{"report_id":"c4cbcad1-3b5b-4396-b26f-55652f1c3cdc","version":6,"status":"done","tags":[],"date":"2026-01-10T02:31:56Z","url":{"schema":"http","addr":"www.5qbb.com/","fqdn":"www.5qbb.com","domain":"5qbb.com","tld":"com"},"ip":{"addr":"154.23.217.7","port":0,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"www.5qbb.com/","fqdn":"www.5qbb.com","domain":"5qbb.com","tld":"com"},"title":"麦菜影院_年轻人都在用的免费影视剧网站","dom":{"size":30676,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (28278), with no line terminators","md5":"64a2b87700b7b17eb948cfc74a1d3d31","sha1":"f184935ba3811bbdf6e0e58a7a36ce3fcd076975","sha256":"2e6c64687397670cb10a394212f328823755f5f8fe7dc3a9434f96ed98d06b68","sha512":"7f0f8d7478e56228862936ce79b39e48901c27335138fe8881ba40d327f6d7cfc9df968a0209f9b1175190ef3059cbac391317d7fc52f74fc8dca6ac2dde3fa8","ssdeep":"768:Ce6HdyDq/hcWzQH6NEOncGQvi9oyWrAFL8L9RJbgqTNv9vwvdWvGvbvmDNqo63Ev:JmqX1tfCd6","tlshash":"70d284aa84e16e3b7d7b5adb92d8576ef5c7538fc6438e41b5fc31989748e10302210e","dom_hash":"domhashf395a50e3a926592d97df9d49a34624e","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"www.5qbb.com/","fqdn":"www.5qbb.com","domain":"5qbb.com","tld":"com"},"ip":{"addr":"154.23.217.7","port":0,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-14T02:31:56Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"djs.imgdianyingoss.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"viptulz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null},"summary":[{"fqdn":"hm.baidu.com","ip":{"addr":"111.45.11.83","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"domain_registered":"1999-10-11","domain_rank":54491,"first_seen":"2012-05-26T08:38:45Z","last_seen":"2026-01-05T01:27:37.424479Z","alert_count":0,"request_count":2,"received_data":30877,"sent_data":1230,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"pic3.yzzyimg.online","ip":{"addr":"216.180.235.237","port":443,"asn":47191,"as":"blue tech technology Co., Limited","country":"British Virgin Islands","country_code":"VG"},"domain_registered":"2024-10-01","domain_rank":3728146,"first_seen":"2025-02-20T05:38:57.249419Z","last_seen":"2026-01-07T07:27:32.94051Z","alert_count":0,"request_count":1,"received_data":33392,"sent_data":470,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"djs.imgdianyingoss.com","ip":{"addr":"111.48.108.162","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"domain_registered":"2023-06-20","domain_rank":0,"first_seen":"2025-03-04T00:29:26.247634Z","last_seen":"2025-12-21T15:15:36.285571Z","alert_count":5,"request_count":5,"received_data":16055,"sent_data":2246,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}]},{"fqdn":"viptulz.com","ip":{"addr":"37.77.87.138","port":443,"asn":0,"as":"","country":"British Virgin Islands","country_code":"VG"},"domain_registered":"2024-05-18","domain_rank":352050,"first_seen":"2025-03-04T04:41:37.760304Z","last_seen":"2026-01-09T06:55:07.165732Z","alert_count":7,"request_count":7,"received_data":179375,"sent_data":3332,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"yqk.j3kjn242sq.com","ip":{"addr":"104.26.11.83","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-10-04","domain_rank":0,"first_seen":"2025-08-26T12:44:35.403117Z","last_seen":"2025-12-28T15:01:54.867495Z","alert_count":0,"request_count":2,"received_data":370770,"sent_data":968,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"img.ukuapi88.com","ip":{"addr":"104.21.61.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-12-31","domain_rank":7068366,"first_seen":"2025-01-08T07:23:03.175906Z","last_seen":"2025-12-10T16:28:36.832232Z","alert_count":0,"request_count":1,"received_data":58424,"sent_data":481,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"lf1-cdn-tos.bytegoofy.com","ip":{"addr":"163.181.243.177","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"domain_registered":"2021-01-11","domain_rank":402951,"first_seen":"2021-08-07T17:49:18Z","last_seen":"2026-01-09T07:48:02.245316Z","alert_count":0,"request_count":1,"received_data":1925,"sent_data":558,"comment":"","tags":null,"fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}]},{"fqdn":"www.5qbb.com","ip":{"addr":"154.23.217.18","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"domain_registered":"2025-03-14","domain_rank":0,"first_seen":"2025-12-20T17:55:05.916412Z","last_seen":"2025-12-20T17:55:05.916412Z","alert_count":0,"request_count":11,"received_data":197587,"sent_data":4993,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"image.baidu.com","ip":{"addr":"103.235.47.211","port":443,"asn":55967,"as":"Beijing Baidu Netcom Science and Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"domain_registered":"1999-10-11","domain_rank":105000,"first_seen":"2012-05-22T11:43:47Z","last_seen":"2026-01-02T08:50:50.728806Z","alert_count":0,"request_count":2,"received_data":34714,"sent_data":1023,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"zhanzhang.toutiao.com","ip":{"addr":"163.181.50.192","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Italy","country_code":"IT"},"domain_registered":"2004-02-16","domain_rank":620575,"first_seen":"2020-11-05T15:52:52Z","last_seen":"2026-01-09T07:48:02.078566Z","alert_count":0,"request_count":1,"received_data":1013,"sent_data":602,"comment":"","tags":null,"fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.5qbb.com/static/js/jquery.js","fqdn":"www.5qbb.com","domain":"5qbb.com","tld":"com"},"ip":{"addr":"154.23.217.18","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"397754ba49e9e0cf4e7c190da78dda05","sha1":"ae49e56999d82802727455f0ba83b63acd90a22b","sha256":"c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4","sha512":"8c64754f77507ab2c24a6fc818419b9dd3f0ceccc9065290e41afdbee0743f0da2cb13b2fbb00afa525c082f1e697cb3ffd76ef9b902cb81d7c41ca1c641dffb","ssdeep":"1536:dnu00HWWaRxkqJg09pYxoxDKMXJrg8hXXO4dK3kyfiLJBhdSZE+I+Qg7rbaN1RUx:ddkWgoBhcZRQgmW42qe","tlshash":"8c932bdd72d2b03257ab30bd106f540ff2361959280d8850f268d8f9bc79a49a277f6d","size":92629,"data":"","first_seen":"2023-03-07T01:02:08Z","last_seen":"2026-04-05T00:39:18.989778Z","times_seen":60661,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.5qbb.com/static/js/home.js","fqdn":"www.5qbb.com","domain":"5qbb.com","tld":"com"},"ip":{"addr":"154.23.217.18","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"97e311d35a4aa0ba09575a8dc989660b","sha1":"8166b5f8ba52aa57ab23321a8ddc8d0118f1e590","sha256":"1a52c16e5a7fc905630d52185ca457108cb0a65a4567cf6157709c1c5eceb311","sha512":"d3f4e4ef8af316fd4207a6db03e856917d5124263104ba9ebf0db1be151ce65172d26b6338d24553df9fe65b828e2a452a39bde7d1144a875c20bd5e28da9db8","ssdeep":"768:hR0cTTu8eMbZLbhpa6a/b7z9SsbhbeA5gr9GiSo5E7Iw4TQv5:hRZXde96oRiG5","tlshash":"ae03a45d7af3142050b3317a4fbf69082276815f190ddd88fe2d11a48fc4a4eba66bbd","size":38309,"data":"","first_seen":"2023-03-07T01:18:35Z","last_seen":"2026-04-04T19:09:59.794344Z","times_seen":5615,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.5qbb.com/","fqdn":"www.5qbb.com","domain":"5qbb.com","tld":"com"},"ip":{"addr":"154.23.217.18","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"88afab9f24b7cbba64ba82b734de2345","sha1":"d4872726ecb2b844acd3cfeb5a7cdc5135ca132d","sha256":"20ad6f60941cc8a13979301a6ad33a25c8a41196df8be2eaad2d4f4d7a72ab1c","sha512":"efe0723cac9f1ae2ff1f52efb92340d41eece0d3de57d12caa7fa99a0383455e46b2ac1b693669dd01961b8b757261821b1fd8ea85d0a1e08f84f4389dc6dc5f","ssdeep":"768:peDaLRD4JQWpPdHANEHckQM3oryWrAFL8L9RJbgqTNv9vwvdWvGvbvmDNqo63EbE:nBBZltqd","tlshash":"5cb244aa81d53e3bbd7b5adb52d817afb5c3929fc6434d12b8fc31989748e50302210e","size":25215,"data":"","first_seen":"2026-01-10T02:32:09.792871Z","last_seen":"2026-01-10T02:32:09.792871Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.5qbb.com/","fqdn":"www.5qbb.com","domain":"5qbb.com","tld":"com"},"ip":{"addr":"154.23.217.18","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"4cdb6b91393da4abd0b0eedff0a766ec","sha1":"0d0c6b15551f06f0f04ab5b5e505a8474dd29cec","sha256":"dfd9f4cf2a2b6fd8a7c752ae0df81649f9b278aa3cf6e3f46459ffeec6544c1a","sha512":"7239fd43788d87884b369da9262b7e2a72c512cf8fb752ef4838115928fa39a1eea1d9c7262358bba044ee87d18664c16f27ea2566d5d8be780cd25937d5cfec","ssdeep":"","tlshash":"9db012421412fa7fbd7406e0c262cb50402aa8ad5a860010c07e074250cd5253305f8f","size":96,"data":"","first_seen":"2023-03-07T15:45:17Z","last_seen":"2026-04-04T12:15:56.121894Z","times_seen":507,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.5qbb.com/","fqdn":"www.5qbb.com","domain":"5qbb.com","tld":"com"},"ip":{"addr":"154.23.217.18","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"7f71b62656eff133008a6fd2f9bcd879","sha1":"4ad3b6b9e1b11c8c9062296881bae72607cfc3d7","sha256":"56790e5f0e0b7ccb70d79a3d545bfb77f45170eae2f362153270429767c520f9","sha512":"ef68f393497fa229d0de666b835ce0a1268a87ff98ea086d0e036f5cf2d9005e3c345c68acc95665c26419a0974a242981c879b0d8b9fccd350ac03243cf4dec","ssdeep":"","tlshash":"81e0c02e58200a313b270925abfed70c7a60171865418001818adc997c14fa38d07a8d","size":354,"data":"","first_seen":"2025-12-20T17:55:19.73034Z","last_seen":"2026-01-10T02:32:09.79642Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.5qbb.com/","fqdn":"www.5qbb.com","domain":"5qbb.com","tld":"com"},"ip":{"addr":"154.23.217.18","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-04-05T00:43:06.429351Z","times_seen":102503,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?0f117a39c43579a2d89ad8bd763e87e4","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"111.45.11.83","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"eb72008d5830e8311b7d9f2bcb744ac2","sha1":"75f63c6da96fa07939dd3eab3917c478da2449c5","sha256":"7943b55de25f8c1bb394fc0c7db892932b09efef763b8fe40b621a319c331ea3","sha512":"b92ef2be1ba93795f533e218339abf7c33e86011189fb2533f8764e2b41bb89651a670727d12980f809191e12b4905db6b849e818baeb249cac7d22b53d50f36","ssdeep":"384:VIGJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:VIG4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"8dd2daa9b282713293a324a5153f324ef07b5a54bd4968a4f11894c07d38fbb027bfdd","size":29895,"data":"","first_seen":"2026-01-10T02:32:09.787742Z","last_seen":"2026-01-10T02:32:09.787742Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.5qbb.com/","fqdn":"www.5qbb.com","domain":"5qbb.com","tld":"com"},"ip":{"addr":"154.23.217.18","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"cfb1587cdd5d408c0e83696593434d96","sha1":"736733d078536f488373f8ccb4cbfff275149359","sha256":"216db096a3b7d23f33d57c8462e101aa43f5860b7eebf343eca057d284da2f58","sha512":"4b5fbbb6ce1da621c32a48004cbb4ec73e20b2a5cff428f27ec55cc5913a8f897c25d21279e26ef75150f863cb2a1db0b270da7e00e8bcffb896ec39c7163e95","ssdeep":"","tlshash":"49e0abdb6785c84e1ad36ebcb32ab80e51d51d362c9a4cad0d94602728d1b3300d25ef","size":427,"data":"","first_seen":"2026-01-10T02:32:09.799512Z","last_seen":"2026-01-10T02:32:09.799512Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.5qbb.com/template/dc06/js/jquery.lazyload.min.js","fqdn":"www.5qbb.com","domain":"5qbb.com","tld":"com"},"ip":{"addr":"154.23.217.18","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"56c21d51c2f55dc15241aaffe817b8aa","sha1":"255485bd894624ecf135c103d8bad6cafbbd2e27","sha256":"ce6e102b9c56e05fe4c68f461d30977c08dc27ef77aff2ebf85e73ef83cf6c6d","sha512":"5c2ad0ee2cc134c6ee888289902bf2eb5160aee32c32112990fa29bd18464017b309fc1ce7a8292d35e7c8e255b34cbe95555ff7a6031a164a6badec4e06c838","ssdeep":"","tlshash":"0d61878dbf527839f0167aae831f3106653ed46f81814c54b0c9ece4ecec7951236d9a","size":3391,"data":"","first_seen":"2025-12-20T17:55:19.718954Z","last_seen":"2026-01-10T02:32:09.751592Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.5qbb.com/js/e0101.js","fqdn":"www.5qbb.com","domain":"5qbb.com","tld":"com"},"ip":{"addr":"154.23.217.18","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"23d5e98b6f07446af885c5777530b9d3","sha1":"654b8c252c7903d9e6a0b77fa7999b787458aa2e","sha256":"84e8e90f0663bafe4873e1f86ee59ad75968d3a1736626fc6a83cb99baba2274","sha512":"c37e6e5fc41f92564a96289462a9b6ce84280bc8ab93b646881fa0694e638359de0fee7aa2d246feb5d447a95edb671d25dffe2deacb7e3dd8432a0c867fb2c6","ssdeep":"","tlshash":"d94100fbf5688c1763d914e9eb17f42cea2bb25c2fc18247c0db440466b6af68399d04","size":2129,"data":"","first_seen":"2026-01-10T02:32:09.781181Z","last_seen":"2026-01-10T02:32:09.781181Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lf1-cdn-tos.bytegoofy.com/goofy/ttzz/push.js?39b6287f993ee9170dbe8a5eaee7225e6008be35d3aa4b8fc28d959eee7f7b82c112ff4abe50733e0ff1e1071a0fdc024b166ea2a296840a50a5288f35e2ca42","fqdn":"lf1-cdn-tos.bytegoofy.com","domain":"bytegoofy.com","tld":"com"},"ip":{"addr":"163.181.243.177","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"2eabec1543d0f7cf67a9581a046c0a80","sha1":"1457010948371965598eb8be176bca4782855a20","sha256":"76fe1175f0b9100429f6e06ee61f795e83c496c5700d0d897fb92137ccd31c54","sha512":"093331d877b8be12f7518d5123b3bf209032141c79015a10b12250d5b729dc2c9744c85a585bbb65e5f3a9de8bdd6e24685b42fa386550c9610b89d06bebe901","ssdeep":"","tlshash":"e9e0c0a23186e51f80e4b17e5c05f02cc2734b4f0931518c869e7084e239b714233af8","size":357,"data":"","first_seen":"2023-03-07T12:03:34Z","last_seen":"2026-04-05T01:00:51.512388Z","times_seen":1040,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.5qbb.com/","fqdn":"www.5qbb.com","domain":"5qbb.com","tld":"com"},"ip":{"addr":"154.23.217.18","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-04-05T00:43:06.429351Z","times_seen":102503,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"djs.imgdianyingoss.com/js/ds/ds.css","fqdn":"djs.imgdianyingoss.com","domain":"imgdianyingoss.com","tld":"com"},"ip":{"addr":"111.48.108.162","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.5qbb.com/","date":"2026-01-10T02:31:34.371Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"djs.imgdianyingoss.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Mon, 24 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:22:CA:E9:CA:74:E9:9E:8E:E2:0A:E6:FE:CA:7B:77:A3:13:E2:F3","sha256":"44:A7:72:41:34:8D:AC:90:86:46:35:CA:00:A7:5F:D7:4F:8F:B8:65:E5:5D:B7:D5:62:3A:C7:51:CA:F3:E2:86"}}},"request":{"raw":"GET /js/ds/ds.css HTTP/1.1\r\nHost: djs.imgdianyingoss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.5qbb.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Byte-nginx\r\nContent-Type: text/css\r\nContent-Length: 1849\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAge: 12668989\r\nContent-Encoding: gzip\r\nContent-Md5: 0XA0ecIsXbZcjGvGwO9eAg==\r\nEtag: \"D1703479C22C5DB65C8C6BC6C0EF5E02\"\r\nLast-Modified: Sun, 03 Mar 2024 11:53:44 GMT\r\nVary: Accept-Encoding, Origin\r\nX-Bdcdn-Cache-Status: TCP_HIT\r\nX-Oss-Hash-Crc64ecma: 17773275305449213021\r\nX-Oss-Object-Type: Normal\r\nX-Oss-Request-Id: 68A069CD25017F3735602BBF\r\nX-Oss-Server-Time: 40\r\nX-Oss-Storage-Class: Standard\r\nX-Request-Id: 0d341dc1a9925ccd397189be2305f076\r\nX-Request-Ip: 91.90.42.154\r\nX-Response-Cache: edge_hit\r\nX-Response-Cinfo: 91.90.42.154\r\nX-Tt-Trace-Tag: id=5\r\nDate: Sat, 10 Jan 2026 02:31:38 GMT\r\nvia: cache01.whcm02\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":8826,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (368)","md5":"d1703479c22c5db65c8c6bc6c0ef5e02","sha1":"3d1d99cad07d46cdc783e896b75f443f54249a58","sha256":"7acb23b5dbaacbb5ac02b8f56c50f498e19305514c95a935cfb46b8ed35f5b8f","sha512":"f657b2875c016e2ff378cfa13c85c9420d31b4a279e20217451f9f51dd0461fae51c9b90d6c8cce27aaf2098b11c306d14cf0b6ff11a1f55ba6ee724c8a792f5","ssdeep":"192:hUdoFhnFol6Y2KzqF3/nLQ8OrKU6uhNHhNNEITlv:ooFhnFrY1qFvU68Tlv","tlshash":"b302e0eb9ae30409b81a62e95f7b6755232a008be98fcd187fd9724c8f445e55433f88","first_seen":"2025-05-09T20:44:08.151971Z","last_seen":"2026-03-29T17:12:51.708074Z","times_seen":45,"resource_available":false,"data":null}},"time_used":7413,"timings":{"blocked":3552,"dns":2872,"connect":308,"send":0,"wait":305,"receive":1,"ssl":371},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"djs.imgdianyingoss.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.5qbb.com/template/dc06/js/jquery.lazyload.min.js","fqdn":"www.5qbb.com","domain":"5qbb.com","tld":"com"},"ip":{"addr":"154.23.217.18","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.5qbb.com/","date":"2026-01-10T02:31:34.383Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.5qbb.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 19 Nov 2025 10:53:41 GMT","end":"Tue, 17 Feb 2026 10:53:40 GMT"},"fingerprint":{"sha1":"90:99:D2:A8:70:03:D1:25:79:89:A8:48:4B:B9:46:5A:76:7E:21:EE","sha256":"01:E6:6D:9E:21:A4:F8:1F:A7:1E:B4:8A:8C:1F:7A:D3:3A:01:68:61:C7:20:85:CB:6D:6B:E4:AC:FB:0B:43:3C"}}},"request":{"raw":"GET /template/dc06/js/jquery.lazyload.min.js HTTP/1.1\r\nHost: www.5qbb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.5qbb.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 10 Jan 2026 02:34:44 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 01 Jan 2026 04:50:51 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6955fd2b-d3f\"\r\nexpires: Tue, 13 Jan 2026 02:34:44 GMT\r\ncache-control: max-age=259200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nserver: WAFCDN\r\nx-request-id: 5dac92794ae70ae940f848547bc8bd54\r\ncache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3391,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3309), with CRLF, LF line terminators","md5":"56c21d51c2f55dc15241aaffe817b8aa","sha1":"255485bd894624ecf135c103d8bad6cafbbd2e27","sha256":"ce6e102b9c56e05fe4c68f461d30977c08dc27ef77aff2ebf85e73ef83cf6c6d","sha512":"5c2ad0ee2cc134c6ee888289902bf2eb5160aee32c32112990fa29bd18464017b309fc1ce7a8292d35e7c8e255b34cbe95555ff7a6031a164a6badec4e06c838","ssdeep":"","tlshash":"0d61878dbf527839f0167aae831f3106653ed46f81814c54b0c9ece4ecec7951236d9a","first_seen":"2025-12-20T17:55:19.718954Z","last_seen":"2026-01-10T02:32:09.751592Z","times_seen":2,"resource_available":true,"data":null}},"time_used":621,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":621,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"djs.imgdianyingoss.com/js/ds/ds_app.png","fqdn":"djs.imgdianyingoss.com","domain":"imgdianyingoss.com","tld":"com"},"ip":{"addr":"111.48.138.116","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.5qbb.com/","date":"2026-01-10T02:31:38.767Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"djs.imgdianyingoss.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Mon, 24 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:22:CA:E9:CA:74:E9:9E:8E:E2:0A:E6:FE:CA:7B:77:A3:13:E2:F3","sha256":"44:A7:72:41:34:8D:AC:90:86:46:35:CA:00:A7:5F:D7:4F:8F:B8:65:E5:5D:B7:D5:62:3A:C7:51:CA:F3:E2:86"}}},"request":{"raw":"GET /js/ds/ds_app.png HTTP/1.1\r\nHost: djs.imgdianyingoss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://djs.imgdianyingoss.com/js/ds/ds.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Byte-nginx\r\nContent-Type: image/png\r\nContent-Length: 431\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAge: 4230107\r\nContent-Md5: yJilzdlTcs9LhBRiecuhPw==\r\nEtag: \"C898A5CDD95372CF4B84146279CBA13F\"\r\nLast-Modified: Fri, 28 Mar 2025 17:40:35 GMT\r\nVary: Origin\r\nX-Bdcdn-Cache-Status: TCP_HIT\r\nX-Oss-Hash-Crc64ecma: 4010752845717494850\r\nX-Oss-Object-Type: Normal\r\nX-Oss-Request-Id: 69212E30C142563539042B58\r\nX-Oss-Server-Time: 10\r\nX-Oss-Storage-Class: Standard\r\nX-Request-Id: 655e1b715b8cb9209da601bbe0df1aad\r\nX-Request-Ip: 91.90.42.154\r\nX-Response-Cache: edge_hit\r\nX-Response-Cinfo: 91.90.42.154\r\nX-Tt-Trace-Tag: id=5\r\nDate: Sat, 10 Jan 2026 02:31:38 GMT\r\nvia: cache03.whcm03\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":431,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 50 x 20, 8-bit colormap, non-interlaced","md5":"c898a5cdd95372cf4b84146279cba13f","sha1":"8a55fdb1a5dc4045e56baaf8d5d6e9a289ebe9be","sha256":"cffd5f6b0651aa4ea3f4d79926e08c51ba3029526bd3d5414cf9db81fe7fc88f","sha512":"7aac7a2782583952ca8b770d0a523b6c658b1360b34146690fa8be194999989d9825b8a058f303220362a6433f5abc989bf8c183c11feec53ad6edb930b5219c","ssdeep":"","tlshash":"92e023867600bc68e48c6774c26dd4448fc97d00a009042e6acd0473f03d95ce883252","first_seen":"2025-05-09T20:44:08.138069Z","last_seen":"2026-03-29T17:12:51.720548Z","times_seen":59,"resource_available":false,"data":null}},"time_used":309,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":309,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"djs.imgdianyingoss.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"viptulz.com/upload/vod/20251011-1/1de09f61c3ffaa978d50f3cfeb577502.jpg","fqdn":"viptulz.com","domain":"viptulz.com","tld":"com"},"ip":{"addr":"37.77.87.138","port":443,"asn":0,"as":"","country":"British Virgin Islands","country_code":"VG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.5qbb.com/","date":"2026-01-10T02:31:38.848Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img.lzzyimg.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Dec 2025 15:49:59 GMT","end":"Thu, 26 Mar 2026 15:49:58 GMT"},"fingerprint":{"sha1":"07:EC:5C:C5:85:26:0C:E5:C9:1D:90:CF:58:BE:0A:EC:79:3B:37:26","sha256":"82:2B:21:A7:F3:EF:50:F7:A9:90:CB:8A:58:80:A9:D4:10:EC:45:BB:8A:B9:83:2D:5D:62:89:64:96:40:FE:59"}}},"request":{"raw":"GET /upload/vod/20251011-1/1de09f61c3ffaa978d50f3cfeb577502.jpg HTTP/1.1\r\nHost: viptulz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.5qbb.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncontent-type: image/jpeg\r\ndate: Sat, 10 Jan 2026 01:50:48 GMT\r\netag: \"68ea28b5-6f0f\"\r\nexpires: Mon, 09 Feb 2026 01:50:48 GMT\r\nlast-modified: Sat, 10 Jan 2026 01:50:48 GMT\r\nserver: openresty\r\nx-cache: HIT, policy, disk\r\ncontent-length: 28431\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28431,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 270x337, components 3","md5":"c41fba6084ed2c523ff1829c1e658449","sha1":"8378b6f5bff30acaecd030bb0959d9ce5866a3f8","sha256":"5b3f598cf712f57c7e773be154f5d8feba6024bcd2aaf2029502418ddff2ff01","sha512":"0d284ad78b9b2c194e586e8a047b8e09830be154320587f2cd8993f613e54ae5f0d9b35a0f90b9fd54978c5499263096f11de02e1b0a7e878980557f1c401f5e","ssdeep":"768:pWe/lgqjZ4mZFomyQ7bsXgO74TCKOpDC1i+:pWa/LyCbsXzOCKONC1i+","tlshash":"0dd2e0b6190217081f158ee954bcce23d3d6ea3a35e1627a598367e14ba0eb8375f1e0","first_seen":"2026-01-08T09:57:58.811414Z","last_seen":"2026-01-18T08:52:32.679028Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1128,"timings":{"blocked":-1,"dns":1,"connect":203,"send":0,"wait":607,"receive":102,"ssl":214},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"viptulz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.5qbb.com/static/js/home.js","fqdn":"www.5qbb.com","domain":"5qbb.com","tld":"com"},"ip":{"addr":"154.23.217.18","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.5qbb.com/","date":"2026-01-10T02:31:34.378Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.5qbb.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 19 Nov 2025 10:53:41 GMT","end":"Tue, 17 Feb 2026 10:53:40 GMT"},"fingerprint":{"sha1":"90:99:D2:A8:70:03:D1:25:79:89:A8:48:4B:B9:46:5A:76:7E:21:EE","sha256":"01:E6:6D:9E:21:A4:F8:1F:A7:1E:B4:8A:8C:1F:7A:D3:3A:01:68:61:C7:20:85:CB:6D:6B:E4:AC:FB:0B:43:3C"}}},"request":{"raw":"GET /static/js/home.js HTTP/1.1\r\nHost: www.5qbb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.5qbb.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 10 Jan 2026 02:34:44 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 19 Sep 2024 19:53:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"66ec8125-95a5\"\r\nexpires: Tue, 13 Jan 2026 02:34:44 GMT\r\ncache-control: max-age=259200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nserver: WAFCDN\r\nx-request-id: 88770f27e69835b61b54bacb5d154223\r\ncache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":38309,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2677)","md5":"97e311d35a4aa0ba09575a8dc989660b","sha1":"8166b5f8ba52aa57ab23321a8ddc8d0118f1e590","sha256":"1a52c16e5a7fc905630d52185ca457108cb0a65a4567cf6157709c1c5eceb311","sha512":"d3f4e4ef8af316fd4207a6db03e856917d5124263104ba9ebf0db1be151ce65172d26b6338d24553df9fe65b828e2a452a39bde7d1144a875c20bd5e28da9db8","ssdeep":"768:hR0cTTu8eMbZLbhpa6a/b7z9SsbhbeA5gr9GiSo5E7Iw4TQv5:hRZXde96oRiG5","tlshash":"ae03a45d7af3142050b3317a4fbf69082276815f190ddd88fe2d11a48fc4a4eba66bbd","first_seen":"2023-03-07T01:18:35Z","last_seen":"2026-04-04T19:09:59.794344Z","times_seen":5615,"resource_available":true,"data":null}},"time_used":625,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":625,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.5qbb.com/template/dc06/img/icon_seacrh.png","fqdn":"www.5qbb.com","domain":"5qbb.com","tld":"com"},"ip":{"addr":"154.23.217.18","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.5qbb.com/","date":"2026-01-10T02:31:38.762Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.5qbb.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 19 Nov 2025 10:53:41 GMT","end":"Tue, 17 Feb 2026 10:53:40 GMT"},"fingerprint":{"sha1":"90:99:D2:A8:70:03:D1:25:79:89:A8:48:4B:B9:46:5A:76:7E:21:EE","sha256":"01:E6:6D:9E:21:A4:F8:1F:A7:1E:B4:8A:8C:1F:7A:D3:3A:01:68:61:C7:20:85:CB:6D:6B:E4:AC:FB:0B:43:3C"}}},"request":{"raw":"GET /template/dc06/img/icon_seacrh.png HTTP/1.1\r\nHost: www.5qbb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.5qbb.com/template/dc06/css/stui_default.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 10 Jan 2026 02:34:49 GMT\r\ncontent-type: image/png\r\ncontent-length: 348\r\nlast-modified: Thu, 01 Jan 2026 04:50:51 GMT\r\netag: \"6955fd2b-15c\"\r\nexpires: Tue, 13 Jan 2026 02:34:49 GMT\r\ncache-control: max-age=259200\r\nstrict-transport-security: max-age=31536000\r\nserver: WAFCDN\r\nx-request-id: aab0ed9c4be23dc9fb293b5f104174b0\r\ncache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":348,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"f77344071bd77c499961fe76810f9270","sha1":"90ee6dc9968c857f546c60943c68dbc1dba1b8cc","sha256":"c35811436039fbd6efc50c0bb111831d8bf6d9afbe92a46a038cd9efb34738af","sha512":"419706e2817c1d4357cd9cb27cce9d5fd01da92743f0837114c2c5cfdb45ab9e54dd3a9e14196800c678d7c09125ba31b8bc9c3ea2920e3a0e9af2b2acc5accc","ssdeep":"","tlshash":"26e0c0dfe781f63d8aea7921c74c08048c3b194e1b705d9c0d1e41b42e31519c9d6642","first_seen":"2023-05-12T08:10:23Z","last_seen":"2026-04-04T12:15:56.083929Z","times_seen":920,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":208,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.5qbb.com/template/dc06/img/favicon.ico","fqdn":"www.5qbb.com","domain":"5qbb.com","tld":"com"},"ip":{"addr":"154.23.217.18","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.5qbb.com/","date":"2026-01-10T02:31:37.399Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.5qbb.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 19 Nov 2025 10:53:41 GMT","end":"Tue, 17 Feb 2026 10:53:40 GMT"},"fingerprint":{"sha1":"90:99:D2:A8:70:03:D1:25:79:89:A8:48:4B:B9:46:5A:76:7E:21:EE","sha256":"01:E6:6D:9E:21:A4:F8:1F:A7:1E:B4:8A:8C:1F:7A:D3:3A:01:68:61:C7:20:85:CB:6D:6B:E4:AC:FB:0B:43:3C"}}},"request":{"raw":"GET /template/dc06/img/favicon.ico HTTP/1.1\r\nHost: www.5qbb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.5qbb.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 10 Jan 2026 02:34:47 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 4286\r\nlast-modified: Thu, 01 Jan 2026 04:50:51 GMT\r\netag: \"6955fd2b-10be\"\r\nstrict-transport-security: max-age=31536000\r\nserver: WAFCDN\r\nexpires: Tue, 13 Jan 2026 02:34:47 GMT\r\ncache-control: max-age=259200\r\nx-request-id: 4cc95df6a465e3e176b41225fdb352dc\r\ncache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4286,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel","md5":"81761b6555e37fe7016abc7989ac39de","sha1":"83639d8d3704d400aa7b725a115e427ceed118cb","sha256":"f21db1e0ca2099bcde9ba12e24d6d0e0dea7f73a8e9c612fccab8074c0ca950c","sha512":"919f77b41737340796ba4a9e896e3e9e5ea248bb30226ab26b7998498cd14ad2e7b3172224acaacb3f8c02ddfb44375ed29826c2aaa179419eb0d41a5d0a2c66","ssdeep":"24:suZE33eULmjviKUtg7uIFUjLj5K+3UfasEkjUVTyD4OfIwH9YLYUPJry3WK+bBlh:HE3ejIgq1j/5dfkQ0kC9QJ+F+SG","tlshash":"b991ceebd083ef87e3a02f7d7c1ae464181a18e08445df2855a79d4fb1e6d906e12db3","first_seen":"2023-05-14T10:54:36Z","last_seen":"2026-04-02T02:14:14.975192Z","times_seen":249,"resource_available":false,"data":null}},"time_used":210,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":209,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"viptulz.com/upload/vod/20251216-1/0b476c6cb009fb0df15d6594ffd6ed6e.jpg","fqdn":"viptulz.com","domain":"viptulz.com","tld":"com"},"ip":{"addr":"37.77.87.138","port":443,"asn":0,"as":"","country":"British Virgin Islands","country_code":"VG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.5qbb.com/","date":"2026-01-10T02:31:38.854Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img.lzzyimg.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Dec 2025 15:49:59 GMT","end":"Thu, 26 Mar 2026 15:49:58 GMT"},"fingerprint":{"sha1":"07:EC:5C:C5:85:26:0C:E5:C9:1D:90:CF:58:BE:0A:EC:79:3B:37:26","sha256":"82:2B:21:A7:F3:EF:50:F7:A9:90:CB:8A:58:80:A9:D4:10:EC:45:BB:8A:B9:83:2D:5D:62:89:64:96:40:FE:59"}}},"request":{"raw":"GET /upload/vod/20251216-1/0b476c6cb009fb0df15d6594ffd6ed6e.jpg HTTP/1.1\r\nHost: viptulz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.5qbb.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncontent-type: image/jpeg\r\ndate: Sat, 10 Jan 2026 01:46:55 GMT\r\netag: \"6940f0f2-3e04\"\r\nexpires: Mon, 09 Feb 2026 01:46:55 GMT\r\nlast-modified: Sat, 10 Jan 2026 01:46:55 GMT\r\nserver: openresty\r\nx-cache: HIT, policy, disk\r\ncontent-length: 15876\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":15876,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 270x386, components 3","md5":"3024a5bfc39af39d6a2f53013e18ed53","sha1":"96f47ed0805f1cbf099f3c3a77a1d650b8288a7c","sha256":"a966d73d8d230597c6e3899912f65b180461cdfb1fb573f67fd9ca9a40660777","sha512":"ba03b11aede68875ddbef48a3e6df09f34fabdb53dfcf6ea801ff79525d69bf5f8c47d6f3b3d1a723f3c1137532253368cb271931a19ff1c7822a42d383ffea8","ssdeep":"384:ejvaamuJE3w3V5SxYpUEENBdctq3yDs6nmOwCYPuM3q0:ejyamgEoVQeuEadcY3yfmRup0","tlshash":"6c62d0223fdc12fc879e6b2215cb2ec24021c7bda6881ede89439dbb5427db78d81149","first_seen":"2025-12-17T09:00:30.368685Z","last_seen":"2026-03-29T11:56:12.912126Z","times_seen":10,"resource_available":false,"data":null}},"time_used":1236,"timings":{"blocked":-1,"dns":1,"connect":202,"send":0,"wait":771,"receive":47,"ssl":214},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"viptulz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"viptulz.com/upload/vod/20260102-1/11851e530f735b779d1bd622943d0b2f.jpg","fqdn":"viptulz.com","domain":"viptulz.com","tld":"com"},"ip":{"addr":"37.77.87.138","port":443,"asn":0,"as":"","country":"British Virgin Islands","country_code":"VG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.5qbb.com/","date":"2026-01-10T02:31:38.819Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img.lzzyimg.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Dec 2025 15:49:59 GMT","end":"Thu, 26 Mar 2026 15:49:58 GMT"},"fingerprint":{"sha1":"07:EC:5C:C5:85:26:0C:E5:C9:1D:90:CF:58:BE:0A:EC:79:3B:37:26","sha256":"82:2B:21:A7:F3:EF:50:F7:A9:90:CB:8A:58:80:A9:D4:10:EC:45:BB:8A:B9:83:2D:5D:62:89:64:96:40:FE:59"}}},"request":{"raw":"GET /upload/vod/20260102-1/11851e530f735b779d1bd622943d0b2f.jpg HTTP/1.1\r\nHost: viptulz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.5qbb.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncontent-type: image/jpeg\r\ndate: Sat, 10 Jan 2026 02:28:16 GMT\r\netag: \"6957dd4a-4b6d\"\r\nexpires: Mon, 09 Feb 2026 02:28:16 GMT\r\nlast-modified: Sat, 10 Jan 2026 02:28:16 GMT\r\nserver: openresty\r\nx-cache: HIT, policy, disk\r\ncontent-length: 19309\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19309,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 270x385, components 3","md5":"6af1075644d5ccf2fb8ec7314ee677f9","sha1":"8f75485761536942c0450b16959efa1360bcec03","sha256":"163426b091adfae4e86a5074d9086b8bce697adcd1cb8d46668c91f6c391f384","sha512":"9990d79ec7757e86fffd958dd839b499a707a83352568480481f8d389b6794cdf4f82572bc9817debebeea1f978b72298dc1dab4db52c3f101da0bc78b5342e4","ssdeep":"384:5byIv1nMWL0WU2NtXn20bg7lKXLVApYmN8DIY0RlC/1qHAV5BFdx:5BnB0ghISLVAp3mcYiCNYAH3","tlshash":"6982d0306eafda0eb32b757f358e9186b1eb0886146151bc0454c796e428dfe4df8cd9","first_seen":"2026-01-06T02:31:12.505983Z","last_seen":"2026-02-20T12:17:10.237947Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1466,"timings":{"blocked":426,"dns":8,"connect":205,"send":0,"wait":205,"receive":409,"ssl":210},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"viptulz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"viptulz.com/upload/vod/20251205-1/3d8d6f59f3d01df49c8be708b3c14d66.jpg","fqdn":"viptulz.com","domain":"viptulz.com","tld":"com"},"ip":{"addr":"37.77.87.138","port":443,"asn":0,"as":"","country":"British Virgin Islands","country_code":"VG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.5qbb.com/","date":"2026-01-10T02:31:38.868Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img.lzzyimg.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Dec 2025 15:49:59 GMT","end":"Thu, 26 Mar 2026 15:49:58 GMT"},"fingerprint":{"sha1":"07:EC:5C:C5:85:26:0C:E5:C9:1D:90:CF:58:BE:0A:EC:79:3B:37:26","sha256":"82:2B:21:A7:F3:EF:50:F7:A9:90:CB:8A:58:80:A9:D4:10:EC:45:BB:8A:B9:83:2D:5D:62:89:64:96:40:FE:59"}}},"request":{"raw":"GET /upload/vod/20251205-1/3d8d6f59f3d01df49c8be708b3c14d66.jpg HTTP/1.1\r\nHost: viptulz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.5qbb.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncontent-type: image/jpeg\r\ndate: Sat, 10 Jan 2026 02:11:49 GMT\r\netag: \"6932d81f-6ed4\"\r\nexpires: Mon, 09 Feb 2026 02:11:49 GMT\r\nlast-modified: Sat, 10 Jan 2026 02:11:49 GMT\r\nserver: openresty\r\nx-cache: HIT, policy, disk\r\ncontent-length: 28372\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28372,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 270x405, components 3","md5":"f33a9d8cab72becc9637837f297065d6","sha1":"e42e4ca21034154259b17f63f238a2d2d0edf68c","sha256":"0f52995fd57c7e674a6f3ec07ba1dd1a08cc643ae5db7133e7fd9bd3ea02f378","sha512":"66e7a686714f8303789cbda4b974bace2e5b593905f751ee3d7d0c543fcb1a9603c5340e26c724c1708c44ea59d243eafdb3278f89a4ff32ad442d610a1636f0","ssdeep":"384:9cOOPRjEXm9+5wrHFXQSJD2mwvYsj4yhXL2CxlfgiHaApmyoy+Tm4ziY3J1BVumN:9cRpjr9+GrHFXhhpwvJNNgi6vXtxWSl","tlshash":"15d2e1c2817b42916f309f124e071fa9e37eca5475e2bf36b6033cd48446df8684276a","first_seen":"2026-01-05T13:31:48.241987Z","last_seen":"2026-01-10T02:32:09.765498Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1341,"timings":{"blocked":-1,"dns":1,"connect":206,"send":0,"wait":871,"receive":47,"ssl":215},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"viptulz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"image.baidu.com/search/down?url=https://img9.doubanio.com/view/photo/s_ratio_poster/public/p886003064.jpg","fqdn":"image.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"103.235.47.211","port":443,"asn":55967,"as":"Beijing Baidu Netcom Science and Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.5qbb.com/","date":"2026-01-10T02:31:38.896Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /search/down?url=https://img9.doubanio.com/view/photo/s_ratio_poster/public/p886003064.jpg HTTP/1.1\r\nHost: image.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.5qbb.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nBdqid: 9458a23169f7144a\r\nCache-Control: private, max-age=0\r\nConnection: keep-alive\r\nContent-Disposition: attachment; filename=\"bd3faa8870eb03d31a4df1f172072850.jpg\"\r\nContent-Length: 17618\r\nContent-Transfer-Encoding: binary\r\nContent-Type: image/jpeg\r\nDate: Sat, 10 Jan 2026 02:31:40 GMT\r\nExpires: 0\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17618,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 270x380, components 3","md5":"f5d1858fa4c7211c881dd99a7f4728a9","sha1":"cb0dec684518d954208f10ebc52b7867729e0c58","sha256":"548da34fac9008915060f7b4bfe9a72ee5151962dcb38727e97cccfcc6cfa4ba","sha512":"031054b76ad0e0ee3363590d66d0282c8ed52226eff00d3c33c8c54e26f7fd4fd369071bd26618d63d1ccfe9f425258b1d5c783e6d8aea1c9338512746de5eff","ssdeep":"384:0NSlUqik+fQ/+KdEcG6r45g91CuayU/1ZODOq2T+zMgaa+WR:0ELikroNy45g9j0KOq2Tjga7W","tlshash":"8882e03768a3ee229f3344edd36341f250cd69a61852bfb981b06d0e6540cbaca01f2d","first_seen":"2026-01-10T02:32:09.767171Z","last_seen":"2026-01-10T02:32:09.767171Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2242,"timings":{"blocked":86,"dns":1016,"connect":260,"send":0,"wait":345,"receive":1,"ssl":533},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.5qbb.com/template/dc06/img/logo_max.png","fqdn":"www.5qbb.com","domain":"5qbb.com","tld":"com"},"ip":{"addr":"154.23.217.18","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.5qbb.com/","date":"2026-01-10T02:31:38.759Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.5qbb.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 19 Nov 2025 10:53:41 GMT","end":"Tue, 17 Feb 2026 10:53:40 GMT"},"fingerprint":{"sha1":"90:99:D2:A8:70:03:D1:25:79:89:A8:48:4B:B9:46:5A:76:7E:21:EE","sha256":"01:E6:6D:9E:21:A4:F8:1F:A7:1E:B4:8A:8C:1F:7A:D3:3A:01:68:61:C7:20:85:CB:6D:6B:E4:AC:FB:0B:43:3C"}}},"request":{"raw":"GET /template/dc06/img/logo_max.png HTTP/1.1\r\nHost: www.5qbb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.5qbb.com/template/dc06/css/stui_default.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 10 Jan 2026 02:34:49 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 01 Jan 2026 04:50:51 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6955fd2b-1500\"\r\nexpires: Tue, 13 Jan 2026 02:34:49 GMT\r\ncache-control: max-age=259200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nserver: WAFCDN\r\nx-request-id: ebe393c9c8ff6f024984597962d2617b\r\ncache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5376,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 282x60, components 3","md5":"07c819a90f3eb2e719896c0e5bb31029","sha1":"d2cc9593f6f642ca4771ac54d9a9192a06397b9d","sha256":"9679a64dd84610dd05b808af0fc352a8e5c63ba19e55f4e89be1b69211cf3ece","sha512":"335e3d6a69a1b7cfc5564b30678af9d7e1fcf36019a135937b2317b2462a80f1abd194c3191ca4eb3fea0f3e0be5812273fb2567531701ec0bdc991c5a0cf79b","ssdeep":"96:IGWjXH9ULQSVZ1SXjyIpNj6bSfD1PHlafHJDz3CUa1ex5SDP:IFjt+VHSXjxNBJP8JDzic52","tlshash":"6ab17eb78046e81ef50c79b407e04b2fdac7bba597521ad2438f85b45e3200966aa312","first_seen":"2025-12-20T17:55:19.667675Z","last_seen":"2026-01-10T02:32:09.768749Z","times_seen":2,"resource_available":false,"data":null}},"time_used":210,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":210,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.5qbb.com/template/dc06/img/load.gif","fqdn":"www.5qbb.com","domain":"5qbb.com","tld":"com"},"ip":{"addr":"154.23.217.18","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.5qbb.com/","date":"2026-01-10T02:31:38.768Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.5qbb.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 19 Nov 2025 10:53:41 GMT","end":"Tue, 17 Feb 2026 10:53:40 GMT"},"fingerprint":{"sha1":"90:99:D2:A8:70:03:D1:25:79:89:A8:48:4B:B9:46:5A:76:7E:21:EE","sha256":"01:E6:6D:9E:21:A4:F8:1F:A7:1E:B4:8A:8C:1F:7A:D3:3A:01:68:61:C7:20:85:CB:6D:6B:E4:AC:FB:0B:43:3C"}}},"request":{"raw":"GET /template/dc06/img/load.gif HTTP/1.1\r\nHost: www.5qbb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.5qbb.com/template/dc06/css/stui_default.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 10 Jan 2026 02:34:49 GMT\r\ncontent-type: image/gif\r\nlast-modified: Thu, 01 Jan 2026 04:50:51 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6955fd2b-672\"\r\nexpires: Tue, 13 Jan 2026 02:34:49 GMT\r\ncache-control: max-age=259200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nserver: WAFCDN\r\nx-request-id: 0eca28a73990c072f311a76795cff9a7\r\ncache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1650,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 220 x 325","md5":"5e3b1ed638663d1daf9f27b9901acc6c","sha1":"8813564d84564aef11ac78964a3e78301494da32","sha256":"5b6029c6433e87e6fbf97cc24762c620184a66d11a6d5f5168bf9b8b181eb45e","sha512":"5c437f271805e559687873dc0ab329142a3491d0cc7acda99c09b7744ce8036e9aec88bd4a5a5e6ce2fdf6ac0050a4879e90d61eb18ed24eaa2284550fb79e76","ssdeep":"","tlshash":"343149330d5603f9f40b433d0e0918818ec8d18666e0e6bfcca6f96ab36973881e8830","first_seen":"2025-08-02T14:44:48.353511Z","last_seen":"2026-01-10T02:32:09.770181Z","times_seen":3,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zhanzhang.toutiao.com/s.gif?url=https%3A%2F%2Fwww.5qbb.com%2F\u0026token=39b6287f993ee9170dbe8a5eaee7225e6008be35d3aa4b8fc28d959eee7f7b82c112ff4abe50733e0ff1e1071a0fdc024b166ea2a296840a50a5288f35e2ca42","fqdn":"zhanzhang.toutiao.com","domain":"toutiao.com","tld":"com"},"ip":{"addr":"163.181.50.192","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Italy","country_code":"IT"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.5qbb.com/","date":"2026-01-10T02:31:39.840Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.toutiao.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 25 Mar 2025 00:00:00 GMT","end":"Wed, 25 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2F:46:08:D6:9C:C0:E0:14:9C:BB:88:6E:46:A2:29:A6:FA:B5:68:4B","sha256":"1D:5C:E2:75:0F:BF:C7:72:58:26:CA:66:F6:5E:13:AD:10:1C:BD:1E:06:6A:F5:5A:98:73:AA:5D:EF:C6:A6:59"}}},"request":{"raw":"GET /s.gif?url=https%3A%2F%2Fwww.5qbb.com%2F\u0026token=39b6287f993ee9170dbe8a5eaee7225e6008be35d3aa4b8fc28d959eee7f7b82c112ff4abe50733e0ff1e1071a0fdc024b166ea2a296840a50a5288f35e2ca42 HTTP/1.1\r\nHost: zhanzhang.toutiao.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.5qbb.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 0\r\ndate: Sat, 10 Jan 2026 02:31:41 GMT\r\nx-tt-logid: 20260110103141098DB343BB3C93DC838B\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-tt-trace-host: 012be64705e92d23785059d199aa782167caeff75f0d71ec1677193df6aca5b11294be5c7742de40c723a5f10583c143032d11f36e8844afc1f6d56de7daa25c78267f30122fc8499b86053bae542e328ac116c9db4683fc6dfd28f4addb49517f\r\nx-tt-trace-tag: id=03;cdn-cache=miss;type=dyn\r\nx-tt-trace-id: 00-260110103141098DB343BB3C93DC838B-71F0DD6EB307ADDD-00\r\nvia: ens-cache11.l2de3[390,389,200-0,M], ens-cache5.l2de3[391,0], ens-cache7.it5[400,400,200-0,M], ens-cache3.it5[402,0]\r\nali-swift-global-savetime: 1768012302\r\nx-cache: MISS TCP_MISS dirn:-2:-2\r\nx-swift-savetime: Sat, 10 Jan 2026 02:31:42 GMT\r\nx-swift-cachetime: 43200\r\nserver-timing: inner; dur=6, cdn-cache;desc=MISS,edge;dur=11,origin;dur=391\r\ntiming-allow-origin: *\r\neagleid: a3b5329717680123017245237e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T00:47:03.388486Z","times_seen":13352920,"resource_available":true,"data":null}},"time_used":4239,"timings":{"blocked":1904,"dns":1814,"connect":28,"send":0,"wait":431,"receive":0,"ssl":59},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yqk.j3kjn242sq.com/image/cover/2025/12/24/5bda4c666fd04ea6b8a1d63c031eaa48.png","fqdn":"yqk.j3kjn242sq.com","domain":"j3kjn242sq.com","tld":"com"},"ip":{"addr":"104.26.11.83","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.5qbb.com/","date":"2026-01-10T02:31:38.888Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j3kjn242sq.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 22 Nov 2025 05:14:39 GMT","end":"Fri, 20 Feb 2026 06:14:37 GMT"},"fingerprint":{"sha1":"38:02:1C:06:27:DF:9D:FA:67:E0:C4:06:39:92:7D:33:8D:F7:FC:2F","sha256":"EB:26:4B:EF:8C:5A:C6:B9:C1:94:0E:D0:3B:A0:9A:48:F9:4C:4A:49:13:AE:67:96:89:55:95:71:6B:E9:6C:D7"}}},"request":{"raw":"GET /image/cover/2025/12/24/5bda4c666fd04ea6b8a1d63c031eaa48.png HTTP/1.1\r\nHost: yqk.j3kjn242sq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.5qbb.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 10 Jan 2026 02:31:38 GMT\r\ncontent-type: image/png\r\ncontent-length: 158335\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccept-ranges: bytes\r\netag: \"75f2cc1fc7ee64f16ca2f511031a033a\"\r\nlast-modified: Wed, 24 Dec 2025 13:48:01 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, accept-encoding\r\nx-amz-id-2: 85352015a9220b763e91cf923166595dc2db97cfb6692688240b03fb000ba14c\r\nx-amz-replication-status: COMPLETED\r\nx-amz-request-id: 18842ADCF5749520\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-amz-version-id: 517ab985-d212-4582-8d55-6f3ff34f1073\r\ncache-control: max-age=604800\r\naccess-control-allow-origin: *\r\nage: 218463\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=o9p5nzojDHjrCodx7xmGwj3%2BXTlDDbY%2FaUnEXwLM4H%2BhtcbAN6tpm5z1gHNpe95SQJp8jfuogfSDOhqSCxTyKxpT5j%2Bd6RbhuEU4Vl8a%2Fq%2Bd\"}]}\r\ncf-ray: 9bb8c2643d0ec272-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":158335,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 270 x 382, 8-bit/color RGBA, non-interlaced","md5":"75f2cc1fc7ee64f16ca2f511031a033a","sha1":"b937b22f096ba6b86750b013eafa852e6d429b5c","sha256":"3ac0947db2433a39adde630b04c5475c8988fa31f33829d72ef562e2174e0e8f","sha512":"f8a3184ceb24dd84e245312b4c1a17dffb213ef6aef372acbca7ea77cb1c52dbfb63fd9c47a58ac54d054aa71652780c1532be93f08abe530fa1b9f51c3a5638","ssdeep":"3072:i9ddGmactwoTMUrG8LARRzsgcY+ocjF0AIGtP4TU8kj1D7qrNUDIkFjks2EAtZP0:iXdG9cqo+8kwLYvcqL0P98kj1XqrNUDX","tlshash":"aef312fcfbc109b3ff7e58b16876d64c2e153257379043a2c680afce9a667e04941295","first_seen":"2026-01-10T02:32:09.771479Z","last_seen":"2026-01-10T02:32:09.771479Z","times_seen":1,"resource_available":false,"data":null}},"time_used":53,"timings":{"blocked":5,"dns":1,"connect":1,"send":0,"wait":20,"receive":7,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.ukuapi88.com/upload/vod/20250505-1/b635b7cfc36d0e4ee54f195d832506ae.jpg","fqdn":"img.ukuapi88.com","domain":"ukuapi88.com","tld":"com"},"ip":{"addr":"104.21.61.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.5qbb.com/","date":"2026-01-10T02:31:38.893Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ukuapi88.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Dec 2025 13:29:52 GMT","end":"Sat, 21 Mar 2026 14:28:32 GMT"},"fingerprint":{"sha1":"91:93:C8:1A:CF:4A:D5:32:03:83:B2:A1:8C:07:9C:60:86:48:3A:F2","sha256":"5B:72:6A:0D:8F:65:B1:8C:4F:0D:4F:A1:54:B8:26:D4:D2:D8:F9:EC:C9:82:0C:D2:35:AE:AE:3A:B7:A9:72:5E"}}},"request":{"raw":"GET /upload/vod/20250505-1/b635b7cfc36d0e4ee54f195d832506ae.jpg HTTP/1.1\r\nHost: img.ukuapi88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.5qbb.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 10 Jan 2026 02:31:39 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 57668\r\nserver: cloudflare\r\nlast-modified: Mon, 05 May 2025 14:01:30 GMT\r\netag: \"6818c4ba-e144\"\r\nexpires: Mon, 09 Feb 2026 02:31:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iF6atXXtuJgD3ILnAbXHci368koYLZKlii92Ev06NoFPkua8znri02Ym1FwKS3Ke30hvC4%2BrxuhcDT4yK75%2FU7x%2BeAJizEOo93ratsd5uX0%3D\"}]}\r\ncf-ray: 9bb8c2648b728be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":57668,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 540x810, components 3","md5":"c6ca2389b457b6514c781c563d97f666","sha1":"30f08b901e846ea2d1d1203a34efec275dacb1c5","sha256":"f4cba68d3656fa2eab77563f55a3d2c072d8b1f0b70d9e2600cd6ec886734879","sha512":"c5d0c621cfd69f1d12fc8218f5a6acabf10505de85ddfda33aca6859531fb47cf6ea0c12f0ae8ba9595a9d2420bb082dec445f7ee46cf425950e05291b70d785","ssdeep":"1536:Xe0SORWqBCqXwMN55EYVhnnLVyJa15XgYtG2:u0SO4qB28DbLVB5Xgi","tlshash":"fd43f2785e8012be257df0dc9262add616f194e8a751b5dacb9184cf87fcfb0e813884","first_seen":"2026-01-10T02:32:09.772821Z","last_seen":"2026-01-10T02:32:09.772821Z","times_seen":1,"resource_available":false,"data":null}},"time_used":930,"timings":{"blocked":51,"dns":0,"connect":1,"send":0,"wait":520,"receive":341,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=385ED32A0846045B\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1918806064\u0026si=0f117a39c43579a2d89ad8bd763e87e4\u0026v=1.3.2\u0026lv=1\u0026sn=9071\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fwww.5qbb.com%2F\u0026tt=%E9%BA%A6%E8%8F%9C%E5%BD%B1%E9%99%A2_%E5%B9%B4%E8%BD%BB%E4%BA%BA%E9%83%BD%E5%9C%A8%E7%94%A8%E7%9A%84%E5%85%8D%E8%B4%B9%E5%BD%B1%E8%A7%86%E5%89%A7%E7%BD%91%E7%AB%99","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"111.45.11.83","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.5qbb.com/","date":"2026-01-10T02:31:41.261Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=385ED32A0846045B\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1918806064\u0026si=0f117a39c43579a2d89ad8bd763e87e4\u0026v=1.3.2\u0026lv=1\u0026sn=9071\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fwww.5qbb.com%2F\u0026tt=%E9%BA%A6%E8%8F%9C%E5%BD%B1%E9%99%A2_%E5%B9%B4%E8%BD%BB%E4%BA%BA%E9%83%BD%E5%9C%A8%E7%94%A8%E7%9A%84%E5%85%8D%E8%B4%B9%E5%BD%B1%E8%A7%86%E5%89%A7%E7%BD%91%E7%AB%99 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.5qbb.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Sat, 10 Jan 2026 02:31:42 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=F4850BF9057F1D0B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-05T00:43:06.407738Z","times_seen":327396,"resource_available":true,"data":null}},"time_used":895,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":895,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.5qbb.com/static/js/jquery.js","fqdn":"www.5qbb.com","domain":"5qbb.com","tld":"com"},"ip":{"addr":"154.23.217.18","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.5qbb.com/","date":"2026-01-10T02:31:34.374Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.5qbb.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 19 Nov 2025 10:53:41 GMT","end":"Tue, 17 Feb 2026 10:53:40 GMT"},"fingerprint":{"sha1":"90:99:D2:A8:70:03:D1:25:79:89:A8:48:4B:B9:46:5A:76:7E:21:EE","sha256":"01:E6:6D:9E:21:A4:F8:1F:A7:1E:B4:8A:8C:1F:7A:D3:3A:01:68:61:C7:20:85:CB:6D:6B:E4:AC:FB:0B:43:3C"}}},"request":{"raw":"GET /static/js/jquery.js HTTP/1.1\r\nHost: www.5qbb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.5qbb.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 10 Jan 2026 02:34:44 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 19 Sep 2024 19:53:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"66ec8125-169d5\"\r\nexpires: Tue, 13 Jan 2026 02:34:44 GMT\r\ncache-control: max-age=259200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nserver: WAFCDN\r\nx-request-id: 1fc0ca74932181f779e84ae6d0ac9654\r\ncache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":92629,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32089)","md5":"397754ba49e9e0cf4e7c190da78dda05","sha1":"ae49e56999d82802727455f0ba83b63acd90a22b","sha256":"c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4","sha512":"8c64754f77507ab2c24a6fc818419b9dd3f0ceccc9065290e41afdbee0743f0da2cb13b2fbb00afa525c082f1e697cb3ffd76ef9b902cb81d7c41ca1c641dffb","ssdeep":"1536:dnu00HWWaRxkqJg09pYxoxDKMXJrg8hXXO4dK3kyfiLJBhdSZE+I+Qg7rbaN1RUx:ddkWgoBhcZRQgmW42qe","tlshash":"8c932bdd72d2b03257ab30bd106f540ff2361959280d8850f268d8f9bc79a49a277f6d","first_seen":"2023-03-07T01:02:08Z","last_seen":"2026-04-05T00:39:18.989778Z","times_seen":60661,"resource_available":true,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.5qbb.com/template/dc06/img/bg_icon.jpg","fqdn":"www.5qbb.com","domain":"5qbb.com","tld":"com"},"ip":{"addr":"154.23.217.18","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.5qbb.com/","date":"2026-01-10T02:31:38.733Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.5qbb.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 19 Nov 2025 10:53:41 GMT","end":"Tue, 17 Feb 2026 10:53:40 GMT"},"fingerprint":{"sha1":"90:99:D2:A8:70:03:D1:25:79:89:A8:48:4B:B9:46:5A:76:7E:21:EE","sha256":"01:E6:6D:9E:21:A4:F8:1F:A7:1E:B4:8A:8C:1F:7A:D3:3A:01:68:61:C7:20:85:CB:6D:6B:E4:AC:FB:0B:43:3C"}}},"request":{"raw":"GET /template/dc06/img/bg_icon.jpg HTTP/1.1\r\nHost: www.5qbb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.5qbb.com/template/dc06/css/stui_default.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 10 Jan 2026 02:34:49 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Thu, 01 Jan 2026 04:50:51 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6955fd2b-f1b\"\r\nexpires: Tue, 13 Jan 2026 02:34:49 GMT\r\ncache-control: max-age=259200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nserver: WAFCDN\r\nx-request-id: 3c1bd24637cb3dd8b983ae2dd79c9726\r\ncache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3867,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x99, components 3","md5":"5d1906cd4299f3c5d4e53df5fefd231b","sha1":"26dd90175760d7049289eabd3914e580335197b6","sha256":"f654cc9daac86f2e7a514d9e3c28710cc58060cf43f37529c243b38cb9951adb","sha512":"aa5121624d23b0b93a306a94488565d6ba1ff1916db54b2f3fe72958972f54f7367599a62cb80eee84efd37ac5aa53cf20fe954583aa47da90e8269772dddf91","ssdeep":"","tlshash":"5f811a5df98a2da0d4d7d1b121f3e152df860488fae3ec226098cc77f5e81a19922dc5","first_seen":"2023-05-12T08:10:23Z","last_seen":"2026-04-02T02:14:14.97193Z","times_seen":266,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":208,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lf1-cdn-tos.bytegoofy.com/goofy/ttzz/push.js?39b6287f993ee9170dbe8a5eaee7225e6008be35d3aa4b8fc28d959eee7f7b82c112ff4abe50733e0ff1e1071a0fdc024b166ea2a296840a50a5288f35e2ca42","fqdn":"lf1-cdn-tos.bytegoofy.com","domain":"bytegoofy.com","tld":"com"},"ip":{"addr":"163.181.243.177","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.5qbb.com/","date":"2026-01-10T02:31:38.750Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bytegoofy.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 25 Mar 2025 00:00:00 GMT","end":"Tue, 24 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2E:A9:AB:65:51:3C:36:F6:C6:44:C1:9C:CF:4E:A8:A2:2F:77:F4:6B","sha256":"30:CF:6E:89:DC:6C:9C:6B:E3:5F:5D:80:98:A1:6B:BD:FB:81:DA:7F:B9:85:D3:16:B2:07:CC:DA:6E:AC:F8:0A"}}},"request":{"raw":"GET /goofy/ttzz/push.js?39b6287f993ee9170dbe8a5eaee7225e6008be35d3aa4b8fc28d959eee7f7b82c112ff4abe50733e0ff1e1071a0fdc024b166ea2a296840a50a5288f35e2ca42 HTTP/1.1\r\nHost: lf1-cdn-tos.bytegoofy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.5qbb.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: application/javascript\r\ncontent-length: 250\r\ndate: Wed, 26 Nov 2025 02:11:44 GMT\r\nvary: Accept-Encoding\r\naccess-control-allow-methods: OPTIONS, HEAD, GET\r\naccess-control-allow-origin: *\r\naccess-control-request-methods: OPTIONS, HEAD, GET\r\ncache-control: max-age=31536000\r\ncontent-md5: LqvsFUPQ989nqVgaBGwKgA==\r\netag: W/\"2eabec1543d0f7cf67a9581a046c0a80\"\r\nlast-modified: Tue, 01 Mar 2022 02:59:26 GMT\r\nx-server: goofy\r\nx-tos-request-id: f6b8282661e083b8692661e0-a954962\r\nx-tos-response-time: Wed, 26 Nov 2025 02:11:44 GMT\r\nx-tos-storage-class: STANDARD\r\nserver-timing: cdn-cache;desc=HIT,edge;dur=2\r\nx-tt-trace-host: 01903326f3e6511906bf206f21dd93c542762f97af309977860bf9949ee59b997e3579efa507d110cd82bdc5461d2aacb23dd411ae08c26ccb9133ec7da88181e3803174ebd7ab56ab91d83de25d0720bb9fde5e438c45c66518903773654671801e80a317ede275d68681b9ddafd1fafc5d3242a516581ca3c67e054ad870076c\r\nx-tt-trace-tag: id=03;cdn-cache=hit;type=static\r\nx-tt-trace-id: 00-bdee55bf0d61e62e98c227be58d3000d-bdee55bf0d61e62e-01\r\nx-tt-logid: 2025112610114404E3764B223E6D6EA352\r\ncontent-encoding: br\r\nvia: ens-cache39.l2de4[279,279,200-0,M], ens-cache36.l2de4[281,0], ens-cache11.gb9[0,0,200-0,H], ens-cache24.gb9[2,0]\r\nage: 3889195\r\nali-swift-global-savetime: 1764123104\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Wed, 26 Nov 2025 02:11:44 GMT\r\nx-swift-cachetime: 31536000\r\nx-response-cache: edge_hit\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: a3b5f3ac17680122997668955e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":357,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (357), with no line terminators","md5":"2eabec1543d0f7cf67a9581a046c0a80","sha1":"1457010948371965598eb8be176bca4782855a20","sha256":"76fe1175f0b9100429f6e06ee61f795e83c496c5700d0d897fb92137ccd31c54","sha512":"093331d877b8be12f7518d5123b3bf209032141c79015a10b12250d5b729dc2c9744c85a585bbb65e5f3a9de8bdd6e24685b42fa386550c9610b89d06bebe901","ssdeep":"","tlshash":"e9e0c0a23186e51f80e4b17e5c05f02cc2734b4f0931518c869e7084e239b714233af8","first_seen":"2023-03-07T12:03:34Z","last_seen":"2026-04-05T01:00:51.512388Z","times_seen":1040,"resource_available":true,"data":null}},"time_used":2074,"timings":{"blocked":1024,"dns":869,"connect":23,"send":0,"wait":26,"receive":0,"ssl":129},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"djs.imgdianyingoss.com/js/ds/juzi_logo.png","fqdn":"djs.imgdianyingoss.com","domain":"imgdianyingoss.com","tld":"com"},"ip":{"addr":"111.48.108.162","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.5qbb.com/","date":"2026-01-10T02:31:38.764Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"djs.imgdianyingoss.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Mon, 24 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:22:CA:E9:CA:74:E9:9E:8E:E2:0A:E6:FE:CA:7B:77:A3:13:E2:F3","sha256":"44:A7:72:41:34:8D:AC:90:86:46:35:CA:00:A7:5F:D7:4F:8F:B8:65:E5:5D:B7:D5:62:3A:C7:51:CA:F3:E2:86"}}},"request":{"raw":"GET /js/ds/juzi_logo.png HTTP/1.1\r\nHost: djs.imgdianyingoss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.5qbb.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Byte-nginx\r\nContent-Type: image/png\r\nContent-Length: 2224\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAge: 12005037\r\nContent-Md5: W+5CC8CkSSUPHIzLy4Gjcw==\r\nEtag: \"5BEE420BC0A449250F1C8CCBCB81A373\"\r\nLast-Modified: Sun, 24 Aug 2025 03:46:44 GMT\r\nVary: Origin\r\nX-Bdcdn-Cache-Status: TCP_HIT\r\nX-Oss-Hash-Crc64ecma: 2667080129229451511\r\nX-Oss-Object-Type: Normal\r\nX-Oss-Request-Id: 68AA8B5DC56292303740B707\r\nX-Oss-Server-Time: 20\r\nX-Oss-Storage-Class: Standard\r\nX-Request-Id: 83fea1ffe17aff7e0c7eeba773e41dd0\r\nX-Request-Ip: 91.90.42.154\r\nX-Response-Cache: edge_hit\r\nX-Response-Cinfo: 91.90.42.154\r\nX-Tt-Trace-Tag: id=5\r\nDate: Sat, 10 Jan 2026 02:31:38 GMT\r\nvia: cache05.whcm02\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2224,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 53 x 53, 8-bit/color RGBA, non-interlaced","md5":"5bee420bc0a449250f1c8ccbcb81a373","sha1":"73969238acfd410ef0bf5e8eb7c0413376e86463","sha256":"926255378e4dbc6e4d383eefef64f0c307a4bb532f6457cca34887b0a6fce112","sha512":"9e11a760fa9f9ad36b1fa212697ff430d0a1115d639e9ebc50563e5e45dec5f8677b7528381261730a0c683f5fbbc713633e1a914c472250f2b3074a90a21dbd","ssdeep":"","tlshash":"35414c6d316034f6f2995b3db658bf5666fba164f0328030219b156c408b8da14f1744","first_seen":"2025-09-20T16:20:28.575443Z","last_seen":"2026-03-29T17:12:51.734605Z","times_seen":43,"resource_available":false,"data":null}},"time_used":310,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":310,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"djs.imgdianyingoss.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.5qbb.com/template/dc06/css/stui_default.css","fqdn":"www.5qbb.com","domain":"5qbb.com","tld":"com"},"ip":{"addr":"154.23.217.18","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.5qbb.com/","date":"2026-01-10T02:31:34.368Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.5qbb.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 19 Nov 2025 10:53:41 GMT","end":"Tue, 17 Feb 2026 10:53:40 GMT"},"fingerprint":{"sha1":"90:99:D2:A8:70:03:D1:25:79:89:A8:48:4B:B9:46:5A:76:7E:21:EE","sha256":"01:E6:6D:9E:21:A4:F8:1F:A7:1E:B4:8A:8C:1F:7A:D3:3A:01:68:61:C7:20:85:CB:6D:6B:E4:AC:FB:0B:43:3C"}}},"request":{"raw":"GET /template/dc06/css/stui_default.css HTTP/1.1\r\nHost: www.5qbb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.5qbb.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 10 Jan 2026 02:34:44 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 01 Jan 2026 04:50:51 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6955fd2b-35fa\"\r\nexpires: Tue, 13 Jan 2026 02:34:44 GMT\r\ncache-control: max-age=259200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nserver: WAFCDN\r\nx-request-id: d260684ec2ecd9574ee49423123dfe20\r\ncache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13818,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, Unicode text, UTF-8 text, with very long lines (351)","md5":"d629bf9dfb918e4652cfda31c264524e","sha1":"0eff700326c7372f02d3097afe16a06699af0937","sha256":"1b176147376b2728fac5ba8526328ff1c833e5b1693c31049384e0f7781f635a","sha512":"7e5f7ba96fcaff4a6975251605ac6c14766859a0f898fb36e8c9a85ef38987b5044096190a5e92483a8e3e95dc66d7e80f16a2887664a5e23f8db5248f9f2af8","ssdeep":"384:QL6rarUCPa1gMiyYj7nJDjIChgFmMqKbJO8jIX:Q+Kla1gMiyYjTQbE","tlshash":"59525621c7112908f07fdf9afd92db8e5325a037e3029efdac50286dd38e59844f2299","first_seen":"2025-12-20T17:55:19.709191Z","last_seen":"2026-01-10T02:32:09.777791Z","times_seen":2,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"viptulz.com/upload/vod/20251228-1/2bbf1a1375e610954db1526a46d85d04.jpg","fqdn":"viptulz.com","domain":"viptulz.com","tld":"com"},"ip":{"addr":"37.77.87.138","port":443,"asn":0,"as":"","country":"British Virgin Islands","country_code":"VG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.5qbb.com/","date":"2026-01-10T02:31:38.836Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img.lzzyimg.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Dec 2025 15:49:59 GMT","end":"Thu, 26 Mar 2026 15:49:58 GMT"},"fingerprint":{"sha1":"07:EC:5C:C5:85:26:0C:E5:C9:1D:90:CF:58:BE:0A:EC:79:3B:37:26","sha256":"82:2B:21:A7:F3:EF:50:F7:A9:90:CB:8A:58:80:A9:D4:10:EC:45:BB:8A:B9:83:2D:5D:62:89:64:96:40:FE:59"}}},"request":{"raw":"GET /upload/vod/20251228-1/2bbf1a1375e610954db1526a46d85d04.jpg HTTP/1.1\r\nHost: viptulz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.5qbb.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncontent-type: image/jpeg\r\ndate: Sat, 10 Jan 2026 01:34:40 GMT\r\netag: \"6951477a-7aab\"\r\nexpires: Mon, 09 Feb 2026 01:34:40 GMT\r\nlast-modified: Sat, 10 Jan 2026 01:39:30 GMT\r\nserver: openresty\r\nx-cache: HIT, policy, memory\r\ncontent-length: 31403\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31403,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 270x405, components 3","md5":"3ff5deb5da785f1e31e6c303168c4419","sha1":"b7f48b846975a0f0244516d26596af0675022edf","sha256":"c0fc23390cfe101f0113c8a8c74fab9294f949a29b6e977f02523aee2fc892fc","sha512":"32302bcb9a1c2a720dc474215d4edca2fcaab2ac3faf31c105251369dcff29b025fad7f96320ee531341d9522171a73cee53d430fa6764d904d1ae3da757f7a6","ssdeep":"768:98BY68qjWHDv9p00T9Jlfi8qffUYrjvJmT:98BY6zjW319Jlfi8E3IT","tlshash":"4be2f116c40cba12cf4fd58ab754ae11b44821a345dc3efafd2909b8c474e652e8eb1f","first_seen":"2026-01-04T16:23:15.306601Z","last_seen":"2026-01-10T02:32:09.779233Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1752,"timings":{"blocked":436,"dns":1,"connect":217,"send":0,"wait":806,"receive":68,"ssl":221},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"viptulz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"djs.imgdianyingoss.com/js/ds/app_download.png","fqdn":"djs.imgdianyingoss.com","domain":"imgdianyingoss.com","tld":"com"},"ip":{"addr":"111.48.108.162","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.5qbb.com/","date":"2026-01-10T02:31:34.381Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"djs.imgdianyingoss.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Mon, 24 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:22:CA:E9:CA:74:E9:9E:8E:E2:0A:E6:FE:CA:7B:77:A3:13:E2:F3","sha256":"44:A7:72:41:34:8D:AC:90:86:46:35:CA:00:A7:5F:D7:4F:8F:B8:65:E5:5D:B7:D5:62:3A:C7:51:CA:F3:E2:86"}}},"request":{"raw":"GET /js/ds/app_download.png HTTP/1.1\r\nHost: djs.imgdianyingoss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.5qbb.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Byte-nginx\r\nContent-Type: image/png\r\nContent-Length: 422\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAge: 24828350\r\nContent-Md5: Qd+1pGJ/Isu04zd6D1SWYA==\r\nEtag: \"41DFB5A4627F22CBB4E3377A0F549660\"\r\nLast-Modified: Fri, 28 Mar 2025 17:40:36 GMT\r\nVary: Origin\r\nX-Bdcdn-Cache-Status: TCP_HIT\r\nX-Oss-Hash-Crc64ecma: 10826957734210498295\r\nX-Oss-Object-Type: Normal\r\nX-Oss-Request-Id: 67E6E04C5C5A723432E38E89\r\nX-Oss-Server-Time: 2\r\nX-Oss-Storage-Class: Standard\r\nX-Request-Id: 5b3bcca2d589db7c20dd4d77c19bc79c\r\nX-Request-Ip: 91.90.42.154\r\nX-Response-Cache: edge_hit\r\nX-Response-Cinfo: 91.90.42.154\r\nX-Tt-Trace-Tag: id=5\r\nDate: Sat, 10 Jan 2026 02:31:38 GMT\r\nvia: cache01.whcm02\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":422,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 4-bit colormap, non-interlaced","md5":"41dfb5a4627f22cbb4e3377a0f549660","sha1":"9711c85ce0969cc5f44be1890b346f86fb96b759","sha256":"ee593663f685a4707e5deaa0150e9934aef27ffe044ec8e7eb7676333b110d11","sha512":"169ff38ff8559e686ff0ae8bcf04f23458a1352cf91f5f06fd72820070cb7da871395fb7d4db0a8107eac8c5102ac3a27fd339cf284bbabc9a54d84b958d459a","ssdeep":"","tlshash":"5ae0a3d6370d4c70ecaca537a66d054799732a87524774216250b99c04983238886287","first_seen":"2025-12-20T17:55:19.670656Z","last_seen":"2026-01-20T05:55:40.306766Z","times_seen":5,"resource_available":false,"data":null}},"time_used":4628,"timings":{"blocked":4321,"dns":0,"connect":0,"send":0,"wait":305,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"djs.imgdianyingoss.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.5qbb.com/js/e0101.js","fqdn":"www.5qbb.com","domain":"5qbb.com","tld":"com"},"ip":{"addr":"154.23.217.18","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.5qbb.com/","date":"2026-01-10T02:31:34.385Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.5qbb.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 19 Nov 2025 10:53:41 GMT","end":"Tue, 17 Feb 2026 10:53:40 GMT"},"fingerprint":{"sha1":"90:99:D2:A8:70:03:D1:25:79:89:A8:48:4B:B9:46:5A:76:7E:21:EE","sha256":"01:E6:6D:9E:21:A4:F8:1F:A7:1E:B4:8A:8C:1F:7A:D3:3A:01:68:61:C7:20:85:CB:6D:6B:E4:AC:FB:0B:43:3C"}}},"request":{"raw":"GET /js/e0101.js HTTP/1.1\r\nHost: www.5qbb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.5qbb.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 10 Jan 2026 02:34:44 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 01 Jan 2026 04:49:39 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6955fce3-851\"\r\nexpires: Tue, 13 Jan 2026 02:34:44 GMT\r\ncache-control: max-age=259200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nserver: WAFCDN\r\nx-request-id: e04eb8cd5897a444852e969fe0f4a219\r\ncache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2129,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2118), with CRLF line terminators","md5":"23d5e98b6f07446af885c5777530b9d3","sha1":"654b8c252c7903d9e6a0b77fa7999b787458aa2e","sha256":"84e8e90f0663bafe4873e1f86ee59ad75968d3a1736626fc6a83cb99baba2274","sha512":"c37e6e5fc41f92564a96289462a9b6ce84280bc8ab93b646881fa0694e638359de0fee7aa2d246feb5d447a95edb671d25dffe2deacb7e3dd8432a0c867fb2c6","ssdeep":"","tlshash":"d94100fbf5688c1763d914e9eb17f42cea2bb25c2fc18247c0db440466b6af68399d04","first_seen":"2026-01-10T02:32:09.781181Z","last_seen":"2026-01-10T02:32:09.781181Z","times_seen":1,"resource_available":true,"data":null}},"time_used":619,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":619,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic3.yzzyimg.online/upload/vod/2026-01-09/202601091767923332.jpg","fqdn":"pic3.yzzyimg.online","domain":"yzzyimg.online","tld":"online"},"ip":{"addr":"216.180.235.237","port":443,"asn":47191,"as":"blue tech technology Co., Limited","country":"British Virgin Islands","country_code":"VG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.5qbb.com/","date":"2026-01-10T02:31:38.894Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pic3.yzzyimg.online","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Mon, 27 Oct 2025 05:15:21 GMT","end":"Tue, 27 Oct 2026 05:15:20 GMT"},"fingerprint":{"sha1":"89:E1:2D:F5:48:02:3D:7C:D6:55:18:F5:27:5D:0B:B3:B1:0F:6E:00","sha256":"42:E6:40:B4:53:90:34:F6:88:1A:CD:59:B3:6E:91:CE:43:2A:94:F0:74:1A:28:DC:7A:16:B6:47:57:DD:42:86"}}},"request":{"raw":"GET /upload/vod/2026-01-09/202601091767923332.jpg HTTP/1.1\r\nHost: pic3.yzzyimg.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.5qbb.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncontent-type: image/jpeg\r\ndate: Fri, 09 Jan 2026 01:53:07 GMT\r\netag: \"69605e84-8127\"\r\nexpires: Sun, 08 Feb 2026 01:53:07 GMT\r\nlast-modified: Fri, 09 Jan 2026 17:07:33 GMT\r\nserver: nginx\r\nx-cache: HIT, server, disk\r\ncontent-length: 33063\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":33063,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 315x415, components 3","md5":"2599c2568da58d192113e96c315b5a1f","sha1":"16285e596fe57ca72facd48c726f72899a4475a8","sha256":"38b1ceaa0e9f42de698b333bd82bdaa788c4d5aaed56a233956d35d785050a8c","sha512":"8ccb444d8894f419404e429052594c550a7b6deafa211e3b338dd44c6914f1bde5d4f2db7f371f2323b10457c7a990728742853b5b684ba3a9a31a003cdbbaf3","ssdeep":"768:xPQYZGZ+zX/Ib5sIGbtzvrwPd+LrH2vPRZV9/UGQ4OHIetE:xPQywb5+xvRyvPTTm4OoetE","tlshash":"92e2f1219167a270635ceeb738bfde2060c9c5b6b04ab57a64fc421a95c4fe6b1313cc","first_seen":"2026-01-10T02:32:09.782407Z","last_seen":"2026-01-17T02:57:25.336916Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2060,"timings":{"blocked":62,"dns":1246,"connect":154,"send":0,"wait":154,"receive":202,"ssl":242},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"viptulz.com/upload/vod/20251121-1/284325a5fdd3a7f7aa58bf3cfb0195a9.jpg","fqdn":"viptulz.com","domain":"viptulz.com","tld":"com"},"ip":{"addr":"37.77.87.138","port":443,"asn":0,"as":"","country":"British Virgin Islands","country_code":"VG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.5qbb.com/","date":"2026-01-10T02:31:38.840Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img.lzzyimg.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Dec 2025 15:49:59 GMT","end":"Thu, 26 Mar 2026 15:49:58 GMT"},"fingerprint":{"sha1":"07:EC:5C:C5:85:26:0C:E5:C9:1D:90:CF:58:BE:0A:EC:79:3B:37:26","sha256":"82:2B:21:A7:F3:EF:50:F7:A9:90:CB:8A:58:80:A9:D4:10:EC:45:BB:8A:B9:83:2D:5D:62:89:64:96:40:FE:59"}}},"request":{"raw":"GET /upload/vod/20251121-1/284325a5fdd3a7f7aa58bf3cfb0195a9.jpg HTTP/1.1\r\nHost: viptulz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.5qbb.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncontent-type: image/jpeg\r\ndate: Sat, 10 Jan 2026 02:15:40 GMT\r\netag: \"69207c33-4b0a\"\r\nexpires: Mon, 09 Feb 2026 02:15:40 GMT\r\nlast-modified: Sat, 10 Jan 2026 02:15:40 GMT\r\nserver: openresty\r\nx-cache: HIT, policy, disk\r\ncontent-length: 19210\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":19210,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 270x381, components 3","md5":"874a4e91d619bb15e0a3c836a43e3fd5","sha1":"20224726fb2952f5fb2d1bb71c75770f39ddc87d","sha256":"867dad83515459c5b39b19afdce5fd4ae260b60602648d04b84232796f285627","sha512":"7ef4194c68d273e2f3bc57236278c9ba2cd1c12ea83d07c27f0576c759277b2d0d965355da08a0c6770150ae97960596f1ea5b902c2ee748651a94c6f4bd085f","ssdeep":"384:9wdQ/ElbXq2PTDevRPZ967POTxxDth3n56Do7gc+c8PD73INmxtu/3Xb3:CdX/TD8Zk7POtx3n50ocINmtuPXb3","tlshash":"1882d0a78b61988cfb13cfbd731d9543ba35be3a1b503535d6003f428f59e1e84a6802","first_seen":"2025-11-23T16:33:08.707961Z","last_seen":"2026-01-10T02:32:09.783594Z","times_seen":12,"resource_available":false,"data":null}},"time_used":1198,"timings":{"blocked":-1,"dns":1,"connect":206,"send":0,"wait":707,"receive":65,"ssl":218},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"viptulz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"image.baidu.com/search/down?url=https://img1.doubanio.com/view/photo/s_ratio_poster/public/p2928824650.jpg","fqdn":"image.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"103.235.47.211","port":443,"asn":55967,"as":"Beijing Baidu Netcom Science and Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.5qbb.com/","date":"2026-01-10T02:31:38.862Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /search/down?url=https://img1.doubanio.com/view/photo/s_ratio_poster/public/p2928824650.jpg HTTP/1.1\r\nHost: image.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.5qbb.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nBdqid: 67bb8e15057c9706\r\nCache-Control: private, max-age=0\r\nConnection: keep-alive\r\nContent-Disposition: attachment; filename=\"3dd37348ceb84da2191609f251f5dc63.jpg\"\r\nContent-Length: 16348\r\nContent-Transfer-Encoding: binary\r\nContent-Type: image/jpeg\r\nDate: Sat, 10 Jan 2026 02:31:41 GMT\r\nExpires: 0\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16348,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 270x382, components 3","md5":"1d346378ee0cc3fb05182e2b4bc39437","sha1":"b7395ed5d51286902d9be88aac51e7aa93f7f666","sha256":"6b63e5a27263b920a4ee6a7f7da01638b584e4ead0602fea85a8b7b9373d6c56","sha512":"577ee27c8a98a633372d93a811e42c1702fe52f5107657080a3773eda93760f6b01f866a4b4dfbc9fcc3a6fc6a2a867905ed814c5e38bf99f871a65417b4f7cc","ssdeep":"384:qHYwMfkd8M9Bhf3jFRR4LeVmYG1JhZaW+Tjx/laj4:qJeKBh/jrq6G3HaWGNNR","tlshash":"eb72d13d07eb2169df32b6f9d04b229c51de0964f6052d7e0a182266cb7cc7e1ce8e46","first_seen":"2026-01-10T02:32:09.785112Z","last_seen":"2026-01-30T07:20:27.944389Z","times_seen":3,"resource_available":false,"data":null}},"time_used":2478,"timings":{"blocked":-1,"dns":1150,"connect":267,"send":0,"wait":513,"receive":1,"ssl":547},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.5qbb.com/","fqdn":"www.5qbb.com","domain":"5qbb.com","tld":"com"},"ip":{"addr":"154.23.217.18","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-10T02:31:33.068Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.5qbb.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 19 Nov 2025 10:53:41 GMT","end":"Tue, 17 Feb 2026 10:53:40 GMT"},"fingerprint":{"sha1":"90:99:D2:A8:70:03:D1:25:79:89:A8:48:4B:B9:46:5A:76:7E:21:EE","sha256":"01:E6:6D:9E:21:A4:F8:1F:A7:1E:B4:8A:8C:1F:7A:D3:3A:01:68:61:C7:20:85:CB:6D:6B:E4:AC:FB:0B:43:3C"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.5qbb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 10 Jan 2026 02:34:44 GMT\r\ncontent-type: text/html;charset=utf-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nserver: WAFCDN\r\nexpires: Sat, 10 Jan 2026 02:44:44 GMT\r\ncache-control: max-age=600\r\nx-request-id: 3d29c0821778c3369f446b30a34a10aa\r\ncache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":27228,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (24658), with no line terminators","md5":"f3f635ced6e8eb2ab0101fbdb754431b","sha1":"8b3d4c8c0632c6da4e1488938dcf22f962b5d290","sha256":"fcad740f482abb6dd6f0cb03d4f9af1045a0e044d0042edb7b12261e3255ad5e","sha512":"e281e0a38448d655321a646d42b0d8b6092837d14b610f0660132e80c2e54682c7caccfe5bd9006a0c2ad07e64035bb51767b3a88ae3e7dcf234ae698b25d9da","ssdeep":"768:BeDaLRD4JQWpPdHANEHckQM3oryWrAFL8L9RJbgqTNv9vwvdWvGvbvmDNqo63Ebk:vBBZltqCd6","tlshash":"fcc276aa45947e3b7d7b5edb92d817aef5c3929fc6438d01b8fc31989748e50342220e","first_seen":"2026-01-10T02:32:09.786519Z","last_seen":"2026-01-10T02:32:09.786519Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1782,"timings":{"blocked":786,"dns":360,"connect":209,"send":0,"wait":209,"receive":0,"ssl":215},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?0f117a39c43579a2d89ad8bd763e87e4","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"111.45.11.83","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.5qbb.com/","date":"2026-01-10T02:31:38.738Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.js?0f117a39c43579a2d89ad8bd763e87e4 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.5qbb.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\nContent-Length: 11289\r\nContent-Type: application/javascript\r\nDate: Sat, 10 Jan 2026 02:31:41 GMT\r\nEtag: fae9307b5b27bbd4e79e835c0003d422\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=385ED32A0846045B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":29895,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (619)","md5":"eb72008d5830e8311b7d9f2bcb744ac2","sha1":"75f63c6da96fa07939dd3eab3917c478da2449c5","sha256":"7943b55de25f8c1bb394fc0c7db892932b09efef763b8fe40b621a319c331ea3","sha512":"b92ef2be1ba93795f533e218339abf7c33e86011189fb2533f8764e2b41bb89651a670727d12980f809191e12b4905db6b849e818baeb249cac7d22b53d50f36","ssdeep":"384:VIGJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:VIG4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"8dd2daa9b282713293a324a5153f324ef07b5a54bd4968a4f11894c07d38fbb027bfdd","first_seen":"2026-01-10T02:32:09.787742Z","last_seen":"2026-01-10T02:32:09.787742Z","times_seen":1,"resource_available":true,"data":null}},"time_used":3893,"timings":{"blocked":1495,"dns":1,"connect":457,"send":0,"wait":902,"receive":1,"ssl":1034},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"viptulz.com/upload/vod/20260109-1/f1b8f828bf450c4ee02c2323ea77dc6d.jpg","fqdn":"viptulz.com","domain":"viptulz.com","tld":"com"},"ip":{"addr":"37.77.87.138","port":443,"asn":0,"as":"","country":"British Virgin Islands","country_code":"VG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.5qbb.com/","date":"2026-01-10T02:31:38.891Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img.lzzyimg.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Dec 2025 15:49:59 GMT","end":"Thu, 26 Mar 2026 15:49:58 GMT"},"fingerprint":{"sha1":"07:EC:5C:C5:85:26:0C:E5:C9:1D:90:CF:58:BE:0A:EC:79:3B:37:26","sha256":"82:2B:21:A7:F3:EF:50:F7:A9:90:CB:8A:58:80:A9:D4:10:EC:45:BB:8A:B9:83:2D:5D:62:89:64:96:40:FE:59"}}},"request":{"raw":"GET /upload/vod/20260109-1/f1b8f828bf450c4ee02c2323ea77dc6d.jpg HTTP/1.1\r\nHost: viptulz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.5qbb.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncontent-type: image/jpeg\r\ndate: Sat, 10 Jan 2026 01:43:41 GMT\r\netag: \"69606b0d-8689\"\r\nexpires: Mon, 09 Feb 2026 01:43:41 GMT\r\nlast-modified: Sat, 10 Jan 2026 01:43:41 GMT\r\nserver: openresty\r\nx-cache: HIT, policy, disk\r\ncontent-length: 34441\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":34441,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 270x382, components 3","md5":"f04a3ad65a1657778804f7e417722ffc","sha1":"da48671b0373d35170c9d44994ba26fbc412cb34","sha256":"e872733401f3f984253872a2116f7d427e615477613be1d68cc5d558f744db07","sha512":"2dd7a950eb0a1770fd26da201f10dc5b207a91483c2e84a9520724db2db7d5e86836dcc4bde6b0792cf3d471e52759cced4b76654faf3d294f620f383589dacf","ssdeep":"768:aZsVGMF4XuG42Yiv9/Q6gpau88AfE+I3OztDJEbghD8/Ki9ue0:aOVGMF4+G42F4faW3O5h4yiB0","tlshash":"edf2e05577e563deef8d68bc028e1687236a97c1fd9023b60296d60c785ecfebc40644","first_seen":"2026-01-10T02:32:09.789057Z","last_seen":"2026-01-10T02:32:09.789057Z","times_seen":1,"resource_available":false,"data":null}},"time_used":971,"timings":{"blocked":353,"dns":0,"connect":0,"send":0,"wait":417,"receive":201,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"viptulz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"djs.imgdianyingoss.com/js/ds/font/iconfont.css","fqdn":"djs.imgdianyingoss.com","domain":"imgdianyingoss.com","tld":"com"},"ip":{"addr":"111.48.108.162","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.5qbb.com/","date":"2026-01-10T02:31:34.373Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"djs.imgdianyingoss.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Mon, 24 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:22:CA:E9:CA:74:E9:9E:8E:E2:0A:E6:FE:CA:7B:77:A3:13:E2:F3","sha256":"44:A7:72:41:34:8D:AC:90:86:46:35:CA:00:A7:5F:D7:4F:8F:B8:65:E5:5D:B7:D5:62:3A:C7:51:CA:F3:E2:86"}}},"request":{"raw":"GET /js/ds/font/iconfont.css HTTP/1.1\r\nHost: djs.imgdianyingoss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.5qbb.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Byte-nginx\r\nContent-Type: text/css\r\nContent-Length: 289\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAge: 1401471\r\nContent-Encoding: gzip\r\nContent-Md5: 981l9K1JnPUMN+Xe6MbFYQ==\r\nEtag: \"F7CD65F4AD499CF50C37E5DEE8C6C561\"\r\nLast-Modified: Sun, 12 Nov 2023 17:51:00 GMT\r\nVary: Accept-Encoding, Origin\r\nX-Bdcdn-Cache-Status: TCP_HIT\r\nX-Oss-Hash-Crc64ecma: 7687945756058858882\r\nX-Oss-Object-Type: Normal\r\nX-Oss-Request-Id: 694C578BE3C8F7333514A1E2\r\nX-Oss-Server-Time: 3\r\nX-Oss-Storage-Class: Standard\r\nX-Request-Id: 806bc3b65fa75b9d40e7760da6598e8a\r\nX-Request-Ip: 91.90.42.154\r\nX-Response-Cache: edge_hit\r\nX-Response-Cinfo: 91.90.42.154\r\nX-Tt-Trace-Tag: id=5\r\nDate: Sat, 10 Jan 2026 02:31:38 GMT\r\nvia: cache05.whcm02\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":562,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"f7cd65f4ad499cf50c37e5dee8c6c561","sha1":"2c7de4df4807a7919c0236d11d99d11525e6f805","sha256":"89c088d5a4094313d026805f093c975a9fcd2b266bc7aa0c78a9116ad89c6fa3","sha512":"95ecd2440cf617fb4430e50cab97769cbc3c6f3876863b03af3efb9f70ed80d4e42594b076e36ce44392e164ead9f12cb66020c3d2251b0f8d6d35784e97e4ca","ssdeep":"","tlshash":"15f08b8518fcac123354cc48b38baf21af1e24660d4598adb25f682caff77118191b0c","first_seen":"2024-08-20T14:40:19.80216Z","last_seen":"2026-03-29T17:12:51.730385Z","times_seen":47,"resource_available":false,"data":null}},"time_used":7966,"timings":{"blocked":3627,"dns":2877,"connect":313,"send":0,"wait":702,"receive":0,"ssl":444},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"djs.imgdianyingoss.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"yqk.j3kjn242sq.com/image/cover/2024/11/12/43cc507869444de0b5551c656a732c3d.jpg","fqdn":"yqk.j3kjn242sq.com","domain":"j3kjn242sq.com","tld":"com"},"ip":{"addr":"104.26.11.83","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.5qbb.com/","date":"2026-01-10T02:31:38.892Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j3kjn242sq.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 22 Nov 2025 05:14:39 GMT","end":"Fri, 20 Feb 2026 06:14:37 GMT"},"fingerprint":{"sha1":"38:02:1C:06:27:DF:9D:FA:67:E0:C4:06:39:92:7D:33:8D:F7:FC:2F","sha256":"EB:26:4B:EF:8C:5A:C6:B9:C1:94:0E:D0:3B:A0:9A:48:F9:4C:4A:49:13:AE:67:96:89:55:95:71:6B:E9:6C:D7"}}},"request":{"raw":"GET /image/cover/2024/11/12/43cc507869444de0b5551c656a732c3d.jpg HTTP/1.1\r\nHost: yqk.j3kjn242sq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.5qbb.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 10 Jan 2026 02:31:39 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 210331\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccept-ranges: bytes\r\netag: \"1cbc34ffd358c9e8c9beeeec08128525\"\r\nlast-modified: Tue, 12 Nov 2024 07:00:08 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, accept-encoding\r\nx-amz-id-2: 85352015a9220b763e91cf923166595dc2db97cfb6692688240b03fb000ba14c\r\nx-amz-replication-status: COMPLETED\r\nx-amz-request-id: 1888FCD77630029D\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-amz-version-id: e069bc6d-ce35-4b8a-a2a9-ada832c10e81\r\ncache-control: max-age=604800\r\naccess-control-allow-origin: *\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fF%2F4EQH7uULP46VowPNmW6uvSxvlfoYcE%2FimdqSNjdJy06KGjUER5O2I37Aqv0R0kES8%2B9nyGy1wsa%2FCyseHFgy76VeE3k%2FOb8fu89pKmRID\"}]}\r\ncf-ray: 9bb8c2643d0fc272-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":210331,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 246 x 353, 8-bit/color RGBA, non-interlaced","md5":"1cbc34ffd358c9e8c9beeeec08128525","sha1":"98fcd2c48fc3c22507c4070686c137b08e77200e","sha256":"c0ba68879a4067456e92961b6b5fb618ac9b6d52b6f74140a899e425c9410186","sha512":"b08cc09b605b5334e2a1ed348f3e639057e626740f4d3f1f7a688b3170b2a5383940813d6e5eb368b87d93e48fad1adfd3c91812b2332c698c1890c06db06af9","ssdeep":"3072:Z1d5UYoGW88dx/+QuMRBd4pfYvWb4IrN5n2CBEhwyyIN2X45MHTd/bdhx57vep:Td5UgWZfvWEIrN52q5HIN2XJTNnTm","tlshash":"362413d39184e5d32c924d0a1559fe72330095aa478fda40c833c962edafcba9f85777","first_seen":"2026-01-10T02:32:09.791439Z","last_seen":"2026-01-10T02:32:09.791439Z","times_seen":1,"resource_available":false,"data":null}},"time_used":225,"timings":{"blocked":23,"dns":0,"connect":0,"send":0,"wait":186,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}