{"report_id":"c2413f7c-4a1f-4799-937b-31e1d8ed6bf2","version":0,"status":"done","tags":[],"date":"2026-06-10T17:40:31Z","url":{"schema":"http","addr":"www.yhg65omnk1.cyou/","fqdn":"www.yhg65omnk1.cyou","domain":"yhg65omnk1.cyou","tld":"cyou"},"ip":{"addr":"54.215.31.113","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"2026-06-11.sqllq.com/en/?yhg65omnk1.cyou","fqdn":"2026-06-11.sqllq.com","domain":"sqllq.com","tld":"com"},"title":"请输入密码访问","dom":{"size":2412,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"dc0a8cec613c035493a52e6ec9135652","sha1":"0c21459e76c1f5cab96c0c2d75201acbcc6780db","sha256":"45863ad7713bdf2475950f523428933e06827ffbe490e61b93ebac9c59ee9130","sha512":"4919ee5e201c3f5723f532c6f1c9d23096ce7de626ee9ecf2555df3ba0ec5d8463bf86bff4a8db67c328491ce050ad32de0876b8af5e6bbe02bb7109fcb51516","ssdeep":"","tlshash":"f74132e1bac1581375a250ddaa52f31cbcb6e00fa53ed348f91c42a81f20eeb545ac81","dom_hash":"domhash65f6f40fb8cc9b3ff68f05173a5ca7e6","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"www.yhg65omnk1.cyou/","fqdn":"www.yhg65omnk1.cyou","domain":"yhg65omnk1.cyou","tld":"cyou"},"ip":{"addr":"54.215.31.113","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-15T17:40:31Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-10","alert":"Sinkholed","trigger":"2026-06-11.sqllq.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-10","alert":"Sinkholed","trigger":"2026-06-11.sqllq.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-10","alert":"Sinkholed","trigger":"www.yhg65omnk1.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"2026-06-11.sqllq.com","ip":{"addr":"104.21.30.80","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-04-07","domain_rank":0,"first_seen":"2026-06-10T17:40:31.555084Z","last_seen":"2026-06-10T17:40:32.123374Z","alert_count":2,"request_count":1,"received_data":9253,"sent_data":508,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"global.urldance.com","ip":{"addr":"154.41.93.241","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"domain_registered":"2024-03-28","domain_rank":0,"first_seen":"2026-05-10T11:06:41.586201Z","last_seen":"2026-06-07T23:11:59.275558Z","alert_count":0,"request_count":8,"received_data":133310,"sent_data":4114,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.yhg65omnk1.cyou","ip":{"addr":"54.215.31.113","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":1,"request_count":1,"received_data":339,"sent_data":488,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"sdk.51.la","ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2005-01-17","domain_rank":347679,"first_seen":"2021-03-08T16:03:51Z","last_seen":"2026-06-09T11:41:42.588563Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":462,"comment":"","tags":null,"fingerprints":null},{"fqdn":"gotowww.72.chat","ip":{"addr":"107.151.212.239","port":443,"asn":21859,"as":"ZEN-ECN","country":"United States","country_code":"US"},"domain_registered":"2022-12-03","domain_rank":3916922,"first_seen":"2025-06-02T22:51:15.867532Z","last_seen":"2026-06-06T17:29:59.073146Z","alert_count":0,"request_count":1,"received_data":232,"sent_data":503,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"2026-06-11.sqllq.com/en/?yhg65omnk1.cyou","fqdn":"2026-06-11.sqllq.com","domain":"sqllq.com","tld":"com"},"ip":{"addr":"104.21.30.80","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"c25f8a4011b296c8c63ab1e793510fe5","sha1":"db4f9eb086be87ce9083e47783e99271586289c1","sha256":"b57d362622ba45643c6d2edec695dc5b27bae96d416ab153491274b307479cdf","sha512":"302bfa3dff23b81d5699b1633d28142926765628767bd96a6d297a6395d4c7ad1dd0451e263a021156f47e263fd95c3e9345995e31f09e89a5a2e98f0f24a6ea","ssdeep":"","tlshash":"8fb012ca0041500431f231417b033309346314fb0c0c5000790c8b103f2830fd2277c4","size":98,"data":"","first_seen":"2026-05-25T18:40:40.655519Z","last_seen":"2026-06-22T01:58:51.76071Z","times_seen":345,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"2026-06-11.sqllq.com/en/?yhg65omnk1.cyou","fqdn":"2026-06-11.sqllq.com","domain":"sqllq.com","tld":"com"},"ip":{"addr":"104.21.30.80","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"79ec980e69ef2c72ef23ce2d64d709a7","sha1":"f1cbeb8b263466de81e93b45e079fc420ecb6366","sha256":"8e17644d1d19ea56c3e95b0d5cf0f523cf6f312841bd9c1784d99cc210b04e0b","sha512":"abae866621800faebdabc4a11c0788ef3462b23be13bc8fda0a6b828a14e2ef0335b5e1bd6c1e271b8d7d225e3f460535d6befcd8846c0f7a3008a3a2cb9ca0b","ssdeep":"","tlshash":"4ec092862081948a2a7231d29f03b31ab4074afe48559688791c47603f6cb3fca2e7c7","size":134,"data":"","first_seen":"2026-05-25T18:40:40.65696Z","last_seen":"2026-06-22T01:58:51.761271Z","times_seen":345,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"2026-06-11.sqllq.com/en/?yhg65omnk1.cyou","fqdn":"2026-06-11.sqllq.com","domain":"sqllq.com","tld":"com"},"ip":{"addr":"104.21.30.80","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"31ea78d300f5223565fcb5bd0140e13a","sha1":"e65dda34f981b8093693bcbcb81939b9b79683a6","sha256":"85afed09d2556b1d528b836af7e07f4521f0758805af08a13f323e233a250610","sha512":"de31467a941f8a125dcc970ebc4f0bababb8a2df743ef5c7b1cffa6bd432232afa62d2eb455e019309d80b2aeefbd6563ac9846fc0f98b3fad2866573efb6f5c","ssdeep":"","tlshash":"c121aba0fa855c6254d390acb912f758b976f00eb03ad38cf62c43980f62cdab049c56","size":1277,"data":"","first_seen":"2026-06-06T11:32:22.739425Z","last_seen":"2026-06-22T01:58:51.761862Z","times_seen":338,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"2026-06-11.sqllq.com/en/?yhg65omnk1.cyou","fqdn":"2026-06-11.sqllq.com","domain":"sqllq.com","tld":"com"},"ip":{"addr":"104.21.30.80","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4d1d922256568675bbe8efcde6be3f74","sha1":"28dcdd889aecb14b420e87731e2c358a4b99d1ba","sha256":"14ebb8097c55e935a4dfd4863931d8f8885ed986b22fd85ee57d1730776df418","sha512":"27d572c54b8a7d8d93c9e975e111949ae63edecc39d2c68222414eaf8cb45c7c56bb818855a340e67de31b956c074f096dc7407a5ec09c0f3f023dfc777a1331","ssdeep":"","tlshash":"8241f0afb16b41100717c4db35fa590c6333b01f5dc9ad14f53ca9885f8e3aa4196aad","size":2305,"data":"","first_seen":"2026-06-06T11:32:22.740897Z","last_seen":"2026-06-22T01:58:51.762448Z","times_seen":338,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"2026-06-11.sqllq.com/en/?yhg65omnk1.cyou","fqdn":"2026-06-11.sqllq.com","domain":"sqllq.com","tld":"com"},"ip":{"addr":"104.21.30.80","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"a6ec7e725d17f780e2e406790960dc36","sha1":"99522f056931e56da7de26e8f671df6542608c14","sha256":"f947880e76992314a8606a646a5c862b587bc09c6c32adecb20ee575cb00595a","sha512":"2c982d29f96f64e9dd7fc921df970013d6bb262f08d61011123eed575ecc44e666e215d2feca667d7a10c680bf6a8fa3ad0806105ec8fa99122779e50f15f6a5","ssdeep":"","tlshash":"24d0970f2c246838236a047c12baea4cb062288c003eed0090ece8019d60ee64c2ebc8","size":252,"data":"","first_seen":"2026-05-25T18:40:40.659616Z","last_seen":"2026-06-22T01:58:51.763012Z","times_seen":345,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"2026-06-11.sqllq.com/en/?yhg65omnk1.cyou","fqdn":"2026-06-11.sqllq.com","domain":"sqllq.com","tld":"com"},"ip":{"addr":"104.21.30.80","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"3da311247577a6f80b9b6ae63bd039e1","sha1":"4ecd576f28569e0b1fe6580173321298bf1c179c","sha256":"87c7a25600826c446d29d6c3721538b7f02f28fd7c17021cb1489a3c70a7c9bf","sha512":"4adc1a2142963666e22cfc48975ba583690b523c978ca8db4869a640207e3f856bfef5ca03797c74a0f954ab7f2cc0322ce3bba6d7ec4e4e3089234c98b54d8d","ssdeep":"","tlshash":"d590022900430c4702268bb205ba2bc3e05d4063011cc08624244cc64043c90e04da3a","size":54,"data":"","first_seen":"2025-03-07T06:58:31.251344Z","last_seen":"2026-06-22T02:30:18.860593Z","times_seen":6352,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"2026-06-11.sqllq.com/en/?yhg65omnk1.cyou","fqdn":"2026-06-11.sqllq.com","domain":"sqllq.com","tld":"com"},"ip":{"addr":"104.21.30.80","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"57ee18763d82fb2a6cb67ad357a57df7","sha1":"fd07f5e1064c89ef630a89b430babf70dd592de6","sha256":"c0f88608e8f55c724ea0c5d3cc0dc976a579a138ad22bbb3f78b6be52df58b3e","sha512":"a5901f95734327750d975521a60a94627f3198c5a464007c348df9b89fe7f9c2d8002e6e9e231dcb427bb7a200153c71b7807e00cc74c6533bf88e8669183249","ssdeep":"","tlshash":"a11100753a2a1534dac5408b317ee7a93e3220617b02a044c36ccc289d18e8314efcbe","size":902,"data":"","first_seen":"2026-06-10T17:40:36.083484Z","last_seen":"2026-06-10T17:40:36.083484Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"2026-06-11.sqllq.com/en/?yhg65omnk1.cyou","fqdn":"2026-06-11.sqllq.com","domain":"sqllq.com","tld":"com"},"ip":{"addr":"104.21.30.80","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"c25f8a4011b296c8c63ab1e793510fe5","sha1":"db4f9eb086be87ce9083e47783e99271586289c1","sha256":"b57d362622ba45643c6d2edec695dc5b27bae96d416ab153491274b307479cdf","sha512":"302bfa3dff23b81d5699b1633d28142926765628767bd96a6d297a6395d4c7ad1dd0451e263a021156f47e263fd95c3e9345995e31f09e89a5a2e98f0f24a6ea","ssdeep":"","tlshash":"8fb012ca0041500431f231417b033309346314fb0c0c5000790c8b103f2830fd2277c4","size":98,"data":"","first_seen":"2026-05-25T18:40:40.655519Z","last_seen":"2026-06-22T01:58:51.76071Z","times_seen":345,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"2026-06-11.sqllq.com/en/?yhg65omnk1.cyou","fqdn":"2026-06-11.sqllq.com","domain":"sqllq.com","tld":"com"},"ip":{"addr":"104.21.30.80","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"79ec980e69ef2c72ef23ce2d64d709a7","sha1":"f1cbeb8b263466de81e93b45e079fc420ecb6366","sha256":"8e17644d1d19ea56c3e95b0d5cf0f523cf6f312841bd9c1784d99cc210b04e0b","sha512":"abae866621800faebdabc4a11c0788ef3462b23be13bc8fda0a6b828a14e2ef0335b5e1bd6c1e271b8d7d225e3f460535d6befcd8846c0f7a3008a3a2cb9ca0b","ssdeep":"","tlshash":"4ec092862081948a2a7231d29f03b31ab4074afe48559688791c47603f6cb3fca2e7c7","size":134,"data":"","first_seen":"2026-05-25T18:40:40.65696Z","last_seen":"2026-06-22T01:58:51.761271Z","times_seen":345,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"2026-06-11.sqllq.com/en/?yhg65omnk1.cyou","fqdn":"2026-06-11.sqllq.com","domain":"sqllq.com","tld":"com"},"ip":{"addr":"104.21.30.80","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"31ea78d300f5223565fcb5bd0140e13a","sha1":"e65dda34f981b8093693bcbcb81939b9b79683a6","sha256":"85afed09d2556b1d528b836af7e07f4521f0758805af08a13f323e233a250610","sha512":"de31467a941f8a125dcc970ebc4f0bababb8a2df743ef5c7b1cffa6bd432232afa62d2eb455e019309d80b2aeefbd6563ac9846fc0f98b3fad2866573efb6f5c","ssdeep":"","tlshash":"c121aba0fa855c6254d390acb912f758b976f00eb03ad38cf62c43980f62cdab049c56","size":1277,"data":"","first_seen":"2026-06-06T11:32:22.739425Z","last_seen":"2026-06-22T01:58:51.761862Z","times_seen":338,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"2026-06-11.sqllq.com/en/?yhg65omnk1.cyou","fqdn":"2026-06-11.sqllq.com","domain":"sqllq.com","tld":"com"},"ip":{"addr":"104.21.30.80","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4d1d922256568675bbe8efcde6be3f74","sha1":"28dcdd889aecb14b420e87731e2c358a4b99d1ba","sha256":"14ebb8097c55e935a4dfd4863931d8f8885ed986b22fd85ee57d1730776df418","sha512":"27d572c54b8a7d8d93c9e975e111949ae63edecc39d2c68222414eaf8cb45c7c56bb818855a340e67de31b956c074f096dc7407a5ec09c0f3f023dfc777a1331","ssdeep":"","tlshash":"8241f0afb16b41100717c4db35fa590c6333b01f5dc9ad14f53ca9885f8e3aa4196aad","size":2305,"data":"","first_seen":"2026-06-06T11:32:22.740897Z","last_seen":"2026-06-22T01:58:51.762448Z","times_seen":338,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"2026-06-11.sqllq.com/en/?yhg65omnk1.cyou","fqdn":"2026-06-11.sqllq.com","domain":"sqllq.com","tld":"com"},"ip":{"addr":"104.21.30.80","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"a6ec7e725d17f780e2e406790960dc36","sha1":"99522f056931e56da7de26e8f671df6542608c14","sha256":"f947880e76992314a8606a646a5c862b587bc09c6c32adecb20ee575cb00595a","sha512":"2c982d29f96f64e9dd7fc921df970013d6bb262f08d61011123eed575ecc44e666e215d2feca667d7a10c680bf6a8fa3ad0806105ec8fa99122779e50f15f6a5","ssdeep":"","tlshash":"24d0970f2c246838236a047c12baea4cb062288c003eed0090ece8019d60ee64c2ebc8","size":252,"data":"","first_seen":"2026-05-25T18:40:40.659616Z","last_seen":"2026-06-22T01:58:51.763012Z","times_seen":345,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"2026-06-11.sqllq.com/en/?yhg65omnk1.cyou","fqdn":"2026-06-11.sqllq.com","domain":"sqllq.com","tld":"com"},"ip":{"addr":"104.21.30.80","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"3da311247577a6f80b9b6ae63bd039e1","sha1":"4ecd576f28569e0b1fe6580173321298bf1c179c","sha256":"87c7a25600826c446d29d6c3721538b7f02f28fd7c17021cb1489a3c70a7c9bf","sha512":"4adc1a2142963666e22cfc48975ba583690b523c978ca8db4869a640207e3f856bfef5ca03797c74a0f954ab7f2cc0322ce3bba6d7ec4e4e3089234c98b54d8d","ssdeep":"","tlshash":"d590022900430c4702268bb205ba2bc3e05d4063011cc08624244cc64043c90e04da3a","size":54,"data":"","first_seen":"2025-03-07T06:58:31.251344Z","last_seen":"2026-06-22T02:30:18.860593Z","times_seen":6352,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"2026-06-11.sqllq.com/en/?yhg65omnk1.cyou","fqdn":"2026-06-11.sqllq.com","domain":"sqllq.com","tld":"com"},"ip":{"addr":"104.21.30.80","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"9b79dac5d2b5d546d19d02bb63cabda8","sha1":"ffeb30b98c5b5976354e0c2741c24c3d4aedd160","sha256":"7cf6b507beb87667ed0e61e7ac9113ca3dd20e62b6127015a385f5d510065feb","sha512":"0fc58c756a5b3cd771b4b508beb892adb3ae29697f46736d052c0c431c111b05e7b2dee04dcb8eba7eef1aafe5927b9067099657a92dae3bd868a2ad8b0d0210","ssdeep":"","tlshash":"341100753a2a1534dac5408b317ee7a93d3220617a02a044c36cdc299d18ec318efcbe","size":902,"data":"","first_seen":"2026-06-10T17:40:36.084562Z","last_seen":"2026-06-10T17:40:36.084562Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"gotowww.72.chat/3d/?yhg65omnk1.cyou","fqdn":"gotowww.72.chat","domain":"72.chat","tld":"chat"},"ip":{"addr":"107.151.212.239","port":443,"asn":21859,"as":"ZEN-ECN","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-10T17:40:04.312Z","timestamp":1781113204312,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.72.chat","organization":""},"issuer":{"commonName":"宝塔 DV TLS RSA CA 2025","organization":"广东堡塔安全技术有限公司"},"validity":{"start":"Sun, 07 Dec 2025 00:00:00 GMT","end":"Mon, 07 Dec 2026 12:00:00 GMT"},"fingerprint":{"sha1":"72:B6:83:CB:25:BF:D2:0E:05:CE:0C:A7:93:45:07:AD:FD:0C:EE:BF","sha256":"84:34:6F:9B:05:67:9B:62:B3:4A:49:22:E0:11:DA:B4:EC:C5:77:2B:69:74:B9:A9:65:46:06:E2:04:DE:E5:41"}}},"request":{"raw":"GET /3d/?yhg65omnk1.cyou HTTP/1.1\r\nHost: gotowww.72.chat\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 \r\nserver: nginx\r\ndate: Wed, 10 Jun 2026 17:40:05 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: https://2026-06-11.sqllq.com/en/?yhg65omnk1.cyou\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-22T02:29:52.920518Z","times_seen":16623839,"resource_available":true,"data":null}},"time_used":1378,"timings":{"blocked":-1,"dns":671,"connect":175,"send":0,"wait":176,"receive":0,"ssl":357},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"2026-06-11.sqllq.com/en/?yhg65omnk1.cyou","fqdn":"2026-06-11.sqllq.com","domain":"sqllq.com","tld":"com"},"ip":{"addr":"104.21.30.80","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-10T17:40:05.696Z","timestamp":1781113205696,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sqllq.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Jun 2026 00:50:25 GMT","end":"Sat, 05 Sep 2026 01:50:09 GMT"},"fingerprint":{"sha1":"33:74:95:93:95:BA:4D:35:E8:0C:E9:B6:0C:9E:72:50:23:BD:CA:D9","sha256":"4F:0F:A0:D7:14:08:64:0A:E2:2D:D0:F4:56:6F:4C:7B:BB:41:A7:05:1A:36:CD:8A:7C:E3:6D:DC:37:8F:2C:64"}}},"request":{"raw":"GET /en/?yhg65omnk1.cyou HTTP/1.1\r\nHost: 2026-06-11.sqllq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Wed, 10 Jun 2026 17:40:06 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Sun, 10 May 2026 10:29:40 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=G5FtEhYrOxDzLvHfoZ9dRWeEfiyYLUVJEGFz0oqk8JqEoXA1nPpmqWBdhWq6sFPSfzUGqI5uNrhgWVXeXPqH%2FXSlsIlDIoyI6FfdZYUVkSEtqkTbAkllpA7CUJkN1croyAqUZLQ0Nw%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: zstd\r\ncf-ray: a09a28bfbbccb1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":8628,"size_decoded":4085,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (926)","md5":"11bc77b4da586934c6ebf1e3feb11d9f","sha1":"f5bf595dd2b17baedb1b83644e026684a334a289","sha256":"6836962420361602be619990cf226eca36f7cacbeb6a7f653d96c41eac4d81e5","sha512":"2fd93cc0461ec72ee3e9b1093ddd0a51cff719ea9ee3738591bea2076f7b93f76dec0d4e7e33b06b28f4cbc6a6831354f6bed4540f87d5939c2d2520ed02b7a3","ssdeep":"192:rnyk9fXqtnptqh+5BapcuEz/7/C7af/GxuBtdsn102Unx/jM:hXq1tapcuEzzKuo0cn102Unx/jM","tlshash":"1e020aa6a5e64422025280ca35b5f70c3e77f00f990ec648f2ac89a41f99fd74c5fd9c","first_seen":"2026-06-10T17:40:36.06839Z","last_seen":"2026-06-10T17:40:36.06839Z","times_seen":1,"resource_available":true,"data":null}},"time_used":401,"timings":{"blocked":-1,"dns":6,"connect":1,"send":0,"wait":380,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-10","alert":"Sinkholed","trigger":"2026-06-11.sqllq.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-10","alert":"Sinkholed","trigger":"2026-06-11.sqllq.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"global.urldance.com/css/layer.css","fqdn":"global.urldance.com","domain":"urldance.com","tld":"com"},"ip":{"addr":"154.41.93.241","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://2026-06-11.sqllq.com/en/?yhg65omnk1.cyou","date":"2026-06-10T17:40:06.403Z","timestamp":1781113206403,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.urldance.com","organization":""},"issuer":{"commonName":"TLC DV TLS CA","organization":"泰尔认证中心有限公司"},"validity":{"start":"Sun, 07 Dec 2025 23:08:14 GMT","end":"Mon, 07 Dec 2026 23:08:13 GMT"},"fingerprint":{"sha1":"6A:BE:28:89:9A:3C:58:F1:47:60:A2:13:4E:14:9F:B3:39:E8:E2:F5","sha256":"07:C5:5B:CC:BF:E1:FD:1A:7F:0B:6F:87:8D:14:85:81:4D:E0:3C:9E:BB:B5:65:55:82:5F:97:3C:A8:E9:B7:3C"}}},"request":{"raw":"GET /css/layer.css HTTP/1.1\r\nHost: global.urldance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://2026-06-11.sqllq.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: openresty\r\ndate: Wed, 10 Jun 2026 17:40:07 GMT\r\ncontent-type: text/css\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: X-Log, X-Reqid\r\naccess-control-max-age: 2592000\r\nage: 46900\r\ncache-control: public, max-age=31536000\r\ncontent-disposition: inline; filename=\"layer.css\"; filename*=utf-8''layer.css\r\ncontent-encoding: gzip\r\ncontent-md5: wjTrBtXzIFUJIpTniVfxfQ==\r\ncontent-transfer-encoding: binary\r\netag: \"FvFe4Ly5aU8y9eHVJPJlOqDdBDQC.gz\"\r\nlast-modified: Sun, 10 May 2026 10:11:45 GMT\r\nvary: Accept-Encoding\r\nx-log: X-Log\r\nx-m-log: QNM:wldsg121;QNM3\r\nx-m-reqid: YbeB5E4S7\r\nx-qiniu-zone: na0\r\nx-qnm-cache: Hit\r\nx-reqid: fOMAAABA9N5enrcY\r\nx-svr: IO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14271,"size_decoded":3532,"mime_type":"text/css","magic":"ASCII text, with very long lines (14271), with no line terminators","md5":"c234eb06d5f32055092294e78957f17d","sha1":"f15ee0bcb9694f32f5e1d524f2653aa0dd043402","sha256":"5cdf3edb27b0c9f8e48918c486e9ae65a9e5beab806b64c4a7bc5bac53c0f540","sha512":"3f06b51116d7f8026d81c7eb6a3c4d871462d09fe0a5b8cc8b7feaf20cbc88b0b6a545f0ec7cbc17566a9ff609405f58fad6eddfb3a8b3f6d530ede8fa3fad5c","ssdeep":"96:mp+Ntha8qNEp+wRY1vUPXi0nMLPD2OtLzAyPHL/LztJDzyv2OQ7KGx1j9d2/nWUU:1ELr2Otzrzzt42OQ7KGx1j8WUq4S3cU","tlshash":"f75242e144911299b0278721d6dc7eba32f88d43e5630caef2573c1f874c6dba2b6647","first_seen":"2023-03-10T11:40:20Z","last_seen":"2026-06-22T01:46:58.219381Z","times_seen":53790,"resource_available":false,"data":null}},"time_used":1719,"timings":{"blocked":-1,"dns":737,"connect":238,"send":0,"wait":263,"receive":0,"ssl":480},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"global.urldance.com/css/style_mini.css","fqdn":"global.urldance.com","domain":"urldance.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://2026-06-11.sqllq.com/en/?yhg65omnk1.cyou","date":"2026-06-10T17:40:06.405Z","timestamp":1781113206405,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /css/style_mini.css HTTP/1.1\r\nHost: global.urldance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://2026-06-11.sqllq.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-22T02:29:52.920518Z","times_seen":16623839,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"global.urldance.com/css/cards.css","fqdn":"global.urldance.com","domain":"urldance.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://2026-06-11.sqllq.com/en/?yhg65omnk1.cyou","date":"2026-06-10T17:40:06.407Z","timestamp":1781113206407,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /css/cards.css HTTP/1.1\r\nHost: global.urldance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://2026-06-11.sqllq.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-22T02:29:52.920518Z","times_seen":16623839,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"global.urldance.com/images/xiaologo.webp","fqdn":"global.urldance.com","domain":"urldance.com","tld":"com"},"ip":{"addr":"154.41.93.241","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://2026-06-11.sqllq.com/en/?yhg65omnk1.cyou","date":"2026-06-10T17:40:06.418Z","timestamp":1781113206418,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.urldance.com","organization":""},"issuer":{"commonName":"TLC DV TLS CA","organization":"泰尔认证中心有限公司"},"validity":{"start":"Sun, 07 Dec 2025 23:08:14 GMT","end":"Mon, 07 Dec 2026 23:08:13 GMT"},"fingerprint":{"sha1":"6A:BE:28:89:9A:3C:58:F1:47:60:A2:13:4E:14:9F:B3:39:E8:E2:F5","sha256":"07:C5:5B:CC:BF:E1:FD:1A:7F:0B:6F:87:8D:14:85:81:4D:E0:3C:9E:BB:B5:65:55:82:5F:97:3C:A8:E9:B7:3C"}}},"request":{"raw":"GET /images/xiaologo.webp HTTP/1.1\r\nHost: global.urldance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://2026-06-11.sqllq.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: openresty\r\ndate: Wed, 10 Jun 2026 17:40:07 GMT\r\ncontent-type: image/webp\r\ncontent-length: 3266\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: X-Log, X-Reqid\r\naccess-control-max-age: 2592000\r\nage: 46931\r\ncache-control: public, max-age=31536000\r\ncontent-disposition: inline; filename=\"xiaologo.webp\"; filename*=utf-8''xiaologo.webp\r\ncontent-md5: 5TLNnfDmTpF0J5kQFCOxNA==\r\ncontent-transfer-encoding: binary\r\netag: \"FsBCR1sEFZtw6-f-ChZIZPjg-I1r\"\r\nlast-modified: Sun, 10 May 2026 10:12:48 GMT\r\nx-log: X-Log\r\nx-m-log: QNM:wldsg119;QNM3\r\nx-m-reqid: su74SgRbF\r\nx-qiniu-zone: na0\r\nx-qnm-cache: Hit\r\nx-reqid: WWQAAACG5ZJXnrcY\r\nx-svr: IO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3266,"size_decoded":3976,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"e532cd9df0e64e91742799101423b134","sha1":"c042475b04159b70ebe7fe0a164864f8e0f88d6b","sha256":"078e32f0c3c5a4e6b8ff81c9c2450a3ed5b907f597fb7d6daabb05f76e04b3fd","sha512":"57781e301b1f9a92e1bbe459c64c5120ece97d6ee688e63d15a620af3263f1add4819c3b8eaa70080e0d15e3135558657d981769f30fa65c49961d2295a5763a","ssdeep":"","tlshash":"b6615bccdd91ea3268b2ea216fd7d0a20a8b349f1341fc3196c14d613238e2bb785521","first_seen":"2024-12-14T01:59:30.576573Z","last_seen":"2026-06-22T02:30:18.852861Z","times_seen":6586,"resource_available":false,"data":null}},"time_used":1710,"timings":{"blocked":1437,"dns":0,"connect":0,"send":0,"wait":273,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"global.urldance.com/images/share_lines.webp","fqdn":"global.urldance.com","domain":"urldance.com","tld":"com"},"ip":{"addr":"154.41.93.241","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://2026-06-11.sqllq.com/en/?yhg65omnk1.cyou","date":"2026-06-10T17:40:06.421Z","timestamp":1781113206421,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.urldance.com","organization":""},"issuer":{"commonName":"TLC DV TLS CA","organization":"泰尔认证中心有限公司"},"validity":{"start":"Sun, 07 Dec 2025 23:08:14 GMT","end":"Mon, 07 Dec 2026 23:08:13 GMT"},"fingerprint":{"sha1":"6A:BE:28:89:9A:3C:58:F1:47:60:A2:13:4E:14:9F:B3:39:E8:E2:F5","sha256":"07:C5:5B:CC:BF:E1:FD:1A:7F:0B:6F:87:8D:14:85:81:4D:E0:3C:9E:BB:B5:65:55:82:5F:97:3C:A8:E9:B7:3C"}}},"request":{"raw":"GET /images/share_lines.webp HTTP/1.1\r\nHost: global.urldance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://2026-06-11.sqllq.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: openresty\r\ndate: Wed, 10 Jun 2026 17:40:07 GMT\r\ncontent-type: image/webp\r\ncontent-length: 354\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: X-Log, X-Reqid\r\naccess-control-max-age: 2592000\r\nage: 17441\r\ncache-control: public, max-age=31536000\r\ncontent-disposition: inline; filename=\"share_lines.webp\"; filename*=utf-8''share_lines.webp\r\ncontent-md5: ZDlFGFR7Vy07ttcdvaoP4g==\r\ncontent-transfer-encoding: binary\r\netag: \"Fn-ZoIcHSfiG1XYn7NiR4ShzFazr\"\r\nlast-modified: Sun, 10 May 2026 10:12:47 GMT\r\nx-log: X-Log\r\nx-m-log: QNM:wldsg121;QNM3\r\nx-m-reqid: MN2YO55Y5\r\nx-qiniu-zone: na0\r\nx-qnm-cache: Hit\r\nx-reqid: agoAAAAlX5Je77MY\r\nx-svr: IO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":354,"size_decoded":1069,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"64394518547b572d3bb6d71dbdaa0fe2","sha1":"7f99a0870749f886d57627ecd891e1287315aceb","sha256":"a79fd0015a10c5ee30796bcbee2aaee6f9fb6eea8abc99cc07bbd8e0e6304017","sha512":"191617c203e2ac47312005f73b7cc585e5d45c6543770b8375e73a35f05959e2d4b6f8752b92d68dfd2d3fd07d8174de6ecfd879b290337ef986586804710a57","ssdeep":"","tlshash":"5fe0c002d113b262c175ec7482c6300b673f01b6234697908883803d176ed031bc2165","first_seen":"2024-12-14T01:59:30.572173Z","last_seen":"2026-06-22T02:30:18.856648Z","times_seen":6628,"resource_available":false,"data":null}},"time_used":1699,"timings":{"blocked":1436,"dns":0,"connect":0,"send":0,"wait":263,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.yhg65omnk1.cyou/","fqdn":"www.yhg65omnk1.cyou","domain":"yhg65omnk1.cyou","tld":"cyou"},"ip":{"addr":"54.215.31.113","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-10T17:39:59.455Z","timestamp":1781113199455,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yhg65omnk1.cyou","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 May 2026 13:35:48 GMT","end":"Tue, 25 Aug 2026 13:35:47 GMT"},"fingerprint":{"sha1":"F1:A9:91:B0:68:4E:A4:96:8B:3D:B9:BE:2C:5F:EE:C1:30:39:57:06","sha256":"EE:5C:E1:9A:61:6A:AC:35:60:3C:5D:1E:CC:B1:D0:7F:65:90:A8:96:30:19:8E:28:B9:9C:EB:D4:C1:99:BA:8B"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.yhg65omnk1.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 \r\ncontent-type: text/plain\r\ncontent-length: 0\r\ndate: Wed, 10 Jun 2026 17:40:04 GMT\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=2592000\r\ncache-control: private, no-cache, no-store, max-age=0\r\nexpires: Mon, 01 Jan 1990 0:00:00 GMT\r\nlocation: https://gotowww.72.chat/3d/?yhg65omnk1.cyou\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-22T02:29:52.920518Z","times_seen":16623839,"resource_available":true,"data":null}},"time_used":4848,"timings":{"blocked":-1,"dns":4004,"connect":153,"send":0,"wait":241,"receive":0,"ssl":450},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-10","alert":"Sinkholed","trigger":"www.yhg65omnk1.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"global.urldance.com/js/jquery.min.js","fqdn":"global.urldance.com","domain":"urldance.com","tld":"com"},"ip":{"addr":"154.41.93.241","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://2026-06-11.sqllq.com/en/?yhg65omnk1.cyou","date":"2026-06-10T17:40:06.409Z","timestamp":1781113206409,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.urldance.com","organization":""},"issuer":{"commonName":"TLC DV TLS CA","organization":"泰尔认证中心有限公司"},"validity":{"start":"Sun, 07 Dec 2025 23:08:14 GMT","end":"Mon, 07 Dec 2026 23:08:13 GMT"},"fingerprint":{"sha1":"6A:BE:28:89:9A:3C:58:F1:47:60:A2:13:4E:14:9F:B3:39:E8:E2:F5","sha256":"07:C5:5B:CC:BF:E1:FD:1A:7F:0B:6F:87:8D:14:85:81:4D:E0:3C:9E:BB:B5:65:55:82:5F:97:3C:A8:E9:B7:3C"}}},"request":{"raw":"GET /js/jquery.min.js HTTP/1.1\r\nHost: global.urldance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://2026-06-11.sqllq.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: openresty\r\ndate: Wed, 10 Jun 2026 17:40:08 GMT\r\ncontent-type: text/javascript\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: X-Log, X-Reqid\r\naccess-control-max-age: 2592000\r\nage: 17460\r\ncache-control: public, max-age=31536000\r\ncontent-disposition: inline; filename=\"jquery.min.js\"; filename*=utf-8''jquery.min.js\r\ncontent-encoding: gzip\r\ncontent-md5: Vn7sdxfLUUQ0xlfZDoiv0g==\r\ncontent-transfer-encoding: binary\r\netag: \"FowjWVdYashov_egtIJ88WPPgtne.gz\"\r\nlast-modified: Sun, 10 May 2026 10:12:12 GMT\r\nvary: Accept-Encoding\r\nx-log: X-Log\r\nx-m-log: QNM:wldsg121;QNM3\r\nx-m-reqid: FbJ2j4tRL\r\nx-qiniu-zone: na0\r\nx-qnm-cache: Hit\r\nx-reqid: 4IwAAAD1Ufcz7rMY\r\nx-svr: IO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":88151,"size_decoded":31584,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65450), with CRLF line terminators","md5":"567eec7717cb514434c657d90e88afd2","sha1":"8c235957586ac868bff7a0b4827cf163cf82d9de","sha256":"3e2a2e48864b44198261695e5e93ffa4cb2395f6836db0e920974718d11f24d4","sha512":"6bf77a643c6f8296b2756cbc20a4d2c9cf9aa3b703eb210f30449f1dd87c62d38eec42be30aed820e3eaa694de854ac7f9b7dff6b8d606035d82a15910d46e27","ssdeep":"1536:jTExXUZinxD7oPEZxkMV4SYKFMbRHZ6H5HOHCWrcElzuu7BuCKKBEqBsojZlOPmw:jgZm0H5HO5+vCKWZyPmHQ47GKc","tlshash":"9d8319dd72c6706257b761ba00bf540bf236599e6c4d4410f124e8eabc78a4a823bf7d","first_seen":"2023-03-07T22:11:41Z","last_seen":"2026-06-22T01:58:51.758946Z","times_seen":6657,"resource_available":true,"data":null}},"time_used":1952,"timings":{"blocked":-1,"dns":731,"connect":286,"send":0,"wait":361,"receive":0,"ssl":574},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"global.urldance.com/js/js/layer.min.js","fqdn":"global.urldance.com","domain":"urldance.com","tld":"com"},"ip":{"addr":"154.41.93.241","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://2026-06-11.sqllq.com/en/?yhg65omnk1.cyou","date":"2026-06-10T17:40:06.411Z","timestamp":1781113206411,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.urldance.com","organization":""},"issuer":{"commonName":"TLC DV TLS CA","organization":"泰尔认证中心有限公司"},"validity":{"start":"Sun, 07 Dec 2025 23:08:14 GMT","end":"Mon, 07 Dec 2026 23:08:13 GMT"},"fingerprint":{"sha1":"6A:BE:28:89:9A:3C:58:F1:47:60:A2:13:4E:14:9F:B3:39:E8:E2:F5","sha256":"07:C5:5B:CC:BF:E1:FD:1A:7F:0B:6F:87:8D:14:85:81:4D:E0:3C:9E:BB:B5:65:55:82:5F:97:3C:A8:E9:B7:3C"}}},"request":{"raw":"GET /js/js/layer.min.js HTTP/1.1\r\nHost: global.urldance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://2026-06-11.sqllq.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: openresty\r\ndate: Wed, 10 Jun 2026 17:40:08 GMT\r\ncontent-type: text/javascript\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: X-Log, X-Reqid\r\naccess-control-max-age: 2592000\r\nage: 46943\r\ncache-control: public, max-age=31536000\r\ncontent-disposition: inline; filename=\"layer.min.js\"; filename*=utf-8''layer.min.js\r\ncontent-encoding: gzip\r\ncontent-md5: XTn8bB25To0hExOAWnDCSw==\r\ncontent-transfer-encoding: binary\r\netag: \"FgIf3GfArNEWVfpgXLJv_RsZqyQ6.gz\"\r\nlast-modified: Sun, 10 May 2026 10:20:47 GMT\r\nvary: Accept-Encoding\r\nx-log: X-Log\r\nx-m-log: QNM:wldsg121;QNM3\r\nx-m-reqid: pHAHOUFNS\r\nx-qiniu-zone: na0\r\nx-qnm-cache: Hit\r\nx-reqid: LaAAAAAE1aM6La4Y\r\nx-svr: IO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22256,"size_decoded":8443,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (22256), with no line terminators","md5":"5d39fc6c1db94e8d211313805a70c24b","sha1":"021fdc67c0acd11655fa605cb26ffd1b19ab243a","sha256":"be5b759996d0b5b388dc5922f99d18d5f3feb0ffb3b1a9d5b73b8c0a427ab8d4","sha512":"d221bfc9a753cff96d629f1f6f3cd9789aa9eee6f46b43bca3704550a942a9483b1bbd8e48cd8048b89a85e45f7a4e4f968eaf2785afece0636273db3aec0ed7","ssdeep":"384:sseNGhG5ql45QlESAJDVwJZY+WxeJwCj+jC6Tb2u:slkmqlHlESAJDVwJZYJxau","tlshash":"1aa2a56a215035a72223c199e14fbe0b31b21d25d7074128f16af4bd4ebcda9a277f4f","first_seen":"2023-03-07T12:58:08Z","last_seen":"2026-06-22T02:30:18.852005Z","times_seen":7028,"resource_available":true,"data":null}},"time_used":1830,"timings":{"blocked":-1,"dns":729,"connect":281,"send":0,"wait":255,"receive":0,"ssl":564},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sdk.51.la/js-sdk-pro.min.js","fqdn":"sdk.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://2026-06-11.sqllq.com/en/?yhg65omnk1.cyou","date":"2026-06-10T17:40:06.413Z","timestamp":1781113206413,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /js-sdk-pro.min.js HTTP/1.1\r\nHost: sdk.51.la\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://2026-06-11.sqllq.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-22T02:29:52.920518Z","times_seen":16623839,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"global.urldance.com/images/share.webp","fqdn":"global.urldance.com","domain":"urldance.com","tld":"com"},"ip":{"addr":"154.41.93.241","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://2026-06-11.sqllq.com/en/?yhg65omnk1.cyou","date":"2026-06-10T17:40:06.420Z","timestamp":1781113206420,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.urldance.com","organization":""},"issuer":{"commonName":"TLC DV TLS CA","organization":"泰尔认证中心有限公司"},"validity":{"start":"Sun, 07 Dec 2025 23:08:14 GMT","end":"Mon, 07 Dec 2026 23:08:13 GMT"},"fingerprint":{"sha1":"6A:BE:28:89:9A:3C:58:F1:47:60:A2:13:4E:14:9F:B3:39:E8:E2:F5","sha256":"07:C5:5B:CC:BF:E1:FD:1A:7F:0B:6F:87:8D:14:85:81:4D:E0:3C:9E:BB:B5:65:55:82:5F:97:3C:A8:E9:B7:3C"}}},"request":{"raw":"GET /images/share.webp HTTP/1.1\r\nHost: global.urldance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://2026-06-11.sqllq.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: openresty\r\ndate: Wed, 10 Jun 2026 17:40:07 GMT\r\ncontent-type: image/webp\r\ncontent-length: 672\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: X-Log, X-Reqid\r\naccess-control-max-age: 2592000\r\nage: 46945\r\ncache-control: public, max-age=31536000\r\ncontent-disposition: inline; filename=\"share.webp\"; filename*=utf-8''share.webp\r\ncontent-md5: G2j9BeXWLgOXnhjRpKp20A==\r\ncontent-transfer-encoding: binary\r\netag: \"FsVFaO7fnSjf_tXX40LCb2QCT00O\"\r\nlast-modified: Sun, 10 May 2026 10:12:47 GMT\r\nx-log: X-Log\r\nx-m-log: QNM:wldsg119;QNM3\r\nx-m-reqid: NfJpfXaho\r\nx-qiniu-zone: na0\r\nx-qnm-cache: Hit\r\nx-reqid: xT4AAAC80gWFLa4Y\r\nx-svr: IO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":672,"size_decoded":1375,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"1b68fd05e5d62e03979e18d1a4aa76d0","sha1":"c54568eedf9d28dffed5d7e342c26f64024f4d0e","sha256":"c8eb0cdd7d11b09ede592f0ca08645098a5448e56dce1d17fc3a8b8edc9c90fa","sha512":"62f767185c47199f7e65f2559220ea76e1fddb7c7542433a803f07d4ffd2414467ee8b5e5dc78ab8282a7cf71e4330f967b4270de1439d8415524cfda5cb53e9","ssdeep":"","tlshash":"24018881356ddd4ae2095d7ce379c343b4028f40113a6d5b6ca5e4d3100d5365ad6dc2","first_seen":"2024-12-14T01:59:30.574289Z","last_seen":"2026-06-22T02:30:18.85367Z","times_seen":6631,"resource_available":false,"data":null}},"time_used":1726,"timings":{"blocked":1437,"dns":0,"connect":0,"send":0,"wait":289,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}