{"report_id":"bdd856eb-9ff0-49d2-bd6f-5cf4e3110aad","version":0,"status":"done","tags":[],"date":"2026-06-30T21:53:51Z","url":{"schema":"http","addr":"jysjysjpp.com","fqdn":"jysjysjpp.com","domain":"jysjysjpp.com","tld":"com"},"ip":{"addr":"204.0.57.110","port":0,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"jysjysjpp.com/","fqdn":"jysjysjpp.com","domain":"jysjysjpp.com","tld":"com"},"title":"jysjysjpp.com/","dom":{"size":23482,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (23022)","md5":"b52e9bb375cfd820c02e84a2d9902abd","sha1":"df39340b08a8e8d8c0ef0b56460b5ee7a3de3d5e","sha256":"0b1fd1e36efe4e1fd204139fa0d2792bff892f7439eb36fb336dfe6e02acc5fe","sha512":"34dda8d235b36dcbcfc92b0f046f93fb9ad06a72273b864cba9a6d026c19bf8b00e2e6ad51c750998e9b6af04d5db01be787262ba72ab32862fafd05edb4854a","ssdeep":"384:6O6v8EIz1fFpyEWi2jD9GT4LLFFmW/c7Nl6846jX9+5ijT3STC:fAIz1fFp5Qj5GTsLFFmW/c7Nl6846jXb","tlshash":"5bb2533473091a3e615387e4f6a1bb3992bed39aea0f941cf57c01a16387d88dc636d4","dom_hash":"domhash97304f86a92680411b5ae2661af97389","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"jysjysjpp.com","fqdn":"jysjysjpp.com","domain":"jysjysjpp.com","tld":"com"},"ip":{"addr":"204.0.57.110","port":0,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-04T21:53:51Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"jysjysjpp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"jysjysjpp.com","ip":{"addr":"204.0.57.110","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"domain_registered":"2026-04-13","domain_rank":0,"first_seen":"2026-06-30T19:13:38.237646Z","last_seen":"2026-06-30T19:13:38.237646Z","alert_count":6,"request_count":6,"received_data":1042238,"sent_data":2866,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"jysjysjpp.com/assets/index-B6yy3Har.js","fqdn":"jysjysjpp.com","domain":"jysjysjpp.com","tld":"com"},"ip":{"addr":"204.0.57.110","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4238352fc4dec8f81f195ab40a14a94b","sha1":"313444bcef99736fe8efae4b55c1ba3de2332ff2","sha256":"79581cc7d811ff5325a2144554157cc0f94b82544ae261a1770bfc05ecaca525","sha512":"6da7a8ea94513c794636fdb80e430eca36414e0f1fda0928aaae265f44aa406de4af640bcef9ab15237cab2cefcb8e096af915ead4956c0d3a5ce1f48113c566","ssdeep":"12288:hzEBnOx2Qli/aofAUizYwQTZe345ik4a2ycx8:aW2ecwQTUI5ik4a26","tlshash":"63157e9571e6b5a567a70531106f480ab2be8855cd0f4428f074f8ba31da8c4baf7ff8","size":928546,"data":"","first_seen":"2026-06-30T19:13:42.379121Z","last_seen":"2026-06-30T21:53:53.597164Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"jysjysjpp.com/","fqdn":"jysjysjpp.com","domain":"jysjysjpp.com","tld":"com"},"ip":{"addr":"204.0.57.110","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-30T21:53:25.644Z","timestamp":1782856405644,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jysjysjpp.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Jun 2026 14:29:51 GMT","end":"Fri, 25 Sep 2026 14:29:50 GMT"},"fingerprint":{"sha1":"9A:8B:F4:B0:BB:57:66:10:A1:40:36:51:63:C8:DB:14:CC:09:D4:4D","sha256":"CC:39:B6:53:77:65:D4:11:F5:E5:4C:BE:D9:A0:CD:A9:D9:DF:41:7F:99:AB:A5:78:4C:EB:6F:64:6C:4E:3F:08"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: jysjysjpp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Tue, 30 Jun 2026 21:53:26 GMT\r\ncontent-type: text/html\r\ncontent-length: 504\r\nlast-modified: Fri, 26 Jun 2026 03:41:37 GMT\r\netag: \"6a3df4f1-1f8\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":504,"size_decoded":940,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"366bbdb8ab9f29423a1a44657bb42b34","sha1":"58450d1a840f79d2685ddc15f092ff4350a426c6","sha256":"298eeefc210604547b48d795890b3f3086df3136781b524232e5583bc5a8b71b","sha512":"586af09283f064626622fc77847788ec25442223d6204fcf24c6dedc542a096382ff93ea4feb992f755f5025ab08704c2deb704cc5af2ec160b2c953236ec79a","ssdeep":"","tlshash":"12f09e4294e0890d932007596dc0f6055a87e6c78b45ad5536eeb07d8fc8f81cedf4bc","first_seen":"2026-06-30T19:13:42.377949Z","last_seen":"2026-06-30T21:53:53.596463Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1358,"timings":{"blocked":-1,"dns":230,"connect":281,"send":0,"wait":281,"receive":0,"ssl":566},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"jysjysjpp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jysjysjpp.com/assets/index-B6yy3Har.js","fqdn":"jysjysjpp.com","domain":"jysjysjpp.com","tld":"com"},"ip":{"addr":"204.0.57.110","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jysjysjpp.com/","date":"2026-06-30T21:53:27.249Z","timestamp":1782856407249,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jysjysjpp.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Jun 2026 14:29:51 GMT","end":"Fri, 25 Sep 2026 14:29:50 GMT"},"fingerprint":{"sha1":"9A:8B:F4:B0:BB:57:66:10:A1:40:36:51:63:C8:DB:14:CC:09:D4:4D","sha256":"CC:39:B6:53:77:65:D4:11:F5:E5:4C:BE:D9:A0:CD:A9:D9:DF:41:7F:99:AB:A5:78:4C:EB:6F:64:6C:4E:3F:08"}}},"request":{"raw":"GET /assets/index-B6yy3Har.js HTTP/1.1\r\nHost: jysjysjpp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://jysjysjpp.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Tue, 30 Jun 2026 21:53:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 26 Jun 2026 03:41:37 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a3df4f1-e2b22\"\r\nexpires: Wed, 01 Jul 2026 09:53:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":928546,"size_decoded":285122,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (43355)","md5":"4238352fc4dec8f81f195ab40a14a94b","sha1":"313444bcef99736fe8efae4b55c1ba3de2332ff2","sha256":"79581cc7d811ff5325a2144554157cc0f94b82544ae261a1770bfc05ecaca525","sha512":"6da7a8ea94513c794636fdb80e430eca36414e0f1fda0928aaae265f44aa406de4af640bcef9ab15237cab2cefcb8e096af915ead4956c0d3a5ce1f48113c566","ssdeep":"12288:hzEBnOx2Qli/aofAUizYwQTZe345ik4a2ycx8:aW2ecwQTUI5ik4a26","tlshash":"63157e9571e6b5a567a70531106f480ab2be8855cd0f4428f074f8ba31da8c4baf7ff8","first_seen":"2026-06-30T19:13:42.379121Z","last_seen":"2026-06-30T21:53:53.597164Z","times_seen":2,"resource_available":true,"data":null}},"time_used":573,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":573,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"jysjysjpp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jysjysjpp.com/assets/index-CReUbcTI.css","fqdn":"jysjysjpp.com","domain":"jysjysjpp.com","tld":"com"},"ip":{"addr":"204.0.57.110","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://jysjysjpp.com/","date":"2026-06-30T21:53:27.250Z","timestamp":1782856407250,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jysjysjpp.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Jun 2026 14:29:51 GMT","end":"Fri, 25 Sep 2026 14:29:50 GMT"},"fingerprint":{"sha1":"9A:8B:F4:B0:BB:57:66:10:A1:40:36:51:63:C8:DB:14:CC:09:D4:4D","sha256":"CC:39:B6:53:77:65:D4:11:F5:E5:4C:BE:D9:A0:CD:A9:D9:DF:41:7F:99:AB:A5:78:4C:EB:6F:64:6C:4E:3F:08"}}},"request":{"raw":"GET /assets/index-CReUbcTI.css HTTP/1.1\r\nHost: jysjysjpp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://jysjysjpp.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Tue, 30 Jun 2026 21:53:27 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 26 Jun 2026 03:41:37 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a3df4f1-e1b2\"\r\nexpires: Wed, 01 Jul 2026 09:53:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":57778,"size_decoded":10090,"mime_type":"text/css","magic":"ASCII text, with very long lines (57777)","md5":"bf69db31c2a5c28e303c9c77bf133ec8","sha1":"e930c54a516fea497f8d2cab1b502e8c3bd19ceb","sha256":"ef207839859608b5bc0e093143f1702a1af76e64c3247f83e11ed66f16a15020","sha512":"d22e9f44abd93395f6e803f19f9c01dab145d4a1bbe656e36b2279b8f413e6b7344bd7164279e1f8b3cf916026be2901e52dd13eb4ae68b554a71d1d18196a3e","ssdeep":"384:GZnJFOBhNim7lOMYoV+6BIizLXyNn3/UrcR4idHbMXr60pfrMEzr7PS/g32wQ1:GvFOBhNim7lOMYo06BiNfCprrSY2wQ1","tlshash":"cc43531da655443f7d1360f9d66cf99ea00bb1c1ee3e66eabd426000a7e27f62cd3600","first_seen":"2026-06-30T19:13:42.380053Z","last_seen":"2026-06-30T21:53:53.600997Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"jysjysjpp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jysjysjpp.com/vite.svg","fqdn":"jysjysjpp.com","domain":"jysjysjpp.com","tld":"com"},"ip":{"addr":"204.0.57.110","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jysjysjpp.com/","date":"2026-06-30T21:53:28.889Z","timestamp":1782856408889,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jysjysjpp.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Jun 2026 14:29:51 GMT","end":"Fri, 25 Sep 2026 14:29:50 GMT"},"fingerprint":{"sha1":"9A:8B:F4:B0:BB:57:66:10:A1:40:36:51:63:C8:DB:14:CC:09:D4:4D","sha256":"CC:39:B6:53:77:65:D4:11:F5:E5:4C:BE:D9:A0:CD:A9:D9:DF:41:7F:99:AB:A5:78:4C:EB:6F:64:6C:4E:3F:08"}}},"request":{"raw":"GET /vite.svg HTTP/1.1\r\nHost: jysjysjpp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://jysjysjpp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Tue, 30 Jun 2026 21:53:29 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Tue, 13 Jan 2026 04:47:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6965ce6e-5d9\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1497,"size_decoded":1217,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"8e3a10e157f75ada21ab742c022d5430","sha1":"f7f39d7237b791a945d52a5cd7a8fb365f313366","sha256":"4a748afd443918bb16591c834c401dae33e87861ab5dbad0811c3a3b4a9214fb","sha512":"fbf065e26d907454cb432a17d831f448e1c3df0f33cd681ccc52b63e5bc26bc9e4de08591a2de579e5b05219fcffd3b4d4261ada6fa55299e731343df860488d","ssdeep":"","tlshash":"2031451fda7fd4fec0a6cb48e612b047962c30d95e41c5b4d9845f0e64a19f17c0aa64","first_seen":"2023-05-18T16:20:30Z","last_seen":"2026-07-02T06:30:39.341128Z","times_seen":5847,"resource_available":false,"data":null}},"time_used":281,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":281,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"jysjysjpp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jysjysjpp.com/api/banner","fqdn":"jysjysjpp.com","domain":"jysjysjpp.com","tld":"com"},"ip":{"addr":"204.0.57.110","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://jysjysjpp.com/","date":"2026-06-30T21:53:28.931Z","timestamp":1782856408931,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jysjysjpp.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Jun 2026 14:29:51 GMT","end":"Fri, 25 Sep 2026 14:29:50 GMT"},"fingerprint":{"sha1":"9A:8B:F4:B0:BB:57:66:10:A1:40:36:51:63:C8:DB:14:CC:09:D4:4D","sha256":"CC:39:B6:53:77:65:D4:11:F5:E5:4C:BE:D9:A0:CD:A9:D9:DF:41:7F:99:AB:A5:78:4C:EB:6F:64:6C:4E:3F:08"}}},"request":{"raw":"GET /api/banner HTTP/1.1\r\nHost: jysjysjpp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://jysjysjpp.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Tue, 30 Jun 2026 21:53:29 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 392\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\netag: W/\"188-lLofcGNB6lcs8mLmCEEYgM8lORU\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":392,"size_decoded":858,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"5c5810042b23385bd78c724c85134746","sha1":"94ba1f706341ea572cf262e608411880cf253915","sha256":"0df66c5f26061ede712adf1fe3ceed65025f5cb3a955372661b9676fdfc1c800","sha512":"4eea57763c249238f8f573a82913e6c220c007089c41af196435e59549d0f245f33d2fcd93bd9e12fad0d466adf84189c4fda7af46c610f34bcc42bd810f7d13","ssdeep":"","tlshash":"b3e022d0ab72f0310a34a5c6782734a23889780c490743d8f78486e8801c2b18e6f20b","first_seen":"2026-06-30T19:13:42.375926Z","last_seen":"2026-06-30T21:53:53.602847Z","times_seen":2,"resource_available":false,"data":null}},"time_used":294,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":294,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"jysjysjpp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jysjysjpp.com/uploads/banners/banner-1769153066581-86018770.avif","fqdn":"jysjysjpp.com","domain":"jysjysjpp.com","tld":"com"},"ip":{"addr":"204.0.57.110","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jysjysjpp.com/","date":"2026-06-30T21:53:29.231Z","timestamp":1782856409231,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jysjysjpp.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Jun 2026 14:29:51 GMT","end":"Fri, 25 Sep 2026 14:29:50 GMT"},"fingerprint":{"sha1":"9A:8B:F4:B0:BB:57:66:10:A1:40:36:51:63:C8:DB:14:CC:09:D4:4D","sha256":"CC:39:B6:53:77:65:D4:11:F5:E5:4C:BE:D9:A0:CD:A9:D9:DF:41:7F:99:AB:A5:78:4C:EB:6F:64:6C:4E:3F:08"}}},"request":{"raw":"GET /uploads/banners/banner-1769153066581-86018770.avif HTTP/1.1\r\nHost: jysjysjpp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://jysjysjpp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Tue, 30 Jun 2026 21:53:29 GMT\r\ncontent-type: image/avif\r\ncontent-length: 50600\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\ncache-control: public, max-age=0\r\nlast-modified: Fri, 23 Jan 2026 07:24:26 GMT\r\netag: W/\"c5a8-19be9bd7657\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":50600,"size_decoded":51134,"mime_type":"image/avif","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 300x400, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"574c384dbebad860b42cff3df1ffedc0","sha1":"8de5c25662df60a14ddf3bf14ed3c49b790439cd","sha256":"b1443292050d7084e8673e2dcdd900f192321871f9a6342160048111762eb18a","sha512":"ad8bdba23810aec0e7bd4fafbcfc96fe46a372b0bba68481af1b5d1a777da333e239745ddc9f4e520bed174f9d179cf577560748ccd89b1df9c7a3a05d642843","ssdeep":"1536:swC1u6MXSbjeUSGGVzJ3ftqFWF2kEnF4H3L4tUzs8:JCA6MXSuUS/zdthUUX","tlshash":"9333f2b8f496370165925c8983fa64f7dca3d1e5454cbe1cc729c5af087049a31a8b7b","first_seen":"2026-06-30T19:13:42.376932Z","last_seen":"2026-06-30T21:53:53.603943Z","times_seen":2,"resource_available":false,"data":null}},"time_used":317,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":302,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"jysjysjpp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}
