{"report_id":"c13a328e-4c74-44e2-b876-cff0cd0efd4c","version":6,"status":"done","tags":[],"date":"2025-12-31T13:57:14Z","url":{"schema":"http","addr":"hiwifiapp.com/","fqdn":"hiwifiapp.com","domain":"hiwifiapp.com","tld":"com"},"ip":{"addr":"154.199.192.34","port":0,"asn":9009,"as":"M247 Europe SRL","country":"Spain","country_code":"ES"},"final":{"url":{"schema":"https","addr":"www.0769chumei.com/","fqdn":"www.0769chumei.com","domain":"0769chumei.com","tld":"com"},"title":"米兰网页版-米兰（中国）","dom":{"size":19277,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1181)","md5":"f8d01ca8006432129f4b6de671db51a2","sha1":"2c2c704eddfad8a98359ce9c0dd17f2cb12772c0","sha256":"e224c8acf4b881759683b3a1736d61dbc30960573531a784ba04e964640cc430","sha512":"a8d075fd21407d288119a0fd8d52d0e55d8a82e0bc992c823fa752c0746fafc7ac863a03b198d404ef14c44dc173fa34ebc65492ce092257c65dbd12bd1a04dc","ssdeep":"384:ixeLAa76E6dODCJkiN7CRbqojKAxuxMx0xSxh:IA76E6dODCJkiN2RbqojKMCYgWh","tlshash":"50823f6644f344271273a0a66b6a67873fa4e913c90b8f45bbec1be49fc2d52cd0354e","dom_hash":"domhashc626c8f1316f5704e62e6dd6f75fae1a","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"hiwifiapp.com/","fqdn":"hiwifiapp.com","domain":"hiwifiapp.com","tld":"com"},"ip":{"addr":"154.199.192.34","port":0,"asn":9009,"as":"M247 Europe SRL","country":"Spain","country_code":"ES"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-04T13:57:14Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":11}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"hiwifiapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"hiwifiapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"mlbetjs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.0769chumei.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"cdn.bootcss.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"cdn.bootcss.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"cdn.bootcss.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"cdn.bootcss.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"hm.baidu.com","ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"domain_registered":"1999-10-11","domain_rank":54491,"first_seen":"2012-05-26T08:38:45Z","last_seen":"2025-12-29T01:26:42.90299Z","alert_count":0,"request_count":6,"received_data":92665,"sent_data":3556,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.ybwworld.com","ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"domain_registered":"2022-11-12","domain_rank":0,"first_seen":"2022-11-12T17:33:11Z","last_seen":"2025-12-25T17:09:19.10164Z","alert_count":105,"request_count":35,"received_data":1124493,"sent_data":17817,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"v1-ab.cdn-static.cn","ip":{"addr":"47.246.3.26","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"United States","country_code":"US"},"domain_registered":"2016-10-17","domain_rank":0,"first_seen":"2019-12-03T09:16:21Z","last_seen":"2025-12-29T21:01:47.825958Z","alert_count":0,"request_count":20,"received_data":9400,"sent_data":9926,"comment":"","tags":null,"fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}]},{"fqdn":"mlbetjs.com","ip":{"addr":"202.79.171.25","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"domain_registered":"2023-06-05","domain_rank":1731635,"first_seen":"2023-06-05T07:22:39Z","last_seen":"2025-12-27T12:48:00.661274Z","alert_count":1,"request_count":1,"received_data":2619,"sent_data":419,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"collect-v6.51.la","ip":{"addr":"43.174.227.204","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"domain_registered":"2005-01-17","domain_rank":348646,"first_seen":"2021-03-08T16:03:54Z","last_seen":"2025-12-29T02:40:12.477045Z","alert_count":0,"request_count":2,"received_data":725,"sent_data":954,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.0769chumei.com","ip":{"addr":"154.199.195.22","port":443,"asn":9009,"as":"M247 Europe SRL","country":"Spain","country_code":"ES"},"domain_registered":"2025-06-06","domain_rank":0,"first_seen":"2025-10-26T05:23:19.022585Z","last_seen":"2025-12-19T05:28:50.791254Z","alert_count":3,"request_count":3,"received_data":131969,"sent_data":1788,"comment":"","tags":null,"fingerprints":[{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]},{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"cdn.bootcss.com","ip":{"addr":"134.122.175.14","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"domain_registered":"2012-11-12","domain_rank":647519,"first_seen":"2013-11-06T09:25:21Z","last_seen":"2025-12-26T17:04:38.438802Z","alert_count":4,"request_count":1,"received_data":58654,"sent_data":454,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"v1.cdn-static.cn","ip":{"addr":"154.41.93.241","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"domain_registered":"2016-10-17","domain_rank":0,"first_seen":"2019-12-03T09:16:22Z","last_seen":"2025-12-29T21:01:47.840031Z","alert_count":0,"request_count":14,"received_data":2338,"sent_data":6658,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"hiwifiapp.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2022-11-28","domain_rank":3951402,"first_seen":"2025-12-31T13:57:15.02997Z","last_seen":"2025-12-31T13:57:15.02997Z","alert_count":8,"request_count":4,"received_data":66117,"sent_data":1844,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.0769chumei.com/","fqdn":"www.0769chumei.com","domain":"0769chumei.com","tld":"com"},"ip":{"addr":"154.199.195.22","port":443,"asn":9009,"as":"M247 Europe SRL","country":"Spain","country_code":"ES"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-04-03T20:31:04.691626Z","times_seen":102044,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.0769chumei.com/","fqdn":"www.0769chumei.com","domain":"0769chumei.com","tld":"com"},"ip":{"addr":"154.199.195.22","port":443,"asn":9009,"as":"M247 Europe SRL","country":"Spain","country_code":"ES"},"introduction_type":"scriptElement","is_inline":false,"md5":"db75b80c7dcd5ac1550dbb9e7495dea4","sha1":"64f8ed3052dd6c325d965ad546510a361a6f6402","sha256":"a97619cf58a2ff573ec34667a29917f2eaf875d0c543f7a8a821df5258a8360c","sha512":"67c6a96f3ed36f5e79eaa965e31220e00412e4e907977b1e5197112fa9ffeac596b60d46c9b98389387d3266f2056e195669502e15fedb7538d478ff5971ec06","ssdeep":"","tlshash":"12f097be9c41a1989ad328acabefd749d0ae0426900ed853a4d5c8cd7d38fc9043134c","size":496,"data":"","first_seen":"2025-02-26T20:14:21.464564Z","last_seen":"2026-04-01T21:30:22.319289Z","times_seen":45,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/ky.html","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"Function","is_inline":false,"md5":"26421ac860f4dba7f27811712a149502","sha1":"aaf37d59cb4b28ac48ecefa82a2824a8e6210d5b","sha256":"266f482d6e5dd0302fca1871e22db5996e068d1188d1ba9cd96b892552fbcab3","sha512":"919156d81b248a368b0559741a8e0ce24a14178806923d1c1e783b25c3e61815727c3b81cf21e8f4ccd6c29c49f43e8a4d3cfe5bf386b43b01913f328d864e4d","ssdeep":"","tlshash":"6e9004d730c350345f53135404571cc5513cc470144c4d44c0c0d4517cd50345115c5c","size":39,"data":"","first_seen":"2023-04-12T04:16:13Z","last_seen":"2026-04-03T20:20:50.939649Z","times_seen":12476,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.0769chumei.com/","fqdn":"www.0769chumei.com","domain":"0769chumei.com","tld":"com"},"ip":{"addr":"154.199.195.22","port":443,"asn":9009,"as":"M247 Europe SRL","country":"Spain","country_code":"ES"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-04-03T20:31:04.691626Z","times_seen":102044,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sdk.51.la/js-sdk-pro.min.js","fqdn":"sdk.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8a41c9449b73e8ba0224c6be1f0b7e8","sha1":"33d79319d4110bcf5c44c36f7dd4a291972ac546","sha256":"52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565","sha512":"472d0395a65a3ade2d215559b196a88ffcdacde3ac0f573eb8663b524f201d72c9339bcacbc198d82452a0ac367c0efd407b12795943cdd2755d95a8cf71b977","ssdeep":"768:swetbD3SkE+a/l1jaKUiQU5eqEh9GMXBOXAA/EXBeJMlbJfuPT:BetbD3SVT/3+KUc5eqEh9GMXBYEXBeJ7","tlshash":"dbf23d9577c0317cc3c783ea362b501ae1a69e910059a8bcf345f6907d34e56a37fba8","size":36114,"data":"","first_seen":"2025-03-10T03:40:31.536734Z","last_seen":"2026-04-03T20:33:16.368813Z","times_seen":81068,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/ky.html","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"c0e542a00c4f67dcf361b2f1ca4ac319","sha1":"53d829ff898a01d5262bbc061db94b8566077b3e","sha256":"12829b2fd951e9ae845ec6c99dfadde459cc5a0080a0783fdbccac10f230d3f5","sha512":"c9031260fe87ffc147e65848492cdca4b9fc493e45e1c52ff84e250afde74ff8889449788ffec819fb18635d05f7a0b610ca7a737bbd0ff0d1d7e0c0d8674e6b","ssdeep":"","tlshash":"1ec08c157ec7cd28814142e28865e20890a8f52be602ed08b6fe41805f82b480800920","size":160,"data":"","first_seen":"2024-09-19T08:05:04Z","last_seen":"2026-04-03T16:25:58.818804Z","times_seen":2166,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?619b4901600e6cc6880e96c099454dea","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"8d207015698e99adf6b5bff745e4cf54","sha1":"71f11d2af597c73cfc467775ab5803de213f5876","sha256":"4a1bc0862a6f473cfce9af9cee2e424a4d2a620c9a9c27b6d91938396fa08f76","sha512":"5044b65cf00e45b52233be454a45497f13b44b6d9e2362d1f5d967c88f4d4860df340b2ff8096a98ad547fec07f2573548d013dcace294f04b5dbe74fa259c7c","ssdeep":"384:/AJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:/A4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"9ed2d9e9b282713293a324a5153f724af07b5a54bd4968a4f11894c07d38fbb027bfdd","size":29900,"data":"","first_seen":"2025-12-31T13:57:32.117911Z","last_seen":"2025-12-31T13:57:32.117911Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.0769chumei.com/","fqdn":"www.0769chumei.com","domain":"0769chumei.com","tld":"com"},"ip":{"addr":"154.199.195.22","port":443,"asn":9009,"as":"M247 Europe SRL","country":"Spain","country_code":"ES"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-04-03T20:31:04.691626Z","times_seen":102044,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.0769chumei.com/","fqdn":"www.0769chumei.com","domain":"0769chumei.com","tld":"com"},"ip":{"addr":"154.199.195.22","port":443,"asn":9009,"as":"M247 Europe SRL","country":"Spain","country_code":"ES"},"introduction_type":"Function","is_inline":false,"md5":"2e5f97d8a31ad3a0747967fb40ec5d49","sha1":"3b2b1f4f60ad0fa13462bead1669203c69b71066","sha256":"b55bd1c562d4ae181d495a808a59c461d9111d42916ea8344e6c1a524333e9ca","sha512":"5a8ccef8fbe645162edfa5296c1c3e4977997f499730660d7c218f14e782058d27ef13c7d4763e27f2a9aa21d42529f0958d61e3258ef31b68ca6d800b55c7d2","ssdeep":"","tlshash":"18e0c0dee3c5c88571c37ce875073828b1d61d3b28e08d9c4805211224dba7361e5a6f","size":370,"data":"","first_seen":"2025-12-31T13:57:32.136414Z","last_seen":"2025-12-31T13:57:32.136414Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.0769chumei.com/","fqdn":"www.0769chumei.com","domain":"0769chumei.com","tld":"com"},"ip":{"addr":"154.199.195.22","port":443,"asn":9009,"as":"M247 Europe SRL","country":"Spain","country_code":"ES"},"introduction_type":"scriptElement","is_inline":true,"md5":"7774380b06c9ab6df001c6b8a7ab4ebf","sha1":"2e0256c44a2a83013a11b2418bfc428ed3dc4480","sha256":"23f2b7fc671f5b6f02d2ea87f82696a4bf04171c712d9b322f110fd5f667a4dd","sha512":"1bb43b073b9faf389fd7847b8c039b7911660aec9367ccc1d0382dd85fb3f6a4ea39ca7a82c2e458f524607f71909019db3af1473db09e49c6437cdb461eb31d","ssdeep":"","tlshash":"a031c05cd0e0d1358b22250d591d24843fb152cb9988c568fc9ecdeb663642783fe6ec","size":1601,"data":"","first_seen":"2025-06-07T12:18:57.677607Z","last_seen":"2026-03-22T07:14:33.887745Z","times_seen":20,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.0769chumei.com/","fqdn":"www.0769chumei.com","domain":"0769chumei.com","tld":"com"},"ip":{"addr":"154.199.195.22","port":443,"asn":9009,"as":"M247 Europe SRL","country":"Spain","country_code":"ES"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-04-03T20:31:04.691626Z","times_seen":102044,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.0769chumei.com/","fqdn":"www.0769chumei.com","domain":"0769chumei.com","tld":"com"},"ip":{"addr":"154.199.195.22","port":443,"asn":9009,"as":"M247 Europe SRL","country":"Spain","country_code":"ES"},"introduction_type":"scriptElement","is_inline":true,"md5":"71753ca7c8f92af73aee2d836dd05691","sha1":"71f7445e96ba3c34aa6691c4238ca18b91bbbf9d","sha256":"7cb670f19dccb7cc6fbf65b234bc47fc5aa0637c1205fe1f06e45bb2491941b7","sha512":"3a1166569ea1d5e8bac7eff0551a59caf2469f540aabdc6e875b858232582e6ae258ca3cc640408d70e71e1b540e4172f80a2e7541600afced5330884389b8c5","ssdeep":"","tlshash":"bdf097292cb190304422359dac7fe128303061a33123d01a70f9cc5eeb60f885a538ec","size":474,"data":"","first_seen":"2025-06-07T12:18:57.68054Z","last_seen":"2026-03-22T07:14:33.89067Z","times_seen":20,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.0769chumei.com/","fqdn":"www.0769chumei.com","domain":"0769chumei.com","tld":"com"},"ip":{"addr":"154.199.195.22","port":443,"asn":9009,"as":"M247 Europe SRL","country":"Spain","country_code":"ES"},"introduction_type":"scriptElement","is_inline":true,"md5":"10bbe8013dedfc83b1faa8c2149bf08a","sha1":"133160aa0f60f5304a777b0582250d702b27b23d","sha256":"53d12136e68fe1ae10c5648d2cfd576aaf4b3c4cffb07bb5fb8f9d062e82f689","sha512":"10c7d1c8baf106f4c0f565d5762b6079c7659275e529761ec49f06434c42b9495fbd8606bf42157bc7117d8dd46cbbf7e87f64d636c75f539f92c04d21c7d4a4","ssdeep":"","tlshash":"c8e02b1a613402472237a02b62bfa3246a3700217a45cbb4f119dc8a7e5143ee967eeb","size":403,"data":"","first_seen":"2025-07-17T04:24:24.511171Z","last_seen":"2026-03-22T07:14:33.893134Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sdk.51.la/js-sdk-pro.min.js","fqdn":"sdk.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8a41c9449b73e8ba0224c6be1f0b7e8","sha1":"33d79319d4110bcf5c44c36f7dd4a291972ac546","sha256":"52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565","sha512":"472d0395a65a3ade2d215559b196a88ffcdacde3ac0f573eb8663b524f201d72c9339bcacbc198d82452a0ac367c0efd407b12795943cdd2755d95a8cf71b977","ssdeep":"768:swetbD3SkE+a/l1jaKUiQU5eqEh9GMXBOXAA/EXBeJMlbJfuPT:BetbD3SVT/3+KUc5eqEh9GMXBYEXBeJ7","tlshash":"dbf23d9577c0317cc3c783ea362b501ae1a69e910059a8bcf345f6907d34e56a37fba8","size":36114,"data":"","first_seen":"2025-03-10T03:40:31.536734Z","last_seen":"2026-04-03T20:33:16.368813Z","times_seen":81068,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/static/js/cslink.js?v=0.42477986199661855","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"495d45082d7abed562914286c094ef00","sha1":"38085efef6180a99f9078f409160b8d0291cd8bd","sha256":"6596273ae903d861881b84ac9ab8c86c4eb47c7a6b645a7d63cba7b2ef0eb155","sha512":"160415144ee6059f554d5fedb4331ed356c66d4de9ce0b5e98f2e04fbe2f7c45c4c3883a43a03636f0a8bc30a64c5d3c932f8862884f6836563f6e605be7bb1a","ssdeep":"96:1ViBL3t1+0L4Kb0bAVW8420fl7V0g7rgj:1ViBL37PL4Kb0bAk8je7V0g7rgj","tlshash":"47a1c25b81d41c8506aa11346eaf315eb1bf726cd81c8e4e9e91e3e02e31177fd192be","size":4643,"data":"","first_seen":"2025-12-29T11:28:40.998544Z","last_seen":"2026-01-11T07:29:03.714102Z","times_seen":54,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/ky.html","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"Function","is_inline":false,"md5":"26421ac860f4dba7f27811712a149502","sha1":"aaf37d59cb4b28ac48ecefa82a2824a8e6210d5b","sha256":"266f482d6e5dd0302fca1871e22db5996e068d1188d1ba9cd96b892552fbcab3","sha512":"919156d81b248a368b0559741a8e0ce24a14178806923d1c1e783b25c3e61815727c3b81cf21e8f4ccd6c29c49f43e8a4d3cfe5bf386b43b01913f328d864e4d","ssdeep":"","tlshash":"6e9004d730c350345f53135404571cc5513cc470144c4d44c0c0d4517cd50345115c5c","size":39,"data":"","first_seen":"2023-04-12T04:16:13Z","last_seen":"2026-04-03T20:20:50.939649Z","times_seen":12476,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.0769chumei.com/","fqdn":"www.0769chumei.com","domain":"0769chumei.com","tld":"com"},"ip":{"addr":"154.199.195.22","port":443,"asn":9009,"as":"M247 Europe SRL","country":"Spain","country_code":"ES"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-04-03T20:31:04.691626Z","times_seen":102044,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.0769chumei.com/","fqdn":"www.0769chumei.com","domain":"0769chumei.com","tld":"com"},"ip":{"addr":"154.199.195.22","port":443,"asn":9009,"as":"M247 Europe SRL","country":"Spain","country_code":"ES"},"introduction_type":"Function","is_inline":false,"md5":"948973213cfe41ea7f5612c94f61d82a","sha1":"a904c185174c5cef83370d0624ae89fcc2199dec","sha256":"25dd861b099163b5db4b83308ac5049e155ccd0232e586e75be8171f1e17a45d","sha512":"3e43d7125e4de45177a1889b61351ee1e2b536882b8eeb3ea626046f146e6d98924770b657422d5e7accf2566d76d3cc6b5f99dfe18bab404a6130d1c24cc802","ssdeep":"","tlshash":"cfe020dd63c5cc9671d77cad79027a1862d60d3b1db04d6c480631121cdba6375d1a5f","size":370,"data":"","first_seen":"2025-12-31T13:57:32.139223Z","last_seen":"2025-12-31T13:57:32.139223Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.0769chumei.com/","fqdn":"www.0769chumei.com","domain":"0769chumei.com","tld":"com"},"ip":{"addr":"154.199.195.22","port":443,"asn":9009,"as":"M247 Europe SRL","country":"Spain","country_code":"ES"},"introduction_type":"scriptElement","is_inline":true,"md5":"98b3f10ce32cfb49cbf3b17add119f29","sha1":"1c1bcea6860bb9ba8a8863fad6f506cbe4a51e8f","sha256":"24a855c0f12f92a53474e725c9fe6a156af9f1ed26fc1a13f6eb2422935c16ea","sha512":"091e4daab82305a4a8abcb32743088ca44dc50f1cf10712b6c20a2d2c1cf22c30a99815f7478da44661a0553acc27751c8f4e0afd1d63bd8b83e56793cb90411","ssdeep":"","tlshash":"d680002022028a0080b08808a2020ce220ea8c02ca0e0c82e20aa2a0ac0288c20bb283","size":31,"data":"","first_seen":"2025-07-17T04:24:24.512171Z","last_seen":"2026-03-22T07:14:33.894642Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.0769chumei.com/","fqdn":"www.0769chumei.com","domain":"0769chumei.com","tld":"com"},"ip":{"addr":"154.199.195.22","port":443,"asn":9009,"as":"M247 Europe SRL","country":"Spain","country_code":"ES"},"introduction_type":"scriptElement","is_inline":true,"md5":"7e9745ec9717cca4eb1a033114eed000","sha1":"dc3e62108d08ab5f6304a4fa46deec6cdba5f245","sha256":"707032161041950d6b7489b26741cd3f7f6b15f225a5750f337812abaf694250","sha512":"5d1b5688e034aff27904f934e48107f89d6e99bb384a04820a25632973848953a82099cc879d2d5fbbca97041e49246bf640d21445883819fa11c88e57942d0a","ssdeep":"","tlshash":"38d0a91f2caaa83023aa043d12facaccb0a6208c3131d02444cec99296a4ee40c29bc9","size":225,"data":"","first_seen":"2025-07-17T04:24:24.513267Z","last_seen":"2026-03-22T07:14:33.898066Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.0769chumei.com/zhuzi-statistic.js?path=http%3a%2f%2fwww.0769chumei.com%2f\u0026siteid=49418\u0026referer=","fqdn":"www.0769chumei.com","domain":"0769chumei.com","tld":"com"},"ip":{"addr":"154.199.195.22","port":443,"asn":9009,"as":"M247 Europe SRL","country":"Spain","country_code":"ES"},"introduction_type":"scriptElement","is_inline":false,"md5":"9874da568d1356640dd435f3c20d53c5","sha1":"9908cddafceec5e1fb2af58186fd4ec8fa92cf1e","sha256":"af3fadf4529f907e6f4584f77ca2e09e57aa570854c58498c831522bb196f7b5","sha512":"4fb76109491e2819d3241b95b19d94737f7e7dd2310228ee440ebfb779ba0bc07063b57082d43ed2b927dcc7b48f84847300d2b488d37578457efda5b4a826f7","ssdeep":"","tlshash":"068000ac80ba0c20030c8803c20c800aaa0030300002e2822008cbc0a30c0208088e03","size":26,"data":"","first_seen":"2025-07-17T04:24:24.476575Z","last_seen":"2026-03-22T07:14:33.827168Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.0769chumei.com/","fqdn":"www.0769chumei.com","domain":"0769chumei.com","tld":"com"},"ip":{"addr":"154.199.195.22","port":443,"asn":9009,"as":"M247 Europe SRL","country":"Spain","country_code":"ES"},"introduction_type":"scriptElement","is_inline":true,"md5":"0a92379845915dbbabee235e1145a449","sha1":"29a14d3708508e0fc556e27f460940aa135a6736","sha256":"ae13c1b5a9880279754dcba5c197d3d1862272b4a2a0f8e9af9c77fd60d1c0f3","sha512":"2873724ad05929c4046235bd4f11f23cc55cc7a1417eecf3d49b2ac9de39a6d006899d1582b9f522ebc8c3a872530eacb336b45b9e1f55869344a887d6a1139a","ssdeep":"","tlshash":"1021202ef93a5ab015b91079043f958471d6bc6632a4cc62d489ccd12e39e8d242bb98","size":1282,"data":"","first_seen":"2025-07-17T04:24:24.514325Z","last_seen":"2026-03-22T07:14:33.907268Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.0769chumei.com/","fqdn":"www.0769chumei.com","domain":"0769chumei.com","tld":"com"},"ip":{"addr":"154.199.195.22","port":443,"asn":9009,"as":"M247 Europe SRL","country":"Spain","country_code":"ES"},"introduction_type":"eval","is_inline":false,"md5":"7cb9887a3013aca9dc4c8c113857c8f1","sha1":"70dc8adf79ed76bdc745c2fa9035e00af9d09da1","sha256":"bc21ef828d42d634d089aa6e71d0a9f52cbc58f181bcaf18b57fc00c5679141d","sha512":"f342a913e8be9807b92c7d91b252e4fe9da2d7720125bdee5940c16f35d0cdde2f8546c09f7fc42f12fdadf330b2ef3fd54f904c8babefc8bfe188b01a02e0d3","ssdeep":"","tlshash":"82b0928b3e0ec06c291504e4f8b0ee38f5ada9308d10edacc09a58383086b886e01494","size":127,"data":"","first_seen":"2025-02-10T21:24:07.555683Z","last_seen":"2026-04-03T10:37:01.718806Z","times_seen":864,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?8e1df91611627c21bf39ae4ad3304f2d","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"675ebe4735a0773cd30adfcc64e67e01","sha1":"149d41b60fb83ae228686e0238cb8ca0dce81ba9","sha256":"42c09209a52913c2c040c7324d8b9ff8211fc1f0d8b61887d3bdfbd2484788b9","sha512":"d49c2790e14c007dc52ccc7518e5562236c2ca6116a4f9dc7cc357a390bc8d565f879534f83e58218b9639058cb56f5a5a5838489c1c4f31396d8056701fd05c","ssdeep":"384:wmJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:wm4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"3bd2d9e9b282713293a324a5153f724af07b5a54bd4968a4f11894c07d38fbb027bfdd","size":29911,"data":"","first_seen":"2025-12-31T13:57:32.121003Z","last_seen":"2025-12-31T13:57:32.121003Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.0769chumei.com/","fqdn":"www.0769chumei.com","domain":"0769chumei.com","tld":"com"},"ip":{"addr":"154.199.195.22","port":443,"asn":9009,"as":"M247 Europe SRL","country":"Spain","country_code":"ES"},"introduction_type":"Function","is_inline":false,"md5":"625797f7a1b72c53aae49bf94bde82fa","sha1":"1138765a0eca9c29ced2027a6b3664f01a9cfe40","sha256":"c74776b49f156223752e9b07e72c7bfa1b43f6084c0d5b27cbd2d560d19b0ba2","sha512":"400f23c7b138af737f2e031019ba8f382c2b0180a60e6162bdf8918e653d8b8c85a8b1856080ed251f25c09e80316cce5f26f1663a6c9ca03ae5c58507e4d24a","ssdeep":"","tlshash":"84e0c0eda3c49cc573d37cf875017a1891d50d2b2cb04d5cc801259214c797331c0a6f","size":371,"data":"","first_seen":"2025-12-31T13:57:32.143585Z","last_seen":"2025-12-31T13:57:32.143585Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/static/js/jquery.min.js","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"ed5d820aae73fcec34ea7157cfddddfc","sha1":"42febe5a54f6950910af22d5dad70d9f768b1621","sha256":"00b4b7ac4936e9decea689135a6d4a534a03879b8f48dc14530281b08ea09b6d","sha512":"b6391a0fed92f2c5f37817b7bbb06591044ab10285b10de03e15b961fce9b0334f9f0697ce0eed567a7c996304324eff8e1d8e2e723f8802753483c3cd518ff0","ssdeep":"1536:KxZLrMgzv9HXprbJGLz6sUdj4HR64F7omep/11E97fHWhZPMu0X8+2Hzd0elLTfJ:oFj4MOMt11UHUPu2HzdD0xzqXR","tlshash":"b9f31d8a6ae32031a227b07d4f5fd809b535985f1e88fd103e4c52a59f1c83c57baf99","size":157860,"data":"","first_seen":"2024-05-10T11:06:42Z","last_seen":"2026-04-03T16:25:58.798108Z","times_seen":2217,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?abd9042f5639a2d5cca049cb78dc267c","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"5dd6501241d3a092981cf6b29db6ee63","sha1":"164b3c5d21d12b2b61317a883ce54c28caa0bb54","sha256":"67fe65e8920549a4828ce9bbc6908d02f71df5b6d0b8392362ae1adf5e78d665","sha512":"5ddd0f9f96464b29541a393ebe2e7bea25fb07972a60b20c45736d39a4edd8a7d93f6f532584ddfa7de0acc1df5cf607f47ecf61cad2bdefde52c9720ca0656d","ssdeep":"384:E00JSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:E004VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"97d2d9e9b286713293a324a5153f324af07b5a54bd4968a4f11894c07d38fbb027bfdd","size":29908,"data":"","first_seen":"2025-12-31T13:57:32.112532Z","last_seen":"2025-12-31T13:57:32.112532Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/ky.html","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"00c555dabdabf1e9406d4f20fe831c0e","sha1":"6cd31c13b293ee212dba00d42b97886859993e63","sha256":"73a23da441c178ad941ac049ff0786a0632cd15b165d01e768a11f351a72ecca","sha512":"0e79332498455b468b7b508bed3504cc9c4945c90cdf3f91802eee447223c561b8cc9e86c3cf982aadb0a818b95bcba5523668cbb1ec617066116becd6b84296","ssdeep":"","tlshash":"0201cd4a25a2b55312bb35390b9f600079242043c08acf12bcace6c54f408bc927aa2f","size":692,"data":"","first_seen":"2025-10-19T08:12:02.926Z","last_seen":"2026-04-03T10:37:01.722598Z","times_seen":974,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/ky.html","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"ac4f05cd99971a89faaa424c466ee257","sha1":"a52f375772efd5f2d773b8f9b82983bd99e6ec9c","sha256":"c98a6e9e0f903fce0e7bbdc64da7fa1f3ce1be445bd5199a407fbf20493524b9","sha512":"128f0c09bb1d3d1a1d348957fecb31d289caf34c7224461c2871a50999ebd839063d80829dde5cf7685ab99374f58635c54aac5879ae1ee9273c579417a23a19","ssdeep":"","tlshash":"735135ee24564cba0f57648873b0164464a12b6163b2dfdff9061d57b205cf98312def","size":2980,"data":"","first_seen":"2025-07-14T06:22:23.50895Z","last_seen":"2026-04-03T16:25:58.836277Z","times_seen":1268,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mlbetjs.com/js/25/6/x3/ld.js","fqdn":"mlbetjs.com","domain":"mlbetjs.com","tld":"com"},"ip":{"addr":"202.79.171.25","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"a7219b647c8dad12258bdb96b160b067","sha1":"ed018cb08bfbf03a745e7e5c8ef88bd63636be39","sha256":"d3a245c0c1886b1e0eab2cdcf41b8f7d42c836d1a942b7d7a080f9615e5c7d33","sha512":"146e2a4bc85d3a9795130fdd9b919a11b18520cf441bcc6d6e58bd3a39b37f511f652a6e894f882d9a38d5445a230108c852f7ba7423017068ded83cf4100100","ssdeep":"","tlshash":"be41311fbc599c386676183a2e7bda4cb8be0478401ed40ac0dfd86cdd24ff50926b48","size":2341,"data":"","first_seen":"2025-10-26T05:23:37.326193Z","last_seen":"2026-03-23T00:44:44.73138Z","times_seen":44,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.0769chumei.com/","fqdn":"www.0769chumei.com","domain":"0769chumei.com","tld":"com"},"ip":{"addr":"154.199.195.22","port":443,"asn":9009,"as":"M247 Europe SRL","country":"Spain","country_code":"ES"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-04-03T20:31:04.691626Z","times_seen":102044,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/js/kaiyun1.js","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"582daee2399842295b7a7a73da65129e","sha1":"892721a38d8d525b313f2bf09c8385747d9c9d50","sha256":"048c24a562cd0b2db4970a1144f88768d0f01b85f0c9cd2caa1117c36c3e6977","sha512":"4ca3adf8da7745315035a8f4c6715cfc7ff303102d302a5dd36148883962a7ba687283256ae411023ead77146c482124601167f6d47a35a03e249b4bd9628b0d","ssdeep":"","tlshash":"5a3132d4abc27d2e033153346c36d65496ba8832ed0b9d40745ffd90dfa45a80eaacac","size":1777,"data":"","first_seen":"2024-12-12T23:40:58.526029Z","last_seen":"2026-04-03T10:37:01.666458Z","times_seen":868,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.0769chumei.com/","fqdn":"www.0769chumei.com","domain":"0769chumei.com","tld":"com"},"ip":{"addr":"154.199.195.22","port":443,"asn":9009,"as":"M247 Europe SRL","country":"Spain","country_code":"ES"},"introduction_type":"scriptElement","is_inline":false,"md5":"edc1b3b140fbe06789fb56957fff8781","sha1":"fd0904b2ea8e5d4326c96082dc024e9146d5f533","sha256":"8180839614fd1aec52fe4b4ab2d1df3e844cd95c52248df039b426ffffd9f74f","sha512":"9cedf1c0e00be7e1a81db252bdd2f1336800f3f59db87a608a38e32cce0fa874b61a8f42796040ae44e65a472dfae70f8e02158c2664bd4a463747b5854ee96f","ssdeep":"","tlshash":"f9f0dcae6c42a6589ad238ad97eff748e0ae0024500ed81be8d6c5cd3c3cfc8082174c","size":496,"data":"","first_seen":"2025-10-26T05:23:37.350708Z","last_seen":"2026-03-22T07:14:33.902712Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"b2a4e0b8337fcea4433f5c9b4a74f357","sha1":"75c07e2f872e7b2dc7efab92180d3411f94c917b","sha256":"940f962d0fa506bb077ebba70391239f4d1c98e44934b9f3371410719e2d2ea2","sha512":"9706f0ac54721f5317ac979ed6fbfe1d670bee3f543f5f787855bd899da67d5118bbab2ef6252f1ce40e716b89de9cce49279ce91c24ca9d6199be85e82f5aec","ssdeep":"","tlshash":"b6f059ae6c41e6585ad2249d57afe24cd46e00241009d41be8d5c5cd3c28fd4082574c","size":508,"data":"","first_seen":"2025-06-05T18:48:46.494395Z","last_seen":"2026-03-23T00:44:44.785933Z","times_seen":53,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"78ac2aa5ccc29c90a345c90aab40b442","sha1":"cac604932faa4add2955602b41de8a8bff362ebd","sha256":"53db339b0b80637f13dfc63813d7366c899cebe0db896602886ece619163d82e","sha512":"5c76abfa8f4091277643f4dad57c37d9eb71d33c9691f0e85bc82ac5f303d4e3da4937cbc2354e4d5c5d0022746d7c06f975f209067df2cefa55bd3827d892a7","ssdeep":"","tlshash":"31b01242d0575c0e0170c236ec485418474d4a7d9fa708010dc6ab5c0c99f1405e549c","size":103,"data":"","first_seen":"2023-03-07T01:06:53Z","last_seen":"2026-04-03T20:06:36.126663Z","times_seen":10996,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"59cf81439a8bf9b569e5577fe5aa0de8","sha1":"7310f3ea09ddff6601e9da7bf0665b0edd6d1435","sha256":"235f11ebdcfb5a9e00906afc39c11efbaeed816b9040567cd61f18f9ce7242d4","sha512":"0b0c2f3ecaf57f468c4c73afbe288ef366f90a46fabc52916757e1bd9181fd34bfe73f77488a1ab464b22e7ffb92d592382c23a5d214119e1dab10d1bb6cbfbd","ssdeep":"","tlshash":"9aa01275087384306074895030429b986001802043140d0453163c20406c10f50a10e1","size":77,"data":"","first_seen":"2023-03-07T01:06:53Z","last_seen":"2026-04-03T16:25:58.837636Z","times_seen":5279,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"984b9f11ba24ed0c29884edbf3e57631","sha1":"e330d92d1bd4fa70b571129f571c82d920078002","sha256":"d92bc609cbfdc6a9235826461973016bf338de02941f3fb9861b07ae939c39b2","sha512":"780df86d335db4e6cb731b226638af3d9215ea03f7f12aa07cfc69d121077b930ba92c115410af3de5174b27e53b443eed44959f5ed1d7c0f23b0493dac53099","ssdeep":"","tlshash":"34c0c0b30006505c0924c0f430340d2470064f56f703e6b065f13811320fbd819d02dc","size":187,"data":"","first_seen":"2024-12-12T23:40:58.6699Z","last_seen":"2026-04-03T10:37:01.727627Z","times_seen":867,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"554942d433d829010cdb61ba1a0a150b","sha1":"f794aee13947303b2504ed801ce19e7e586926a4","sha256":"a432a10a26a8db411ff41dd93ec3eb81cec1cf74ea83e4df87d64be22746de1e","sha512":"4198b4dc39a189aa5e4220d77d590ba605e00aa48b80383f0cc348852809fc3345d73f3afb2a3e8d4347ac426adfaee45cb4b7dcce73a623ac818ef7685fc480","ssdeep":"","tlshash":"21b012133e86c804c1008bd0cc7ad498c048f289e110dd54d9f19189bb44f9d4801b80","size":102,"data":"","first_seen":"2025-12-31T13:57:32.148361Z","last_seen":"2025-12-31T13:57:32.148361Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"c4d2be9e854adb5cbfe60286b942c15d","sha1":"6acde2eca5e37e5217d3fb2b2f9de71dcb1b87c4","sha256":"f1d99a66851c7590898c4a9c69cd1eabe091fcd6eb84843d3cdbaa623456e4b2","sha512":"8283c771104f9c5b201c0ebc587f3c840c08ca2410a9ffa77f61d6e3e67433d196c7d1afeecb70ce01b3d2a58caa9561c0a9c7641163432dbe9476fc5a6432e1","ssdeep":"","tlshash":"cbb0124b3d0fc05c181104d4f8b0fe38e04975300910ececc0d9543c3047bc86d01094","size":107,"data":"","first_seen":"2025-02-10T21:24:07.568205Z","last_seen":"2026-04-03T10:37:01.724792Z","times_seen":867,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"38b99736e991d961335f0a6eed5fc930","sha1":"fc7bb9218b7b2813f9b267fddf5d8b476eec564f","sha256":"f586d612c00723dedb1ced3c5f41ec9def9333bd0669dfe697d48f99c9e19fc2","sha512":"5e9de643402ac719742cc97cf203ddd839c50fc5825e8afbb6343da31b70ba36d68ec016426633997e29b5a80591a00a74afd74568c158c7010ff4b550aa0e7a","ssdeep":"","tlshash":"47b01270c54ae43cd136f140914087cf2668118ef6b75f0c453cbab2d0ce9942c7d5c1","size":102,"data":"","first_seen":"2023-03-07T01:11:52Z","last_seen":"2026-04-03T19:29:49.875995Z","times_seen":3353,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"0a3a0b592b9c285e050805307cee87c2","sha1":"125a168e24b2bd38aadb84cbb5f87f316b073c41","sha256":"aac32651b10f567c461b9b4f255d6fb1fa6859b5368d8bd9a51af920ab21cf23","sha512":"4097f05a9ce819914160aeba71fa11524f6b291a39b7c948509d756318b600934f1d195980df66bc7731e327979135bfcbe0e9ff3758d779a72481ed623cd3a5","ssdeep":"","tlshash":"a34000000000000000000000003000000000c000000000000000000000c0000cc00000","size":6,"data":"","first_seen":"2023-03-07T01:02:09Z","last_seen":"2026-04-03T20:29:49.129355Z","times_seen":225911,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"6107c347ed382e3b7752ba623b61e951","sha1":"88541d4521a0f49f61e9c41da8ba0039b2cea6c5","sha256":"1a0f2813d59ea8c689fc4c24f25f872b84de08a35b09e440cfb3e3e61aa23d30","sha512":"0fe39c0153a3788998669bf71e91d17f3db2f25d856e6a99c97a6ea0e41baf4a54521120d079cb26a57000afa5cb05c14a241aad4b2f1b31d95b07029716c294","ssdeep":"","tlshash":"74f052be9c41e5989ae328acabafd34dc0ae0426500ed852a4d5c8cd7d28fd9083524c","size":508,"data":"","first_seen":"2024-06-29T08:40:47Z","last_seen":"2026-04-02T05:33:17.040465Z","times_seen":1028,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=762ECAFAD7334D08\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=388395549\u0026si=abd9042f5639a2d5cca049cb78dc267c\u0026v=1.3.2\u0026lv=1\u0026sn=38142\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fwww.0769chumei.com%2F\u0026tt=%E7%B1%B3%E5%85%B0%E7%BD%91%E9%A1%B5%E7%89%88-%E7%B1%B3%E5%85%B0%EF%BC%88%E4%B8%AD%E5%9B%BD%EF%BC%89","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:56.933Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=762ECAFAD7334D08\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=388395549\u0026si=abd9042f5639a2d5cca049cb78dc267c\u0026v=1.3.2\u0026lv=1\u0026sn=38142\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fwww.0769chumei.com%2F\u0026tt=%E7%B1%B3%E5%85%B0%E7%BD%91%E9%A1%B5%E7%89%88-%E7%B1%B3%E5%85%B0%EF%BC%88%E4%B8%AD%E5%9B%BD%EF%BC%89 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Wed, 31 Dec 2025 13:56:57 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=87F2EB3323737C9C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-03T20:31:04.607762Z","times_seen":326388,"resource_available":true,"data":null}},"time_used":307,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":307,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v1.cdn-static.cn/2018/11/23/11825_jotnmj2i.png?imageView2/2/w/2000/q/100","fqdn":"v1.cdn-static.cn","domain":"cdn-static.cn","tld":"cn"},"ip":{"addr":"154.41.93.241","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:59.030Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"v1.cdn-static.cn","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Tue, 27 Jan 2026 23:59:59 GMT"},"fingerprint":{"sha1":"89:D7:C2:3C:2B:90:EA:43:A1:6C:A5:E3:B8:C3:D5:6F:3F:09:25:E3","sha256":"81:15:EA:DB:53:37:5F:D8:F3:B4:2E:28:E4:53:58:E8:C5:4B:6C:D8:E7:A2:5D:D6:7D:00:ED:16:69:50:1C:77"}}},"request":{"raw":"GET /2018/11/23/11825_jotnmj2i.png?imageView2/2/w/2000/q/100 HTTP/1.1\r\nHost: v1.cdn-static.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\nserver: openresty\r\ndate: Wed, 31 Dec 2025 13:56:59 GMT\r\ncontent-type: text/html\r\ncontent-length: 150\r\nx-error-detail: BTR\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":253,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":253,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v1.cdn-static.cn/2018/10/25/11825_jno123sy.jpg?imageMogr2/thumbnail/2000x2000/q/100","fqdn":"v1.cdn-static.cn","domain":"cdn-static.cn","tld":"cn"},"ip":{"addr":"154.41.93.241","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:59.094Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"v1.cdn-static.cn","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Tue, 27 Jan 2026 23:59:59 GMT"},"fingerprint":{"sha1":"89:D7:C2:3C:2B:90:EA:43:A1:6C:A5:E3:B8:C3:D5:6F:3F:09:25:E3","sha256":"81:15:EA:DB:53:37:5F:D8:F3:B4:2E:28:E4:53:58:E8:C5:4B:6C:D8:E7:A2:5D:D6:7D:00:ED:16:69:50:1C:77"}}},"request":{"raw":"GET /2018/10/25/11825_jno123sy.jpg?imageMogr2/thumbnail/2000x2000/q/100 HTTP/1.1\r\nHost: v1.cdn-static.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\nserver: openresty\r\ndate: Wed, 31 Dec 2025 13:56:59 GMT\r\ncontent-type: text/html\r\ncontent-length: 150\r\nx-error-detail: BTR\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":252,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":252,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/static/image/xingkonglogo.png","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.ybwworld.com/go/kaiyun1/ky.html","date":"2025-12-31T13:57:01.274Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ybwworld.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Dec 2025 06:25:47 GMT","end":"Tue, 24 Mar 2026 06:25:46 GMT"},"fingerprint":{"sha1":"04:D9:C2:02:7A:69:F1:B6:1E:89:56:0E:EA:95:86:11:C2:C9:D8:28","sha256":"95:F3:D2:B0:A9:07:02:AD:AF:6A:AE:CA:33:63:7F:6D:BD:62:B7:37:5B:E9:DA:C5:03:B3:1F:5A:5B:D7:3E:4C"}}},"request":{"raw":"GET /go/kaiyun1/static/image/xingkonglogo.png HTTP/1.1\r\nHost: www.ybwworld.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ybwworld.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 13:56:24 GMT\r\nContent-Type: image/png\r\nContent-Length: 9732\r\nLast-Modified: Wed, 18 Sep 2024 08:35:10 GMT\r\nConnection: keep-alive\r\nETag: \"66ea90be-2604\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9732,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 490 x 160, 8-bit/color RGBA, non-interlaced","md5":"3a22887000ff220a744c4abfb0ca3b0e","sha1":"126d11bc998cd1140be675cd280ceb0ed9201e93","sha256":"941823b0c10802ce53f33599300ca8a56c111ad2b0dea45c963f664bcca6e170","sha512":"74c537236b0f53799981beabeced2c06d3d1cd567b35cb3a9456c72e89abcde96d5795619a5b851b4bd969695c62a0277d58f98ac42f4d406d15a555c42249c6","ssdeep":"192:MjpZjWToylY16Nv7GMl4a51odhh34AEq1C5+nN6U/njeH0aSk5C4D1111:Mjp8T6eTN4eq13SuC5U6U79SC61111","tlshash":"36129ef2ab546860d4eca4b53c78d3e38572015935e0d2ab704d8f3c88775b1b85aaee","first_seen":"2024-09-19T08:05:07Z","last_seen":"2026-04-03T16:25:58.799088Z","times_seen":2130,"resource_available":false,"data":null}},"time_used":1957,"timings":{"blocked":1680,"dns":0,"connect":0,"send":0,"wait":277,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/static/image/kaiyunlogo.png","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.ybwworld.com/go/kaiyun1/ky.html","date":"2025-12-31T13:57:01.275Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ybwworld.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Dec 2025 06:25:47 GMT","end":"Tue, 24 Mar 2026 06:25:46 GMT"},"fingerprint":{"sha1":"04:D9:C2:02:7A:69:F1:B6:1E:89:56:0E:EA:95:86:11:C2:C9:D8:28","sha256":"95:F3:D2:B0:A9:07:02:AD:AF:6A:AE:CA:33:63:7F:6D:BD:62:B7:37:5B:E9:DA:C5:03:B3:1F:5A:5B:D7:3E:4C"}}},"request":{"raw":"GET /go/kaiyun1/static/image/kaiyunlogo.png HTTP/1.1\r\nHost: www.ybwworld.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ybwworld.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 13:56:24 GMT\r\nContent-Type: image/png\r\nContent-Length: 15054\r\nLast-Modified: Wed, 18 Sep 2024 07:04:06 GMT\r\nConnection: keep-alive\r\nETag: \"66ea7b66-3ace\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15054,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 814 x 200, 8-bit colormap, non-interlaced","md5":"5bdb83ec9f353d69c2ebc9c36cef090e","sha1":"e3a542a5b41ab05a8a444c3f106186806d1f025e","sha256":"fc148ba9a62f11da475123e65ced85cb59d9715e2c202655e4322942803bde0e","sha512":"465c1eb28d8641c930c163efdafb203a10dd280eb47d5fdc121459bc243309ee18c8fd5f1162bc39402ee416d6ad4034a83253195d5961633a23620a6dfcc261","ssdeep":"192:JpKA2giu6cjK+61eWj17lwRm+M2HtS7NGO+bgJvlClT+ehacY7qZFimlLKztvuBJ:Xk+6Jx7lwRmCpOPJ4T1oulZwtHa","tlshash":"1e62d1c3420996a3fe3624fc31850bada934fcbe5411f725d621758fc9f4aa34c9191e","first_seen":"2023-09-17T16:12:24Z","last_seen":"2026-04-03T16:25:58.807333Z","times_seen":2187,"resource_available":false,"data":null}},"time_used":2287,"timings":{"blocked":1957,"dns":0,"connect":0,"send":0,"wait":329,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/static/image/anbologo.png","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.ybwworld.com/go/kaiyun1/ky.html","date":"2025-12-31T13:57:01.276Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ybwworld.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Dec 2025 06:25:47 GMT","end":"Tue, 24 Mar 2026 06:25:46 GMT"},"fingerprint":{"sha1":"04:D9:C2:02:7A:69:F1:B6:1E:89:56:0E:EA:95:86:11:C2:C9:D8:28","sha256":"95:F3:D2:B0:A9:07:02:AD:AF:6A:AE:CA:33:63:7F:6D:BD:62:B7:37:5B:E9:DA:C5:03:B3:1F:5A:5B:D7:3E:4C"}}},"request":{"raw":"GET /go/kaiyun1/static/image/anbologo.png HTTP/1.1\r\nHost: www.ybwworld.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ybwworld.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 13:56:24 GMT\r\nContent-Type: image/png\r\nContent-Length: 5406\r\nLast-Modified: Wed, 18 Sep 2024 09:04:01 GMT\r\nConnection: keep-alive\r\nETag: \"66ea9781-151e\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5406,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 240 x 120, 8-bit/color RGBA, non-interlaced","md5":"1117f1432adbefcb2b2db448c9b307fb","sha1":"b317321d05f4fab93058c4485c4e09b6a0c94b09","sha256":"c3cbaf1c3861450c9817e3d70fddc6158a1dc16814bd1c316e04b6f5847d55a6","sha512":"00ce6314b0f9aa45670b94ea5a65d8a67c7b9e9a9789a0bbfe2f14f90018d478f534c367804d9d885af10bbaa99e8bfe7744fcd8718640822ca095a7cd96b22e","ssdeep":"96:b2nCemJHPPaAeCQeTQ9VBU8HPoTLJKaj2iCBptmRPJmGzO28wCGk/kS9N5T:yCemFnarIQHaUoRKajJCBp+JmajtDYN5","tlshash":"38b17ec5a1c0a4c52295d21b40f1883fbfa299519ee3f13d90ced0dbfb852a355d67c9","first_seen":"2024-09-19T08:05:06Z","last_seen":"2026-04-03T07:10:01.666678Z","times_seen":944,"resource_available":false,"data":null}},"time_used":2345,"timings":{"blocked":1998,"dns":0,"connect":0,"send":0,"wait":347,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/static/font/iconfont.599951c1.woff2","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.ybwworld.com/go/kaiyun1/ky.html","date":"2025-12-31T13:57:01.330Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ybwworld.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Dec 2025 06:25:47 GMT","end":"Tue, 24 Mar 2026 06:25:46 GMT"},"fingerprint":{"sha1":"04:D9:C2:02:7A:69:F1:B6:1E:89:56:0E:EA:95:86:11:C2:C9:D8:28","sha256":"95:F3:D2:B0:A9:07:02:AD:AF:6A:AE:CA:33:63:7F:6D:BD:62:B7:37:5B:E9:DA:C5:03:B3:1F:5A:5B:D7:3E:4C"}}},"request":{"raw":"GET /go/kaiyun1/static/font/iconfont.599951c1.woff2 HTTP/1.1\r\nHost: www.ybwworld.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ybwworld.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 13:56:23 GMT\r\nContent-Type: text/html\r\nContent-Length: 520\r\nConnection: keep-alive\r\nETag: \"619e0cae-208\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":520,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"3704f92207749f1f9b308fc856e7b7eb","sha1":"b12e7554f139b239e0cb11f2138fa328e414a761","sha256":"7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e","sha512":"c0812fb9a6cc887ce08a773103b08a719a65700c052ff79e35f3471321abc091aa18f73fe6af4600e8409732cc7524ef1760e0a3a242475d41f90fa4182a0297","ssdeep":"","tlshash":"abf00ea3b1130c0e13a8627033b1b0b4dc867dcb67030e51846a303facc16a9c7a33d8","first_seen":"2023-04-08T15:59:38Z","last_seen":"2026-04-03T14:05:12.093071Z","times_seen":6215,"resource_available":true,"data":null}},"time_used":949,"timings":{"blocked":645,"dns":0,"connect":0,"send":0,"wait":304,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"v1-ab.cdn-static.cn/editor/js/jquery.min.js","fqdn":"v1-ab.cdn-static.cn","domain":"cdn-static.cn","tld":"cn"},"ip":{"addr":"47.246.3.26","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:54.708Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"v1-ab.cdn-static.cn","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Tue, 05 Aug 2025 00:00:00 GMT","end":"Tue, 04 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5A:00:AF:70:1E:4A:09:C0:3A:CD:C1:63:1C:8F:6B:6D:6A:6A:ED:B9","sha256":"BC:52:61:8A:3A:69:C8:75:C3:D4:91:EC:31:EA:9B:65:AD:ED:63:2C:8F:F1:8D:33:8E:1D:1B:BE:73:52:A0:8B"}}},"request":{"raw":"GET /editor/js/jquery.min.js HTTP/1.1\r\nHost: v1-ab.cdn-static.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\nserver: Tengine\r\ndate: Wed, 31 Dec 2025 13:56:55 GMT\r\ncontent-type: text/html; charset=utf-8\r\nx-tengine-error: denied by Referer ACL\r\ncache_control: no-cache, no-store\r\npragma: no-cache\r\nvia: cache4.ru4[,403003]\r\ntiming-allow-origin: *\r\neagleid: 2ff6039817671894156132182e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":1824,"timings":{"blocked":888,"dns":476,"connect":28,"send":0,"wait":33,"receive":0,"ssl":391},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?abd9042f5639a2d5cca049cb78dc267c","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:55.855Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.js?abd9042f5639a2d5cca049cb78dc267c HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\nContent-Length: 11302\r\nContent-Type: application/javascript\r\nDate: Wed, 31 Dec 2025 13:56:56 GMT\r\nEtag: a6c4d454cb84159236fb13e7cedde373\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=C075E2AE8B9846BE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":29908,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (632)","md5":"5dd6501241d3a092981cf6b29db6ee63","sha1":"164b3c5d21d12b2b61317a883ce54c28caa0bb54","sha256":"67fe65e8920549a4828ce9bbc6908d02f71df5b6d0b8392362ae1adf5e78d665","sha512":"5ddd0f9f96464b29541a393ebe2e7bea25fb07972a60b20c45736d39a4edd8a7d93f6f532584ddfa7de0acc1df5cf607f47ecf61cad2bdefde52c9720ca0656d","ssdeep":"384:E00JSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:E004VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"97d2d9e9b286713293a324a5153f324af07b5a54bd4968a4f11894c07d38fbb027bfdd","first_seen":"2025-12-31T13:57:32.112532Z","last_seen":"2025-12-31T13:57:32.112532Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1811,"timings":{"blocked":750,"dns":2,"connect":247,"send":0,"wait":308,"receive":1,"ssl":500},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v1-ab.cdn-static.cn/editor/webfonts/style.css?202031911342","fqdn":"v1-ab.cdn-static.cn","domain":"cdn-static.cn","tld":"cn"},"ip":{"addr":"47.246.3.26","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:58.904Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"v1-ab.cdn-static.cn","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Tue, 05 Aug 2025 00:00:00 GMT","end":"Tue, 04 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5A:00:AF:70:1E:4A:09:C0:3A:CD:C1:63:1C:8F:6B:6D:6A:6A:ED:B9","sha256":"BC:52:61:8A:3A:69:C8:75:C3:D4:91:EC:31:EA:9B:65:AD:ED:63:2C:8F:F1:8D:33:8E:1D:1B:BE:73:52:A0:8B"}}},"request":{"raw":"GET /editor/webfonts/style.css?202031911342 HTTP/1.1\r\nHost: v1-ab.cdn-static.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\nserver: Tengine\r\ndate: Wed, 31 Dec 2025 13:56:58 GMT\r\ncontent-type: text/html; charset=utf-8\r\nx-tengine-error: denied by Referer ACL\r\ncache_control: no-cache, no-store\r\npragma: no-cache\r\nvia: cache4.ru4[,403003]\r\ntiming-allow-origin: *\r\neagleid: 2ff6039817671894189234147e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v1.cdn-static.cn/2018/11/8/11825_jo8288st_6934.png?imageView2/1/w/500/h/500","fqdn":"v1.cdn-static.cn","domain":"cdn-static.cn","tld":"cn"},"ip":{"addr":"154.41.93.241","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:59.014Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"v1.cdn-static.cn","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Tue, 27 Jan 2026 23:59:59 GMT"},"fingerprint":{"sha1":"89:D7:C2:3C:2B:90:EA:43:A1:6C:A5:E3:B8:C3:D5:6F:3F:09:25:E3","sha256":"81:15:EA:DB:53:37:5F:D8:F3:B4:2E:28:E4:53:58:E8:C5:4B:6C:D8:E7:A2:5D:D6:7D:00:ED:16:69:50:1C:77"}}},"request":{"raw":"GET /2018/11/8/11825_jo8288st_6934.png?imageView2/1/w/500/h/500 HTTP/1.1\r\nHost: v1.cdn-static.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\nserver: openresty\r\ndate: Wed, 31 Dec 2025 13:56:59 GMT\r\ncontent-type: text/html\r\ncontent-length: 150\r\nx-error-detail: BTR\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":253,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":253,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hiwifiapp.com/","fqdn":"hiwifiapp.com","domain":"hiwifiapp.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-31T13:56:50.108Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: hiwifiapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":419,"timings":{"blocked":419,"dns":0,"connect":224,"send":0,"wait":0,"receive":0,"ssl":238},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"hiwifiapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"hiwifiapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"v1.cdn-static.cn/2018/12/6/11825_jpc93597.png?imageView2/2/w/600","fqdn":"v1.cdn-static.cn","domain":"cdn-static.cn","tld":"cn"},"ip":{"addr":"154.41.93.241","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:54.711Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"v1.cdn-static.cn","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Tue, 27 Jan 2026 23:59:59 GMT"},"fingerprint":{"sha1":"89:D7:C2:3C:2B:90:EA:43:A1:6C:A5:E3:B8:C3:D5:6F:3F:09:25:E3","sha256":"81:15:EA:DB:53:37:5F:D8:F3:B4:2E:28:E4:53:58:E8:C5:4B:6C:D8:E7:A2:5D:D6:7D:00:ED:16:69:50:1C:77"}}},"request":{"raw":"GET /2018/12/6/11825_jpc93597.png?imageView2/2/w/600 HTTP/1.1\r\nHost: v1.cdn-static.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\nserver: openresty\r\ndate: Wed, 31 Dec 2025 13:56:56 GMT\r\ncontent-type: text/html\r\ncontent-length: 150\r\nx-error-detail: BTR\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":1904,"timings":{"blocked":1082,"dns":0,"connect":250,"send":0,"wait":253,"receive":0,"ssl":318},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v1.cdn-static.cn/2018/11/20/11825_jop437g8.jpg?imageView2/2/w/2000/q/100","fqdn":"v1.cdn-static.cn","domain":"cdn-static.cn","tld":"cn"},"ip":{"addr":"154.41.93.241","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:59.025Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"v1.cdn-static.cn","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Tue, 27 Jan 2026 23:59:59 GMT"},"fingerprint":{"sha1":"89:D7:C2:3C:2B:90:EA:43:A1:6C:A5:E3:B8:C3:D5:6F:3F:09:25:E3","sha256":"81:15:EA:DB:53:37:5F:D8:F3:B4:2E:28:E4:53:58:E8:C5:4B:6C:D8:E7:A2:5D:D6:7D:00:ED:16:69:50:1C:77"}}},"request":{"raw":"GET /2018/11/20/11825_jop437g8.jpg?imageView2/2/w/2000/q/100 HTTP/1.1\r\nHost: v1.cdn-static.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\nserver: openresty\r\ndate: Wed, 31 Dec 2025 13:56:59 GMT\r\ncontent-type: text/html\r\ncontent-length: 150\r\nx-error-detail: BTR\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":252,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":252,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/static/css/main.css","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.ybwworld.com/go/kaiyun1/ky.html","date":"2025-12-31T13:56:59.564Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ybwworld.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Dec 2025 06:25:47 GMT","end":"Tue, 24 Mar 2026 06:25:46 GMT"},"fingerprint":{"sha1":"04:D9:C2:02:7A:69:F1:B6:1E:89:56:0E:EA:95:86:11:C2:C9:D8:28","sha256":"95:F3:D2:B0:A9:07:02:AD:AF:6A:AE:CA:33:63:7F:6D:BD:62:B7:37:5B:E9:DA:C5:03:B3:1F:5A:5B:D7:3E:4C"}}},"request":{"raw":"GET /go/kaiyun1/static/css/main.css HTTP/1.1\r\nHost: www.ybwworld.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ybwworld.com/go/kaiyun1/ky.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 13:56:21 GMT\r\nContent-Type: text/css\r\nLast-Modified: Fri, 05 Dec 2025 09:44:01 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"6932a961-19a40\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":105024,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (21113)","md5":"93ee1a4ad37726d15b63be77e88dd4c8","sha1":"19d42be69c8fb362eb38805586c4aea5268f5b85","sha256":"aa0cc449b395331b652639cc6ffa93bafee1bcd67665a665fbe3172af660822a","sha512":"3d13c42a7266793a2b8106716f6ee6d103a5979df02a2101d4425178b9df0724adf3940da1fc06954a3334f7a80286df3b953f9d110e6bac60a858a2f58a31f4","ssdeep":"1536:TZyed1/PbUez/S0sGvVHlaLE4STizU0X4qrriMnWf9Z1l41u:NV3zPbfaLE38pS71","tlshash":"07a35c6126f27415b12f89bf72df7b183b3c80434809f9197ef459acef893a541a2b85","first_seen":"2025-12-05T13:56:57.970806Z","last_seen":"2026-03-31T10:24:40.762879Z","times_seen":564,"resource_available":false,"data":null}},"time_used":2370,"timings":{"blocked":792,"dns":1,"connect":255,"send":0,"wait":261,"receive":513,"ssl":545},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/static/font/montserrat-black.be2a4b98.ttf","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.ybwworld.com/go/kaiyun1/ky.html","date":"2025-12-31T13:57:01.331Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ybwworld.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Dec 2025 06:25:47 GMT","end":"Tue, 24 Mar 2026 06:25:46 GMT"},"fingerprint":{"sha1":"04:D9:C2:02:7A:69:F1:B6:1E:89:56:0E:EA:95:86:11:C2:C9:D8:28","sha256":"95:F3:D2:B0:A9:07:02:AD:AF:6A:AE:CA:33:63:7F:6D:BD:62:B7:37:5B:E9:DA:C5:03:B3:1F:5A:5B:D7:3E:4C"}}},"request":{"raw":"GET /go/kaiyun1/static/font/montserrat-black.be2a4b98.ttf HTTP/1.1\r\nHost: www.ybwworld.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ybwworld.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 13:56:23 GMT\r\nContent-Type: text/html\r\nContent-Length: 520\r\nConnection: keep-alive\r\nETag: \"619e0cae-208\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":520,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"3704f92207749f1f9b308fc856e7b7eb","sha1":"b12e7554f139b239e0cb11f2138fa328e414a761","sha256":"7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e","sha512":"c0812fb9a6cc887ce08a773103b08a719a65700c052ff79e35f3471321abc091aa18f73fe6af4600e8409732cc7524ef1760e0a3a242475d41f90fa4182a0297","ssdeep":"","tlshash":"abf00ea3b1130c0e13a8627033b1b0b4dc867dcb67030e51846a303facc16a9c7a33d8","first_seen":"2023-04-08T15:59:38Z","last_seen":"2026-04-03T14:05:12.093071Z","times_seen":6215,"resource_available":true,"data":null}},"time_used":1224,"timings":{"blocked":948,"dns":0,"connect":0,"send":0,"wait":276,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"v1-ab.cdn-static.cn/editor/webfonts/style.css?202031911342","fqdn":"v1-ab.cdn-static.cn","domain":"cdn-static.cn","tld":"cn"},"ip":{"addr":"47.246.3.26","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:54.706Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"v1-ab.cdn-static.cn","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Tue, 05 Aug 2025 00:00:00 GMT","end":"Tue, 04 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5A:00:AF:70:1E:4A:09:C0:3A:CD:C1:63:1C:8F:6B:6D:6A:6A:ED:B9","sha256":"BC:52:61:8A:3A:69:C8:75:C3:D4:91:EC:31:EA:9B:65:AD:ED:63:2C:8F:F1:8D:33:8E:1D:1B:BE:73:52:A0:8B"}}},"request":{"raw":"GET /editor/webfonts/style.css?202031911342 HTTP/1.1\r\nHost: v1-ab.cdn-static.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\nserver: Tengine\r\ndate: Wed, 31 Dec 2025 13:56:55 GMT\r\ncontent-type: text/html; charset=utf-8\r\nx-tengine-error: denied by Referer ACL\r\ncache_control: no-cache, no-store\r\npragma: no-cache\r\nvia: cache4.ru4[,403003]\r\ntiming-allow-origin: *\r\neagleid: 2ff6039817671894156142183e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":1825,"timings":{"blocked":890,"dns":475,"connect":43,"send":0,"wait":33,"receive":0,"ssl":375},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/static/image/background.png","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.ybwworld.com/go/kaiyun1/ky.html","date":"2025-12-31T13:57:01.233Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ybwworld.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Dec 2025 06:25:47 GMT","end":"Tue, 24 Mar 2026 06:25:46 GMT"},"fingerprint":{"sha1":"04:D9:C2:02:7A:69:F1:B6:1E:89:56:0E:EA:95:86:11:C2:C9:D8:28","sha256":"95:F3:D2:B0:A9:07:02:AD:AF:6A:AE:CA:33:63:7F:6D:BD:62:B7:37:5B:E9:DA:C5:03:B3:1F:5A:5B:D7:3E:4C"}}},"request":{"raw":"GET /go/kaiyun1/static/image/background.png HTTP/1.1\r\nHost: www.ybwworld.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ybwworld.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 13:56:22 GMT\r\nContent-Type: image/png\r\nContent-Length: 181983\r\nLast-Modified: Wed, 18 Sep 2024 07:03:42 GMT\r\nConnection: keep-alive\r\nETag: \"66ea7b4e-2c6df\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":181983,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 1030, 8-bit colormap, non-interlaced","md5":"05bf65d40291d266c59f26f96e67cc72","sha1":"a82f0c303aa0db6e99b37cd73853d7a6810c3e47","sha256":"1a977499b07e4c440c3b1c4284f83140194739f0308cd5090f5f7157a1cd34f3","sha512":"782b2c8345334a55ab399e0767618b74a2bad35835953181831197ce640e4016c6d829f7b5ec02ef2ebb90c91a4aed08ef611ce0b69396874f6b8fe91528ff8d","ssdeep":"3072:yH+fSTQYIsZeo40OdAbcP5CSxRg5rKI/vSk+sD1WDHMfwNNo4rDR:8+aQY1ZI95CSxK57Sk+vIfwk4rDR","tlshash":"4c0412aa6cb708f3c5844cacb0b4add476ebebac05dc7ccef691089d9953c190e84756","first_seen":"2023-09-17T16:12:24Z","last_seen":"2026-04-03T16:25:58.790656Z","times_seen":2430,"resource_available":false,"data":null}},"time_used":1393,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":279,"receive":1114,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/static/font/iconfont.e7187704.ttf","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.ybwworld.com/go/kaiyun1/ky.html","date":"2025-12-31T13:57:02.641Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ybwworld.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Dec 2025 06:25:47 GMT","end":"Tue, 24 Mar 2026 06:25:46 GMT"},"fingerprint":{"sha1":"04:D9:C2:02:7A:69:F1:B6:1E:89:56:0E:EA:95:86:11:C2:C9:D8:28","sha256":"95:F3:D2:B0:A9:07:02:AD:AF:6A:AE:CA:33:63:7F:6D:BD:62:B7:37:5B:E9:DA:C5:03:B3:1F:5A:5B:D7:3E:4C"}}},"request":{"raw":"GET /go/kaiyun1/static/font/iconfont.e7187704.ttf HTTP/1.1\r\nHost: www.ybwworld.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ybwworld.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 13:56:23 GMT\r\nContent-Type: text/html\r\nContent-Length: 520\r\nConnection: keep-alive\r\nETag: \"619e0cae-208\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":520,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"3704f92207749f1f9b308fc856e7b7eb","sha1":"b12e7554f139b239e0cb11f2138fa328e414a761","sha256":"7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e","sha512":"c0812fb9a6cc887ce08a773103b08a719a65700c052ff79e35f3471321abc091aa18f73fe6af4600e8409732cc7524ef1760e0a3a242475d41f90fa4182a0297","ssdeep":"","tlshash":"abf00ea3b1130c0e13a8627033b1b0b4dc867dcb67030e51846a303facc16a9c7a33d8","first_seen":"2023-04-08T15:59:38Z","last_seen":"2026-04-03T14:05:12.093071Z","times_seen":6215,"resource_available":true,"data":null}},"time_used":314,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":314,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"v1-ab.cdn-static.cn/editor/js/swiper/js/swipers.js?2021519103916","fqdn":"v1-ab.cdn-static.cn","domain":"cdn-static.cn","tld":"cn"},"ip":{"addr":"47.246.3.26","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:54.717Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"v1-ab.cdn-static.cn","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Tue, 05 Aug 2025 00:00:00 GMT","end":"Tue, 04 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5A:00:AF:70:1E:4A:09:C0:3A:CD:C1:63:1C:8F:6B:6D:6A:6A:ED:B9","sha256":"BC:52:61:8A:3A:69:C8:75:C3:D4:91:EC:31:EA:9B:65:AD:ED:63:2C:8F:F1:8D:33:8E:1D:1B:BE:73:52:A0:8B"}}},"request":{"raw":"GET /editor/js/swiper/js/swipers.js?2021519103916 HTTP/1.1\r\nHost: v1-ab.cdn-static.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.0769chumei.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\nserver: Tengine\r\ndate: Wed, 31 Dec 2025 13:56:55 GMT\r\ncontent-type: text/html; charset=utf-8\r\nx-tengine-error: denied by Referer ACL\r\ncache_control: no-cache, no-store\r\npragma: no-cache\r\nvia: cache9.ru4[,403003]\r\ntiming-allow-origin: *\r\neagleid: 2ff6039d17671894154235313e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":304,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (304), with no line terminators","md5":"640a6cd267e3121aa96e63dc461ee748","sha1":"ffc3149323b94da9abe990e7e2266f14d63d21e1","sha256":"10504d6fa9c2eee27eed7958c705a5413de188b8d65f1bbb1f45bf9aaf82413b","sha512":"21bf1b6eaeb5a4e8bc791bcabde690dfb26e7a5b130d1c94817a36191f6de28526ed8b8033c215f4f369ea86deb5c8e199d5e8d459b472587e91d2cae33bcf1e","ssdeep":"","tlshash":"eae0c2eee1de309eae1325e42aa72fd0795452a1b7b60cd47e4068c7c12057d9a0a25e","first_seen":"2025-12-31T13:57:32.114327Z","last_seen":"2025-12-31T13:57:32.114327Z","times_seen":1,"resource_available":false,"data":null}},"time_used":717,"timings":{"blocked":-1,"dns":467,"connect":42,"send":0,"wait":31,"receive":0,"ssl":169},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/static/js/jquery.min.js","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.ybwworld.com/go/kaiyun1/ky.html","date":"2025-12-31T13:56:59.548Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ybwworld.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Dec 2025 06:25:47 GMT","end":"Tue, 24 Mar 2026 06:25:46 GMT"},"fingerprint":{"sha1":"04:D9:C2:02:7A:69:F1:B6:1E:89:56:0E:EA:95:86:11:C2:C9:D8:28","sha256":"95:F3:D2:B0:A9:07:02:AD:AF:6A:AE:CA:33:63:7F:6D:BD:62:B7:37:5B:E9:DA:C5:03:B3:1F:5A:5B:D7:3E:4C"}}},"request":{"raw":"GET /go/kaiyun1/static/js/jquery.min.js HTTP/1.1\r\nHost: www.ybwworld.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ybwworld.com/go/kaiyun1/ky.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 13:56:20 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Wed, 18 Sep 2024 07:04:28 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66ea7b7c-268a4\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":157860,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"ed5d820aae73fcec34ea7157cfddddfc","sha1":"42febe5a54f6950910af22d5dad70d9f768b1621","sha256":"00b4b7ac4936e9decea689135a6d4a534a03879b8f48dc14530281b08ea09b6d","sha512":"b6391a0fed92f2c5f37817b7bbb06591044ab10285b10de03e15b961fce9b0334f9f0697ce0eed567a7c996304324eff8e1d8e2e723f8802753483c3cd518ff0","ssdeep":"1536:KxZLrMgzv9HXprbJGLz6sUdj4HR64F7omep/11E97fHWhZPMu0X8+2Hzd0elLTfJ:oFj4MOMt11UHUPu2HzdD0xzqXR","tlshash":"b9f31d8a6ae32031a227b07d4f5fd809b535985f1e88fd103e4c52a59f1c83c57baf99","first_seen":"2024-05-10T11:06:42Z","last_seen":"2026-04-03T16:25:58.798108Z","times_seen":2217,"resource_available":true,"data":null}},"time_used":1372,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":553,"receive":819,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/static/js/cslink.js?v=0.42477986199661855","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.ybwworld.com/go/kaiyun1/ky.html","date":"2025-12-31T13:56:59.560Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ybwworld.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Dec 2025 06:25:47 GMT","end":"Tue, 24 Mar 2026 06:25:46 GMT"},"fingerprint":{"sha1":"04:D9:C2:02:7A:69:F1:B6:1E:89:56:0E:EA:95:86:11:C2:C9:D8:28","sha256":"95:F3:D2:B0:A9:07:02:AD:AF:6A:AE:CA:33:63:7F:6D:BD:62:B7:37:5B:E9:DA:C5:03:B3:1F:5A:5B:D7:3E:4C"}}},"request":{"raw":"GET /go/kaiyun1/static/js/cslink.js?v=0.42477986199661855 HTTP/1.1\r\nHost: www.ybwworld.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ybwworld.com/go/kaiyun1/ky.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 13:56:20 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 29 Dec 2025 05:28:32 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69521180-1223\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4643,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text","md5":"495d45082d7abed562914286c094ef00","sha1":"38085efef6180a99f9078f409160b8d0291cd8bd","sha256":"6596273ae903d861881b84ac9ab8c86c4eb47c7a6b645a7d63cba7b2ef0eb155","sha512":"160415144ee6059f554d5fedb4331ed356c66d4de9ce0b5e98f2e04fbe2f7c45c4c3883a43a03636f0a8bc30a64c5d3c932f8862884f6836563f6e605be7bb1a","ssdeep":"96:1ViBL3t1+0L4Kb0bAVW8420fl7V0g7rgj:1ViBL37PL4Kb0bAk8je7V0g7rgj","tlshash":"47a1c25b81d41c8506aa11346eaf315eb1bf726cd81c8e4e9e91e3e02e31177fd192be","first_seen":"2025-12-29T11:28:40.998544Z","last_seen":"2026-01-11T07:29:03.714102Z","times_seen":54,"resource_available":true,"data":null}},"time_used":274,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":274,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/static/image/htylogo.png","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.ybwworld.com/go/kaiyun1/ky.html","date":"2025-12-31T13:57:01.273Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ybwworld.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Dec 2025 06:25:47 GMT","end":"Tue, 24 Mar 2026 06:25:46 GMT"},"fingerprint":{"sha1":"04:D9:C2:02:7A:69:F1:B6:1E:89:56:0E:EA:95:86:11:C2:C9:D8:28","sha256":"95:F3:D2:B0:A9:07:02:AD:AF:6A:AE:CA:33:63:7F:6D:BD:62:B7:37:5B:E9:DA:C5:03:B3:1F:5A:5B:D7:3E:4C"}}},"request":{"raw":"GET /go/kaiyun1/static/image/htylogo.png HTTP/1.1\r\nHost: www.ybwworld.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ybwworld.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 13:56:23 GMT\r\nContent-Type: image/png\r\nContent-Length: 6696\r\nLast-Modified: Wed, 18 Sep 2024 07:03:51 GMT\r\nConnection: keep-alive\r\nETag: \"66ea7b57-1a28\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6696,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 216 x 86, 8-bit colormap, non-interlaced","md5":"f9038799f684a3fe4635f8ffa6cb0e05","sha1":"e13a9c966a7e0a8165c306d0309268d917076e65","sha256":"c10e575138e2d70a4e1afb59b668d89b9824a7e8fa272afd11f1692e9bd6530d","sha512":"0e89c7ba019600399d19c51d4ebdda11a32c7338b64281904a82a00ec480b9a2f32f53e4dfbba13f72d357fb8f078f24f5dbd1c132a2e1728df44ef29684c54b","ssdeep":"192:7lZ9mR0Cs4QeE986T1pwqxACpWKL8+Bldc/yFWxkq71W+4Gz:RGFSeE9FTUqxaM2ysGqZW+4Gz","tlshash":"6fd18ef756b6685b4e2823085604b9e44c48a107f2f874b6c837569bae50a73a1ae463","first_seen":"2024-04-06T21:30:48Z","last_seen":"2026-04-03T16:25:58.788509Z","times_seen":2445,"resource_available":false,"data":null}},"time_used":1903,"timings":{"blocked":1617,"dns":0,"connect":0,"send":0,"wait":286,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/static/image/sport-item-bg.png","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.ybwworld.com/go/kaiyun1/ky.html","date":"2025-12-31T13:57:01.277Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ybwworld.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Dec 2025 06:25:47 GMT","end":"Tue, 24 Mar 2026 06:25:46 GMT"},"fingerprint":{"sha1":"04:D9:C2:02:7A:69:F1:B6:1E:89:56:0E:EA:95:86:11:C2:C9:D8:28","sha256":"95:F3:D2:B0:A9:07:02:AD:AF:6A:AE:CA:33:63:7F:6D:BD:62:B7:37:5B:E9:DA:C5:03:B3:1F:5A:5B:D7:3E:4C"}}},"request":{"raw":"GET /go/kaiyun1/static/image/sport-item-bg.png HTTP/1.1\r\nHost: www.ybwworld.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ybwworld.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 13:56:24 GMT\r\nContent-Type: image/png\r\nContent-Length: 12434\r\nLast-Modified: Wed, 18 Sep 2024 07:04:18 GMT\r\nConnection: keep-alive\r\nETag: \"66ea7b72-3092\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12434,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 624 x 400, 2-bit colormap, non-interlaced","md5":"ac76c6c7dd993b8bba750449be70d3ea","sha1":"2c1111bcdfa2b3549c8e440c472b866553a270d8","sha256":"b909239d687e0c2dea7608a984bd4a8ad8fe589ec72079a9305f836971c9667c","sha512":"39a33c45472eb07f3d7bd89c60e91a13ad15d94ab4a965b3ff5bdc836383b7bbb5a1a3e03ffcddd14e600583f1f38adb8066347e14f88c51dcab40a8bf0de6cf","ssdeep":"192:YYjq+N9vUOkM3NQeisvtvRdy1/VsBlArzT89SaSkqxUSriFlKtq9RcIyMMwEGI6V:Y2N9vUPpeDvn8WoX8saqxULlb9gMMwVV","tlshash":"d042c0abffcb072865968497030f71a0ea0915ee98298bcd164c7b7b161c054b16caee","first_seen":"2023-09-17T16:12:24Z","last_seen":"2026-04-03T19:29:49.845093Z","times_seen":2804,"resource_available":false,"data":null}},"time_used":2586,"timings":{"blocked":2285,"dns":0,"connect":0,"send":0,"wait":300,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/static/font/montserrat-regular.949efd65.ttf","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.ybwworld.com/go/kaiyun1/ky.html","date":"2025-12-31T13:57:01.290Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ybwworld.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Dec 2025 06:25:47 GMT","end":"Tue, 24 Mar 2026 06:25:46 GMT"},"fingerprint":{"sha1":"04:D9:C2:02:7A:69:F1:B6:1E:89:56:0E:EA:95:86:11:C2:C9:D8:28","sha256":"95:F3:D2:B0:A9:07:02:AD:AF:6A:AE:CA:33:63:7F:6D:BD:62:B7:37:5B:E9:DA:C5:03:B3:1F:5A:5B:D7:3E:4C"}}},"request":{"raw":"GET /go/kaiyun1/static/font/montserrat-regular.949efd65.ttf HTTP/1.1\r\nHost: www.ybwworld.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ybwworld.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 13:56:22 GMT\r\nContent-Type: text/html\r\nContent-Length: 520\r\nConnection: keep-alive\r\nETag: \"619e0cae-208\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":520,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"3704f92207749f1f9b308fc856e7b7eb","sha1":"b12e7554f139b239e0cb11f2138fa328e414a761","sha256":"7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e","sha512":"c0812fb9a6cc887ce08a773103b08a719a65700c052ff79e35f3471321abc091aa18f73fe6af4600e8409732cc7524ef1760e0a3a242475d41f90fa4182a0297","ssdeep":"","tlshash":"abf00ea3b1130c0e13a8627033b1b0b4dc867dcb67030e51846a303facc16a9c7a33d8","first_seen":"2023-04-08T15:59:38Z","last_seen":"2026-04-03T14:05:12.093071Z","times_seen":6215,"resource_available":true,"data":null}},"time_used":685,"timings":{"blocked":392,"dns":0,"connect":0,"send":0,"wait":293,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/static/font/iconfont.e7187704.woff2","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.ybwworld.com/go/kaiyun1/ky.html","date":"2025-12-31T13:57:02.318Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ybwworld.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Dec 2025 06:25:47 GMT","end":"Tue, 24 Mar 2026 06:25:46 GMT"},"fingerprint":{"sha1":"04:D9:C2:02:7A:69:F1:B6:1E:89:56:0E:EA:95:86:11:C2:C9:D8:28","sha256":"95:F3:D2:B0:A9:07:02:AD:AF:6A:AE:CA:33:63:7F:6D:BD:62:B7:37:5B:E9:DA:C5:03:B3:1F:5A:5B:D7:3E:4C"}}},"request":{"raw":"GET /go/kaiyun1/static/font/iconfont.e7187704.woff2 HTTP/1.1\r\nHost: www.ybwworld.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ybwworld.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 13:56:23 GMT\r\nContent-Type: text/html\r\nContent-Length: 520\r\nConnection: keep-alive\r\nETag: \"619e0cae-208\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":520,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"3704f92207749f1f9b308fc856e7b7eb","sha1":"b12e7554f139b239e0cb11f2138fa328e414a761","sha256":"7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e","sha512":"c0812fb9a6cc887ce08a773103b08a719a65700c052ff79e35f3471321abc091aa18f73fe6af4600e8409732cc7524ef1760e0a3a242475d41f90fa4182a0297","ssdeep":"","tlshash":"abf00ea3b1130c0e13a8627033b1b0b4dc867dcb67030e51846a303facc16a9c7a33d8","first_seen":"2023-04-08T15:59:38Z","last_seen":"2026-04-03T14:05:12.093071Z","times_seen":6215,"resource_available":true,"data":null}},"time_used":307,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":307,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mlbetjs.com/js/25/6/x3/ld.js","fqdn":"mlbetjs.com","domain":"mlbetjs.com","tld":"com"},"ip":{"addr":"202.79.171.25","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:54.703Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.mlbetjs.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Dec 2025 06:19:59 GMT","end":"Tue, 24 Mar 2026 06:19:58 GMT"},"fingerprint":{"sha1":"DB:88:2A:BA:B8:1B:A5:E7:A9:D9:72:61:57:62:67:67:CB:17:2B:13","sha256":"3F:FC:4A:BF:55:FD:4D:CA:9F:B4:9C:03:AE:FC:EA:40:21:93:36:F8:80:14:15:4D:D2:C6:47:CA:65:7A:D5:C1"}}},"request":{"raw":"GET /js/25/6/x3/ld.js HTTP/1.1\r\nHost: mlbetjs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 13:56:16 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sun, 12 Oct 2025 08:40:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68eb696c-925\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2341,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (554)","md5":"a7219b647c8dad12258bdb96b160b067","sha1":"ed018cb08bfbf03a745e7e5c8ef88bd63636be39","sha256":"d3a245c0c1886b1e0eab2cdcf41b8f7d42c836d1a942b7d7a080f9615e5c7d33","sha512":"146e2a4bc85d3a9795130fdd9b919a11b18520cf441bcc6d6e58bd3a39b37f511f652a6e894f882d9a38d5445a230108c852f7ba7423017068ded83cf4100100","ssdeep":"","tlshash":"be41311fbc599c386676183a2e7bda4cb8be0478401ed40ac0dfd86cdd24ff50926b48","first_seen":"2025-10-26T05:23:37.326193Z","last_seen":"2026-03-23T00:44:44.73138Z","times_seen":44,"resource_available":true,"data":null}},"time_used":1937,"timings":{"blocked":836,"dns":4,"connect":255,"send":0,"wait":253,"receive":1,"ssl":585},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"mlbetjs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/static/picture/rbsmgwmig0oaqpqmaabq2kzlptk31.webp","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.ybwworld.com/go/kaiyun1/ky.html","date":"2025-12-31T13:56:59.568Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ybwworld.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Dec 2025 06:25:47 GMT","end":"Tue, 24 Mar 2026 06:25:46 GMT"},"fingerprint":{"sha1":"04:D9:C2:02:7A:69:F1:B6:1E:89:56:0E:EA:95:86:11:C2:C9:D8:28","sha256":"95:F3:D2:B0:A9:07:02:AD:AF:6A:AE:CA:33:63:7F:6D:BD:62:B7:37:5B:E9:DA:C5:03:B3:1F:5A:5B:D7:3E:4C"}}},"request":{"raw":"GET /go/kaiyun1/static/picture/rbsmgwmig0oaqpqmaabq2kzlptk31.webp HTTP/1.1\r\nHost: www.ybwworld.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ybwworld.com/go/kaiyun1/ky.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 13:56:22 GMT\r\nContent-Type: image/webp\r\nContent-Length: 40503\r\nLast-Modified: Mon, 25 Dec 2023 15:21:00 GMT\r\nConnection: keep-alive\r\nETag: \"65899ddc-9e37\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":40503,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 206 x 173, 8-bit/color RGBA, non-interlaced","md5":"b6e859bef31336d0a03ad2ed18cd4e31","sha1":"db8b7b1e320d7e115254a646d97ab5780c52e0ae","sha256":"170ec291fd15ea3d6ff4112026d4cda5a52127fbb9afdec2360c067bc69c4047","sha512":"f6fdd16d6544a3d267d355429af12d61d17a45740b9575a9372e4f65b33908baa09be698f83584c11544830a2b5b860e7a46a1bbde718e42facae789a771ca5f","ssdeep":"768:A22vHjG0B15BZjNKTprKdweaFRo5grne0rg3RUCifsX:Ar1XZjNKThlZY5grZs33ifsX","tlshash":"1803f1d2e5605c47d171371e820e2e834c3e4b927bd8de6af95e9df5e2418fb85021a3","first_seen":"2023-05-18T07:54:04Z","last_seen":"2026-04-03T19:29:49.840519Z","times_seen":2262,"resource_available":false,"data":null}},"time_used":2585,"timings":{"blocked":1654,"dns":0,"connect":0,"send":0,"wait":607,"receive":324,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"v1-ab.cdn-static.cn/editor/??do-basic.css,do-layout.css,do-form.css,do-element.css,element/do-tabText.css,js/wow/animate.css?202031911342","fqdn":"v1-ab.cdn-static.cn","domain":"cdn-static.cn","tld":"cn"},"ip":{"addr":"47.246.3.26","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:54.705Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"v1-ab.cdn-static.cn","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Tue, 05 Aug 2025 00:00:00 GMT","end":"Tue, 04 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5A:00:AF:70:1E:4A:09:C0:3A:CD:C1:63:1C:8F:6B:6D:6A:6A:ED:B9","sha256":"BC:52:61:8A:3A:69:C8:75:C3:D4:91:EC:31:EA:9B:65:AD:ED:63:2C:8F:F1:8D:33:8E:1D:1B:BE:73:52:A0:8B"}}},"request":{"raw":"GET /editor/??do-basic.css,do-layout.css,do-form.css,do-element.css,element/do-tabText.css,js/wow/animate.css?202031911342 HTTP/1.1\r\nHost: v1-ab.cdn-static.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\nserver: Tengine\r\ndate: Wed, 31 Dec 2025 13:56:55 GMT\r\ncontent-type: text/html; charset=utf-8\r\nx-tengine-error: denied by Referer ACL\r\ncache_control: no-cache, no-store\r\npragma: no-cache\r\nvia: cache4.ru4[,403003]\r\ntiming-allow-origin: *\r\neagleid: 2ff6039817671894156122181e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":1823,"timings":{"blocked":890,"dns":474,"connect":28,"send":0,"wait":34,"receive":0,"ssl":381},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v1.cdn-static.cn/2018/11/8/11825_jo7zzriz.png","fqdn":"v1.cdn-static.cn","domain":"cdn-static.cn","tld":"cn"},"ip":{"addr":"154.41.93.241","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:54.714Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"v1.cdn-static.cn","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Tue, 27 Jan 2026 23:59:59 GMT"},"fingerprint":{"sha1":"89:D7:C2:3C:2B:90:EA:43:A1:6C:A5:E3:B8:C3:D5:6F:3F:09:25:E3","sha256":"81:15:EA:DB:53:37:5F:D8:F3:B4:2E:28:E4:53:58:E8:C5:4B:6C:D8:E7:A2:5D:D6:7D:00:ED:16:69:50:1C:77"}}},"request":{"raw":"GET /2018/11/8/11825_jo7zzriz.png HTTP/1.1\r\nHost: v1.cdn-static.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\nserver: openresty\r\ndate: Wed, 31 Dec 2025 13:56:56 GMT\r\ncontent-type: text/html\r\ncontent-length: 150\r\nx-error-detail: BTR\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":1916,"timings":{"blocked":1080,"dns":0,"connect":289,"send":0,"wait":254,"receive":0,"ssl":292},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?619b4901600e6cc6880e96c099454dea","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:55.860Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.js?619b4901600e6cc6880e96c099454dea HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\nContent-Length: 11294\r\nContent-Type: application/javascript\r\nDate: Wed, 31 Dec 2025 13:56:56 GMT\r\nEtag: 994459378fea1b9b4af0a6b34498dbc2\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=762ECAFAD7334D08; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":29900,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (624)","md5":"8d207015698e99adf6b5bff745e4cf54","sha1":"71f11d2af597c73cfc467775ab5803de213f5876","sha256":"4a1bc0862a6f473cfce9af9cee2e424a4d2a620c9a9c27b6d91938396fa08f76","sha512":"5044b65cf00e45b52233be454a45497f13b44b6d9e2362d1f5d967c88f4d4860df340b2ff8096a98ad547fec07f2573548d013dcace294f04b5dbe74fa259c7c","ssdeep":"384:/AJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:/A4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"9ed2d9e9b282713293a324a5153f724af07b5a54bd4968a4f11894c07d38fbb027bfdd","first_seen":"2025-12-31T13:57:32.117911Z","last_seen":"2025-12-31T13:57:32.117911Z","times_seen":1,"resource_available":true,"data":null}},"time_used":860,"timings":{"blocked":-1,"dns":2,"connect":196,"send":0,"wait":257,"receive":1,"ssl":403},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v1-ab.cdn-static.cn/editor/js/??jquery.serializejson.min.js,layer/layer.js,waypoints/jquery.waypoints.min.js,jquery.scrollLoading-min.js,Validform_v5.3.2_min.js","fqdn":"v1-ab.cdn-static.cn","domain":"cdn-static.cn","tld":"cn"},"ip":{"addr":"47.246.3.26","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:59.075Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"v1-ab.cdn-static.cn","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Tue, 05 Aug 2025 00:00:00 GMT","end":"Tue, 04 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5A:00:AF:70:1E:4A:09:C0:3A:CD:C1:63:1C:8F:6B:6D:6A:6A:ED:B9","sha256":"BC:52:61:8A:3A:69:C8:75:C3:D4:91:EC:31:EA:9B:65:AD:ED:63:2C:8F:F1:8D:33:8E:1D:1B:BE:73:52:A0:8B"}}},"request":{"raw":"GET /editor/js/??jquery.serializejson.min.js,layer/layer.js,waypoints/jquery.waypoints.min.js,jquery.scrollLoading-min.js,Validform_v5.3.2_min.js HTTP/1.1\r\nHost: v1-ab.cdn-static.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.0769chumei.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\nserver: Tengine\r\ndate: Wed, 31 Dec 2025 13:56:59 GMT\r\ncontent-type: text/html; charset=utf-8\r\nx-tengine-error: denied by Referer ACL\r\ncache_control: no-cache, no-store\r\npragma: no-cache\r\nvia: cache9.ru4[,403003]\r\ntiming-allow-origin: *\r\neagleid: 2ff6039d17671894191067586e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":304,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (304), with no line terminators","md5":"252d5cee0ffc4ce482ec209ac8eed6f2","sha1":"19e17ee88b1d2b583c8ad3fb2ef02c8a0454b1dc","sha256":"476b9c4bb5793ed23536944572a411b194319edb864aca0ffbc0302f35512b6b","sha512":"cda0cce44962ebefbdecc47d18bb87c3ac9acc41ccf14505012b8cc614421d7ee14c972ea9ff9d87a6ee44a953db4ea8abadbae1eb8e8be3bd388a5b7a4a37d3","ssdeep":"","tlshash":"5be0cdeee19e309eaf0715d425572fd069541261b7f30cd47e4028d7816047d860625e","first_seen":"2025-12-31T13:57:32.118764Z","last_seen":"2025-12-31T13:57:32.118764Z","times_seen":1,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/static/image/leyulogo.png","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.ybwworld.com/go/kaiyun1/ky.html","date":"2025-12-31T13:57:01.264Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ybwworld.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Dec 2025 06:25:47 GMT","end":"Tue, 24 Mar 2026 06:25:46 GMT"},"fingerprint":{"sha1":"04:D9:C2:02:7A:69:F1:B6:1E:89:56:0E:EA:95:86:11:C2:C9:D8:28","sha256":"95:F3:D2:B0:A9:07:02:AD:AF:6A:AE:CA:33:63:7F:6D:BD:62:B7:37:5B:E9:DA:C5:03:B3:1F:5A:5B:D7:3E:4C"}}},"request":{"raw":"GET /go/kaiyun1/static/image/leyulogo.png HTTP/1.1\r\nHost: www.ybwworld.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ybwworld.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 13:56:23 GMT\r\nContent-Type: image/png\r\nContent-Length: 5939\r\nLast-Modified: Sun, 01 Jun 2025 06:13:05 GMT\r\nConnection: keep-alive\r\nETag: \"683bef71-1733\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5939,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 100, 8-bit colormap, non-interlaced","md5":"0766823d7d695ab7be2022a7856ba852","sha1":"8784e00785274e6a63bc8f83461d4786953b6e76","sha256":"a0f09589fdb876045b3ff19713921db68e488d1a853ac7d3872241f9bf624594","sha512":"0ab9505feb5f8a8312f9ae3ebf10a1131b37b5e545e663df68a7f941b597a3ab5c9c14bad11c74b3bd54b5e20347249e673a99e1449db46b6e23c3218d38f764","ssdeep":"96:tWaPv1GR74oIl25kQN0Fw731k8PFwrD2oX6cHuvQoAD7uvsk9wzibJD9msveFW/5:UaPgR77Il25SmRkfrz6cOvQouukJqxmE","tlshash":"42c19fd6184a5a61e142090fd4a8ea0cf8f4f15fe6dc26e4df5c8ad787c3cc85be5184","first_seen":"2024-06-11T19:41:23Z","last_seen":"2026-04-03T16:25:58.79177Z","times_seen":2002,"resource_available":false,"data":null}},"time_used":1626,"timings":{"blocked":1361,"dns":0,"connect":0,"send":0,"wait":265,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"v1.cdn-static.cn/2018/11/8/11825_jo7zzriz.png","fqdn":"v1.cdn-static.cn","domain":"cdn-static.cn","tld":"cn"},"ip":{"addr":"154.41.93.241","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:59.067Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"v1.cdn-static.cn","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Tue, 27 Jan 2026 23:59:59 GMT"},"fingerprint":{"sha1":"89:D7:C2:3C:2B:90:EA:43:A1:6C:A5:E3:B8:C3:D5:6F:3F:09:25:E3","sha256":"81:15:EA:DB:53:37:5F:D8:F3:B4:2E:28:E4:53:58:E8:C5:4B:6C:D8:E7:A2:5D:D6:7D:00:ED:16:69:50:1C:77"}}},"request":{"raw":"GET /2018/11/8/11825_jo7zzriz.png HTTP/1.1\r\nHost: v1.cdn-static.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\nserver: openresty\r\ndate: Wed, 31 Dec 2025 13:56:59 GMT\r\ncontent-type: text/html\r\ncontent-length: 150\r\nx-error-detail: BTR\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":255,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":255,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v1-ab.cdn-static.cn/editor/js/jquery.min.js","fqdn":"v1-ab.cdn-static.cn","domain":"cdn-static.cn","tld":"cn"},"ip":{"addr":"47.246.3.26","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:58.942Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"v1-ab.cdn-static.cn","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Tue, 05 Aug 2025 00:00:00 GMT","end":"Tue, 04 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5A:00:AF:70:1E:4A:09:C0:3A:CD:C1:63:1C:8F:6B:6D:6A:6A:ED:B9","sha256":"BC:52:61:8A:3A:69:C8:75:C3:D4:91:EC:31:EA:9B:65:AD:ED:63:2C:8F:F1:8D:33:8E:1D:1B:BE:73:52:A0:8B"}}},"request":{"raw":"GET /editor/js/jquery.min.js HTTP/1.1\r\nHost: v1-ab.cdn-static.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\nserver: Tengine\r\ndate: Wed, 31 Dec 2025 13:56:58 GMT\r\ncontent-type: text/html; charset=utf-8\r\nx-tengine-error: denied by Referer ACL\r\ncache_control: no-cache, no-store\r\npragma: no-cache\r\nvia: cache4.ru4[,403003]\r\ntiming-allow-origin: *\r\neagleid: 2ff6039817671894189624174e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v1-ab.cdn-static.cn/templates/default_test/style.css?202031911342","fqdn":"v1-ab.cdn-static.cn","domain":"cdn-static.cn","tld":"cn"},"ip":{"addr":"47.246.3.26","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:58.977Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"v1-ab.cdn-static.cn","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Tue, 05 Aug 2025 00:00:00 GMT","end":"Tue, 04 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5A:00:AF:70:1E:4A:09:C0:3A:CD:C1:63:1C:8F:6B:6D:6A:6A:ED:B9","sha256":"BC:52:61:8A:3A:69:C8:75:C3:D4:91:EC:31:EA:9B:65:AD:ED:63:2C:8F:F1:8D:33:8E:1D:1B:BE:73:52:A0:8B"}}},"request":{"raw":"GET /templates/default_test/style.css?202031911342 HTTP/1.1\r\nHost: v1-ab.cdn-static.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\nserver: Tengine\r\ndate: Wed, 31 Dec 2025 13:56:58 GMT\r\ncontent-type: text/html; charset=utf-8\r\nx-tengine-error: denied by Referer ACL\r\ncache_control: no-cache, no-store\r\npragma: no-cache\r\nvia: cache4.ru4[,403003]\r\ntiming-allow-origin: *\r\neagleid: 2ff6039817671894189954201e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v1.cdn-static.cn/2018/12/6/11825_jpc93597.png?imageView2/2/w/600","fqdn":"v1.cdn-static.cn","domain":"cdn-static.cn","tld":"cn"},"ip":{"addr":"154.41.93.241","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:59.017Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"v1.cdn-static.cn","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Tue, 27 Jan 2026 23:59:59 GMT"},"fingerprint":{"sha1":"89:D7:C2:3C:2B:90:EA:43:A1:6C:A5:E3:B8:C3:D5:6F:3F:09:25:E3","sha256":"81:15:EA:DB:53:37:5F:D8:F3:B4:2E:28:E4:53:58:E8:C5:4B:6C:D8:E7:A2:5D:D6:7D:00:ED:16:69:50:1C:77"}}},"request":{"raw":"GET /2018/12/6/11825_jpc93597.png?imageView2/2/w/600 HTTP/1.1\r\nHost: v1.cdn-static.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\nserver: openresty\r\ndate: Wed, 31 Dec 2025 13:56:59 GMT\r\ncontent-type: text/html\r\ncontent-length: 150\r\nx-error-detail: BTR\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":254,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":254,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v1.cdn-static.cn/2018/11/8/11825_jo8288st_6934.png","fqdn":"v1.cdn-static.cn","domain":"cdn-static.cn","tld":"cn"},"ip":{"addr":"154.41.93.241","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:59.667Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"v1.cdn-static.cn","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Tue, 27 Jan 2026 23:59:59 GMT"},"fingerprint":{"sha1":"89:D7:C2:3C:2B:90:EA:43:A1:6C:A5:E3:B8:C3:D5:6F:3F:09:25:E3","sha256":"81:15:EA:DB:53:37:5F:D8:F3:B4:2E:28:E4:53:58:E8:C5:4B:6C:D8:E7:A2:5D:D6:7D:00:ED:16:69:50:1C:77"}}},"request":{"raw":"GET /2018/11/8/11825_jo8288st_6934.png HTTP/1.1\r\nHost: v1.cdn-static.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\nserver: openresty\r\ndate: Wed, 31 Dec 2025 13:56:59 GMT\r\ncontent-type: text/html\r\ncontent-length: 150\r\nx-error-detail: BTR\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":251,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":251,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"collect-v6.51.la/v6/collect?dt=4","fqdn":"collect-v6.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"43.174.227.204","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:57:00.033Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.51.la","organization":"广州有啦网络科技有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 18 Mar 2025 04:08:22 GMT","end":"Sun, 19 Apr 2026 04:08:21 GMT"},"fingerprint":{"sha1":"AE:CB:32:71:EE:EE:E6:72:A4:88:B2:9F:4F:C4:E5:B5:A8:C2:73:6C","sha256":"7C:F1:09:2F:6A:8C:5B:F8:63:DF:D3:32:B0:F3:F8:E7:01:29:0E:F2:55:8B:4F:6C:58:55:8E:44:E9:EC:15:F4"}}},"request":{"raw":"POST /v6/collect?dt=4 HTTP/1.1\r\nHost: collect-v6.51.la\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Length: 370\r\nOrigin: https://www.0769chumei.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 210 No Reason Phrase\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://www.0769chumei.com\r\naccess-control-allow-credentials: true\r\nserver: TencentEdgeOne\r\ncontent-length: 0\r\ndate: Wed, 31 Dec 2025 13:57:00 GMT\r\neo-log-uuid: 6730374194189889619\r\neo-cache-status: MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"210","status_text":"No Reason Phrase","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":323,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":323,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/static/image/ldlogo.png","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.ybwworld.com/go/kaiyun1/ky.html","date":"2025-12-31T13:57:01.268Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ybwworld.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Dec 2025 06:25:47 GMT","end":"Tue, 24 Mar 2026 06:25:46 GMT"},"fingerprint":{"sha1":"04:D9:C2:02:7A:69:F1:B6:1E:89:56:0E:EA:95:86:11:C2:C9:D8:28","sha256":"95:F3:D2:B0:A9:07:02:AD:AF:6A:AE:CA:33:63:7F:6D:BD:62:B7:37:5B:E9:DA:C5:03:B3:1F:5A:5B:D7:3E:4C"}}},"request":{"raw":"GET /go/kaiyun1/static/image/ldlogo.png HTTP/1.1\r\nHost: www.ybwworld.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ybwworld.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 13:56:23 GMT\r\nContent-Type: image/png\r\nContent-Length: 220743\r\nLast-Modified: Thu, 29 Feb 2024 07:27:24 GMT\r\nConnection: keep-alive\r\nETag: \"65e031dc-35e47\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":220743,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 3600 x 2000, 8-bit colormap, non-interlaced","md5":"492093dcf4b1ba9c13b19de1903d974a","sha1":"5e4a03772362bf9c43bc9a5ad75682564f5d0f76","sha256":"009a0d5c28b46ef15643b4f1b90f4af852846bce2b65a443d231d41cd21e24f5","sha512":"a1caaa66263ed8ce703221060978c9f5985ac72533b50127e272ddfc2090dbbaa00ae2f9c460b8937d3fa92397457b2b0dee538cedbf023b2d414d7a9b281c34","ssdeep":"6144:Wx8WwUNUfdl+GUc6QOkWF2zuwJKf3yeEOjEEBF:Wx83U5GUsOkNzuwkf3XEOdBF","tlshash":"d42402b5b322429fc13e5b265ac73df595f58eb106f4e77ac4653a0a033980fce91898","first_seen":"2024-05-09T23:18:45Z","last_seen":"2026-04-03T16:25:58.797637Z","times_seen":1978,"resource_available":false,"data":null}},"time_used":6606,"timings":{"blocked":1357,"dns":0,"connect":0,"send":0,"wait":264,"receive":4985,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/static/image/milanlogo.png","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.ybwworld.com/go/kaiyun1/ky.html","date":"2025-12-31T13:57:01.272Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ybwworld.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Dec 2025 06:25:47 GMT","end":"Tue, 24 Mar 2026 06:25:46 GMT"},"fingerprint":{"sha1":"04:D9:C2:02:7A:69:F1:B6:1E:89:56:0E:EA:95:86:11:C2:C9:D8:28","sha256":"95:F3:D2:B0:A9:07:02:AD:AF:6A:AE:CA:33:63:7F:6D:BD:62:B7:37:5B:E9:DA:C5:03:B3:1F:5A:5B:D7:3E:4C"}}},"request":{"raw":"GET /go/kaiyun1/static/image/milanlogo.png HTTP/1.1\r\nHost: www.ybwworld.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ybwworld.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 13:56:23 GMT\r\nContent-Type: image/png\r\nContent-Length: 31876\r\nLast-Modified: Wed, 01 Oct 2025 10:57:17 GMT\r\nConnection: keep-alive\r\nETag: \"68dd090d-7c84\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31876,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 460 x 200, 8-bit/color RGBA, non-interlaced","md5":"39210e9c9de6402d5546a3198ef2584f","sha1":"7cf2d9b624236f6d89e6adf7141a984993c0d00a","sha256":"082ce96e8972350ee17a4c9898aec45c45e6a5812f6f04c73912e08029639e7e","sha512":"dbd1c54055d23b96a76461c2461046bc247f77a40ece21eddb4053867e1379c3ee2c2857f03b4eb2364d9f9b1d5a49e7c95d1444d7c23fb6b7575b066dd6cd63","ssdeep":"768:LF06BlKZmq8To17zpRtTlbonwtJUeH9mXMks1PotXt:1lKZrLo6eBx7","tlshash":"d5e2f19a5fd1a86aaa3c94704f9bc8d20923109393f6b6f8585fef23012114d81dcff2","first_seen":"2025-10-02T15:40:47.978938Z","last_seen":"2026-04-03T10:37:01.685578Z","times_seen":676,"resource_available":false,"data":null}},"time_used":2203,"timings":{"blocked":1363,"dns":0,"connect":0,"send":0,"wait":289,"receive":551,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?8e1df91611627c21bf39ae4ad3304f2d","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:55.857Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.js?8e1df91611627c21bf39ae4ad3304f2d HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\nContent-Length: 11305\r\nContent-Type: application/javascript\r\nDate: Wed, 31 Dec 2025 13:56:56 GMT\r\nEtag: 0a0a24a3683d5541bff8a1f0ac56bd50\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=78CDAD755F58108B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":29911,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (635)","md5":"675ebe4735a0773cd30adfcc64e67e01","sha1":"149d41b60fb83ae228686e0238cb8ca0dce81ba9","sha256":"42c09209a52913c2c040c7324d8b9ff8211fc1f0d8b61887d3bdfbd2484788b9","sha512":"d49c2790e14c007dc52ccc7518e5562236c2ca6116a4f9dc7cc357a390bc8d565f879534f83e58218b9639058cb56f5a5a5838489c1c4f31396d8056701fd05c","ssdeep":"384:wmJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:wm4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"3bd2d9e9b282713293a324a5153f724af07b5a54bd4968a4f11894c07d38fbb027bfdd","first_seen":"2025-12-31T13:57:32.121003Z","last_seen":"2025-12-31T13:57:32.121003Z","times_seen":1,"resource_available":true,"data":null}},"time_used":867,"timings":{"blocked":-1,"dns":2,"connect":200,"send":0,"wait":261,"receive":1,"ssl":402},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=762ECAFAD7334D08\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=646213458\u0026si=619b4901600e6cc6880e96c099454dea\u0026v=1.3.2\u0026lv=1\u0026sn=38142\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fwww.0769chumei.com%2F\u0026tt=%E7%B1%B3%E5%85%B0%E7%BD%91%E9%A1%B5%E7%89%88-%E7%B1%B3%E5%85%B0%EF%BC%88%E4%B8%AD%E5%9B%BD%EF%BC%89","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:56.827Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=762ECAFAD7334D08\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=646213458\u0026si=619b4901600e6cc6880e96c099454dea\u0026v=1.3.2\u0026lv=1\u0026sn=38142\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fwww.0769chumei.com%2F\u0026tt=%E7%B1%B3%E5%85%B0%E7%BD%91%E9%A1%B5%E7%89%88-%E7%B1%B3%E5%85%B0%EF%BC%88%E4%B8%AD%E5%9B%BD%EF%BC%89 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Wed, 31 Dec 2025 13:56:56 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=7128BAA6809AAA45; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-03T20:31:04.607762Z","times_seen":326388,"resource_available":true,"data":null}},"time_used":257,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":257,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.0769chumei.com/?db20ffe80ffd54be3b0f617b73bf46bf","fqdn":"www.0769chumei.com","domain":"0769chumei.com","tld":"com"},"ip":{"addr":"154.199.195.22","port":443,"asn":9009,"as":"M247 Europe SRL","country":"Spain","country_code":"ES"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:59.074Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"ECDSA-P521-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"0769chumei.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 24 Nov 2025 10:57:51 GMT","end":"Sun, 22 Feb 2026 10:57:50 GMT"},"fingerprint":{"sha1":"E8:19:4F:68:09:4A:56:49:DD:CB:51:7F:CA:57:C1:BC:C4:A8:1A:B1","sha256":"F9:1D:38:B4:51:46:18:FB:9D:3B:A9:26:71:51:8A:8F:D3:75:DE:37:E4:05:B6:65:62:F7:20:A1:13:E1:EC:78"}}},"request":{"raw":"GET /?db20ffe80ffd54be3b0f617b73bf46bf HTTP/1.1\r\nHost: www.0769chumei.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nCookie: Hm_lvt_619b4901600e6cc6880e96c099454dea=1767189417; Hm_lpvt_619b4901600e6cc6880e96c099454dea=1767189417; HMACCOUNT=762ECAFAD7334D08; Hm_lvt_8e1df91611627c21bf39ae4ad3304f2d=1767189417; Hm_lpvt_8e1df91611627c21bf39ae4ad3304f2d=1767189417; Hm_lvt_abd9042f5639a2d5cca049cb78dc267c=1767189417; Hm_lpvt_abd9042f5639a2d5cca049cb78dc267c=1767189417; time_offset=0\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.14.2\r\ndate: Wed, 31 Dec 2025 13:56:59 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]},{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":65725,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (11816), with CRLF, CR, LF line terminators","md5":"dad6847475fe0b6b9378620b80387e11","sha1":"679a29261736bd465dde13b02e4c85124b11ab30","sha256":"a4ffd8cf9b00d1d27b6d36f3e8e5324a51d58549acbfeab94641dd540c484a64","sha512":"9439eca57232a51d0af70557c944fffd1c50b80d53cb04bcd47ac086fefa156c603880c67aed19913d78b10cfb866354448aff09b73996b14cfb68ba2b3b2507","ssdeep":"1536:ZFSB9Y4IIC0MoOCm0MAgIQKD8lDhWsl9w:ZFSBhOCBgIP9","tlshash":"cc5384386183103f132f44c4b076bf1eaad3d28ddb430a5af5fc67a65fd6c99a54128a","first_seen":"2025-10-26T05:23:37.330104Z","last_seen":"2026-03-22T07:14:33.828063Z","times_seen":6,"resource_available":true,"data":null}},"time_used":747,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":747,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.0769chumei.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"v1-ab.cdn-static.cn/editor/js/wow/wow.min.js?2021519103916","fqdn":"v1-ab.cdn-static.cn","domain":"cdn-static.cn","tld":"cn"},"ip":{"addr":"47.246.3.26","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:59.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"v1-ab.cdn-static.cn","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Tue, 05 Aug 2025 00:00:00 GMT","end":"Tue, 04 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5A:00:AF:70:1E:4A:09:C0:3A:CD:C1:63:1C:8F:6B:6D:6A:6A:ED:B9","sha256":"BC:52:61:8A:3A:69:C8:75:C3:D4:91:EC:31:EA:9B:65:AD:ED:63:2C:8F:F1:8D:33:8E:1D:1B:BE:73:52:A0:8B"}}},"request":{"raw":"GET /editor/js/wow/wow.min.js?2021519103916 HTTP/1.1\r\nHost: v1-ab.cdn-static.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.0769chumei.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\nserver: Tengine\r\ndate: Wed, 31 Dec 2025 13:56:59 GMT\r\ncontent-type: text/html; charset=utf-8\r\nx-tengine-error: denied by Referer ACL\r\ncache_control: no-cache, no-store\r\npragma: no-cache\r\nvia: cache9.ru4[,403003]\r\ntiming-allow-origin: *\r\neagleid: 2ff6039d17671894192067679e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":304,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (304), with no line terminators","md5":"2ae415d9fbc680f6d7951966e58651b8","sha1":"e56089489b1da3cc96065d72b1d7fd76cf01434b","sha256":"48b805797feb9a423111cbfc491ee6f5fef19d21439e50b8de473b127b01f4c6","sha512":"293f77ec709ef3d5c0e8748d5785befd430fd74870c0817e040fed21b40630549c2691fb4544b6ea5442255e6f3b176a7e426238c90ea08c0b725475d7d9693b","ssdeep":"","tlshash":"b7e0c2eee19e309eef1b15e42aa72fd0695812a1bbb34cd47f4028c7916047d860a25e","first_seen":"2025-12-31T13:57:32.122332Z","last_seen":"2025-12-31T13:57:32.122332Z","times_seen":1,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v1-ab.cdn-static.cn/editor/js/head.js?2021519103916","fqdn":"v1-ab.cdn-static.cn","domain":"cdn-static.cn","tld":"cn"},"ip":{"addr":"47.246.3.26","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:59.227Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"v1-ab.cdn-static.cn","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Tue, 05 Aug 2025 00:00:00 GMT","end":"Tue, 04 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5A:00:AF:70:1E:4A:09:C0:3A:CD:C1:63:1C:8F:6B:6D:6A:6A:ED:B9","sha256":"BC:52:61:8A:3A:69:C8:75:C3:D4:91:EC:31:EA:9B:65:AD:ED:63:2C:8F:F1:8D:33:8E:1D:1B:BE:73:52:A0:8B"}}},"request":{"raw":"GET /editor/js/head.js?2021519103916 HTTP/1.1\r\nHost: v1-ab.cdn-static.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.0769chumei.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\nserver: Tengine\r\ndate: Wed, 31 Dec 2025 13:56:59 GMT\r\ncontent-type: text/html; charset=utf-8\r\nx-tengine-error: denied by Referer ACL\r\ncache_control: no-cache, no-store\r\npragma: no-cache\r\nvia: cache9.ru4[,403003]\r\ntiming-allow-origin: *\r\neagleid: 2ff6039d17671894192587721e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":304,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (304), with no line terminators","md5":"820b34f7e18ab87ee0cc168a85dcb029","sha1":"9eee6fb2f1edd0bbcd6821d39ef7017b6dbe431f","sha256":"7706ded49c3dc5506c0ec60f3fc0ca091b209ac4d42f1c0fd6ffed903a16c8f4","sha512":"7e030d9c67fd60590439289044b7135a9eefb4ee9113b6550d94d5f111505ffa96d48bf15f46afff92560e22e274f3b74e0ed8af5166bf4566ea649fff37bdc3","ssdeep":"","tlshash":"77e0c2eee19e309eaf0715e429a72fd0695412a5b7b20cd47e4038d7d12087d860a25e","first_seen":"2025-12-31T13:57:32.123017Z","last_seen":"2025-12-31T13:57:32.123017Z","times_seen":1,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/static/font/latin.fab57614.woff2","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.ybwworld.com/go/kaiyun1/ky.html","date":"2025-12-31T13:57:01.982Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ybwworld.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Dec 2025 06:25:47 GMT","end":"Tue, 24 Mar 2026 06:25:46 GMT"},"fingerprint":{"sha1":"04:D9:C2:02:7A:69:F1:B6:1E:89:56:0E:EA:95:86:11:C2:C9:D8:28","sha256":"95:F3:D2:B0:A9:07:02:AD:AF:6A:AE:CA:33:63:7F:6D:BD:62:B7:37:5B:E9:DA:C5:03:B3:1F:5A:5B:D7:3E:4C"}}},"request":{"raw":"GET /go/kaiyun1/static/font/latin.fab57614.woff2 HTTP/1.1\r\nHost: www.ybwworld.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ybwworld.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 13:56:23 GMT\r\nContent-Type: text/html\r\nContent-Length: 520\r\nConnection: keep-alive\r\nETag: \"619e0cae-208\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":520,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"3704f92207749f1f9b308fc856e7b7eb","sha1":"b12e7554f139b239e0cb11f2138fa328e414a761","sha256":"7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e","sha512":"c0812fb9a6cc887ce08a773103b08a719a65700c052ff79e35f3471321abc091aa18f73fe6af4600e8409732cc7524ef1760e0a3a242475d41f90fa4182a0297","ssdeep":"","tlshash":"abf00ea3b1130c0e13a8627033b1b0b4dc867dcb67030e51846a303facc16a9c7a33d8","first_seen":"2023-04-08T15:59:38Z","last_seen":"2026-04-03T14:05:12.093071Z","times_seen":6215,"resource_available":true,"data":null}},"time_used":330,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":330,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/static/font/iconfont.e7187704.woff2","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.ybwworld.com/go/kaiyun1/ky.html","date":"2025-12-31T13:57:02.398Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ybwworld.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Dec 2025 06:25:47 GMT","end":"Tue, 24 Mar 2026 06:25:46 GMT"},"fingerprint":{"sha1":"04:D9:C2:02:7A:69:F1:B6:1E:89:56:0E:EA:95:86:11:C2:C9:D8:28","sha256":"95:F3:D2:B0:A9:07:02:AD:AF:6A:AE:CA:33:63:7F:6D:BD:62:B7:37:5B:E9:DA:C5:03:B3:1F:5A:5B:D7:3E:4C"}}},"request":{"raw":"GET /go/kaiyun1/static/font/iconfont.e7187704.woff2 HTTP/1.1\r\nHost: www.ybwworld.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ybwworld.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 13:56:23 GMT\r\nContent-Type: text/html\r\nContent-Length: 520\r\nConnection: keep-alive\r\nETag: \"619e0cae-208\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":520,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"3704f92207749f1f9b308fc856e7b7eb","sha1":"b12e7554f139b239e0cb11f2138fa328e414a761","sha256":"7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e","sha512":"c0812fb9a6cc887ce08a773103b08a719a65700c052ff79e35f3471321abc091aa18f73fe6af4600e8409732cc7524ef1760e0a3a242475d41f90fa4182a0297","ssdeep":"","tlshash":"abf00ea3b1130c0e13a8627033b1b0b4dc867dcb67030e51846a303facc16a9c7a33d8","first_seen":"2023-04-08T15:59:38Z","last_seen":"2026-04-03T14:05:12.093071Z","times_seen":6215,"resource_available":true,"data":null}},"time_used":315,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":315,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/static/font/iconfont.407a95e9.woff2","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.ybwworld.com/go/kaiyun1/ky.html","date":"2025-12-31T13:57:02.983Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ybwworld.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Dec 2025 06:25:47 GMT","end":"Tue, 24 Mar 2026 06:25:46 GMT"},"fingerprint":{"sha1":"04:D9:C2:02:7A:69:F1:B6:1E:89:56:0E:EA:95:86:11:C2:C9:D8:28","sha256":"95:F3:D2:B0:A9:07:02:AD:AF:6A:AE:CA:33:63:7F:6D:BD:62:B7:37:5B:E9:DA:C5:03:B3:1F:5A:5B:D7:3E:4C"}}},"request":{"raw":"GET /go/kaiyun1/static/font/iconfont.407a95e9.woff2 HTTP/1.1\r\nHost: www.ybwworld.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ybwworld.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 13:56:24 GMT\r\nContent-Type: text/html\r\nContent-Length: 520\r\nConnection: keep-alive\r\nETag: \"619e0cae-208\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":520,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"3704f92207749f1f9b308fc856e7b7eb","sha1":"b12e7554f139b239e0cb11f2138fa328e414a761","sha256":"7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e","sha512":"c0812fb9a6cc887ce08a773103b08a719a65700c052ff79e35f3471321abc091aa18f73fe6af4600e8409732cc7524ef1760e0a3a242475d41f90fa4182a0297","ssdeep":"","tlshash":"abf00ea3b1130c0e13a8627033b1b0b4dc867dcb67030e51846a303facc16a9c7a33d8","first_seen":"2023-04-08T15:59:38Z","last_seen":"2026-04-03T14:05:12.093071Z","times_seen":6215,"resource_available":true,"data":null}},"time_used":291,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":291,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"v1-ab.cdn-static.cn/editor/js/head.js?2021519103916","fqdn":"v1-ab.cdn-static.cn","domain":"cdn-static.cn","tld":"cn"},"ip":{"addr":"47.246.3.26","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:54.716Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"v1-ab.cdn-static.cn","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Tue, 05 Aug 2025 00:00:00 GMT","end":"Tue, 04 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5A:00:AF:70:1E:4A:09:C0:3A:CD:C1:63:1C:8F:6B:6D:6A:6A:ED:B9","sha256":"BC:52:61:8A:3A:69:C8:75:C3:D4:91:EC:31:EA:9B:65:AD:ED:63:2C:8F:F1:8D:33:8E:1D:1B:BE:73:52:A0:8B"}}},"request":{"raw":"GET /editor/js/head.js?2021519103916 HTTP/1.1\r\nHost: v1-ab.cdn-static.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.0769chumei.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\nserver: Tengine\r\ndate: Wed, 31 Dec 2025 13:56:55 GMT\r\ncontent-type: text/html; charset=utf-8\r\nx-tengine-error: denied by Referer ACL\r\ncache_control: no-cache, no-store\r\npragma: no-cache\r\nvia: cache9.ru4[,403003]\r\ntiming-allow-origin: *\r\neagleid: 2ff6039d17671894154295317e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":304,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (304), with no line terminators","md5":"5093d8c60c26d76ba9f1965e1702d34b","sha1":"b0f3436282777874cc45902f6198f1e30bca903a","sha256":"b9b36c4f170f16b5194b480b2c23735b64e5245b07ad4ccf3ede309e2cb4c791","sha512":"da0ea7bcb2e04a112d27c25005dd055b6a0e92b3e724a420c304dec966eda58f71ec8b226dfd6f9960d7031a555316c8b7e6bbfcd47e33fe8f99b807397b9eb4","ssdeep":"","tlshash":"0ee0c2fef1de309eae1315e429a72fd0795412a1b7b60cd47e4029c7812157d8a0a25e","first_seen":"2025-12-31T13:57:32.123775Z","last_seen":"2025-12-31T13:57:32.123775Z","times_seen":1,"resource_available":false,"data":null}},"time_used":724,"timings":{"blocked":-1,"dns":468,"connect":42,"send":0,"wait":31,"receive":0,"ssl":166},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v1.cdn-static.cn/2018/12/6/11825_jpc93597.png","fqdn":"v1.cdn-static.cn","domain":"cdn-static.cn","tld":"cn"},"ip":{"addr":"154.41.93.241","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:59.019Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"v1.cdn-static.cn","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Tue, 27 Jan 2026 23:59:59 GMT"},"fingerprint":{"sha1":"89:D7:C2:3C:2B:90:EA:43:A1:6C:A5:E3:B8:C3:D5:6F:3F:09:25:E3","sha256":"81:15:EA:DB:53:37:5F:D8:F3:B4:2E:28:E4:53:58:E8:C5:4B:6C:D8:E7:A2:5D:D6:7D:00:ED:16:69:50:1C:77"}}},"request":{"raw":"GET /2018/12/6/11825_jpc93597.png HTTP/1.1\r\nHost: v1.cdn-static.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\nserver: openresty\r\ndate: Wed, 31 Dec 2025 13:56:59 GMT\r\ncontent-type: text/html\r\ncontent-length: 150\r\nx-error-detail: BTR\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":256,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":256,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/static/font/latin.fab57614.woff2","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.ybwworld.com/go/kaiyun1/ky.html","date":"2025-12-31T13:57:01.324Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ybwworld.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Dec 2025 06:25:47 GMT","end":"Tue, 24 Mar 2026 06:25:46 GMT"},"fingerprint":{"sha1":"04:D9:C2:02:7A:69:F1:B6:1E:89:56:0E:EA:95:86:11:C2:C9:D8:28","sha256":"95:F3:D2:B0:A9:07:02:AD:AF:6A:AE:CA:33:63:7F:6D:BD:62:B7:37:5B:E9:DA:C5:03:B3:1F:5A:5B:D7:3E:4C"}}},"request":{"raw":"GET /go/kaiyun1/static/font/latin.fab57614.woff2 HTTP/1.1\r\nHost: www.ybwworld.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ybwworld.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 13:56:22 GMT\r\nContent-Type: text/html\r\nContent-Length: 520\r\nConnection: keep-alive\r\nETag: \"619e0cae-208\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":520,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"3704f92207749f1f9b308fc856e7b7eb","sha1":"b12e7554f139b239e0cb11f2138fa328e414a761","sha256":"7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e","sha512":"c0812fb9a6cc887ce08a773103b08a719a65700c052ff79e35f3471321abc091aa18f73fe6af4600e8409732cc7524ef1760e0a3a242475d41f90fa4182a0297","ssdeep":"","tlshash":"abf00ea3b1130c0e13a8627033b1b0b4dc867dcb67030e51846a303facc16a9c7a33d8","first_seen":"2023-04-08T15:59:38Z","last_seen":"2026-04-03T14:05:12.093071Z","times_seen":6215,"resource_available":true,"data":null}},"time_used":1068,"timings":{"blocked":446,"dns":0,"connect":0,"send":0,"wait":622,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.0769chumei.com/","fqdn":"www.0769chumei.com","domain":"0769chumei.com","tld":"com"},"ip":{"addr":"154.199.195.22","port":443,"asn":9009,"as":"M247 Europe SRL","country":"Spain","country_code":"ES"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-31T13:56:52.950Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"ECDSA-P521-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"0769chumei.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 24 Nov 2025 10:57:51 GMT","end":"Sun, 22 Feb 2026 10:57:50 GMT"},"fingerprint":{"sha1":"E8:19:4F:68:09:4A:56:49:DD:CB:51:7F:CA:57:C1:BC:C4:A8:1A:B1","sha256":"F9:1D:38:B4:51:46:18:FB:9D:3B:A9:26:71:51:8A:8F:D3:75:DE:37:E4:05:B6:65:62:F7:20:A1:13:E1:EC:78"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.0769chumei.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.14.2\r\ndate: Wed, 31 Dec 2025 13:56:54 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]}],"data":{"size":65725,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (11816), with CRLF, CR, LF line terminators","md5":"dad6847475fe0b6b9378620b80387e11","sha1":"679a29261736bd465dde13b02e4c85124b11ab30","sha256":"a4ffd8cf9b00d1d27b6d36f3e8e5324a51d58549acbfeab94641dd540c484a64","sha512":"9439eca57232a51d0af70557c944fffd1c50b80d53cb04bcd47ac086fefa156c603880c67aed19913d78b10cfb866354448aff09b73996b14cfb68ba2b3b2507","ssdeep":"1536:ZFSB9Y4IIC0MoOCm0MAgIQKD8lDhWsl9w:ZFSBhOCBgIP9","tlshash":"cc5384386183103f132f44c4b076bf1eaad3d28ddb430a5af5fc67a65fd6c99a54128a","first_seen":"2025-10-26T05:23:37.330104Z","last_seen":"2026-03-22T07:14:33.828063Z","times_seen":6,"resource_available":true,"data":null}},"time_used":2195,"timings":{"blocked":706,"dns":68,"connect":209,"send":0,"wait":783,"receive":0,"ssl":426},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.0769chumei.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"v1-ab.cdn-static.cn/editor/js/froala/css/??froala_style.min.css,plugins/image.min.css,plugins/table.min.css,plugins/colors.min.css?202031911342","fqdn":"v1-ab.cdn-static.cn","domain":"cdn-static.cn","tld":"cn"},"ip":{"addr":"47.246.3.26","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:54.706Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"v1-ab.cdn-static.cn","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Tue, 05 Aug 2025 00:00:00 GMT","end":"Tue, 04 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5A:00:AF:70:1E:4A:09:C0:3A:CD:C1:63:1C:8F:6B:6D:6A:6A:ED:B9","sha256":"BC:52:61:8A:3A:69:C8:75:C3:D4:91:EC:31:EA:9B:65:AD:ED:63:2C:8F:F1:8D:33:8E:1D:1B:BE:73:52:A0:8B"}}},"request":{"raw":"GET /editor/js/froala/css/??froala_style.min.css,plugins/image.min.css,plugins/table.min.css,plugins/colors.min.css?202031911342 HTTP/1.1\r\nHost: v1-ab.cdn-static.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\nserver: Tengine\r\ndate: Wed, 31 Dec 2025 13:56:55 GMT\r\ncontent-type: text/html; charset=utf-8\r\nx-tengine-error: denied by Referer ACL\r\ncache_control: no-cache, no-store\r\npragma: no-cache\r\nvia: cache4.ru4[,403003]\r\ntiming-allow-origin: *\r\neagleid: 2ff6039817671894154062087e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":1412,"timings":{"blocked":681,"dns":475,"connect":43,"send":0,"wait":39,"receive":0,"ssl":170},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v1-ab.cdn-static.cn/editor/js/??jquery.serializejson.min.js,layer/layer.js,waypoints/jquery.waypoints.min.js,jquery.scrollLoading-min.js,Validform_v5.3.2_min.js","fqdn":"v1-ab.cdn-static.cn","domain":"cdn-static.cn","tld":"cn"},"ip":{"addr":"47.246.3.26","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:54.714Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"v1-ab.cdn-static.cn","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Tue, 05 Aug 2025 00:00:00 GMT","end":"Tue, 04 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5A:00:AF:70:1E:4A:09:C0:3A:CD:C1:63:1C:8F:6B:6D:6A:6A:ED:B9","sha256":"BC:52:61:8A:3A:69:C8:75:C3:D4:91:EC:31:EA:9B:65:AD:ED:63:2C:8F:F1:8D:33:8E:1D:1B:BE:73:52:A0:8B"}}},"request":{"raw":"GET /editor/js/??jquery.serializejson.min.js,layer/layer.js,waypoints/jquery.waypoints.min.js,jquery.scrollLoading-min.js,Validform_v5.3.2_min.js HTTP/1.1\r\nHost: v1-ab.cdn-static.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.0769chumei.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\nserver: Tengine\r\ndate: Wed, 31 Dec 2025 13:56:55 GMT\r\ncontent-type: text/html; charset=utf-8\r\nx-tengine-error: denied by Referer ACL\r\ncache_control: no-cache, no-store\r\npragma: no-cache\r\nvia: cache9.ru4[,403003]\r\ntiming-allow-origin: *\r\neagleid: 2ff6039d17671894154345321e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":304,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (304), with no line terminators","md5":"1b33e7636654132320eb7f6f40f9a2d7","sha1":"b7337206e511e8ae3e58d322a643dad2720335ca","sha256":"4758e26219c8c40c20f8686b1712b39ccd2caadc70b48c50ae97e6b4fa9acd1f","sha512":"ea4d67ee014298dd97bb8ff5dcc94f18c20a77779c9f323a63bf03c4a605dcfb8ca2e143fb75a7abe104763b5cbab0799bdd009cb0e7f520bfdc434dad74d529","ssdeep":"","tlshash":"ace072eee0ce308eae0311e02aab3fc0680402a6b7b60cc43f0028c3c02087c860a21e","first_seen":"2025-12-31T13:57:32.124536Z","last_seen":"2025-12-31T13:57:32.124536Z","times_seen":1,"resource_available":false,"data":null}},"time_used":729,"timings":{"blocked":-1,"dns":469,"connect":43,"send":0,"wait":28,"receive":0,"ssl":165},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v1-ab.cdn-static.cn/editor/js/common.js?2021519103916","fqdn":"v1-ab.cdn-static.cn","domain":"cdn-static.cn","tld":"cn"},"ip":{"addr":"47.246.3.26","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:59.260Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"v1-ab.cdn-static.cn","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Tue, 05 Aug 2025 00:00:00 GMT","end":"Tue, 04 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5A:00:AF:70:1E:4A:09:C0:3A:CD:C1:63:1C:8F:6B:6D:6A:6A:ED:B9","sha256":"BC:52:61:8A:3A:69:C8:75:C3:D4:91:EC:31:EA:9B:65:AD:ED:63:2C:8F:F1:8D:33:8E:1D:1B:BE:73:52:A0:8B"}}},"request":{"raw":"GET /editor/js/common.js?2021519103916 HTTP/1.1\r\nHost: v1-ab.cdn-static.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.0769chumei.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\nserver: Tengine\r\ndate: Wed, 31 Dec 2025 13:56:59 GMT\r\ncontent-type: text/html; charset=utf-8\r\nx-tengine-error: denied by Referer ACL\r\ncache_control: no-cache, no-store\r\npragma: no-cache\r\nvia: cache9.ru4[,403003]\r\ntiming-allow-origin: *\r\neagleid: 2ff6039d17671894192927744e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":304,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (304), with no line terminators","md5":"a7f4c834684d46e6ed727f61e632ad9a","sha1":"ac144d0e2ebf516ffac576ee4074eefbab4cb91b","sha256":"ab1835f6ec92ab945971123a6a1adb06646b781d140424a410083af46e40c6de","sha512":"6fe04e05a306d2be76cbf6b701394787d4bf5d0d314e128a07c06b637ed14f5bea6bba66df3e6b44743567350268ea7d4d9036ac9d825eb3d9a0227b4d3ca537","ssdeep":"","tlshash":"56e0c2eef19e309eaf0715e429a72fd0695412a2b7b20cd47e4029c7812047d860a25e","first_seen":"2025-12-31T13:57:32.125325Z","last_seen":"2025-12-31T13:57:32.125325Z","times_seen":1,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/static/font/latin.fab57614.woff2","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.ybwworld.com/go/kaiyun1/ky.html","date":"2025-12-31T13:57:01.292Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ybwworld.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Dec 2025 06:25:47 GMT","end":"Tue, 24 Mar 2026 06:25:46 GMT"},"fingerprint":{"sha1":"04:D9:C2:02:7A:69:F1:B6:1E:89:56:0E:EA:95:86:11:C2:C9:D8:28","sha256":"95:F3:D2:B0:A9:07:02:AD:AF:6A:AE:CA:33:63:7F:6D:BD:62:B7:37:5B:E9:DA:C5:03:B3:1F:5A:5B:D7:3E:4C"}}},"request":{"raw":"GET /go/kaiyun1/static/font/latin.fab57614.woff2 HTTP/1.1\r\nHost: www.ybwworld.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ybwworld.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 13:56:22 GMT\r\nContent-Type: text/html\r\nContent-Length: 520\r\nConnection: keep-alive\r\nETag: \"619e0cae-208\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":520,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"3704f92207749f1f9b308fc856e7b7eb","sha1":"b12e7554f139b239e0cb11f2138fa328e414a761","sha256":"7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e","sha512":"c0812fb9a6cc887ce08a773103b08a719a65700c052ff79e35f3471321abc091aa18f73fe6af4600e8409732cc7524ef1760e0a3a242475d41f90fa4182a0297","ssdeep":"","tlshash":"abf00ea3b1130c0e13a8627033b1b0b4dc867dcb67030e51846a303facc16a9c7a33d8","first_seen":"2023-04-08T15:59:38Z","last_seen":"2026-04-03T14:05:12.093071Z","times_seen":6215,"resource_available":true,"data":null}},"time_used":726,"timings":{"blocked":447,"dns":0,"connect":0,"send":0,"wait":279,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/static/font/iconfont.e7187704.woff","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.ybwworld.com/go/kaiyun1/ky.html","date":"2025-12-31T13:57:02.287Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ybwworld.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Dec 2025 06:25:47 GMT","end":"Tue, 24 Mar 2026 06:25:46 GMT"},"fingerprint":{"sha1":"04:D9:C2:02:7A:69:F1:B6:1E:89:56:0E:EA:95:86:11:C2:C9:D8:28","sha256":"95:F3:D2:B0:A9:07:02:AD:AF:6A:AE:CA:33:63:7F:6D:BD:62:B7:37:5B:E9:DA:C5:03:B3:1F:5A:5B:D7:3E:4C"}}},"request":{"raw":"GET /go/kaiyun1/static/font/iconfont.e7187704.woff HTTP/1.1\r\nHost: www.ybwworld.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ybwworld.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 13:56:23 GMT\r\nContent-Type: text/html\r\nContent-Length: 520\r\nConnection: keep-alive\r\nETag: \"619e0cae-208\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":520,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"3704f92207749f1f9b308fc856e7b7eb","sha1":"b12e7554f139b239e0cb11f2138fa328e414a761","sha256":"7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e","sha512":"c0812fb9a6cc887ce08a773103b08a719a65700c052ff79e35f3471321abc091aa18f73fe6af4600e8409732cc7524ef1760e0a3a242475d41f90fa4182a0297","ssdeep":"","tlshash":"abf00ea3b1130c0e13a8627033b1b0b4dc867dcb67030e51846a303facc16a9c7a33d8","first_seen":"2023-04-08T15:59:38Z","last_seen":"2026-04-03T14:05:12.093071Z","times_seen":6215,"resource_available":true,"data":null}},"time_used":347,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":347,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/static/font/iconfont.e7187704.woff","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.ybwworld.com/go/kaiyun1/ky.html","date":"2025-12-31T13:57:03.279Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ybwworld.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Dec 2025 06:25:47 GMT","end":"Tue, 24 Mar 2026 06:25:46 GMT"},"fingerprint":{"sha1":"04:D9:C2:02:7A:69:F1:B6:1E:89:56:0E:EA:95:86:11:C2:C9:D8:28","sha256":"95:F3:D2:B0:A9:07:02:AD:AF:6A:AE:CA:33:63:7F:6D:BD:62:B7:37:5B:E9:DA:C5:03:B3:1F:5A:5B:D7:3E:4C"}}},"request":{"raw":"GET /go/kaiyun1/static/font/iconfont.e7187704.woff HTTP/1.1\r\nHost: www.ybwworld.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ybwworld.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 13:56:24 GMT\r\nContent-Type: text/html\r\nContent-Length: 520\r\nConnection: keep-alive\r\nETag: \"619e0cae-208\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":520,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"3704f92207749f1f9b308fc856e7b7eb","sha1":"b12e7554f139b239e0cb11f2138fa328e414a761","sha256":"7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e","sha512":"c0812fb9a6cc887ce08a773103b08a719a65700c052ff79e35f3471321abc091aa18f73fe6af4600e8409732cc7524ef1760e0a3a242475d41f90fa4182a0297","ssdeep":"","tlshash":"abf00ea3b1130c0e13a8627033b1b0b4dc867dcb67030e51846a303facc16a9c7a33d8","first_seen":"2023-04-08T15:59:38Z","last_seen":"2026-04-03T14:05:12.093071Z","times_seen":6215,"resource_available":true,"data":null}},"time_used":351,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":351,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/static/font/iconfont.e7187704.ttf","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.ybwworld.com/go/kaiyun1/ky.html","date":"2025-12-31T13:57:03.642Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ybwworld.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Dec 2025 06:25:47 GMT","end":"Tue, 24 Mar 2026 06:25:46 GMT"},"fingerprint":{"sha1":"04:D9:C2:02:7A:69:F1:B6:1E:89:56:0E:EA:95:86:11:C2:C9:D8:28","sha256":"95:F3:D2:B0:A9:07:02:AD:AF:6A:AE:CA:33:63:7F:6D:BD:62:B7:37:5B:E9:DA:C5:03:B3:1F:5A:5B:D7:3E:4C"}}},"request":{"raw":"GET /go/kaiyun1/static/font/iconfont.e7187704.ttf HTTP/1.1\r\nHost: www.ybwworld.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ybwworld.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 13:56:24 GMT\r\nContent-Type: text/html\r\nContent-Length: 520\r\nConnection: keep-alive\r\nETag: \"619e0cae-208\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":520,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"3704f92207749f1f9b308fc856e7b7eb","sha1":"b12e7554f139b239e0cb11f2138fa328e414a761","sha256":"7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e","sha512":"c0812fb9a6cc887ce08a773103b08a719a65700c052ff79e35f3471321abc091aa18f73fe6af4600e8409732cc7524ef1760e0a3a242475d41f90fa4182a0297","ssdeep":"","tlshash":"abf00ea3b1130c0e13a8627033b1b0b4dc867dcb67030e51846a303facc16a9c7a33d8","first_seen":"2023-04-08T15:59:38Z","last_seen":"2026-04-03T14:05:12.093071Z","times_seen":6215,"resource_available":true,"data":null}},"time_used":279,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":279,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/ky.html","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:58.881Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ybwworld.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Dec 2025 06:25:47 GMT","end":"Tue, 24 Mar 2026 06:25:46 GMT"},"fingerprint":{"sha1":"04:D9:C2:02:7A:69:F1:B6:1E:89:56:0E:EA:95:86:11:C2:C9:D8:28","sha256":"95:F3:D2:B0:A9:07:02:AD:AF:6A:AE:CA:33:63:7F:6D:BD:62:B7:37:5B:E9:DA:C5:03:B3:1F:5A:5B:D7:3E:4C"}}},"request":{"raw":"GET /go/kaiyun1/ky.html HTTP/1.1\r\nHost: www.ybwworld.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 13:56:19 GMT\r\nContent-Type: text/html\r\nLast-Modified: Sun, 07 Dec 2025 15:42:39 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"6935a06f-4b09\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":19209,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1181)","md5":"5b07fd1d01530f1c2a08645b571a2b1c","sha1":"cdbff495660e66853f84faaa9c62070b9cdef980","sha256":"cb9c66b136932d9367670a3db5ce8ed58a92a0de3b5fafb5f9bcd28912d24fc6","sha512":"ca8fa0207d704e530543dfdc7fa767a57b13c3d94ecafbf4302834ab99359c3206515e464628386c911e963058fec5394f90296ba7052a4f8f5ead76d8efda6a","ssdeep":"384:i5eLAa76E6dODCJkiN7CWbqojKAxuxMx0xSxh:IA76E6dODCJkiN2WbqojKMCYgWh","tlshash":"59823ea644f344671273a0a66b6667873fa4ea13c90b8b45bbec1be44fc3d52cd0314e","first_seen":"2025-12-07T15:54:16.68434Z","last_seen":"2026-03-01T22:20:26.846113Z","times_seen":275,"resource_available":false,"data":null}},"time_used":558,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":557,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/static/picture/rbsmgwmigzeaqeisaabdvano3pe24.webp","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.ybwworld.com/go/kaiyun1/ky.html","date":"2025-12-31T13:56:59.571Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ybwworld.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Dec 2025 06:25:47 GMT","end":"Tue, 24 Mar 2026 06:25:46 GMT"},"fingerprint":{"sha1":"04:D9:C2:02:7A:69:F1:B6:1E:89:56:0E:EA:95:86:11:C2:C9:D8:28","sha256":"95:F3:D2:B0:A9:07:02:AD:AF:6A:AE:CA:33:63:7F:6D:BD:62:B7:37:5B:E9:DA:C5:03:B3:1F:5A:5B:D7:3E:4C"}}},"request":{"raw":"GET /go/kaiyun1/static/picture/rbsmgwmigzeaqeisaabdvano3pe24.webp HTTP/1.1\r\nHost: www.ybwworld.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ybwworld.com/go/kaiyun1/ky.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 13:56:22 GMT\r\nContent-Type: image/webp\r\nContent-Length: 44556\r\nLast-Modified: Mon, 25 Dec 2023 15:21:02 GMT\r\nConnection: keep-alive\r\nETag: \"65899dde-ae0c\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":44556,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 206 x 173, 8-bit/color RGBA, non-interlaced","md5":"6194ced01b173481e68b89111c85d6b1","sha1":"35a559992114129a74eac4d5c165bcd9a6a2e3f1","sha256":"bf9c1ba4745317154616c229e8abf30963b05a905c43e0e38b3d795c714b6074","sha512":"ae946a383c19f2072ead7621a8a058498c8bc04272397c3d5939e2e0b988cb833b04cf3eb5c023884664e163fb0f5ca2a62d24bd998db47a70af4d1d8ca6609b","ssdeep":"768:wbU7XS2F2IS772TDQnsnw4zcI2jWEVXUy2+Ly70uHLvUZtT5miRxH0a5FxsF3:wci2F2IS772TDQsnw4zJ4NFUK5uzUZts","tlshash":"7b1302204fad1c6c223f233446852697a06cbe5c39139df50ac9b4de1e9ac3b81559bf","first_seen":"2023-05-18T07:54:04Z","last_seen":"2026-04-03T19:29:49.839817Z","times_seen":2253,"resource_available":false,"data":null}},"time_used":2169,"timings":{"blocked":1560,"dns":0,"connect":0,"send":0,"wait":313,"receive":296,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/static/picture/sj.png","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.ybwworld.com/go/kaiyun1/ky.html","date":"2025-12-31T13:56:59.574Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ybwworld.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Dec 2025 06:25:47 GMT","end":"Tue, 24 Mar 2026 06:25:46 GMT"},"fingerprint":{"sha1":"04:D9:C2:02:7A:69:F1:B6:1E:89:56:0E:EA:95:86:11:C2:C9:D8:28","sha256":"95:F3:D2:B0:A9:07:02:AD:AF:6A:AE:CA:33:63:7F:6D:BD:62:B7:37:5B:E9:DA:C5:03:B3:1F:5A:5B:D7:3E:4C"}}},"request":{"raw":"GET /go/kaiyun1/static/picture/sj.png HTTP/1.1\r\nHost: www.ybwworld.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ybwworld.com/go/kaiyun1/ky.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 13:56:22 GMT\r\nContent-Type: image/png\r\nContent-Length: 18810\r\nLast-Modified: Wed, 18 Sep 2024 07:08:50 GMT\r\nConnection: keep-alive\r\nETag: \"66ea7c82-497a\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18810,"size_decoded":0,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image","md5":"cdb0153d8cc3dbec5e43d569a03ab2c4","sha1":"0a7c9c3952a48a331a76089f57db3e1b618b0821","sha256":"11d707bf46d3e44e7057580208377df9b8839b00403b94495d3a9f85db23842c","sha512":"159222b548ccfbacd31fd37e9b52bdde0ff662f6b2f21b06c51a0e97022d7d8200b15ca365fb96b9063c76853ec883ebd3caf571816016639e0f953e7541238a","ssdeep":"384:a/5XGHoNGqbcToc+gL5KqF94ombm0PgVT5nlDGXIgVC28hJSb/:oXGHqPQTj+gF7oPgVTYIgU28ha/","tlshash":"9882e11861446beec0430d68fce676fbcaa059cf3a60d5251eb637237b72260abf9055","first_seen":"2023-09-17T16:12:24Z","last_seen":"2026-04-03T16:25:58.790089Z","times_seen":2483,"resource_available":false,"data":null}},"time_used":3681,"timings":{"blocked":1557,"dns":1,"connect":265,"send":0,"wait":294,"receive":256,"ssl":573},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/static/font/iconfont.e7187704.woff2","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.ybwworld.com/go/kaiyun1/ky.html","date":"2025-12-31T13:57:02.024Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ybwworld.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Dec 2025 06:25:47 GMT","end":"Tue, 24 Mar 2026 06:25:46 GMT"},"fingerprint":{"sha1":"04:D9:C2:02:7A:69:F1:B6:1E:89:56:0E:EA:95:86:11:C2:C9:D8:28","sha256":"95:F3:D2:B0:A9:07:02:AD:AF:6A:AE:CA:33:63:7F:6D:BD:62:B7:37:5B:E9:DA:C5:03:B3:1F:5A:5B:D7:3E:4C"}}},"request":{"raw":"GET /go/kaiyun1/static/font/iconfont.e7187704.woff2 HTTP/1.1\r\nHost: www.ybwworld.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ybwworld.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 13:56:23 GMT\r\nContent-Type: text/html\r\nContent-Length: 520\r\nConnection: keep-alive\r\nETag: \"619e0cae-208\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":520,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"3704f92207749f1f9b308fc856e7b7eb","sha1":"b12e7554f139b239e0cb11f2138fa328e414a761","sha256":"7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e","sha512":"c0812fb9a6cc887ce08a773103b08a719a65700c052ff79e35f3471321abc091aa18f73fe6af4600e8409732cc7524ef1760e0a3a242475d41f90fa4182a0297","ssdeep":"","tlshash":"abf00ea3b1130c0e13a8627033b1b0b4dc867dcb67030e51846a303facc16a9c7a33d8","first_seen":"2023-04-08T15:59:38Z","last_seen":"2026-04-03T14:05:12.093071Z","times_seen":6215,"resource_available":true,"data":null}},"time_used":340,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":340,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/js/kaiyun1.js","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:55.841Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ybwworld.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Dec 2025 06:25:47 GMT","end":"Tue, 24 Mar 2026 06:25:46 GMT"},"fingerprint":{"sha1":"04:D9:C2:02:7A:69:F1:B6:1E:89:56:0E:EA:95:86:11:C2:C9:D8:28","sha256":"95:F3:D2:B0:A9:07:02:AD:AF:6A:AE:CA:33:63:7F:6D:BD:62:B7:37:5B:E9:DA:C5:03:B3:1F:5A:5B:D7:3E:4C"}}},"request":{"raw":"GET /js/kaiyun1.js HTTP/1.1\r\nHost: www.ybwworld.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 13:56:19 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 28 Oct 2024 10:26:36 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"671f66dc-6f1\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1777,"size_decoded":0,"mime_type":"application/javascript","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"582daee2399842295b7a7a73da65129e","sha1":"892721a38d8d525b313f2bf09c8385747d9c9d50","sha256":"048c24a562cd0b2db4970a1144f88768d0f01b85f0c9cd2caa1117c36c3e6977","sha512":"4ca3adf8da7745315035a8f4c6715cfc7ff303102d302a5dd36148883962a7ba687283256ae411023ead77146c482124601167f6d47a35a03e249b4bd9628b0d","ssdeep":"","tlshash":"5a3132d4abc27d2e033153346c36d65496ba8832ed0b9d40745ffd90dfa45a80eaacac","first_seen":"2024-12-12T23:40:58.526029Z","last_seen":"2026-04-03T10:37:01.666458Z","times_seen":868,"resource_available":true,"data":null}},"time_used":5756,"timings":{"blocked":2741,"dns":8,"connect":305,"send":0,"wait":273,"receive":0,"ssl":2425},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"v1-ab.cdn-static.cn/editor/js/froala/css/??froala_style.min.css,plugins/image.min.css,plugins/table.min.css,plugins/colors.min.css?202031911342","fqdn":"v1-ab.cdn-static.cn","domain":"cdn-static.cn","tld":"cn"},"ip":{"addr":"47.246.3.26","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:58.902Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"v1-ab.cdn-static.cn","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Tue, 05 Aug 2025 00:00:00 GMT","end":"Tue, 04 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5A:00:AF:70:1E:4A:09:C0:3A:CD:C1:63:1C:8F:6B:6D:6A:6A:ED:B9","sha256":"BC:52:61:8A:3A:69:C8:75:C3:D4:91:EC:31:EA:9B:65:AD:ED:63:2C:8F:F1:8D:33:8E:1D:1B:BE:73:52:A0:8B"}}},"request":{"raw":"GET /editor/js/froala/css/??froala_style.min.css,plugins/image.min.css,plugins/table.min.css,plugins/colors.min.css?202031911342 HTTP/1.1\r\nHost: v1-ab.cdn-static.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\nserver: Tengine\r\ndate: Wed, 31 Dec 2025 13:56:58 GMT\r\ncontent-type: text/html; charset=utf-8\r\nx-tengine-error: denied by Referer ACL\r\ncache_control: no-cache, no-store\r\npragma: no-cache\r\nvia: cache4.ru4[,403003]\r\ntiming-allow-origin: *\r\neagleid: 2ff6039817671894189194143e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v1.cdn-static.cn/2018/10/25/11825_jnocsolg.png?imageMogr2/thumbnail/2000x2000/q/100","fqdn":"v1.cdn-static.cn","domain":"cdn-static.cn","tld":"cn"},"ip":{"addr":"154.41.93.241","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:59.097Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"v1.cdn-static.cn","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Tue, 27 Jan 2026 23:59:59 GMT"},"fingerprint":{"sha1":"89:D7:C2:3C:2B:90:EA:43:A1:6C:A5:E3:B8:C3:D5:6F:3F:09:25:E3","sha256":"81:15:EA:DB:53:37:5F:D8:F3:B4:2E:28:E4:53:58:E8:C5:4B:6C:D8:E7:A2:5D:D6:7D:00:ED:16:69:50:1C:77"}}},"request":{"raw":"GET /2018/10/25/11825_jnocsolg.png?imageMogr2/thumbnail/2000x2000/q/100 HTTP/1.1\r\nHost: v1.cdn-static.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\nserver: openresty\r\ndate: Wed, 31 Dec 2025 13:56:59 GMT\r\ncontent-type: text/html\r\ncontent-length: 150\r\nx-error-detail: BTR\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":251,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":251,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/static/image/ag-66-4.png","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.ybwworld.com/go/kaiyun1/ky.html","date":"2025-12-31T13:57:01.255Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ybwworld.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Dec 2025 06:25:47 GMT","end":"Tue, 24 Mar 2026 06:25:46 GMT"},"fingerprint":{"sha1":"04:D9:C2:02:7A:69:F1:B6:1E:89:56:0E:EA:95:86:11:C2:C9:D8:28","sha256":"95:F3:D2:B0:A9:07:02:AD:AF:6A:AE:CA:33:63:7F:6D:BD:62:B7:37:5B:E9:DA:C5:03:B3:1F:5A:5B:D7:3E:4C"}}},"request":{"raw":"GET /go/kaiyun1/static/image/ag-66-4.png HTTP/1.1\r\nHost: www.ybwworld.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ybwworld.com/go/kaiyun1/static/css/main.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 13:56:23 GMT\r\nContent-Type: image/png\r\nContent-Length: 189185\r\nLast-Modified: Wed, 18 Sep 2024 07:03:31 GMT\r\nConnection: keep-alive\r\nETag: \"66ea7b43-2e301\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":189185,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 750 x 694, 8-bit colormap, non-interlaced","md5":"93c0060e234caf0bf804261f3cfd574c","sha1":"284959e512593ed4a2d9163b5bb604df7ca860d0","sha256":"3b3517b2a149662c9083c8307dc28e5c514a2f5e726e5ce9ce14ea931fcb304c","sha512":"0e6221c046dbc56c41dbaf7766d58605662ae7abdbf4666491433e9fc5b268f5fda3b8436034f6ba9a899e6316ebb22ab85f1a5fefd6cd301e4bd81d764b15f5","ssdeep":"3072:9djIZfl0x1w6OMDXDpTp8U0IRfFMpfxHI5c7AEtqSCOQhjArSO/G0+W//R5zx:9dUFdMTDpTp84JIpHI5c7z4+QSrzG0+u","tlshash":"8b0423f1f20c558fd9f45270bdecd62734305aa30b7a16b1c4a677c21eba21f4198d9a","first_seen":"2024-09-19T08:05:07Z","last_seen":"2026-04-03T16:25:58.799535Z","times_seen":2056,"resource_available":false,"data":null}},"time_used":4033,"timings":{"blocked":1137,"dns":0,"connect":0,"send":0,"wait":335,"receive":2561,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hiwifiapp.com/","fqdn":"hiwifiapp.com","domain":"hiwifiapp.com","tld":"com"},"ip":{"addr":"154.199.192.34","port":443,"asn":9009,"as":"M247 Europe SRL","country":"Spain","country_code":"ES"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-31T13:56:52.125Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"ECDSA-P521-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"0769chumei.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 24 Nov 2025 10:57:51 GMT","end":"Sun, 22 Feb 2026 10:57:50 GMT"},"fingerprint":{"sha1":"E8:19:4F:68:09:4A:56:49:DD:CB:51:7F:CA:57:C1:BC:C4:A8:1A:B1","sha256":"F9:1D:38:B4:51:46:18:FB:9D:3B:A9:26:71:51:8A:8F:D3:75:DE:37:E4:05:B6:65:62:F7:20:A1:13:E1:EC:78"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: hiwifiapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\nserver: nginx/1.14.2\r\ndate: Wed, 31 Dec 2025 13:56:52 GMT\r\ncontent-type: text/html\r\ncontent-length: 185\r\nlocation: http://www.0769chumei.com/\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":65725,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":1432,"timings":{"blocked":615,"dns":1,"connect":201,"send":0,"wait":201,"receive":0,"ssl":410},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"hiwifiapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"hiwifiapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"v1-ab.cdn-static.cn/templates/default_test/style.css?202031911342","fqdn":"v1-ab.cdn-static.cn","domain":"cdn-static.cn","tld":"cn"},"ip":{"addr":"47.246.3.26","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:54.709Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"v1-ab.cdn-static.cn","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Tue, 05 Aug 2025 00:00:00 GMT","end":"Tue, 04 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5A:00:AF:70:1E:4A:09:C0:3A:CD:C1:63:1C:8F:6B:6D:6A:6A:ED:B9","sha256":"BC:52:61:8A:3A:69:C8:75:C3:D4:91:EC:31:EA:9B:65:AD:ED:63:2C:8F:F1:8D:33:8E:1D:1B:BE:73:52:A0:8B"}}},"request":{"raw":"GET /templates/default_test/style.css?202031911342 HTTP/1.1\r\nHost: v1-ab.cdn-static.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\nserver: Tengine\r\ndate: Wed, 31 Dec 2025 13:56:55 GMT\r\ncontent-type: text/html; charset=utf-8\r\nx-tengine-error: denied by Referer ACL\r\ncache_control: no-cache, no-store\r\npragma: no-cache\r\nvia: cache4.ru4[,403003]\r\ntiming-allow-origin: *\r\neagleid: 2ff6039817671894156112180e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":1817,"timings":{"blocked":885,"dns":474,"connect":27,"send":0,"wait":34,"receive":0,"ssl":385},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.bootcss.com/animate.css/3.7.0/animate.min.css","fqdn":"cdn.bootcss.com","domain":"bootcss.com","tld":"com"},"ip":{"addr":"134.122.175.14","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:54.713Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bootcss.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 21:15:09 GMT","end":"Fri, 20 Feb 2026 21:15:08 GMT"},"fingerprint":{"sha1":"35:41:C2:28:D1:53:68:77:66:6D:AD:45:61:7F:3B:C0:76:A5:51:D1","sha256":"5A:F9:BC:A9:5D:A7:59:42:BE:77:22:B3:08:A5:D5:19:EB:0F:3F:8D:42:CE:D1:68:B1:EC:CE:D1:C6:8E:AD:4E"}}},"request":{"raw":"GET /animate.css/3.7.0/animate.min.css HTTP/1.1\r\nHost: cdn.bootcss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, Token\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 1800\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Wed, 24 Sep 2025 14:50:58 GMT\r\netag: W/\"66df489e-e283\"\r\nexpires: Thu, 24 Sep 2026 14:50:58 GMT\r\nlast-modified: Wed, 24 Sep 2025 14:50:58 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, server, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":57987,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (57790)","md5":"c78e4003414fbf2814dc097a5e1c784a","sha1":"de9d5645ef10c5362ec1f893bb83995594eadf99","sha256":"1ed082521f47921ffff14d4ec1c6c3f1ea55114741bee23cc23d4ab6a3213642","sha512":"6132f6a858afdb064d9c2efae25d430f9ccdea56310f327cf52b3ace3e98a18233afafb3c2375528cd6c511fbdef55f787ba9609af5c3d4057c98aa13aa5962d","ssdeep":"1536:nkZTl+wI1OAvkqDb3ay25FrCes0+Tw6j3rwzlr2o:nkZUwI1OAvkqDb3ay25FrCes0+T4","tlshash":"e24317af4892229951230f67c7cd5ea8872dc66714721dde33862c4b8b46f9e33cb617","first_seen":"2023-04-06T18:48:14Z","last_seen":"2026-04-03T18:49:54.442474Z","times_seen":4391,"resource_available":false,"data":null}},"time_used":1072,"timings":{"blocked":-1,"dns":47,"connect":336,"send":0,"wait":336,"receive":0,"ssl":352},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"cdn.bootcss.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"cdn.bootcss.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"cdn.bootcss.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"cdn.bootcss.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.0769chumei.com/zhuzi-statistic.js?path=http%3a%2f%2fwww.0769chumei.com%2f\u0026siteid=49418\u0026referer=","fqdn":"www.0769chumei.com","domain":"0769chumei.com","tld":"com"},"ip":{"addr":"154.199.195.22","port":443,"asn":9009,"as":"M247 Europe SRL","country":"Spain","country_code":"ES"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:54.720Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"ECDSA-P521-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"0769chumei.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 24 Nov 2025 10:57:51 GMT","end":"Sun, 22 Feb 2026 10:57:50 GMT"},"fingerprint":{"sha1":"E8:19:4F:68:09:4A:56:49:DD:CB:51:7F:CA:57:C1:BC:C4:A8:1A:B1","sha256":"F9:1D:38:B4:51:46:18:FB:9D:3B:A9:26:71:51:8A:8F:D3:75:DE:37:E4:05:B6:65:62:F7:20:A1:13:E1:EC:78"}}},"request":{"raw":"GET /zhuzi-statistic.js?path=http%3a%2f%2fwww.0769chumei.com%2f\u0026siteid=49418\u0026referer= HTTP/1.1\r\nHost: www.0769chumei.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.14.2\r\ndate: Wed, 31 Dec 2025 13:56:55 GMT\r\ncontent-type: text/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":26,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text, with no line terminators","md5":"9874da568d1356640dd435f3c20d53c5","sha1":"9908cddafceec5e1fb2af58186fd4ec8fa92cf1e","sha256":"af3fadf4529f907e6f4584f77ca2e09e57aa570854c58498c831522bb196f7b5","sha512":"4fb76109491e2819d3241b95b19d94737f7e7dd2310228ee440ebfb779ba0bc07063b57082d43ed2b927dcc7b48f84847300d2b488d37578457efda5b4a826f7","ssdeep":"","tlshash":"068000ac80ba0c20030c8803c20c800aaa0030300002e2822008cbc0a30c0208088e03","first_seen":"2025-07-17T04:24:24.476575Z","last_seen":"2026-03-22T07:14:33.827168Z","times_seen":18,"resource_available":true,"data":null}},"time_used":622,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":622,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.0769chumei.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"collect-v6.51.la/v6/collect?dt=4","fqdn":"collect-v6.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"43.174.227.204","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:59.340Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.51.la","organization":"广州有啦网络科技有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 18 Mar 2025 04:08:22 GMT","end":"Sun, 19 Apr 2026 04:08:21 GMT"},"fingerprint":{"sha1":"AE:CB:32:71:EE:EE:E6:72:A4:88:B2:9F:4F:C4:E5:B5:A8:C2:73:6C","sha256":"7C:F1:09:2F:6A:8C:5B:F8:63:DF:D3:32:B0:F3:F8:E7:01:29:0E:F2:55:8B:4F:6C:58:55:8E:44:E9:EC:15:F4"}}},"request":{"raw":"POST /v6/collect?dt=4 HTTP/1.1\r\nHost: collect-v6.51.la\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Length: 373\r\nOrigin: https://www.0769chumei.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 210 No Reason Phrase\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://www.0769chumei.com\r\naccess-control-allow-credentials: true\r\nserver: TencentEdgeOne\r\ncontent-length: 0\r\ndate: Wed, 31 Dec 2025 13:56:59 GMT\r\neo-log-uuid: 15496523357808174986\r\neo-cache-status: MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"210","status_text":"No Reason Phrase","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":758,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":757,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"hiwifiapp.com/","fqdn":"hiwifiapp.com","domain":"hiwifiapp.com","tld":"com"},"ip":{"addr":"154.199.192.34","port":80,"asn":9009,"as":"M247 Europe SRL","country":"Spain","country_code":"ES"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-31T13:56:49.663Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: hiwifiapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: nginx/1.14.2\r\nDate: Wed, 31 Dec 2025 13:56:50 GMT\r\nContent-Type: text/html\r\nContent-Length: 185\r\nConnection: keep-alive\r\nLocation: https://hiwifiapp.com/\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":665,"timings":{"blocked":219,"dns":1,"connect":223,"send":0,"wait":222,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"hiwifiapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"hiwifiapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"v1.cdn-static.cn/2018/12/6/11825_jpc93597.png","fqdn":"v1.cdn-static.cn","domain":"cdn-static.cn","tld":"cn"},"ip":{"addr":"154.41.93.241","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:54.712Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"v1.cdn-static.cn","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Tue, 27 Jan 2026 23:59:59 GMT"},"fingerprint":{"sha1":"89:D7:C2:3C:2B:90:EA:43:A1:6C:A5:E3:B8:C3:D5:6F:3F:09:25:E3","sha256":"81:15:EA:DB:53:37:5F:D8:F3:B4:2E:28:E4:53:58:E8:C5:4B:6C:D8:E7:A2:5D:D6:7D:00:ED:16:69:50:1C:77"}}},"request":{"raw":"GET /2018/12/6/11825_jpc93597.png HTTP/1.1\r\nHost: v1.cdn-static.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\nserver: openresty\r\ndate: Wed, 31 Dec 2025 13:56:56 GMT\r\ncontent-type: text/html\r\ncontent-length: 150\r\nx-error-detail: BTR\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":1917,"timings":{"blocked":1081,"dns":0,"connect":278,"send":0,"wait":254,"receive":0,"ssl":301},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v1-ab.cdn-static.cn/editor/js/wow/wow.min.js?2021519103916","fqdn":"v1-ab.cdn-static.cn","domain":"cdn-static.cn","tld":"cn"},"ip":{"addr":"47.246.3.26","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:54.715Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"v1-ab.cdn-static.cn","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Tue, 05 Aug 2025 00:00:00 GMT","end":"Tue, 04 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5A:00:AF:70:1E:4A:09:C0:3A:CD:C1:63:1C:8F:6B:6D:6A:6A:ED:B9","sha256":"BC:52:61:8A:3A:69:C8:75:C3:D4:91:EC:31:EA:9B:65:AD:ED:63:2C:8F:F1:8D:33:8E:1D:1B:BE:73:52:A0:8B"}}},"request":{"raw":"GET /editor/js/wow/wow.min.js?2021519103916 HTTP/1.1\r\nHost: v1-ab.cdn-static.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.0769chumei.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\nserver: Tengine\r\ndate: Wed, 31 Dec 2025 13:56:55 GMT\r\ncontent-type: text/html; charset=utf-8\r\nx-tengine-error: denied by Referer ACL\r\ncache_control: no-cache, no-store\r\npragma: no-cache\r\nvia: cache9.ru4[,403003]\r\ntiming-allow-origin: *\r\neagleid: 2ff6039d17671894154315319e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":304,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (304), with no line terminators","md5":"1a402c25e7fdb13039ee60a0771b0bea","sha1":"bc30def3483ada3be56fc5371583d59da038b25e","sha256":"3de9762f66356f6e72f797ab2daf2c6e7c4a293de8a271fb92267df9f109c88a","sha512":"9b97da96178f34351d150538a8d6d511486a1676f1679f14871e6ea7b0a225562428558139613c22ae8a9aa45295adab1b5db275e61f13c5ec72aa8d1064b644","ssdeep":"","tlshash":"dbe072eee1ce308eae0312e02aa73fc0690402a1b7b20cc43e0028c7802147c860a21e","first_seen":"2025-12-31T13:57:32.130549Z","last_seen":"2025-12-31T13:57:32.130549Z","times_seen":1,"resource_available":false,"data":null}},"time_used":726,"timings":{"blocked":-1,"dns":469,"connect":42,"send":0,"wait":29,"receive":0,"ssl":165},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=762ECAFAD7334D08\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1410542177\u0026si=8e1df91611627c21bf39ae4ad3304f2d\u0026v=1.3.2\u0026lv=1\u0026sn=38142\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fwww.0769chumei.com%2F\u0026tt=%E7%B1%B3%E5%85%B0%E7%BD%91%E9%A1%B5%E7%89%88-%E7%B1%B3%E5%85%B0%EF%BC%88%E4%B8%AD%E5%9B%BD%EF%BC%89","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:56.832Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=762ECAFAD7334D08\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1410542177\u0026si=8e1df91611627c21bf39ae4ad3304f2d\u0026v=1.3.2\u0026lv=1\u0026sn=38142\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fwww.0769chumei.com%2F\u0026tt=%E7%B1%B3%E5%85%B0%E7%BD%91%E9%A1%B5%E7%89%88-%E7%B1%B3%E5%85%B0%EF%BC%88%E4%B8%AD%E5%9B%BD%EF%BC%89 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Wed, 31 Dec 2025 13:56:56 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=96DDAE1BADABE758; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-03T20:31:04.607762Z","times_seen":326388,"resource_available":true,"data":null}},"time_used":261,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":261,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/static/picture/rbsmgwmmnw-ahnf9aabt7ce2zgq87.webp","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.ybwworld.com/go/kaiyun1/ky.html","date":"2025-12-31T13:56:59.573Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ybwworld.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Dec 2025 06:25:47 GMT","end":"Tue, 24 Mar 2026 06:25:46 GMT"},"fingerprint":{"sha1":"04:D9:C2:02:7A:69:F1:B6:1E:89:56:0E:EA:95:86:11:C2:C9:D8:28","sha256":"95:F3:D2:B0:A9:07:02:AD:AF:6A:AE:CA:33:63:7F:6D:BD:62:B7:37:5B:E9:DA:C5:03:B3:1F:5A:5B:D7:3E:4C"}}},"request":{"raw":"GET /go/kaiyun1/static/picture/rbsmgwmmnw-ahnf9aabt7ce2zgq87.webp HTTP/1.1\r\nHost: www.ybwworld.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ybwworld.com/go/kaiyun1/ky.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 13:56:22 GMT\r\nContent-Type: image/webp\r\nContent-Length: 21484\r\nLast-Modified: Mon, 25 Dec 2023 15:21:03 GMT\r\nConnection: keep-alive\r\nETag: \"65899ddf-53ec\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21484,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"ccf323bf4e1c41b61aaa296ea59b8b81","sha1":"83f1f27a2fc6c58c751b5e7fc627015a1991b374","sha256":"c7959283d90c9940056378a35789761735a565490945094cd5b77c6b4bf1cc74","sha512":"e75e1bfd61482f56c07ebaa6591f3bee348cc1badbec88a9cfffe930cc5da68a8ccb80271a324fda8d0563b9ccdd4c966a14e4435caa9b9da3fbe1679a6a6e8d","ssdeep":"384:ioDvU5aozxCzakUC75bUncSMiubtHuyO9+2lm/3t0mn/gK0QqbLDng7v:1o4LaagncSzEtH4+DF0mYZfUv","tlshash":"b1a2e1f798af70b3532a495c93f695ee5b84ab340c8dac43e879986ca3352734831e05","first_seen":"2023-05-18T07:54:03Z","last_seen":"2026-04-03T16:25:58.785301Z","times_seen":2296,"resource_available":false,"data":null}},"time_used":1830,"timings":{"blocked":1559,"dns":0,"connect":0,"send":0,"wait":267,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"v1-ab.cdn-static.cn/editor/js/swiper/js/swipers.js?2021519103916","fqdn":"v1-ab.cdn-static.cn","domain":"cdn-static.cn","tld":"cn"},"ip":{"addr":"47.246.3.26","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:59.325Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"v1-ab.cdn-static.cn","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Tue, 05 Aug 2025 00:00:00 GMT","end":"Tue, 04 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5A:00:AF:70:1E:4A:09:C0:3A:CD:C1:63:1C:8F:6B:6D:6A:6A:ED:B9","sha256":"BC:52:61:8A:3A:69:C8:75:C3:D4:91:EC:31:EA:9B:65:AD:ED:63:2C:8F:F1:8D:33:8E:1D:1B:BE:73:52:A0:8B"}}},"request":{"raw":"GET /editor/js/swiper/js/swipers.js?2021519103916 HTTP/1.1\r\nHost: v1-ab.cdn-static.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.0769chumei.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\nserver: Tengine\r\ndate: Wed, 31 Dec 2025 13:56:59 GMT\r\ncontent-type: text/html; charset=utf-8\r\nx-tengine-error: denied by Referer ACL\r\ncache_control: no-cache, no-store\r\npragma: no-cache\r\nvia: cache9.ru4[,403003]\r\ntiming-allow-origin: *\r\neagleid: 2ff6039d17671894193577798e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":304,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (304), with no line terminators","md5":"e3b6175f71370c07b7f228721493324e","sha1":"f37df913afd0c7ae4056d5de62a2accfd22f81e7","sha256":"76b3221609489276d882b9d595280f448d6486329a6bd9143b2afd606720e116","sha512":"57ccbb95eee4d16541c036ff99eb596c543de37a58216f9c4ddc1a5b4894fa515b489bc11aa5b7985a62e5c88387ca80aa33f51de79956de1636f7de500c9295","ssdeep":"","tlshash":"6de0c2eee19e30deae0315e429ab6fd07d5412a1b7b20cd47e4039c7916047d860a65e","first_seen":"2025-12-31T13:57:32.131889Z","last_seen":"2025-12-31T13:57:32.131889Z","times_seen":1,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hiwifiapp.com/","fqdn":"hiwifiapp.com","domain":"hiwifiapp.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-31T13:56:48.539Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: hiwifiapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":641,"timings":{"blocked":641,"dns":0,"connect":216,"send":0,"wait":0,"receive":0,"ssl":234},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"hiwifiapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"hiwifiapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"v1.cdn-static.cn/2018/11/8/11825_jo8288st_6934.png?imageView2/1/w/500/h/500","fqdn":"v1.cdn-static.cn","domain":"cdn-static.cn","tld":"cn"},"ip":{"addr":"154.41.93.241","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:54.710Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"v1.cdn-static.cn","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Tue, 27 Jan 2026 23:59:59 GMT"},"fingerprint":{"sha1":"89:D7:C2:3C:2B:90:EA:43:A1:6C:A5:E3:B8:C3:D5:6F:3F:09:25:E3","sha256":"81:15:EA:DB:53:37:5F:D8:F3:B4:2E:28:E4:53:58:E8:C5:4B:6C:D8:E7:A2:5D:D6:7D:00:ED:16:69:50:1C:77"}}},"request":{"raw":"GET /2018/11/8/11825_jo8288st_6934.png?imageView2/1/w/500/h/500 HTTP/1.1\r\nHost: v1.cdn-static.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\nserver: openresty\r\ndate: Wed, 31 Dec 2025 13:56:56 GMT\r\ncontent-type: text/html\r\ncontent-length: 150\r\nx-error-detail: BTR\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":2051,"timings":{"blocked":1083,"dns":0,"connect":264,"send":0,"wait":254,"receive":0,"ssl":441},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v1-ab.cdn-static.cn/editor/js/common.js?2021519103916","fqdn":"v1-ab.cdn-static.cn","domain":"cdn-static.cn","tld":"cn"},"ip":{"addr":"47.246.3.26","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:54.717Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"v1-ab.cdn-static.cn","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Tue, 05 Aug 2025 00:00:00 GMT","end":"Tue, 04 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5A:00:AF:70:1E:4A:09:C0:3A:CD:C1:63:1C:8F:6B:6D:6A:6A:ED:B9","sha256":"BC:52:61:8A:3A:69:C8:75:C3:D4:91:EC:31:EA:9B:65:AD:ED:63:2C:8F:F1:8D:33:8E:1D:1B:BE:73:52:A0:8B"}}},"request":{"raw":"GET /editor/js/common.js?2021519103916 HTTP/1.1\r\nHost: v1-ab.cdn-static.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.0769chumei.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\nserver: Tengine\r\ndate: Wed, 31 Dec 2025 13:56:55 GMT\r\ncontent-type: text/html; charset=utf-8\r\nx-tengine-error: denied by Referer ACL\r\ncache_control: no-cache, no-store\r\npragma: no-cache\r\nvia: cache9.ru4[,403003]\r\ntiming-allow-origin: *\r\neagleid: 2ff6039d17671894154275316e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":304,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (304), with no line terminators","md5":"9ff40d7241ca98b967714129bf5a03ac","sha1":"3105b1ba3b936108ceb60b405249c0943608373f","sha256":"7afdf27fd1806b5d7ce7426a567c4c672d646f82638077f9690193c2c2904294","sha512":"43b7167049817e9f9ec48c8a2eaa4966a9a5be15f896c8c9b6e5796189ac0d993d888f8da364c67019b4c9361c91b0d203474c0cdcfd91071049c9bb6673304e","ssdeep":"","tlshash":"69e072eee1ce309eae0311e029a72fc0780402a1b7b20cc47e0028cb802047c8a0a24e","first_seen":"2025-12-31T13:57:32.132661Z","last_seen":"2025-12-31T13:57:32.132661Z","times_seen":1,"resource_available":false,"data":null}},"time_used":722,"timings":{"blocked":-1,"dns":467,"connect":42,"send":0,"wait":33,"receive":0,"ssl":168},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v1-ab.cdn-static.cn/editor/??do-basic.css,do-layout.css,do-form.css,do-element.css,element/do-tabText.css,js/wow/animate.css?202031911342","fqdn":"v1-ab.cdn-static.cn","domain":"cdn-static.cn","tld":"cn"},"ip":{"addr":"47.246.3.26","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:58.899Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"v1-ab.cdn-static.cn","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Tue, 05 Aug 2025 00:00:00 GMT","end":"Tue, 04 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5A:00:AF:70:1E:4A:09:C0:3A:CD:C1:63:1C:8F:6B:6D:6A:6A:ED:B9","sha256":"BC:52:61:8A:3A:69:C8:75:C3:D4:91:EC:31:EA:9B:65:AD:ED:63:2C:8F:F1:8D:33:8E:1D:1B:BE:73:52:A0:8B"}}},"request":{"raw":"GET /editor/??do-basic.css,do-layout.css,do-form.css,do-element.css,element/do-tabText.css,js/wow/animate.css?202031911342 HTTP/1.1\r\nHost: v1-ab.cdn-static.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\nserver: Tengine\r\ndate: Wed, 31 Dec 2025 13:56:58 GMT\r\ncontent-type: text/html; charset=utf-8\r\nx-tengine-error: denied by Referer ACL\r\ncache_control: no-cache, no-store\r\npragma: no-cache\r\nvia: cache4.ru4[,403003]\r\ntiming-allow-origin: *\r\neagleid: 2ff6039817671894189184137e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v1.cdn-static.cn/2018/11/23/11825_jotnjred.png?imageView2/2/w/2000/q/100","fqdn":"v1.cdn-static.cn","domain":"cdn-static.cn","tld":"cn"},"ip":{"addr":"154.41.93.241","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.0769chumei.com/","date":"2025-12-31T13:56:59.027Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"v1.cdn-static.cn","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Tue, 27 Jan 2026 23:59:59 GMT"},"fingerprint":{"sha1":"89:D7:C2:3C:2B:90:EA:43:A1:6C:A5:E3:B8:C3:D5:6F:3F:09:25:E3","sha256":"81:15:EA:DB:53:37:5F:D8:F3:B4:2E:28:E4:53:58:E8:C5:4B:6C:D8:E7:A2:5D:D6:7D:00:ED:16:69:50:1C:77"}}},"request":{"raw":"GET /2018/11/23/11825_jotnjred.png?imageView2/2/w/2000/q/100 HTTP/1.1\r\nHost: v1.cdn-static.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.0769chumei.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\nserver: openresty\r\ndate: Wed, 31 Dec 2025 13:56:59 GMT\r\ncontent-type: text/html\r\ncontent-length: 150\r\nx-error-detail: BTR\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":252,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":252,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/go/kaiyun1/static/picture/rbsmgwmigyqad1n-aaa_2muwpem57.webp","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.ybwworld.com/go/kaiyun1/ky.html","date":"2025-12-31T13:56:59.569Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ybwworld.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Dec 2025 06:25:47 GMT","end":"Tue, 24 Mar 2026 06:25:46 GMT"},"fingerprint":{"sha1":"04:D9:C2:02:7A:69:F1:B6:1E:89:56:0E:EA:95:86:11:C2:C9:D8:28","sha256":"95:F3:D2:B0:A9:07:02:AD:AF:6A:AE:CA:33:63:7F:6D:BD:62:B7:37:5B:E9:DA:C5:03:B3:1F:5A:5B:D7:3E:4C"}}},"request":{"raw":"GET /go/kaiyun1/static/picture/rbsmgwmigyqad1n-aaa_2muwpem57.webp HTTP/1.1\r\nHost: www.ybwworld.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ybwworld.com/go/kaiyun1/ky.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 13:56:22 GMT\r\nContent-Type: image/webp\r\nContent-Length: 16344\r\nLast-Modified: Mon, 25 Dec 2023 15:21:01 GMT\r\nConnection: keep-alive\r\nETag: \"65899ddd-3fd8\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16344,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"be49e8277eb92cafb253fa49edb79022","sha1":"5cc65c308aa4f315b27936fc4647b37f58efdeae","sha256":"1b8cb8ad18ad2b3e0738be463ac16ec39c2bab4d56afe06cfcc5b0fa59c45391","sha512":"bfcca34c67fd47b4119ba484b0d670d5be6ef1b07d3029ea97330338252045ebec536cf90ca48ec649cd50afc4428f412237137b9d4261214715873eedaf8093","ssdeep":"384:CVlYgoa1xatkPb5WHRKY+z3eppmsOfwH/s6j:IYg575E4Y+Hj4H/s6j","tlshash":"df72cf0b455b902138cd7a9311463a50538fde107f8ab4fd6e63baa551281931fb733e","first_seen":"2023-05-18T07:54:03Z","last_seen":"2026-04-03T16:25:58.772077Z","times_seen":2366,"resource_available":false,"data":null}},"time_used":3774,"timings":{"blocked":1562,"dns":1,"connect":289,"send":0,"wait":639,"receive":1,"ssl":613},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.ybwworld.com/cslink/cslink.js?v=0.05557088430246948","fqdn":"www.ybwworld.com","domain":"ybwworld.com","tld":"com"},"ip":{"addr":"202.79.171.15","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.ybwworld.com/go/kaiyun1/ky.html","date":"2025-12-31T13:57:00.948Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ybwworld.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Dec 2025 06:25:47 GMT","end":"Tue, 24 Mar 2026 06:25:46 GMT"},"fingerprint":{"sha1":"04:D9:C2:02:7A:69:F1:B6:1E:89:56:0E:EA:95:86:11:C2:C9:D8:28","sha256":"95:F3:D2:B0:A9:07:02:AD:AF:6A:AE:CA:33:63:7F:6D:BD:62:B7:37:5B:E9:DA:C5:03:B3:1F:5A:5B:D7:3E:4C"}}},"request":{"raw":"GET /cslink/cslink.js?v=0.05557088430246948 HTTP/1.1\r\nHost: www.ybwworld.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.ybwworld.com/go/kaiyun1/ky.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 13:56:22 GMT\r\nContent-Type: text/html\r\nContent-Length: 520\r\nConnection: keep-alive\r\nETag: \"619e0cae-208\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":520,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"3704f92207749f1f9b308fc856e7b7eb","sha1":"b12e7554f139b239e0cb11f2138fa328e414a761","sha256":"7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e","sha512":"c0812fb9a6cc887ce08a773103b08a719a65700c052ff79e35f3471321abc091aa18f73fe6af4600e8409732cc7524ef1760e0a3a242475d41f90fa4182a0297","ssdeep":"","tlshash":"abf00ea3b1130c0e13a8627033b1b0b4dc867dcb67030e51846a303facc16a9c7a33d8","first_seen":"2023-04-08T15:59:38Z","last_seen":"2026-04-03T14:05:12.093071Z","times_seen":6215,"resource_available":true,"data":null}},"time_used":273,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":273,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"www.ybwworld.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}