7","sha1":"153db9ed11739d3b88227022a4256fea6ff6c11c","sha256":"39ce91ffdfc962cb920090f14d5f1ba1d9d4e775e83699d9bc20e29b8ee90d8c","sha512":"44442177342b12c1fa31681356ffd60003d94ef0978e9892a95bcfae67dce762684010e95882320e3d56e50be06fd1370b7351d1674db675cca0d03214030d87","ssdeep":"6144:wiyv27v+rbOP75Rs6evmW16oWl7Q7vjsftoLlTC/+2LUwhbVySrf:wiyv27WryP7g9lzXjYVwloCSgof","tlshash":"845423e64a3b05d052783d3ca87839984fd14d5e0c78a076d9ff569c0a070dfbaee684","first_seen":"2026-01-03T12:10:19.859082Z","last_seen":"2026-04-05T19:37:44.011455Z","times_seen":346,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":85,"dns":0,"connect":0,"send":0,"wait":8,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260325/2026032516261029053.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.088Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260325/2026032516261029053.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Mar 2026 08:26:14 GMT\r\nEtag: \"cf20061abc1138b2a03ef2bd64da3efc\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Mar 2026 15:00:07 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 368\r\nContent-Length: 58640\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 9485978319368090074\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":58640,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"cf20061abc1138b2a03ef2bd64da3efc","sha1":"b4d686ece9d1cc74d3399681c6d25f62c4c4b80f","sha256":"e15a2aa29dfba0c7ffa80e97958d4655e230943dd64c19eb9a19bca9f690a16e","sha512":"9b8eb86633f77a62246604df375d3e59e8cbc2cf605aa7fed6e1401a98835960c125726cba84654bdc933d903ae12a8f7d02c2681c4de632e119f6f64f84d06c","ssdeep":"1536:3kuPsyrTuADUiTNQs5432qMvUfuWFACXjdnMPYZY0Rk:3kuPs64kNzMpVfuWVTnYP","tlshash":"664302dd4aa4dae8999dbd709e767369559006264d0ca1f0b7631ecac8c22dd83e38c3","first_seen":"2026-03-25T23:03:54.339615Z","last_seen":"2026-04-05T19:37:43.972111Z","times_seen":290,"resource_available":false,"data":null}},"time_used":185,"timings":{"blocked":151,"dns":0,"connect":0,"send":0,"wait":32,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2025-12-15/7c8085415471592e79f283299a5b4570.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.721Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2025-12-15/7c8085415471592e79f283299a5b4570.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 15 Dec 2025 14:09:50 GMT\r\nEtag: \"9be8face9a0c71281c3304b61e86ddd1\"\r\nContent-Type: binary/octet-stream\r\nDate: Mon, 15 Dec 2025 14:09:54 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 452\r\nContent-Length: 667488\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 8363874208046265898\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":667488,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"9be8face9a0c71281c3304b61e86ddd1","sha1":"c870ba41710513af0bc27805e71bfc912be6463f","sha256":"fd84827a448c92a0e456aa7fcce612d239716895273632e9c6728b5323bbce1e","sha512":"1658a60f82c609bc3271c5f901f5dc9725d6ee6f537f460752197dd7fd543da92e59a0f5326628cb2bad0c090cab5e793341c607081e9caf9662de35ea4e5b68","ssdeep":"12288:Bl0eA4CdONfZUiaJgigupqlvTymUX1Om5Vu1u8Mn1jWwX08tJjrm/if:z0tlqZUn+iIrylXMi58Mn1RX/tNr9","tlshash":"cae423403385c22f64bb2f43a8159ba13843dbc8edbdfe05d4f95a1b928176de328578","first_seen":"2025-12-08T12:36:29.171473Z","last_seen":"2026-04-05T20:11:58.563743Z","times_seen":15234,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20241108/2024110817202219765.png","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.810Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20241108/2024110817202219765.png HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 08 Nov 2024 10:34:00 GMT\r\nEtag: \"31d7f524fb901b3cfef1875437564c49\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 26 Jul 2025 08:46:36 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 9468\r\nContent-Length: 3200\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 4087395931800253550\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3200,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"31d7f524fb901b3cfef1875437564c49","sha1":"30c3c1677aa9ffe4bdf3175390483cfac029987c","sha256":"b0d1ca93b9bf35fc3ec9738298c8c32ba08b1c945a3c977a01347ccdc7635a5e","sha512":"0cdca446801fc324a0e033d2a28d624747fc11efe5c1f41bd83d193991eabbf05657a1a8593030d2c4be71433595e98301a0e3ed7ad379fea217da17c36af8e1","ssdeep":"","tlshash":"ad616d0816ca47e3a00c308f10a686d7893fd59bb142daa17e635e7d3cdb2b434d714d","first_seen":"2025-02-08T20:55:59.131763Z","last_seen":"2026-04-05T19:37:44.009943Z","times_seen":850,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ads.zyudkkup.com/api/eventTracking/report.json","fqdn":"ads.zyudkkup.com","domain":"zyudkkup.com","tld":"com"},"ip":{"addr":"154.207.252.62","port":443,"asn":0,"as":"","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:48.837Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zyudkkup.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 03:53:19 GMT","end":"Sat, 20 Jun 2026 03:53:18 GMT"},"fingerprint":{"sha1":"27:F6:4D:51:9C:51:6A:20:E0:1F:AD:77:74:1B:F2:27:39:DB:A1:9A","sha256":"FE:29:F0:5A:06:E3:36:8C:30:6E:4B:70:DB:8C:55:00:E5:EC:C0:C9:64:E4:C5:E2:75:0E:6B:C4:BB:22:BC:07"}}},"request":{"raw":"POST /api/eventTracking/report.json HTTP/1.1\r\nHost: ads.zyudkkup.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json;charset=UTF-8\r\nContent-Length: 1155\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Apr 2026 17:44:49 GMT\r\ncontent-type: application/json\r\ncontent-length: 42\r\np3p: CP=\"CAO PSA OUR\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: content-type, token, cf-ray-xf\r\naccess-control-allow-methods: *\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kKMuAKLZFvF4A2D28sr7%2BbEMZ5Tmn4bcRdIP3Am88MJRfuSHihjGnDwP3kH%2B7dPM%2BBsu83hXf5OYNDm9lGJG5Vm2DnTTYFGROINqBUf%2FXiCE5lZj2IZXmADo0WFxnZP7Yihr\"}]}\r\ncf-ray: 9e7a5ce91d7edfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":38,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"a18efcf9ab81c59f799055f380d36af2","sha1":"535cb75bec8882d106f8485eb6c852c276cffcbd","sha256":"adcfad9a2421204a720213ffeae74fddf2ab2fb1fcfdb8da62360593697a91c0","sha512":"36a0dac3279f0579a71d4d6a940db6912ae26a1f127d993f1d4e21e7ac5bf1d41bf97aeaca822fa354bd9e219df901a960614f5ef42f4406eac746e5a53d58f7","ssdeep":"","tlshash":"1b800023a82c08830e023acc080e0b0822ec20838e000b20cc8cab28cb880b8f2a2830","first_seen":"2023-04-13T10:09:53Z","last_seen":"2026-04-05T20:29:30.364891Z","times_seen":1972,"resource_available":false,"data":null}},"time_used":198,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":197,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/plugins/ai/images/avatar.png","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.715Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/plugins/ai/images/avatar.png HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 311\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:24:06 GMT\r\nlast-modified: Mon, 01 Dec 2025 06:43:35 GMT\r\nexpires: Tue, 05 May 2026 17:24:06 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\naccept-ranges: bytes\r\netag: \"692d3917-137\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: LE7c4DBgREMwZ7rZOo6a1xtSI3sqr7wM7q3hBgSbY8gANZdJEZTB1w==\r\nage: 1236\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":311,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 18 x 20, 8-bit colormap, non-interlaced","md5":"30c01d82427d0b622f89b4696cfa8fe1","sha1":"f0316536a6c8f645a3a4bbb4dd0473e3c8853a4f","sha256":"7ceba85b04db09cfa45db7b953297889da29ea113dcc0d037eafb86203b200ee","sha512":"e9cefe20bff8e7812e2b6eb2dfeee8a71950e5fe3859a50967ad54c861da3f25049aef2cf32a1518706670d6c7cc3054afa0ec934fb8e344465d5753f93ce97c","ssdeep":"","tlshash":"98e0cdf35389ecb985a7441a10e36510f10d6979433382dbd755543e51140c4497575a","first_seen":"2025-11-08T04:26:01.782802Z","last_seen":"2026-04-05T20:11:58.40677Z","times_seen":16164,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/themes/Mirages/images/banner.png","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.753Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/themes/Mirages/images/banner.png HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 3405\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 16:50:13 GMT\r\nlast-modified: Sat, 22 Feb 2025 09:54:55 GMT\r\nexpires: Tue, 05 May 2026 16:50:13 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\naccept-ranges: bytes\r\netag: \"67b99eef-d4d\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: Z9KNvuQGAHZyRdU6MHMWkOpl9TAJCHPmBZh3bQUKQLPmcVHICXAwlA==\r\nage: 3269\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3405,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 950 x 110, 8-bit colormap, non-interlaced","md5":"fab94fe52e59f6e76c009a8eefb691b0","sha1":"0d4032bdf9e6ee81695353c42a0e71cefe3577f1","sha256":"86190e109509d05643c73f65fe0eb7814b456f5035ea1b5bba3a9aecada265fe","sha512":"1c6a83e904e891f4647b3c61394e37eb93107854ce385facd8434f9348d182db962e0612b4b0ae221dd7de2b0a84a0c76be90ea0af463b73373d996dd2852c58","ssdeep":"","tlshash":"eb614de2b248c9b0d946661d95cc85d0275ff70a8b6902330a33f7d7809f56ec72a263","first_seen":"2024-05-18T06:57:58Z","last_seen":"2026-04-05T19:37:43.943261Z","times_seen":1041,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2025-12-10/0e2a1469a761e81efad2667c8779ae5e.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.708Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2025-12-10/0e2a1469a761e81efad2667c8779ae5e.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 12 Dec 2025 12:54:53 GMT\r\nEtag: \"4d4782772c66197e7bb72273464acbcc\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 12 Dec 2025 12:55:05 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 807\r\nContent-Length: 266704\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 12728295710405242235\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":266704,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"4d4782772c66197e7bb72273464acbcc","sha1":"bb5180f3a210440991063df7c71a5f2a73235d66","sha256":"d1b7c5ceaec125a25f11bc63a88adefca0ebf8d4fd47586ac9e5e8c86d94c10a","sha512":"a9f581a25de284a7a4496c8d4f601f60b686cf7048ec0b9015e3131fbdef9e6a43af3c91fe84ba4e7335f516bfc38e28f07580bed9393be30a0943bd41ed2185","ssdeep":"6144:HZHcEA6bo7O9Do4nLk2E//R/+YFihoUDtUeZ7:HZ8EzSOhos4DWYFihoUBD","tlshash":"324423cb5875e0a1541ffa2ee80de01da06ad1fd46e4dda886adf2c53f13805c1f2a8d","first_seen":"2025-11-23T05:10:59.088648Z","last_seen":"2026-04-05T20:11:58.48326Z","times_seen":17040,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":19,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522383436422.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.990Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522383436422.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:38:44 GMT\r\nEtag: \"2fe68b356a91db540172168746de7e6a\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:38:44 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 100\r\nContent-Length: 27056\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 4882756135075557919\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":27056,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"2fe68b356a91db540172168746de7e6a","sha1":"36ba5ea81df4e8b35907145f7ee401caa6c55087","sha256":"0532534dd49b108f45fd1a1becebc723cd5f2e6f4ee16212fc791f1000b83701","sha512":"319c518d677af81f5d64b3033f9067228ab8027793e1617bc6256e9be2c58d053234be1f40d44194eeaae075f9fa520cc32d132b21d1ff3e411c606199872db8","ssdeep":"384:xDhIvduEhdeb7QvhSY44GRVePKLyFNQWF8ij+6CAdJeLgQqxprd0j4Bc/liT3WM:xtxI+QSYMRVeXQF6+6CYU9M52j4ei3WM","tlshash":"67c2e1ca7147319b698140ab2120ee63de77ef313b3d8d017e32d1665a63b5d0e58bb8","first_seen":"2026-02-26T23:12:00.925793Z","last_seen":"2026-04-05T19:37:43.97372Z","times_seen":406,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/plugins/DPlayer/assets/DPlayer.min.css?v=1","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.654Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/plugins/DPlayer/assets/DPlayer.min.css?v=1 HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:41:15 GMT\r\nlast-modified: Sat, 22 Feb 2025 09:54:55 GMT\r\ncontent-encoding: gzip\r\nexpires: Tue, 05 May 2026 17:41:15 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\netag: W/\"67b99eef-b096\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: yI-aLT_CcBABSipC7g3eDY7W8V-DYbI0Ca9O6S95iwDKfC2W0ZVtCQ==\r\nage: 207\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":45206,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (36675)","md5":"561f19b7ef3f68fadc57c33a964fc9da","sha1":"715fdb568449a95aa5675197d28a26972f3230fe","sha256":"2c467a8a8710fd5a7f50d52100e39f0b24cd1c1928ae4f26ee4bbe67f8f56989","sha512":"3e6fdd77a27fc20dc18b9a54a1c66d68c3ead28dde098a7f9c95accde669216a3ba98a87c34c475f001671d7f0c6e73d98f913b693d72aeffe3bf0fb772f18cb","ssdeep":"768:7FK8KSkZqtIfw3YH4ZqtIfw3YHvHYr/hizxdUDr5+0ysGif0y9W:9HYr/hizxdUDr5+9soyW","tlshash":"4d13bb1618a5329891225b91cbc8676c6738d312e9224f8ff31b780ecf8e69d215ff57","first_seen":"2023-06-15T01:32:19Z","last_seen":"2026-04-05T19:58:13.641724Z","times_seen":6690,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/themes/Mirages/js/7.10.0/swiper-bundle.min.js?v=1","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.778Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/themes/Mirages/js/7.10.0/swiper-bundle.min.js?v=1 HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.22.1\r\ndate: Sun, 05 Apr 2026 17:37:58 GMT\r\ncontent-encoding: br\r\nlast-modified: Mon, 01 Dec 2025 06:43:35 GMT\r\nx-server: web-node-3\r\netag: W/\"692d3917-3bf14\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: wwEVjP4ZOHWVgM0gsCplpHve3b68USIHliC6VQaMsF3qvbAAlqqTUw==\r\nage: 402\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":245524,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (379)","md5":"2e31805cdab4c9413d030ba29c0325b2","sha1":"bd1b4284d6f4da429d36d77b56e31c68d01f2f44","sha256":"9a9984a95f4b4299560232e0607f0fd19b6e4d11d9fda7fc754617b5a195c060","sha512":"893d3504f1c84d16b80e49af592954b12a8c26a13ec8c1f11d96762841725384d0f0db2594945b3c6af3e5d25ddeaace7e61c9a11169e2f8ec7def1e6fa9cdac","ssdeep":"6144:8Cwpf+iM6mf0iNOQbB2ajId/ZG3PIcrbn:8U","tlshash":"da34300a52b225389293f03e4b5bc414b236941b7e09fda83e5c05685f6d83c57fafe9","first_seen":"2025-07-26T05:03:20.415257Z","last_seen":"2026-04-05T19:37:44.00887Z","times_seen":2715,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-01-03/2e0ddfcf8a78ec90f75d2a1a2e950fe7.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.051Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-01-03/2e0ddfcf8a78ec90f75d2a1a2e950fe7.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 03 Jan 2026 04:51:00 GMT\r\nEtag: \"7d482218706449ddc052940267dc5e20\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 03 Jan 2026 04:51:03 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 2795\r\nContent-Length: 292288\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 7256484781767254456\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":292288,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"7d482218706449ddc052940267dc5e20","sha1":"f020a915e13125435e3201f77e2a658b6255d7fb","sha256":"17a7883e909918eba67c99223274a0087ff00cfc405aac6469c484dd4f9030d2","sha512":"9f64ebea982ad0b8d614181a8f58c8f817e3dbc587fe368d6f67a395647a92ce9c49dfb4dff90b076379d6ddc9d021b6b261088c840c0c78b9bdc38cf9724915","ssdeep":"6144:5QM1W+lbA6j3rlhH5tlEHoAiYRHKgN+rjwmW6x:+n+lbAy5tmHVIgKMt6x","tlshash":"dd5423d062f6f350c879c450e8c52fba5f76211576222fa2a383939df02b6bd7d190e9","first_seen":"2026-01-01T20:57:19.436404Z","last_seen":"2026-04-05T19:37:44.027263Z","times_seen":340,"resource_available":false,"data":null}},"time_used":311,"timings":{"blocked":131,"dns":1,"connect":10,"send":0,"wait":11,"receive":32,"ssl":119},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-03-18/d0f86eec39ff5f901f87ea293804613b.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.702Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-18/d0f86eec39ff5f901f87ea293804613b.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 18 Mar 2026 12:55:06 GMT\r\nEtag: \"b623e1b55f0930c825f1f77ccf2aa695\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 18 Mar 2026 12:55:10 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 702\r\nContent-Length: 312944\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 777424935553451141\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":312944,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"b623e1b55f0930c825f1f77ccf2aa695","sha1":"2a3fa46412096622bfbf0c8c804e3569563ab50d","sha256":"257c25438d69e04240ed40ad37b4a28caf7fd4aabf061e969ee9235a79f6ba91","sha512":"9640217cfc3e64b0b3f5d8e1c9dc97949071f55ad898a1d2299fb29fdf3e429aaba6a05d5d8c9f00cd6878ab95e5b84db7bdd41e9bf1ee5f72c3d70e5a76e638","ssdeep":"6144:TN11eIfw2XlBj5XN+lXYm2J0ytC/xxX8lTnOJ2xk3/qtXfD:h11eIPT54YCykpxwTnOJX3/wX7","tlshash":"a5642310949180eb15cad88a5ecf5a30a2afc993d7afb41af0d3974b50ec7e93311b57","first_seen":"2026-03-18T12:48:21.453772Z","last_seen":"2026-04-05T20:11:58.443107Z","times_seen":5592,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":19,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522420011520.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:44.010Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522420011520.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:42:10 GMT\r\nEtag: \"ee6b06566e8b84628f602f5a08f112f5\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:42:11 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1152\r\nContent-Length: 33792\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 3244199767660765117\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":33792,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"ee6b06566e8b84628f602f5a08f112f5","sha1":"491db5967f0ded087046ecd824fe43d81c532d8e","sha256":"ade0db90b0c3ff83a6775d18081b6fa999240b03df7f8470bbb6623efbfd2296","sha512":"83b9f5939bf5ad4f94d531a8446080db9fca3473edd61e5e28ec889eff12bc2ea600eab07c1ea0aa19d8c8a5ce0b99414e304923540e728c4d4a519e04e54142","ssdeep":"768:wK6wCEW9qxlILFEq0bFWNou8633YZk+e+WqdqlUVkls71:b6wBW9SFxfoIm1Pq4lUVk+1","tlshash":"1ee2e1d5dc31af985cb70e512d4ed8adfc1872c298ac9a935e6f60f8a44e6400ce59f2","first_seen":"2026-02-26T23:12:00.847692Z","last_seen":"2026-04-05T19:37:43.956563Z","times_seen":406,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522405611687.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:44.069Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522405611687.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:41:05 GMT\r\nEtag: \"1a410ffdefbd8397c2cccca4bd93e036\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:41:06 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1217\r\nContent-Length: 26640\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 7388000260001417301\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":26640,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"1a410ffdefbd8397c2cccca4bd93e036","sha1":"11ed9ed29c99b80947f1bdf785bb292be1aa216c","sha256":"2586bd272a3291c3a8d0d85a3a2d454f920a5529fd4dea1c7dced39ef0e2f5e9","sha512":"016d0cdbd7620b48434d726cd3d19205c2652aad2f47fb918bfd4b9acd3a105ae82a64c5ed283d2a78bc7bbda099ab36a61df91cef2850ab97e8603430daca5b","ssdeep":"768:PSpXRNmKO//S6Uac+HgDSVuhVhG6Hcc8ZDg:6UFUJ+HgDSMDQ6Hcc8y","tlshash":"abc2e154a0fb62588c337db1a8e5493f76d57f0dfa3c50f0c8ead07182101d2aa96839","first_seen":"2026-02-26T23:12:00.889881Z","last_seen":"2026-04-05T19:37:43.932261Z","times_seen":406,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/themes/Mirages/images/search/icon-delete@3x.png","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:44.183Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/themes/Mirages/images/search/icon-delete@3x.png HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dksylmnl.mvbsghet.cc/usr/themes/Mirages/css/7.10.0/search.css?v=6\u0026v=6\r\nCookie: _ga_NGV4MXSYPX=GS2.1.s1775411083$o1$g0$t1775411083$j60$l0$h0; _ga=GA1.1.482702814.1775411084\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 589\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:24:26 GMT\r\nlast-modified: Mon, 27 Oct 2025 03:29:54 GMT\r\nexpires: Tue, 05 May 2026 17:24:26 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\naccept-ranges: bytes\r\netag: \"68fee732-24d\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: LD4m0euaCIyX1UszXloO0S5Uyq8ykJzyTbo-VdJZM41iXTD7kCb9CA==\r\nage: 1218\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":589,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 99 x 102, 4-bit colormap, non-interlaced","md5":"186ec31c3c1154addc6ec1fb8ebeaffd","sha1":"0f2e9a7e94ab44760f72705d02718e34697a7c0f","sha256":"9715ded51f20950c770eaec0f8eb8953163ce508df6e080d7a3b31660a21f1e3","sha512":"f441cb908e51513292262abaeaff1ea380a131dabbc5fb124e3a244845c8d6ee7b4ddfa7401c7b0e27ecf2abda4e6f38fbe4735121c421748b1e0bda39139ded","ssdeep":"","tlshash":"c0f0e141a9568ee4821d0c3a3c9bf4c4926f017ea09ce15d803b995954cbf9144d1ec2","first_seen":"2025-10-28T07:13:52.652764Z","last_seen":"2026-04-05T20:11:58.296242Z","times_seen":5301,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-02-25/8fcbd0c47fb5239ef3dcd75ff7d8eb9b.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.704Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-02-25/8fcbd0c47fb5239ef3dcd75ff7d8eb9b.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 12:55:06 GMT\r\nEtag: \"b328c0c7d21077dcc512724fb6fbd3a0\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 12:55:06 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 72\r\nContent-Length: 343744\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 7301695928367210103\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":343744,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"b328c0c7d21077dcc512724fb6fbd3a0","sha1":"9c4cf075979de4b4bb02a22ac07d15f603154c73","sha256":"8ffd21d43f6ce8070ae9c78f2ef752d5f1bf8ef1cd65358fe9b7a361940f61c8","sha512":"73a56db882e239eff6b0e1b8c9a3c2c0e71257b1ba8b15805c71f1e63449503b40bc0e78f6077ac0618570ceced37dbe5c697c4c5ed477ad13f1481a2d5e8da7","ssdeep":"6144:NAqzpp4tb+UBk8NlKEAkkf2ehkPDH+7+m3OJSdWUiHxB9eJhHQvuFzFxgwAT7D9M:dpOHBTNUzf2zcSUiHxBQHfF6wAT/KcA","tlshash":"c774237314d928aea8e7c82c697b473311fcfaeb64387f5346de5bcd25058d104ea84a","first_seen":"2026-02-25T11:08:48.248298Z","last_seen":"2026-04-05T20:11:58.502944Z","times_seen":6813,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/plugins/ai/js/user.js?v=8","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.802Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/plugins/ai/js/user.js?v=8 HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:37:29 GMT\r\nlast-modified: Mon, 01 Dec 2025 06:43:35 GMT\r\ncontent-encoding: gzip\r\nexpires: Tue, 05 May 2026 17:37:29 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\netag: W/\"692d3917-3ab8\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: qW3kgQJc-mzEO265LVkDjTvyAdK1WEAoewWOJ394sb5aXcnjKNw_RQ==\r\nage: 433\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15032,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"26408a8b354961c977e26332d67f8b36","sha1":"b8d8acdfb48d4c4dad225b86af6cdcf3a312d868","sha256":"fc4bc24fe53e76b87284ab6ab91efeb0aed8e552273d7e785df785955622ccb7","sha512":"f43c0c8b31432f53cb63df177df3553bffee6e7c867dca657aab236a3a94b25f14aa72cd8215b27b606c14cd22e808c43662f9ba58b19c185800de6b01f35bf1","ssdeep":"192:G4pcNs9UU7DzCneMrO4bUDUrdVCr1JB7yifGQ/FoWjxk0vwnaI3QUGMugCNAVrgX:G5Ytj/J6KUBy","tlshash":"e962630af1f904620b1365a46b9b2108753095472a0acd183e7d9bd82f5ed79c2f7bef","first_seen":"2025-11-17T10:42:59.258806Z","last_seen":"2026-04-05T19:37:44.013715Z","times_seen":5945,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-03-18/b0135ae0caa8fb56d803c5b9ee616d78.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.065Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-18/b0135ae0caa8fb56d803c5b9ee616d78.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 20 Mar 2026 06:15:43 GMT\r\nEtag: \"2fd051a7ad3bb6739249922155ab7e16\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 20 Mar 2026 06:18:13 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 2353\r\nContent-Length: 214272\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 9881378395950498744\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":214272,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"2fd051a7ad3bb6739249922155ab7e16","sha1":"ee5b0a926ac68c59de5c1dab35e3f7a881de8804","sha256":"948710787b097b63e5c2100fb470a99754b063b05847a16fbfa3202ff07ffcfa","sha512":"ae103bd38d1267548d003d6d25236db64b09220713cddb709ba2bcb505fa19fbcc2d81877f0a54557ac44f041a4a05504b3ac0c78735fd40dca08faadefcf483","ssdeep":"6144:QT+EJhgRbJ8xPZ7QQKTjNDuUGkgjJ5b0JIgCi6MQkAC8JX00MSB:EX/aJklfeNDuUGkgjvbsINwCCgk0MY","tlshash":"93242394b9d8f071af0f3bd197b6735baa32ae4e1a14a44939b5f0885361ecf1c8074d","first_seen":"2026-03-20T14:34:11.02302Z","last_seen":"2026-04-05T19:58:13.506118Z","times_seen":481,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":109,"dns":0,"connect":0,"send":0,"wait":22,"receive":33,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-03-10/7d2d9fb9c14f48b9f31f9189fe1fb24b.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.067Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-10/7d2d9fb9c14f48b9f31f9189fe1fb24b.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 10 Mar 2026 10:20:35 GMT\r\nEtag: \"a9dff727b65970e1a6bd972bb1f35107\"\r\nContent-Type: binary/octet-stream\r\nDate: Tue, 10 Mar 2026 10:22:33 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1605\r\nContent-Length: 494224\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 8948802751412322404\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":494224,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"a9dff727b65970e1a6bd972bb1f35107","sha1":"1e354597d97c2231378995e247f60c555bb4db19","sha256":"909dbd4592ca7e4412a1372b77d380a5f9eb116f01f77050923f9b5880ce4285","sha512":"abf5973a2a882be7c6d965314f21ee410e5273f4391d741f2b66d6b0ba54a4771f19a86c013fe755f71b18032ddc77376b91e9b7c10f5a4289e11dcf4ed8c420","ssdeep":"12288:NC8QHL4w488K2NGlv+oQuLCmKdLzySKv6B8KYC:XwfTKGlvQrdLIChYC","tlshash":"4cb42329052e46d09f9db1749fe1d904431ec4bef95ca0eba450478bff23cbce25662a","first_seen":"2026-03-10T11:07:41.060489Z","last_seen":"2026-04-05T20:11:58.344665Z","times_seen":6031,"resource_available":false,"data":null}},"time_used":149,"timings":{"blocked":114,"dns":0,"connect":0,"send":0,"wait":8,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-04-04/a2b5601a8c4947865f88216bcce9cb6f.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.161Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-04/a2b5601a8c4947865f88216bcce9cb6f.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 04 Apr 2026 10:36:32 GMT\r\nEtag: \"75f10b7b10d237f65701f2ba4cd0f160\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 04 Apr 2026 11:10:57 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1050\r\nContent-Length: 243872\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 12027857148273386246\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":243872,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"75f10b7b10d237f65701f2ba4cd0f160","sha1":"9a345f23ec749b16f77e9e2268fcaa76dc207def","sha256":"d2ff23efb11bb7babc7218da09e45e5de163e8636c4d8b138babecdde1ea19ed","sha512":"3fc535e7dde7eb45bdfa4cc75d1d851f932e52dbedfd2f1c440681056c5616d948dd1ef4e10a9c2ae1ba38d6d1ddac0c9de3d23139af1322f4a5931589a011f3","ssdeep":"6144:HjXSQ3IS3rvVRw6rKNP6ybJak2sBRvSU752V8bYg:rRT7dRwxt6ybJYv+5Ag","tlshash":"183423a2e1f2d669058c1d72512799e1d7cfe1ec70e562cda7e4c8e60381d822f7f690","first_seen":"2026-04-04T10:46:05.491268Z","last_seen":"2026-04-05T20:11:58.480862Z","times_seen":3896,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":117,"dns":0,"connect":0,"send":0,"wait":23,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20241108/2024110818460513819.png","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.772Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20241108/2024110818460513819.png HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 08 Nov 2024 10:46:34 GMT\r\nEtag: \"27ae198fca34876f072bb644aa9242c4\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 26 Jul 2025 08:46:36 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 9467\r\nContent-Length: 272\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 3546077748128388244\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":272,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"27ae198fca34876f072bb644aa9242c4","sha1":"be8da11fbe724e2910ff65d54bba67bdbf86fb05","sha256":"26e9ae75be4e86f7ecccc70c05f9d1742f2a7520fed7dd1258a94284c08101c0","sha512":"977e72a9845b87082d55e6a7e55dbdd5dc004cdde4ad3ad0c3f63b627c550958ff86add8f5aee020dc08f188ce747d9c7d909ed01669bb19577eeff9e8c6b6b9","ssdeep":"","tlshash":"b7d02b1545220b922f9aa72e4bb154644f63c292405f4a765184e61a1de2454b100d57","first_seen":"2024-05-03T10:06:21Z","last_seen":"2026-04-05T20:11:58.337899Z","times_seen":19357,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522390583883.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:44.060Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522390583883.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:39:21 GMT\r\nEtag: \"952ed566543df992134681ae8481d53d\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:39:21 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 60\r\nContent-Length: 32080\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 14940287992028180789\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":32080,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"952ed566543df992134681ae8481d53d","sha1":"2022fa6ac623da9e8bce73ec7a748a10298623f8","sha256":"6138fe0e71a85954c1ef5d5b336a80a46bfa50e9aadc71a85b58607c6fa27459","sha512":"34bcb9e24ccef2373c4bb6514d07a1454d350a260e40fa92e384bf844b890e82233bf7f5b2d74a3cb2a382a4f4f6fccdb27cfe66d798946347d4ec1c020f4829","ssdeep":"768:2tW/9njd/k7e5nNF15r0chcQZCtzqRJnfYKfDkgjDB0:2MRmmNt03LmRJAotu","tlshash":"b0e202af3e65945cde44d0a4bfab860667a4ddf01ebee3c00b43ba1b851d236709e340","first_seen":"2026-02-26T23:12:00.84124Z","last_seen":"2026-04-05T19:37:43.974338Z","times_seen":406,"resource_available":false,"data":null}},"time_used":55,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":54,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260303/2026030303381131028.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.289Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260303/2026030303381131028.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 02 Mar 2026 19:38:15 GMT\r\nEtag: \"fd5634e695792f97e23a725de6898087\"\r\nContent-Type: binary/octet-stream\r\nDate: Mon, 02 Mar 2026 19:40:07 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 33317\r\nContent-Length: 186064\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 5405689715509467115\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":186064,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"fd5634e695792f97e23a725de6898087","sha1":"6bf953c1db762063c3ef9a656b5781f20a9965e7","sha256":"df00150292c4da44a47d02bfce4f66547bca0faaa1fd18dc198a6b87c8770cf3","sha512":"ad52647bab524e0695ef552b85b6f93710ef84922c2ba68f2e033177de70b9af0de709a512a859da0072b5dd8204d9a4c6a4540fa24cf141c5b81ae06435653d","ssdeep":"3072:32j7tkrtLz/ouhb4SlOwnw5WtrZ55P1uJ/SE+Vky+Kp55D7rVMB9o6Pr/Ol:wtapz5zllwW/Pif+VkyjDpeBLQ","tlshash":"66041242817b3b62d44ceee83a72732dad4e1dabc593043418f17fa6f9238161f5e50a","first_seen":"2026-03-07T03:07:02.905703Z","last_seen":"2026-04-05T19:37:43.986838Z","times_seen":402,"resource_available":false,"data":null}},"time_used":55,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-03-28/3dcae460c66ca45aaa50de175d400999.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.692Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-28/3dcae460c66ca45aaa50de175d400999.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 28 Mar 2026 02:55:06 GMT\r\nEtag: \"c487f74501adad40907bfe76952b6381\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 28 Mar 2026 02:55:08 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1153\r\nContent-Length: 146384\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 3666023193862692506\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146384,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"c487f74501adad40907bfe76952b6381","sha1":"7b162a70bca5abce0af696f4d802f94b1d50edf3","sha256":"65345de6b8f59586eae771df835d1d66a4eb421c68aa9630155afa6101652d5a","sha512":"31cd898ac77d399ee4894084ee90237f8524ac132e25eca8b4bc5f84f1ee042123c4833b4e0a339e263224c5dc687d832124c0114332a336834dc097b2fedfa6","ssdeep":"3072:NAE7cjP1oecQn25vkfWnUzTTscd0sgQlbGbICjyYGiFnTK+hk6rEZ+2lx3:NAE7cDBn2NwnFWsgQlqbIKIiFnTKL8VW","tlshash":"e7e3127557985c0a2a5012ebb7e47cdc77e50063bc39ef2d8828e9a5f3a403a956042f","first_seen":"2025-12-28T13:33:38.898903Z","last_seen":"2026-04-05T19:58:13.63427Z","times_seen":632,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-04-04/c15dde5606b448511c839043e3f4b585.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.700Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-04/c15dde5606b448511c839043e3f4b585.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 04 Apr 2026 10:55:07 GMT\r\nEtag: \"e51ef3e3ccaa62a426cd789a66d473ca\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 04 Apr 2026 10:55:07 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 329\r\nContent-Length: 270864\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 17849786654930867450\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":270864,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"DOS executable (COM), start instruction 0xe9ef8714 1779637f","md5":"e51ef3e3ccaa62a426cd789a66d473ca","sha1":"a05cb57a2f8db0aeae557521e780877145edf257","sha256":"96b2b9bd671adb756ad94afdc92b3aa857675576a8e6d7cd0213257b0f709618","sha512":"175474ef55db136c5e02ad56245b84aaaafd812137da51d51341f379f436590a12225824a4bb6fb5f2e7e2b9b2410e883fcbe5fecf24b0f71f5817453ffe9dbb","ssdeep":"6144:pwgF6Tu1KzzpvLsUEtVrJqnhas/I9j3x90sIvDo:pTF6Tu1QNQ3zJqha93f0sIv0","tlshash":"bf4422a5f3aa67f7e9ba722cf2efdd067ea834f0627b67511d06d103418c7884982474","first_seen":"2026-04-04T11:37:17.990311Z","last_seen":"2026-04-05T20:11:58.482294Z","times_seen":3896,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522414777352.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:44.072Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522414777352.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:41:57 GMT\r\nEtag: \"dad6501874ae30094511250cd54d7633\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:42:38 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1125\r\nContent-Length: 24480\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 8392373887964666436\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":24480,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"dad6501874ae30094511250cd54d7633","sha1":"366d83f78263b2ca22df4ccd67affe04844bdc8d","sha256":"9673aca2bc3bc11de3733eaffe9eed1d8ca7c63f5da686bfc46a072d565970b6","sha512":"61962bb5325384918d49a27ab4724c73d25a256b2c2ee248fe9ec404103f3a36760aa38d72ae290d1d0ae02ba1a340ec846d1652a033c9797260afe1bec55300","ssdeep":"384:d5+UWB224C7aimatNxjQfA+ueybfN81BWbJjrEL0LgEvBHhS3ifJKLbeY01TA:dgUWB224JycAO0bJW0LgmS0iWA","tlshash":"6ab2d00f94f80997c1885ed93430c65fae26819b7649b6d5e0d4397fa82e013f873da7","first_seen":"2026-02-26T23:12:00.94429Z","last_seen":"2026-04-05T19:37:43.93621Z","times_seen":406,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-03-18/1df19a84893b88523617e5a72a231811.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:44.077Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-18/1df19a84893b88523617e5a72a231811.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 20 Mar 2026 06:25:10 GMT\r\nEtag: \"8edacb124772522f98f5df3ee4836d5d\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 20 Mar 2026 06:25:11 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1936\r\nContent-Length: 356832\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 15345859751125926585\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":356832,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"8edacb124772522f98f5df3ee4836d5d","sha1":"dfb9439615ec63a4e2baffd9b8cb12cd442f165c","sha256":"98cb0a1c92419572c5061d515168ef113e67a2d4affaa272c3a294694e808156","sha512":"0eab0ecabc541105e5f52cc0595d9e47310fcbcff3ed0034469e30b4b19a4633d68621d23e2e5e70eed6714b5d927ae915aec145b64f85fbe43122cef2fc80a7","ssdeep":"6144:3zEbn93k24l3tm8XrT16xnaxTT9tE61apumgEMfrtAUKvY0J4Bml/vNO:3gbgdtm8XPwxnM9tWcArQ0J4slO","tlshash":"9674230e50924f2d0ee19d99896b3bd940d92297461b440f91593edebf387c2b0b8fdb","first_seen":"2026-03-20T14:34:11.10669Z","last_seen":"2026-04-05T19:58:13.642851Z","times_seen":472,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/themes/Mirages/images/icon-close.png","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.732Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/themes/Mirages/images/icon-close.png HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 449\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 16:50:03 GMT\r\nlast-modified: Tue, 25 Mar 2025 09:24:19 GMT\r\nexpires: Tue, 05 May 2026 16:50:03 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\naccept-ranges: bytes\r\netag: \"67e27643-1c1\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: hrB1gSyVIbsixUToYg8E7eAgIC8SKT4LpNs5QCD1k7NzAHataZZMLw==\r\nage: 3279\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":449,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 4-bit colormap, non-interlaced","md5":"9d415b4ff333613c0b00c800ea68f4e7","sha1":"0ca86628636504d754caaff9a35117f69751b91f","sha256":"f8670d209456fcd93fbbd3b2fe2a95fdbd727681ff78ffe6ef76d1af2627d8f0","sha512":"13352289fa68e48ecdcc4258e360248ef32dd51ec13ced4718a960117542631f4a442088089e5cd170fdf51b2fbf9afe5d81c2f30da418761fd04e0bb32341cb","ssdeep":"","tlshash":"a4f0dcf0f7aaf91ceca288b24366c4e2dd15ca012033000d8c52f53499db2a1790510b","first_seen":"2025-04-02T09:15:20.035639Z","last_seen":"2026-04-05T19:37:43.969076Z","times_seen":864,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260402/2026040220154330876.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.033Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260402/2026040220154330876.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 02 Apr 2026 12:15:47 GMT\r\nEtag: \"96a1ed5473d40355c1b5d71b3e4bdc03\"\r\nContent-Type: binary/octet-stream\r\nDate: Thu, 02 Apr 2026 12:23:32 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 2888\r\nContent-Length: 150800\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 10423169870833890884\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":150800,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"96a1ed5473d40355c1b5d71b3e4bdc03","sha1":"26b09c77e7dc4debf47856a01948a0de9850dc5d","sha256":"3aa71792a655bb197c79fd63fac179e32113324b70def8fb57a2bdde079d8b79","sha512":"0f8879b13f60428351011db08394a69e1321bfcb0d89e752477ba9ae2d29c2989cbe7fabff24483a1c1ffaada5ad81cf9d843b0b54b0b6c875c40326ea7e3799","ssdeep":"3072:sOlg0sDq8zO3y9nhUwM7WvE5xLqsp0hKCGk9zWiUKnslw8llWT4Pwn6bK:sOlg0sDq8z4kmwa/vLqTKCAXis6slup/","tlshash":"cce3122a9d4b13e1adce3c2117b023e69cde5f4d9df47564aa0c6419aec84e1d17073b","first_seen":"2026-04-02T16:02:07.949208Z","last_seen":"2026-04-05T19:37:44.026532Z","times_seen":271,"resource_available":false,"data":null}},"time_used":197,"timings":{"blocked":76,"dns":1,"connect":7,"send":0,"wait":9,"receive":19,"ssl":82},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260310/2026031015211447558.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.069Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260310/2026031015211447558.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 10 Mar 2026 07:21:19 GMT\r\nEtag: \"09a1f24352a1b05b313b1d860e40e324\"\r\nContent-Type: binary/octet-stream\r\nDate: Tue, 10 Mar 2026 07:21:20 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 5251\r\nContent-Length: 230784\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 11528747456408289608\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":230784,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"09a1f24352a1b05b313b1d860e40e324","sha1":"142a3669b57502f77038362327d4360316a3733e","sha256":"70bdc974727f4dd1dbf031946bd00ca571060f9bc082f61a61a1443afdd16028","sha512":"c0d83cbd10c29470eb0465c79578e94c0e34037b3f73afdc1a6727ba58819dd3ef2d97df870523b5cf7212991ffb6ca91ee71c863cb8e0bdc1d8578df0c48367","ssdeep":"6144:02IwTy96lcwjEFHlaWSPzVsDosdhyAWk7bl6OA3dIh1Q1LCZoLC:0Vw29/wQFAZzVn4hyfobXWdQMLq","tlshash":"623423acd97f7255910fed276e32430fdd6419e849ce62304e164f6383da363428ae6d","first_seen":"2026-03-12T19:17:27.601876Z","last_seen":"2026-04-05T19:37:44.020296Z","times_seen":402,"resource_available":false,"data":null}},"time_used":134,"timings":{"blocked":118,"dns":0,"connect":0,"send":0,"wait":8,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2025-12-18/5b45dc479cd5ab61612846aece7b12b0.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.073Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2025-12-18/5b45dc479cd5ab61612846aece7b12b0.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 25 Dec 2025 05:22:29 GMT\r\nEtag: \"7bb92395e149e14e94a6055079604efd\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 27 Dec 2025 01:05:40 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 83428\r\nContent-Length: 859008\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 3149723229228493937\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":859008,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"7bb92395e149e14e94a6055079604efd","sha1":"814b34e04b982854a64aa1169dd74defce10f669","sha256":"e6477e1cfda16c2f0067554689308de5881aec5a103e9166c7f2cc52d74fa2fe","sha512":"18e06b7703682758c0cf69484fbce671ac9b119f2469bb9ee39cde375d6e645a4c8d5bcaa87e1dae6e2e4d244074aabbad308672e4a036305ef98a80bef066b8","ssdeep":"24576:XOx0fy/w/loGgRzwm92XJH42h3c0IEEBzrA6lD/84:+4emg9wuy42hs01YZlD84","tlshash":"dc053364feae916263b160401a46d4e00c2235d983d6385b7f2763c65ecb3f3f85ab76","first_seen":"2025-11-07T18:33:42.38603Z","last_seen":"2026-04-05T19:37:44.014829Z","times_seen":647,"resource_available":false,"data":null}},"time_used":381,"timings":{"blocked":131,"dns":0,"connect":0,"send":0,"wait":28,"receive":222,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-03-28/4df5e24c8c47d9bdef18754ea88b18da.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.085Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-28/4df5e24c8c47d9bdef18754ea88b18da.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 28 Mar 2026 02:11:19 GMT\r\nEtag: \"df2521196c7f466242fa46363c72cc17\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 28 Mar 2026 02:11:19 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 356\r\nContent-Length: 237728\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 12770548486587444081\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":237728,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"df2521196c7f466242fa46363c72cc17","sha1":"aedb18a006afc9d65ff713f0fa44fac917da3cde","sha256":"0575bafeb4ae3319c8de5dff8abc8894830ae0d0fc8d1b1e03db7ddac6f56ca8","sha512":"1d64b178d6a40249dede77df263dfbdbf3aa506bd3b556ed83e9db4c9141103826ad225a6a15f23df33f6ead96953ab7d9e2f1555ae249460bb171b8add0946f","ssdeep":"6144:J57tCSq1e2FO3Fht1LGocyBq+xYyLOI5wK:3MSQxF2jLUOVmyCI2K","tlshash":"7d3423a1fb04dbb2715eb4fc202cd9ab98b9eb454dc2c541d38e5f137863c904acb259","first_seen":"2025-12-28T12:01:49.784279Z","last_seen":"2026-04-05T19:58:13.575323Z","times_seen":637,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":154,"dns":0,"connect":0,"send":0,"wait":31,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260315/2026031518484646736.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.606Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260315/2026031518484646736.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sun, 15 Mar 2026 11:30:15 GMT\r\nEtag: \"913616234c86ecd624181514f5a957b0\"\r\nContent-Type: binary/octet-stream\r\nDate: Sun, 15 Mar 2026 11:30:16 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 2172\r\nContent-Length: 73728\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 17270513309736056310\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":73728,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"913616234c86ecd624181514f5a957b0","sha1":"a75764e09fc4e3b0c54d3494f7685589f832160a","sha256":"2597d1eeedb83197feeb458480119fb5385a6887a174131aa50ab142dfff55d8","sha512":"f6aeac42c3fd1eaa24048fc60ec6be6d196642504bc627788cf5d8d3aa36f8567c27a68bfab9a491f7f213f05bdde619160260f363d299a2ee586de5a00a1268","ssdeep":"1536:rvYgm7v7Qc9TAE8rurmnhPDtJrQri4jRGEFf2oX/UuLhmYWkI0f1Q:rAgCfTAEnrmnhPBxSjRG8fHX/xw0y","tlshash":"ca7302f402815cf230dea4210a9bc69ffe6b59653d8ac83745678c893387d29e570b66","first_seen":"2026-03-17T07:50:47.700713Z","last_seen":"2026-04-05T19:37:43.98735Z","times_seen":299,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/themes/Mirages/js/layui/css/modules/laydate/default/laydate.css?v=5.3.1","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.899Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/themes/Mirages/js/layui/css/modules/laydate/default/laydate.css?v=5.3.1 HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:41:21 GMT\r\nlast-modified: Sat, 22 Feb 2025 09:51:59 GMT\r\ncontent-encoding: gzip\r\nexpires: Tue, 05 May 2026 17:41:21 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\netag: W/\"67b99e3f-1cc5\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: wCKhC9qm2kUyNpyrfZzgBrE4j7YI--eH8C2OUmbdAkuHpWu20tWjmA==\r\nage: 202\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":7365,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7365), with no line terminators","md5":"e9078eef34fe9a44e44bdd55b48fdc55","sha1":"73ef00229810ee179915661786d9b66b7fc2d568","sha256":"ab9dbdf922a26509951347fcfa83704d86afd2df855c827740c23df72fd8ab3f","sha512":"dbf200ca6effc6bee2f7e8f516dafe6b25fa66093f19fff117a8bd87732a3ca0206480319d5f733eb07d18f564cba1dfc6143587cbc5ea1d5d370948d8ab3921","ssdeep":"96:7OyDQi4ijYyC43i7hlVVZ4LyLk5bYsBE2rBOB:7OQQfyPCoiFVqHbrBE2rBA","tlshash":"45e1cc71b1542cd4702bc222b4a87cbfaef8dc02dae3265ce5b8621b85c15b7957d34b","first_seen":"2023-04-11T12:12:51Z","last_seen":"2026-04-05T20:11:58.359183Z","times_seen":26989,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522403945282.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:44.069Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522403945282.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:40:49 GMT\r\nEtag: \"5d5006ed78c5819a4c1437222eeb178b\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:40:50 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1233\r\nContent-Length: 35136\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 8640233732406759804\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":35136,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"5d5006ed78c5819a4c1437222eeb178b","sha1":"406e9fcb105e197cf6b70881c4d566484faca858","sha256":"0cb19fbec1133fbe86ef18b1768eaa09b74aaba24e899e416aa405a994e0b352","sha512":"2b7597a9c4ddce79e73a29ba24afedc519e4f37466f307a69441ac120d25cca10f0a593a7a1e07286ac29c4a59f891a07c40ea4a31eb219a3c403723a773b52f","ssdeep":"768:8hpG08B9AYV63qrvBrxRO3oCoSpr4iTYrexrZj5CjYlm8ia9P4t:8hpXofr5tqB4i+mrnlmO96","tlshash":"edf2e1a66917ac6d601a519f960131d7a28fb8738b62d3f60c8e2c76103531bf8e3727","first_seen":"2026-02-26T23:12:00.887473Z","last_seen":"2026-04-05T19:37:43.985327Z","times_seen":406,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-03-09/573fef2e86a3c75aa85906d7c43c2c00.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.079Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-09/573fef2e86a3c75aa85906d7c43c2c00.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 09 Mar 2026 13:18:21 GMT\r\nEtag: \"497ad1d838656263a97c185d12ebd810\"\r\nContent-Type: binary/octet-stream\r\nDate: Mon, 09 Mar 2026 13:18:22 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1674\r\nContent-Length: 100768\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 9455124705228901629\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":100768,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"497ad1d838656263a97c185d12ebd810","sha1":"52c50f554b8055eb73fb5366ea8db93a75e5cb64","sha256":"7691a517dffa29e5a3ac27bd35ce1792d4efbad778f919d2fbb946fdcb188380","sha512":"cd0080be4489ad08aaa6a10837928541239e78a7e66c6a90d47a05ba84c3c050d868bebf753efcfc133255823a3c36ef5b6176225de1f8093c5aff6d377ad57c","ssdeep":"3072:zs/HXOLahPO0DEQwYyircXo4lxOKrxtEqkb2ImD8xZNE:z5zucXooxOKrx5W2IlxZ+","tlshash":"83a312e74a0e30a4d588c00e92ecc8f2bb4d59756bbeaa0c9953026d411bf73787c54e","first_seen":"2026-03-04T08:58:20.539202Z","last_seen":"2026-04-05T19:58:13.638677Z","times_seen":1118,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":145,"dns":0,"connect":0,"send":0,"wait":19,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522372966388.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.928Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522372966388.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:37:38 GMT\r\nEtag: \"98063f2a65782c74b181be4fd4684bdc\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:37:38 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 164\r\nContent-Length: 31568\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 14208443654080559816\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31568,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"98063f2a65782c74b181be4fd4684bdc","sha1":"f328dc80b5a3ad68e34d34046baaa14c3497f6bb","sha256":"f7835973854f7ecc4eea0b46179053ee2ad3dd730fa43b5a3c2f741f98bcea0b","sha512":"2d0ca7c473106a9963b9caa198632fe9b4e074c895c7da4aeafcc4ed8f7ea3e7b906b4a3ccc26dc1490db1ee13a8f31f3a7725f69a49be6ad2d922c53cced941","ssdeep":"768:R1km0+DNxgIMEGSd43qp9iw61XBBkK7eZGCK6qm:R1kWNxdGt3qOXfHeqm","tlshash":"86e2e170254f98443c82592fbe16fb0e4c0e93b5a6031bbc0a531ad59454d1f5afbdde","first_seen":"2026-02-26T23:12:00.884403Z","last_seen":"2026-04-05T19:37:43.948003Z","times_seen":406,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522380879450.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:44.057Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522380879450.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:38:27 GMT\r\nEtag: \"f62efcba757f798be829d425347051d6\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:38:27 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 114\r\nContent-Length: 34144\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 6423201504730749905\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":34144,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"f62efcba757f798be829d425347051d6","sha1":"7c5c19ad132fa4d1e87a9be1731c04f4191f8d4a","sha256":"304ed4a19976afe1776e6e47b94e323a357c25295b2009d3126e2909e8212219","sha512":"f003d579510d026f7428222f81d4db11cca5a3b829371b87a2845592cb9356975a654220dc9f4e443318266030eefb85a8d71269019112524eb5b3a62758d6db","ssdeep":"768:2ykz7xiE3x1k9uLlXeziYPCdEYwotjfXuhI/+hq1/N:2TzQ2x1k4lX8pPCtwOf+W/+h6N","tlshash":"84e2f1a3756fc29144310eb75fe482f14aceb96f9b1ce67f500f02279ae68997af0114","first_seen":"2026-02-26T23:12:00.895125Z","last_seen":"2026-04-05T19:37:43.935689Z","times_seen":406,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/plugins/ai/common/index-ai.css?v=10","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.704Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/plugins/ai/common/index-ai.css?v=10 HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:41:15 GMT\r\nlast-modified: Thu, 15 Jan 2026 02:59:10 GMT\r\ncontent-encoding: gzip\r\nexpires: Tue, 05 May 2026 17:41:15 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\netag: W/\"696857fe-3b0a\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: 4mhybqSipRBorc_VmP3slYn-4Uwbd90H1oi9TE6EMpi8LWtIoCmqZQ==\r\nage: 207\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15114,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"0eb647c0f4ad08ad1f71a66d80e2e541","sha1":"628e2ccff3ede364d64bab9b1792895b6b94db70","sha256":"f9861eddb031d90e74c68555e1ec99cf6f2e1d7623aecc6b29d152173359bb5c","sha512":"e50de19abcf103c8c600c6a7fe3f0f890218ed48d8e7a7838dd1e4ca92f258c0edaed637dee7b69cdf7c96a7c25461883c0422b63658d416140422d8ea8fe248","ssdeep":"192:8nfAMTN/pMlr7BAWbuA+ZmVckgsspyplXWFt9DtmFtfXLEAEsbadFq:8f9YbuvmOkgaIYPLEAEsbWq","tlshash":"f7627414e26f3c67761780ac7ad8ebc01b1c5005be05df6c79b27ab18a8e3d61173b96","first_seen":"2026-01-15T06:34:04.316241Z","last_seen":"2026-04-05T19:37:43.982408Z","times_seen":469,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-03-18/f4b048f34411282a6855cbf3326ba44f.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.610Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-18/f4b048f34411282a6855cbf3326ba44f.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 20 Mar 2026 06:25:05 GMT\r\nEtag: \"9215db91ec664eafb966de8f81f00699\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 20 Mar 2026 06:25:05 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1015\r\nContent-Length: 84848\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 9731880302662907185\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":84848,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"9215db91ec664eafb966de8f81f00699","sha1":"00797cdd80c985235ce34359a291f8ae86254154","sha256":"6f02af734f8f1fa43600cf728182a297b4b2ad43cf5a8d52ed878aba4b225b02","sha512":"23f400e61ed43c00465c53f858ff957fb362d54dd0fbf1e3bb8dae6ea0b610e4f1faef4100f52f62661d6bcd1e6d386b3853017f70c3af0adcd84b99e31b8398","ssdeep":"1536:YsfNIs6tOM+qXuy+HuV6OwtKICKqsIZCx3ALxz31jE4dj317R+NEgyVifI:DKdjpX0OBIMqwFz3144Jl7U9yVifI","tlshash":"8f8302a375ea4a8736bc6c31ea020a8681dd52a07d7331d69f08414bf7d76b6ce580f7","first_seen":"2026-03-20T14:34:11.100542Z","last_seen":"2026-04-05T19:58:13.644931Z","times_seen":483,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-03-31/97aa6a8858aa8e14748e3428de553cb1.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.719Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-31/97aa6a8858aa8e14748e3428de553cb1.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 31 Mar 2026 11:55:11 GMT\r\nEtag: \"23e14ae135d945cb5069fe0cb5761a85\"\r\nContent-Type: binary/octet-stream\r\nDate: Tue, 31 Mar 2026 11:55:12 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 504\r\nContent-Length: 1646000\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 13172497605359057078\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1646000,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"5907e342d8f4e47ce7a44e2c866a1adb","sha1":"bbc1c2f20f5b2e0c9e940dc9362f331a59da8d85","sha256":"da7b5803874753c5f11c17dafd2d243f68852437900ad645a127dd0a72ed8139","sha512":"46acee073c581eead9fc4f78341b1026e12b98cacd382664f01cc7cfbec3ad44575c24f49da67970f836513a80a91c518a0d8dcd1e80a76c2d40186bb9b3101e","ssdeep":"24576:34si4YRc51suwtiNy25JSo+ylKRoVOxWnK3bGjksuCV6:3414LmtiA25J0VRoqWnK3bGjgC4","tlshash":"e8253389bc22c391c78f63181dd0e39ebdbbd985571a34d3d82d9d89addb6811a230dc","first_seen":"2026-03-31T12:32:32.340747Z","last_seen":"2026-04-05T20:11:58.391646Z","times_seen":3946,"resource_available":false,"data":null}},"time_used":364,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":66,"receive":298,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20241108/2024110817201475266.png","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.773Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20241108/2024110817201475266.png HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 08 Nov 2024 10:34:00 GMT\r\nEtag: \"ca44aee1b701452b25bf5d5c801c3421\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 10 Oct 2025 01:56:50 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 2313\r\nContent-Length: 1104\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 7128454665334519824\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1104,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"ca44aee1b701452b25bf5d5c801c3421","sha1":"f3a142a69a4b3a8879dfccedb28a690892876eca","sha256":"37fe82c5e9be0144291046c1d6917772980e80799cf86f9ff27c94f52918f7e9","sha512":"dec465343d681e776b4021bfca268a9f5075b8c44c683a16ecc9852570d72767e0c7c9cef7ad76b6aaf9a611ad215d5c24ade381db6fd2743a96dd2308ccae54","ssdeep":"","tlshash":"2711b99cdc569dd2f06fc36db70f956fd9cc950dd60391339aa6711610918e90448cbd","first_seen":"2025-02-08T20:55:59.138055Z","last_seen":"2026-04-05T19:37:43.967088Z","times_seen":850,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.upjswkg.top/","fqdn":"dksylmnl.upjswkg.top","domain":"upjswkg.top","tld":"top"},"ip":{"addr":"154.207.127.62","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-05T17:44:41.411Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upjswkg.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 21:52:41 GMT","end":"Sun, 17 May 2026 22:51:22 GMT"},"fingerprint":{"sha1":"CF:65:EC:70:C5:8D:35:5A:9F:A6:CD:F5:20:1E:24:89:DE:73:A2:39","sha256":"CD:6E:D3:44:8E:A2:54:0F:69:70:9B:E5:7F:30:62:1D:40:E8:41:C4:52:CC:42:AB:4F:39:85:D5:BD:54:A4:1D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: dksylmnl.upjswkg.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ndate: Sun, 05 Apr 2026 17:44:42 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: https://dksylmnl.mvbsghet.cc/\r\nserver: cloudflare\r\nx-debug-host: dksylmnl.upjswkg.top\r\nx-debug-301: exclude-sub\r\nx-server: web-node-2\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Zd1cq3ZuTiHyZ1vpN1FY2%2FxV2Cx6%2BpWN%2BLrK2JxNhBvujfFYOEru2oGViBdqScfOvNmibTkr304tXB75gyKvlUZDrdJNxGS5YB4z%2FqzrNUHKsALNF7PXyM%2BUjnPAKTo%2BspXRgcl7WQ%3D%3D\"}]}\r\ncf-ray: 9e7a5cbcba8d1ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":233286,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T20:11:35.189242Z","times_seen":13391169,"resource_available":true,"data":null}},"time_used":1034,"timings":{"blocked":307,"dns":288,"connect":1,"send":0,"wait":418,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.upjswkg.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.upjswkg.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/plugins/DPlayer/assets/player.js","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.767Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/plugins/DPlayer/assets/player.js HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:37:58 GMT\r\nlast-modified: Thu, 15 May 2025 08:58:11 GMT\r\ncontent-encoding: gzip\r\nexpires: Tue, 05 May 2026 17:37:58 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\netag: W/\"6825aca3-e68\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: DbMzb-lfzSGiL7iJnFgi7YUSprWQQR7kzF1upq3uSNIKyiVWDnWUuA==\r\nage: 403\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":3688,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"d042325c7fc2b254b967ae5391b20ca3","sha1":"a3a45d8e10910925cbdfc105daac64aad133f054","sha256":"6251c11d153ea168ffdd7603750c42a62501fdf6cb871cd18c497cc604390cf4","sha512":"4f8adec130892552e42a3f0e2ae77c05e51bfbfc8d7ae62feb3e7467206de8d83caa838a68cea08c9ed83c88861fb6cd6f888abf3294dba81d981925c629edd2","ssdeep":"","tlshash":"5a71011c68f71020525bb4f6896fd118b2385a871108de20fe0c9a9cdf6593d46f2bec","first_seen":"2025-06-15T11:45:05.329533Z","last_seen":"2026-04-05T19:37:43.970021Z","times_seen":862,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260321/2026032113051961666.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.055Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260321/2026032113051961666.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 21 Mar 2026 05:05:22 GMT\r\nEtag: \"8b71f0eb8e9c6ba91e106ec0cd0f88f2\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 21 Mar 2026 07:00:08 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 294\r\nContent-Length: 50464\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 15586123044763915566\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":50464,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"8b71f0eb8e9c6ba91e106ec0cd0f88f2","sha1":"b3a03574d9c8f5584f7726f9c17a9759958aaf14","sha256":"4a22e9cc1bac1d38ba7ee7e7322594c01aaf31fd1cd0faa18160935a7a644386","sha512":"99ae6be411c7e9b27da894fd0a2cc4825718b94435d1a3a25a70b588a3e249e29039c63c5a8a560913cba8365d0646377e6908f8efc6950f3449bbf8538c0f2d","ssdeep":"768:39m7GF/I+/jE4/bHhOOQ6TnP7OKwpei83kMpmYJmpk8/86+sDie0KNh:3kww+bx/bgO1z7H1nmYJmpT+loh","tlshash":"cb33023b41828f7acad49859bfdb8d70a628cd3a2337ffd966797a52501901a12c0c3c","first_seen":"2026-03-21T13:19:31.252302Z","last_seen":"2026-04-05T19:37:43.9513Z","times_seen":298,"resource_available":false,"data":null}},"time_used":92,"timings":{"blocked":82,"dns":0,"connect":0,"send":0,"wait":8,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260317/2026031712154510411.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.099Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260317/2026031712154510411.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 17 Mar 2026 04:15:49 GMT\r\nEtag: \"4b8fab7ed9ca8a9ada52a6ed7e8cd0db\"\r\nContent-Type: binary/octet-stream\r\nDate: Tue, 17 Mar 2026 05:00:11 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1755\r\nContent-Length: 86208\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 5016238762232357943\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":86208,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"4b8fab7ed9ca8a9ada52a6ed7e8cd0db","sha1":"2c5b936bf6ee68f4170945167647e02f3868e9a1","sha256":"15d9df67260f7de756f6cb406203e00fe18a670851e71220f0c545b4971e54fe","sha512":"989b0cab71dde44823db4f68b438b9c39964e1d29cbbd9f331c7e2ad58fc7c0a8501335a172811d77ed2ea970f937d8a2ef2e6e21e82c6bf3c35160cb27132e0","ssdeep":"1536:e2ol5ZTPp16WuBmDSs76U1ETFnxOT/uDiFnh8WFCkPSS:RolfTPpYWu0KUCFxC6iFnXcrS","tlshash":"d88302b429708309b8424c2c7c30d821fddea36ee7c48d942bc9cca35ac56eb669d75d","first_seen":"2026-03-17T07:50:47.638491Z","last_seen":"2026-04-05T19:37:43.989887Z","times_seen":299,"resource_available":false,"data":null}},"time_used":158,"timings":{"blocked":147,"dns":0,"connect":0,"send":0,"wait":8,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-01-03/c21c43b7e0a391cc37a6bef687e1ebeb.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.612Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-01-03/c21c43b7e0a391cc37a6bef687e1ebeb.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 03 Jan 2026 12:27:40 GMT\r\nEtag: \"bcaa053701413ddab3bb5210b6b57812\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 03 Jan 2026 12:27:41 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 347\r\nContent-Length: 61696\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 15583290837568217625\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":61696,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"bcaa053701413ddab3bb5210b6b57812","sha1":"3470832069d96634f3b4bf54269bfd935afb95d8","sha256":"0ef73649de019d693ef5635edd446f17c828789ceb3aeba31063a153eb772e36","sha512":"a4f379a8531a89debae7c210393d74860302a0f5026f00c7df99884842b0d7de456e111e02c6b825fb085e531ae54ce313f3f6154a69f664eef6511ae940b4cd","ssdeep":"1536:tLVjsiROgXcqltAzkGoO2QlGot3ofuRp2Qpw5Y:hVwiIgXFtAzJlLGotYWDpb","tlshash":"5e53013ad0855a87637036ef25ab408a5fbe31db1303cd0c409d171658b77a2e3666ef","first_seen":"2025-07-13T04:15:19.177555Z","last_seen":"2026-04-05T19:37:43.959161Z","times_seen":524,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-03-09/afb312949ed9a7c384552e405c4d5fa1.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.736Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-09/afb312949ed9a7c384552e405c4d5fa1.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 09 Mar 2026 05:55:08 GMT\r\nEtag: \"645193b231bebbdbaefbbaa77eac1364\"\r\nContent-Type: binary/octet-stream\r\nDate: Mon, 09 Mar 2026 05:55:17 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 538\r\nContent-Length: 507472\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 1145739023674139916\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":507472,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"645193b231bebbdbaefbbaa77eac1364","sha1":"31101e1dfba564435ca61cad3ce38243cae01e18","sha256":"0833cc49c1ccc851144bebd31890cd11b836252b599f742ae0f069296a0cfe35","sha512":"55fec6a28b17930748cdbe8500c653a020a70db219fba2db69460b08418263702eae0359e8682f13270b19322147246dc3dfec87cb29106578e91bf02612a262","ssdeep":"12288:ERgDw8QSNU/TDrgc60Fv/9/Ut4mDGQkKei0taP8Vaam7vubr:ERw34/Dg4dstdfBCaP8Vaam7vqr","tlshash":"85b42323e365ced7cd86aae3a8ba3fc769626336820773dec26115df20140817b5574b","first_seen":"2026-02-15T21:43:33.911102Z","last_seen":"2026-04-05T20:29:30.324118Z","times_seen":1892,"resource_available":false,"data":null}},"time_used":73,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":58,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/themes/Mirages/js/layui/css/modules/code.css?v=2","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.915Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/themes/Mirages/js/layui/css/modules/code.css?v=2 HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:41:21 GMT\r\nlast-modified: Sat, 22 Feb 2025 09:51:59 GMT\r\ncontent-encoding: gzip\r\nexpires: Tue, 05 May 2026 17:41:21 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\netag: W/\"67b99e3f-527\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: uEIIW2wDluarL8bTZZbVRs8MNoWNBnXZI7SDiEEAaaBd0mbIhFJwzQ==\r\nage: 202\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":1319,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1319), with no line terminators","md5":"986d0d70b033a195fc1bd1527b06993b","sha1":"69ea79bb09bddd3b988db70ef8b10be9ed0f0065","sha256":"3f27194c2e479212781a76f993b778d724ac9838e780b19472c0357cd3081431","sha512":"a3d1ffa0ba90c8ed8f1330c456760ad7098b683756f1f5d2aae6ec89502c0fe1ff6287e7b1180b9df8f50d517118b610566e9315de055d4780a230488eda10e0","ssdeep":"","tlshash":"d721493aa3852118354bf21574fcbcbca03cb1d6a5ea0eaaff416797c944c51083674f","first_seen":"2023-04-11T12:12:51Z","last_seen":"2026-04-05T20:11:58.311645Z","times_seen":27054,"resource_available":false,"data":null}},"time_used":64,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":64,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260225/2026022522335775130.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:43.925Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260225/2026022522335775130.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dksylmnl.mvbsghet.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 14:34:12 GMT\r\nEtag: \"fd3ca210355c96d7aef272da9a2ae4c4\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 14:34:12 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 371\r\nContent-Length: 28224\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 505884252527058378\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28224,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"fd3ca210355c96d7aef272da9a2ae4c4","sha1":"73c0839d8c437709f5a2cd644dfae281b3e12e8e","sha256":"836765cb6f25a4f272733361c118c1c97c96226abee186923847a5cba0278fb7","sha512":"2044246b44278b67c5548e0d4b05b6762ebd7ac254603630b9db6d1bb705546350e74756946c6cdf3d05a4b92dfdd68d8ff8f9815eeee685cd23c9cfc75c87cf","ssdeep":"768:UBmQVebsZP69NiUpcI3BK+ZTZmZjeqvxDv:mmLsZi9NiaHK+2ZaqJv","tlshash":"85c2f1ec4829c64b1bc8d7e4c191dec5f9cd85dc518cbfc0888a66fb1ea9708d96c923","first_seen":"2026-02-26T23:12:00.958235Z","last_seen":"2026-04-05T19:37:43.942135Z","times_seen":406,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/themes/Mirages/css/7.10.0/mirages.min.css?v=6\u0026v=40","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.661Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/mirages.min.css?v=6\u0026v=40 HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:41:15 GMT\r\nlast-modified: Tue, 24 Mar 2026 02:41:33 GMT\r\ncontent-encoding: gzip\r\netag: W/\"69c1f9dd-32489\"\r\nexpires: Tue, 05 May 2026 17:41:15 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: SOyRTSYWU8mK7IioO4OrOJ8TMiT3A03PfSMxYmJVcnTou0i3Hgvzcw==\r\nage: 207\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":205961,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1228)","md5":"8d88da4cd6150a7cf65f00915ea05476","sha1":"6e28c923c96fb0f23dec29e6c27c0f8ea17d51dc","sha256":"12d47163c0c62362c9922c694e9f9e217b23988fdf1f9781cc0f5fbdc5451df5","sha512":"d714d725a47c9e34eb5ef4ea944735f113e82c0cb87049e94d8364731513bc758fbe4c5d06f45526954be59c1c6214d7db0e3eff7c3162f0cbf0c0fb0e5f39a0","ssdeep":"6144:PwcGCP/zEBl4f1Bl4fMYEG8PnXNsSd1XmFLtaS4oXCG:Pwc/xY","tlshash":"7314627c954111d46373ca5aafc4b6582738f226dd012ebdf12722d8dbc2b9b12e2b4d","first_seen":"2026-03-25T23:03:54.313006Z","last_seen":"2026-04-05T19:37:43.953535Z","times_seen":293,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/themes/Mirages/images/close.png","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.757Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/themes/Mirages/images/close.png HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 328\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 16:50:03 GMT\r\nlast-modified: Mon, 01 Dec 2025 06:43:35 GMT\r\nexpires: Tue, 05 May 2026 16:50:03 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\naccept-ranges: bytes\r\netag: \"692d3917-148\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: F3SzzXGwygGME1NTIPO1GD2F7aa2NSpoQWO1CI5AQVHXVLGByVt9wA==\r\nage: 3278\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":328,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 30 x 30, 4-bit colormap, non-interlaced","md5":"215a1e584cb0039d319ffd69d9df0e51","sha1":"8a3d3e65a0260d286373b8882487a0ac6a9724c7","sha256":"f4693ad8590376075c38055091de94c7ae92b5abc56182861a53e76c4bc8feb5","sha512":"0b5aa0817a7205e14f38c93038490f57956cc5632a6c50db1e84fe5e9e5b0df100a3ea41c6178ffdba66fc59f04a0cdb479ba5b81d505e7327e60334e7870f67","ssdeep":"","tlshash":"b4e07d93fc7aad38c6caa133b7a4819196bcab7e6564992f2e530169806804d9445318","first_seen":"2025-11-17T11:08:20.211585Z","last_seen":"2026-04-05T20:11:58.411073Z","times_seen":14577,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dksylmnl.mvbsghet.cc/usr/plugins/ai/common/index-ai.js?v=7","fqdn":"dksylmnl.mvbsghet.cc","domain":"mvbsghet.cc","tld":"cc"},"ip":{"addr":"3.167.2.36","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dksylmnl.mvbsghet.cc/","date":"2026-04-05T17:44:42.796Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mvbsghet.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 04 Apr 2026 00:00:00 GMT","end":"Sun, 18 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:9E:2B:CA:EE:39:49:2A:A2:1E:FB:45:60:29:F4:EC:C6:C5:33:ED","sha256":"EB:E8:C2:95:70:7A:02:A3:F2:1F:79:67:EC:5A:D8:5B:1E:9C:A4:1B:C8:96:49:54:14:D2:53:2C:AE:62:4C:32"}}},"request":{"raw":"GET /usr/plugins/ai/common/index-ai.js?v=7 HTTP/1.1\r\nHost: dksylmnl.mvbsghet.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dksylmnl.mvbsghet.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.28.0\r\ndate: Sun, 05 Apr 2026 17:37:29 GMT\r\nlast-modified: Tue, 06 Jan 2026 12:52:09 GMT\r\ncontent-encoding: gzip\r\netag: W/\"695d0579-a652\"\r\nexpires: Tue, 05 May 2026 17:37:29 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 331956c71b3e587b085083fed0bc8c3e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: R5qMFVFxlemUtZanWyNC0crNayRx3hvcJq9qVfRRa23UuwMGMSpwKQ==\r\nage: 433\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":42578,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (306)","md5":"1a8c886ca0259f7858a2660db5ef05b5","sha1":"c896cb4e4f40f1d85d877aba8d5f4df6b2b67139","sha256":"2abcf98f1e604fc48b3ac181cc8d3c56e682fc68ea9296959f001973b9a8a061","sha512":"7eb9636082b72068a945362724c340fa1f987e9983a44af6ef6b78b74d3a2a487bf314ee9f7835c198296181d161fb0286b7a2420562095abbef87cdf2bbb7a1","ssdeep":"384:IkSVlcz8cJPkBjLr5pR6SLGwpY18zkJWMNSCoGp5va6Tr6iIZep:MVqz8cJwLr5pR6SyCYRJRNn7p5Prkep","tlshash":"2313a60a39ff74118567706b2befa0057630a0177609df087f4d87985fc152996e3bea","first_seen":"2026-01-07T01:12:25.460758Z","last_seen":"2026-04-05T19:37:43.966614Z","times_seen":506,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"dksylmnl.mvbsghet.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}