{"report_id":"c5bc8a8d-8a37-45a3-8545-05a82fdb5d90","version":6,"status":"done","tags":[],"date":"2026-04-05T09:40:05Z","url":{"schema":"http","addr":"h4y4z1.ukphshnh.com/","fqdn":"h4y4z1.ukphshnh.com","domain":"ukphshnh.com","tld":"com"},"ip":{"addr":"154.207.252.62","port":0,"asn":0,"as":"","country":"Seychelles","country_code":"SC"},"final":{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"title":"51爆料网-免费吃瓜爆料每日大赛聚集地","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"h4y4z1.ukphshnh.com/","fqdn":"h4y4z1.ukphshnh.com","domain":"ukphshnh.com","tld":"com"},"ip":{"addr":"154.207.252.62","port":0,"asn":0,"as":"","country":"Seychelles","country_code":"SC"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-10T09:40:05Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.178.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-03-29T22:23:59.734728Z","alert_count":0,"request_count":1,"received_data":469047,"sent_data":401,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"h4y4z1.ukphshnh.com","ip":{"addr":"154.207.253.62","port":443,"asn":0,"as":"","country":"Seychelles","country_code":"SC"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":198503,"sent_data":488,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"pic.lfvjpw.cn","ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"domain_registered":"2025-06-18","domain_rank":0,"first_seen":"2026-04-04T13:26:51.706474Z","last_seen":"2026-04-04T13:26:51.706474Z","alert_count":56,"request_count":56,"received_data":15788590,"sent_data":26096,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"ads.zyudkkup.com","ip":{"addr":"156.255.123.151","port":443,"asn":63888,"as":"DATAWING LIMITED","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-03-27T04:58:20.753308Z","last_seen":"2026-04-03T12:35:40.265266Z","alert_count":0,"request_count":2,"received_data":1487,"sent_data":1016,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"h4y4z1.qquknwu.cc","ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2026-04-01","domain_rank":0,"first_seen":"2026-04-05T09:40:12.607423Z","last_seen":"2026-04-05T09:40:12.607423Z","alert_count":0,"request_count":52,"received_data":4282472,"sent_data":24509,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"jQuery:2.2.4","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Parsley.js","description":"Javascript forms validation script.","website":"https://parsleyjs.org","common_platform_enumeration":"","icon":"","categories":["JavaScript libraries"]},{"name":"Clipboard.js:2.0","description":"","website":"https://clipboardjs.com/","common_platform_enumeration":"","icon":"Clipboard.js.svg","categories":["JavaScript libraries"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"75cabaa694772e45b2ee3d32608818ba","sha1":"5b7147b6b284896fdfd65020075e439ae00c4b02","sha256":"cdf91797af06c3d3ac64af3fbd511a25069729174cb1bf72a7fdc44fae38a20f","sha512":"d155d8e3e8b92461563b52e1031029d977b9047f405e874a0616a317d394bdcaab45303cc98e9e78eafcf7aa8455318edee51115daaea4f213f0e7725e221f24","ssdeep":"","tlshash":"d5c08ca780001213157bc022488631e00eb3199b04900859ca32efc2a0b4c6c090ecac","size":146,"data":"","first_seen":"2023-03-13T16:33:50Z","last_seen":"2026-04-05T17:08:33.680207Z","times_seen":13417,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"28f264a467771117bf2935471481fad0","sha1":"17ae6fef7d8f698a51b6fb8145331f7deeb50cd7","sha256":"fc00bc4203d5684e02fcc7e1d145bcdfa318aa408d2ea1dfa05eb88802db2d3f","sha512":"76641e56c905f3a5e2b3e7fd9e8e78afd1db01346ac13735ffb897374a27df5150895445643207bcf65685a535487b8f9888d8d560432c8eea6ae339c440340f","ssdeep":"","tlshash":"9f11203623594cc20ee4b5d37b8b689d6d206100022ab4b8e946cd91ced9ec4012bff5","size":1107,"data":"","first_seen":"2023-03-13T16:33:50Z","last_seen":"2026-04-05T17:05:45.008576Z","times_seen":18483,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d1a7f8805bfaf711f28437f8ab936ca9","sha1":"6f6d4f865195ee84d2cb4349f785ac3e2529decb","sha256":"1c47e66880af5210a71b11dae6f3b7fd15259b6ca025b933604e17850d06d774","sha512":"20aebba0ad67acc54c70b1f7d703fbf3538dabef5b0de519cb75baaadc117eddd3dbb475a669bf0a2b049ed2d54c55110c79c950e1c5ef934947dabc2da0ae60","ssdeep":"","tlshash":"a201241dbae31458b61337389b3f4389787015032428db88f84ce681af60c2594feaf9","size":683,"data":"","first_seen":"2023-03-13T16:33:51Z","last_seen":"2026-04-05T17:00:52.703551Z","times_seen":25416,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"c41baaa7ff292a76134cea142d90f1fa","sha1":"30326d57366b13fd6c9c5a4e05047067889bb9fb","sha256":"88d9c105666fa1adb8b425ae590f3fbd9bca221f7e15b821b871608b54a43edd","sha512":"dbbfb88590c865be99a316cbbaac651e1500fe7c424851cc77c3450426d99b448cc54589aff738f4e06d53caf77a8706e32cd4f55d54a01c9cab01188cf3c082","ssdeep":"","tlshash":"334111694d06d22566451038ad0fe74127ca9367bc4cf701f2ecda446faea2de4bace0","size":2042,"data":"","first_seen":"2026-04-04T15:55:54.73449Z","last_seen":"2026-04-05T11:40:29.460733Z","times_seen":121,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"e50ebfcefd6cb362885dc70437b0b101","sha1":"e6e5d4b64aac6e38387e236b4b02315fe29fab79","sha256":"f1f9bf4ad7f37b1525d117e49369dc6d7116efca1c61f2de3c9b2b837bad2d2b","sha512":"0ff4be125d40b9d058327b4a9878a0a340609b5bfddf9134d12f57e8efa05b2ce3625f97ea0c16e574b3fef4602d377552a5bb5c1e2ec49a66a1b96f3b70d7d6","ssdeep":"","tlshash":"cbc0929c80e3e080a55a2229729e838929f2800b2a96e72bbe1c81486f0059e45385b0","size":144,"data":"","first_seen":"2023-03-08T09:43:22Z","last_seen":"2026-04-05T17:00:52.705658Z","times_seen":25390,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"8d6db44e9e2b54b18adc20adcbda7b66","sha1":"fca35986943d5d0a1fb63442123086cfb0a75586","sha256":"01393ed8444fb2140744f41539df57ce0dd91d4ae004bfb43a5fcde421bad10f","sha512":"775635c8c339a169f1b8ce91b742877ff21c06f3e9740fe03ed2dc1023cea55eace2127a028968ad5fac9b476f7dec1665c5708fa40229fe835b222cb731d3c0","ssdeep":"192:UDKhafGfAG/QN8QgVa5yvpLkq4mDycdJH06y7QzN/0ovRJbVhZ8WRqh9fd5gMlp8:Uehm1ERBzNSb9p8","tlshash":"c7220d0c9ef35079b127303e5b7f524872799113520ccf157e5ce290af60966aababf8","size":10605,"data":"","first_seen":"2025-12-12T03:05:23.0154Z","last_seen":"2026-04-05T12:52:23.489513Z","times_seen":1931,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"007eeb83e3252f2b86cd2fa6ace2474d","sha1":"ab373436c705b1a1ddf4a7d3851b650ad609ff1a","sha256":"ff8d885fe389934143923a5847c70bf1989095fb1e25aa78016da46098caeb35","sha512":"73deca2c538eecd6a1835dfeb3030fd652004e0881f62e3460843dd6a9cc26459d59f667bcbc4c110da98e7db24d50813526ffa3eb862a95b38e506018d2c10a","ssdeep":"","tlshash":"9b118c02e8ad49276482104b1df3780de3d5924952647cc0bbddcb5df77ce561af52c4","size":1008,"data":"","first_seen":"2025-12-16T08:09:23.245502Z","last_seen":"2026-04-05T11:09:17.651017Z","times_seen":778,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"ffd404e0d47f20cf1e22c8af22d69328","sha1":"c9b625d2c33cd5d6fbabdca99dfc054b59fa0a72","sha256":"84f200d164c9d322a84119fca80b7196d0c88918cc15cd8f0122b09dd9eb6a62","sha512":"95c5fc01ad24398929ccecd1996a2f86913dd788314f26f75b28fe618c10f1fe08ff8c17d2e8f29d6954015de662f4633ba706058554b7583ae2a9b498f56ece","ssdeep":"","tlshash":"aa90029522c3500046561298005668859038846014448d4440409492989506591a946c","size":43,"data":"","first_seen":"2025-06-27T04:20:30.635277Z","last_seen":"2026-04-05T17:19:28.223374Z","times_seen":8352,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/plugins/ai/common/axios.min.js","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"597fc2353c460cd7f142be46124fa38a","sha1":"0f8ff42de3c33785d80b0e0a20463d824cbaaabe","sha256":"fd5670e03a58d86a0e3723817a351e51a8311765b05371ef47dc0d160fc7618e","sha512":"90df399ec9f078b01b315b66dbdac2e0070422e4ffd542a2e0aee099f723e7ef7405344cc6db80f7cb84217706cb219f035aa69f02808133cdd360047a3c3493","ssdeep":"","tlshash":"441132c57958b455a2a3ae33e01f100b227668336d0e1800b319fde4ccb74aca3a3e0d","size":1000,"data":"","first_seen":"2025-11-12T04:33:15.881594Z","last_seen":"2026-04-05T17:17:57.439121Z","times_seen":8233,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"bc102016899b24c77e9c95a22f063c13","sha1":"8c020ef51e507f0af8d6fd4bcad8c9457a4dfc6c","sha256":"3913329daf0872fefe111917f6584d602e95744e75d57208243f4698ec1f93c0","sha512":"226679eb8092047ba6fc32939662ee86baf76f91fed7f3b72407ae24cd1f004106edfddddfade06562cc52abd1133312c074eae7e9cb5063b6345a1c50ed945f","ssdeep":"","tlshash":"dd900202882b1dd82ca00009817d3c88f381299b01f0d4082804f056ce9008e0a081d0","size":55,"data":"","first_seen":"2023-03-08T09:43:22Z","last_seen":"2026-04-05T17:19:28.201623Z","times_seen":11504,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"0f644ded6bfc5d620f0c03a6978e7921","sha1":"3b83566660b779a041666866b7c81a28959ff40a","sha256":"003ca60c4cf5c0c65a3a2349a9ec7031584bbfb841829c5802b07bce41bcda61","sha512":"bf86cd65413307310fa5915f31d655c5630128345318effaba6d91f1b534fba5dd8b7cdcff7bba38781544fef2b36182ccf52b6dedde1b5713464606b318e023","ssdeep":"","tlshash":"5bf05005d0d386ebd9bb3b1216c74b843ba2698b7ec67f22719cd7499f004ec5478ac0","size":607,"data":"","first_seen":"2023-03-08T09:43:22Z","last_seen":"2026-04-05T17:00:52.707276Z","times_seen":24946,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"dd922a2df2031f93d4beda29a4378e07","sha1":"88baa27c7a6eb04714a77d91a6d7fd3afa1fa0ab","sha256":"47920e4b206a51d796809676d58255917a5375ddd595a0beec3848352dd301de","sha512":"f77ae0e8a265b05dd6b17ee786f675e2d541f2cd6e4327928880fdd343c6b6a1bb5c3387ce46e43d7a563420c734eae17f8efe458681ec3898da52860e1572d6","ssdeep":"","tlshash":"30c02b03324f840031d82014362e0c88a8410c0f42c8f30731cc85d6cf0d9bd3000205","size":168,"data":"","first_seen":"2026-04-04T14:16:57.029078Z","last_seen":"2026-04-05T12:52:23.49184Z","times_seen":503,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"36c5b99772d821752789e963ed9a3023","sha1":"602e8f9dca590d4922a2905a000dd0ff649574d8","sha256":"5f4794b8ef7384a1ba2983d8e1765f152d17a43dc479c4369903ce50b7c82e70","sha512":"bc1ddb43c233e304b61677916cffb54fa84b1eb41584f00fc05fc8d200092fdbcbd6b147bbeeaf9bb378bf2def24525fbe150ed36a64d50479e5fd6c08a64e72","ssdeep":"","tlshash":"0f1168cdc853067c166b0acb1ee306c82352a58be446c22732edd74e9fc42d458397c0","size":966,"data":"","first_seen":"2023-03-08T09:43:22Z","last_seen":"2026-04-05T17:00:52.708855Z","times_seen":23121,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"ce9dcdb8a1127901e2c18376070ce698","sha1":"31751b404fd333556aedbaa1032826e6c8fca85b","sha256":"af2120b69459fd06544e906d3ca45e578d4489a926120aae52e273c571bb4c99","sha512":"1cdb5190b81661b69b1528a1abf4d804d37825488f488ffc858279f18a9a60a3f4586adbf0c90e49c44b9867a8841a64153180d20b380ffda46026c784cdf5c2","ssdeep":"","tlshash":"0801f02a2a33e427ac3f10eb877f728462510313d34ec486f64f83851f00a0979d12eb","size":844,"data":"","first_seen":"2025-12-03T10:18:47.145017Z","last_seen":"2026-04-05T12:52:23.493583Z","times_seen":1710,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-05T16:47:58.099383Z","times_seen":205736,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"f6ac353375d98f8fd8e14d2f920513f1","sha1":"62e3bb5c365dba90f42158e13fc5dc306af85dda","sha256":"60177fa4bafea920cff2b58139943f8f1f94268d963a5c78178efa5391ddbbd4","sha512":"5ec6100ee8c0f504a07c8f49caa736c8ca75cdafedaaf6627e379ea8d0ca552a5727c819bd6d297f06d242d2e33a70941cf5e7b5b625c13d0bcb9d3eed33e22a","ssdeep":"","tlshash":"8cf012710a11947e416ba387d2ba47d9bc51180bac06708a322c17985f6cd6e51b2c7a","size":559,"data":"","first_seen":"2026-04-04T14:16:57.032896Z","last_seen":"2026-04-05T12:52:23.494756Z","times_seen":488,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"051fcaa4a8fbf38fb3bdcdef4e60add3","sha1":"c0cb54a5fe16f34c60b57d84b6448c8cb280e1cf","sha256":"97a1c61c3dfa12369434c1d4c47c2e76e653a9c0fbcdcc073d9170a2ce9053b3","sha512":"176a9c14dd08bebb8561121210202fa043bcb4efa2c690ad3a4d74c057c5adf8fad7287bc3422911c71e92d7b1d9973ce2d768148dcd1b507082961efc4c91cb","ssdeep":"","tlshash":"12f07db10a7ca87a0667c28f113503c9ac62788f7841f24e332c0b8c5f48e7d5230c11","size":586,"data":"","first_seen":"2026-04-04T14:16:57.036065Z","last_seen":"2026-04-05T12:52:23.495957Z","times_seen":480,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"f8124db668919059b26484ab88e61e61","sha1":"ca2e74cc0aada9d75371bf2e7dad8960eedbfcc6","sha256":"f4df8b24105f8cbfb7a2f2691ff2b2cf62944bdd1dc9b5fee02ecb2be8bf2790","sha512":"13224228e42c8a30fcd89334d77cfa425aeb51ae902266590f449866b15c31e328fa323bb700e8f05b2107e1430b084c6db97cecb870d6a66f5cbe2109b60fce","ssdeep":"","tlshash":"c0f0c2b10a52a07d513b928792b587c9ac51240b2c05744a322d07985f6cd6e51a2d65","size":560,"data":"","first_seen":"2026-04-04T14:16:57.038823Z","last_seen":"2026-04-05T12:52:23.496724Z","times_seen":472,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/themes/Mirages/js/7.10.0/index.js?v=33","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"eb05cb67a079233ff0563280b3dd125c","sha1":"9fc5ebb696725060bf1964f3ec38a849c4d136d2","sha256":"280f79e4d53124ef45f722876161ce7225c76f3a3f2239f8f93ddd0a03b62e8b","sha512":"8fce42f03702d24f4bf77bab6cf4a9f711dbad17f8acacab1156e34aaadcaf22c2294679465dd83e657eb43c0de960d480618994abe1992510b1254168ff4b55","ssdeep":"","tlshash":"4581aa453ab2503042bf306b8fef74081a156107e986df18b9adc68c4fd06a7a0c739f","size":3960,"data":"","first_seen":"2025-12-02T07:19:49.010534Z","last_seen":"2026-04-05T12:52:23.455026Z","times_seen":1884,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"0949488094f19e9df75992bd6eb64954","sha1":"fe9db43a531ca9c934ca09a3f51957490740a32c","sha256":"d04701b4bae81b4243b1a993294cdd1982979844ac7bbc26364c86a87a4bd0f0","sha512":"0b0fd360c5d290f4b5af97184244ba360401feef4723d04942cd87a3f4d461bf2b3e0de000bb590ae15d052397a0debc156105cb94f6c7eabbebaf6f9f18dd82","ssdeep":"","tlshash":"88f07d726760847d836b838b013a0bc79c122c0f7805740a335c078c8f4cc7e1132957","size":583,"data":"","first_seen":"2026-04-04T14:16:57.041531Z","last_seen":"2026-04-05T12:52:23.498667Z","times_seen":467,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"0c4d8675ac53a9445ed8863301d0390e","sha1":"619ec64ed0aa15c3955100763ae26fd6c32ef3fa","sha256":"5aafd0bc7271f7e5e4c0e5869540410327216711b9cfc88941d050de9f71567f","sha512":"6ad8404960acc3af70a736f1361750c132fe2725908695c39de697f240927e4ecd5261a7b052585697a20a810d3eafb8e306ae6605762bd1e25221bfb66cd9c6","ssdeep":"","tlshash":"71f0c2b10a1a9439512ba28b92b543c9ec51340b6c05780a722c07985f5ce6e61a2c65","size":560,"data":"","first_seen":"2026-04-04T14:16:57.042705Z","last_seen":"2026-04-05T12:52:23.499572Z","times_seen":461,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"3ea6f2f46cb345be1fd006c2ab34a418","sha1":"381dfaf4d75768c71ebc9eeedfe32ae287df314f","sha256":"8a270d766588c4a1cc0785914f75234d5b44274e88767caa41d680a68e6ac4cc","sha512":"31f287a15da68be37e4684fe582fd116a71e641327a38b88bce7b70225374de14c57a818cddf58cacab9410e13ccf46482b47a6d4e47e3b4b8c278e53121e479","ssdeep":"","tlshash":"c6f026a50aa1803d44a7828b9a3607c98852790f3c01b00a739e0b880f48fee9631965","size":586,"data":"","first_seen":"2026-04-04T14:16:57.043723Z","last_seen":"2026-04-05T12:52:23.501618Z","times_seen":453,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/themes/Mirages/js/7.10.0/mirages.main.min.js?v=2","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"362b5781346284f1fb148b6d2b8163cd","sha1":"7382b512aeeb39937e3c93e2ee1c30b1efbd550d","sha256":"50864870f44f052acb4b4d3f99a4a1ccc4c4d5ab3c5dfabeb02917e07620d1f0","sha512":"14ac42f77c4b56fd74da41a4f93e02c38e1eaccf2adce978de683cca08ec8f08b58945b4b22a5785b75671180fc3e490a2fcdfd664b2e49010a47a49ad5d91ca","ssdeep":"1536:AmlzKVudAZc+N/w/NBsdywbCxZLyaGGSI5D2iWBnAY5vnKxGgUr/lKTmcbJ9GmKf:WGjbdHY9KxrnBJguccjol+QRXsG","tlshash":"ff24f60ea6f215325297f0b85a6f8d043235802b5a4adc687d6cd1dc5f1c83c57bafae","size":214219,"data":"","first_seen":"2025-07-17T11:56:58.545916Z","last_seen":"2026-04-05T15:17:34.273742Z","times_seen":3086,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"b0da0f04e8d6a098e5952ede8a15c474","sha1":"ae7977b6161f17a88da091883337e26a6f0cfec8","sha256":"7030b0dbd07f1d87ab574ee541c16df4ea7c3eb0a0dedb04cf7ced570754b182","sha512":"b2916c33a9a97bb71b12df63f7ef35142ed052255a87ca7bdecc183c0160b1beaa56286aaa3be477d3582bd6b53993cb9496d62790cedf249540ee10551338db","ssdeep":"","tlshash":"b0f0c2b20a22a279b22f468781b543c9ac55140b2c06b08a332c079c3f5cebe5562c65","size":560,"data":"","first_seen":"2026-04-04T14:16:57.044889Z","last_seen":"2026-04-05T12:52:23.502354Z","times_seen":446,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/themes/Mirages/js/layui/layui.js","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5f2f5acbc0888752ac36267bd03ed989","sha1":"ae52320868fbff98210a63b41145c18ec8efb7a0","sha256":"56e10ef4ad4959862f9965872fcb93aa5e06fdb5a58c573190310914c5a8ed1f","sha512":"39010b2183fc0b8988d30860e1409ea8f5510463b967b8a1cf94947048ab0f7c122a9245bb345704bba9eaebc7405a76c159f35b6654b7c5bb372bae9033f107","ssdeep":"","tlshash":"4c113204fc89a89c052a1344067f893ce4196d257344c0f474f6c1ed65f60da90dff5d","size":1000,"data":"","first_seen":"2023-04-23T06:53:11Z","last_seen":"2026-04-05T16:52:44.533223Z","times_seen":4343,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/plugins/ai/common/index-ai.js?v=7","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5bbb510028cacbeb38f67ccc62e3a1cd","sha1":"ecaf3e340cb229583c54e9193058d7fd07cc1fd7","sha256":"e693600464de1645e1355d84705cfed26ac53e95a079dc370fc7ac48615d52e6","sha512":"74e6dd50f3e8d6ecec81e04e0abae302c4f0bcd395824caeefc88fa774a095379ac60d070fd34830c6ec56a80540ff412e8488bf3676eb6a78ffdc81c1e20079","ssdeep":"","tlshash":"83112b2b4afeb8828875a0c773d62020a33164235552d90c7e5f87eccfd69894395ebb","size":1080,"data":"","first_seen":"2025-11-12T04:33:15.880164Z","last_seen":"2026-04-05T17:06:52.351799Z","times_seen":3171,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/plugins/ai/common/vant.min.js","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8e7f17e24f74afcaa04f72a0f7e18bd4","sha1":"be2b895dbaec44939160a2b46fca1b4efd1f1f03","sha256":"254331bf0fa52650cd86f9f8fae9ee2483c81e5c3c44142ae33f62fd3778179f","sha512":"d22c99fa8fa9cbec950016a23c6950812c329767d69d855a1317d0afe2d91902056da906baf96a9c6c42ec802e918c55e7f86335743ee14931dc6719118e9ef9","ssdeep":"","tlshash":"a411c2953c12b451263724e6813f852fa075c43f95cc94b4f1d1acf2697357e8641e9a","size":1000,"data":"","first_seen":"2025-06-30T03:33:26.753852Z","last_seen":"2026-04-05T17:17:57.442442Z","times_seen":8373,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/plugins/DPlayer/assets/player.js","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6b7de3364454adee5f4ebf6ca671a6de","sha1":"16116d0663ad62be308b32107ad7223b01ddfe63","sha256":"1a2d8dfdf92227f6a597898d0ec0e79470c1519716b987cb77eacfa28d12f9de","sha512":"e74c658bdff61dd92e40d631595dddb038fdc365b513f692288489e111c32cd20e5d2d37bcd133763f871f59654ce5646ea0950dc9335a17e6f9ab05325fe3d5","ssdeep":"","tlshash":"d881221c68f71030525bb4f68a6fd118b2345a871509de20fe0caa5cdf6953e56f2bec","size":4075,"data":"","first_seen":"2023-03-13T16:33:51Z","last_seen":"2026-04-05T11:40:29.444422Z","times_seen":2405,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"e2f12decd9699f065166dc97a248ae31","sha1":"18e369b6deb56cff78da3f5503a94ae248e10c70","sha256":"b7d195013b0ee970f530341687b5c343dffb8b18bf40d931c53dcc8a6af04b9b","sha512":"31842348641c98704195d45ee0b0e3d3d736b98c4c05da9b5c05a83f5c4818316a163618d1b668056a64ff6922976debd6fb0cb8dea1911956748cb929ce8c31","ssdeep":"","tlshash":"1af026210611a4bd491b828726f453c9ac61381f2c02740a335c1f888f8cefd2122916","size":586,"data":"","first_seen":"2026-04-04T14:16:57.046095Z","last_seen":"2026-04-05T12:52:23.503147Z","times_seen":437,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/themes/Mirages/js/7.10.0/swiper-bundle.min.js?v=1","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2e31805cdab4c9413d030ba29c0325b2","sha1":"bd1b4284d6f4da429d36d77b56e31c68d01f2f44","sha256":"9a9984a95f4b4299560232e0607f0fd19b6e4d11d9fda7fc754617b5a195c060","sha512":"893d3504f1c84d16b80e49af592954b12a8c26a13ec8c1f11d96762841725384d0f0db2594945b3c6af3e5d25ddeaace7e61c9a11169e2f8ec7def1e6fa9cdac","ssdeep":"6144:8Cwpf+iM6mf0iNOQbB2ajId/ZG3PIcrbn:8U","tlshash":"da34300a52b225389293f03e4b5bc414b236941b7e09fda83e5c05685f6d83c57fafe9","size":245524,"data":"","first_seen":"2025-07-26T05:03:20.415257Z","last_seen":"2026-04-05T17:00:39.753027Z","times_seen":2694,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/plugins/ai/common/vue.prod.js","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"de7abf4d43f144b780fc86236b5eebd6","sha1":"487259535f3903caee0e2825d4d70e6c273e56f7","sha256":"a43ac70eed708306fcd8911a746c2a92064e529969a1556c1d3dd289e493bdb9","sha512":"43800eaba113898adb4c1c8e98912ac7f5566377d323552d39ea5cd13aa3be5b0280158d4ddbc98419dff57799df8b9bf9c9b4f8a09591d7a1f7fb013eebed0a","ssdeep":"","tlshash":"d51154b90c04f6133ab726d384476198e670402c70adf48525e8affd84a31fe9677f1a","size":1000,"data":"","first_seen":"2025-06-30T03:33:26.758879Z","last_seen":"2026-04-05T17:19:06.618712Z","times_seen":8477,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/plugins/ai/js/user.js?v=6","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"32ef92e4406c444557e863d1f380bb66","sha1":"9eda4e3d805ed95b2af4839491e6096ff0b8cda8","sha256":"f77d4dde7e4f9ce31d7b3dd06731052c09b545fd57f9110be152b3a43403a0e8","sha512":"0d25445d681257cda0c7de4934fa3386724555859be0aa1a49ee2d091f3eff7a54cd773b609644d42838930985f2f63d6d21400279427dae005a84bc93ab706b","ssdeep":"","tlshash":"6421bd67789b08e05e476565812d410a37e0d0032209c6007e2dd71daf72f678c9bdf7","size":1122,"data":"","first_seen":"2025-11-12T04:33:15.859059Z","last_seen":"2026-04-05T17:18:52.719845Z","times_seen":2517,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/plugins/ai/common/popup.js","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"026709ed231cf8d920385fed59c17ca6","sha1":"19696886744402cb73a48a41e625b23f5acbb813","sha256":"3438d0b2d18590fa1f7f0c324a5ba9f42b699de78006ed372ad043bdf46a7e1e","sha512":"aa01a6f89fad627df9437b5bcf8c3feeb7bb9719d12f12ad8e00d031f3092d1de299ffa4cd98229ddbfd3c455a21934e0e391e1c06d979cfe65fbc0f08cf99e4","ssdeep":"96:P1spJ1L0gLrdAZLLCWICzj3nMjnjOSdFsCaxud:QTo3ZLLCvQj3nMjnjOSdFsCaxud","tlshash":"c4d12f9931f3213082abb27e6faba0143230a0477108dd197f4d5f900fc573a66e1bea","size":6669,"data":"","first_seen":"2025-11-08T04:26:01.83069Z","last_seen":"2026-04-05T17:00:52.688851Z","times_seen":17929,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"78e0fb49bb7a7d1f1552389ddeb54876","sha1":"0551042565108a2694a2ac7a04a022f4d077447e","sha256":"079b66b04f8796dfa1ebe0bdeb4275a9decc2cd42b186b1716afc35114d010bd","sha512":"3b611d66729e8286659f9fe3ff911eea2b480d67b12bdabc5d580bc73ada1e2b0785c2881f459bc445a034bed1d8340b5b5e21cf2b8a05c9de6360af6f8174fb","ssdeep":"","tlshash":"5a9004d533d35010475313dc01775ccc503444f114544dd04050f4755c55031d3d5c5c","size":43,"data":"","first_seen":"2025-11-12T04:33:15.855922Z","last_seen":"2026-04-05T17:02:33.332018Z","times_seen":10389,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"fdbdeafef7ca604cc564284733247f43","sha1":"848ab3abfb20e7dba8f7353790960d61a22d9e30","sha256":"228cefa3a762e4312b6b2efcafc15ff4fc8e3087fb61b344578c2dacda475790","sha512":"ab6926bb503c29becd43cee5d3202746c18bb04e77854e69df1fc31201b25b76a00027d8487d7e914da2b36ff878dc8514473554b9b2c4e0a61dfd6126b4edd7","ssdeep":"","tlshash":"fef0c2b20a12a539623b828781b683caac51140b2c47b04a332c07d83f5cdbe9563c67","size":560,"data":"","first_seen":"2026-04-04T14:16:57.047059Z","last_seen":"2026-04-05T12:52:23.50395Z","times_seen":426,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/plugins/ai/js/index.js?v=6","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"ce4d7876d7106887e51f996982a5daba","sha1":"026e6793c7dd2a7b666dd3ad1bd18338f1f3100f","sha256":"774e64e628f48beaf71a54c699efca799fa6c23cc1efaab04bfcff1d70e61548","sha512":"8605328b67e4e2a3d174fc518305b72697900a6c6ab44d6d82ed547cb6e5368645981649c47132672b791f118910573126d4e41e768e23a3a1fa79e5fb41fde2","ssdeep":"","tlshash":"2c11104615fc98218a42710b3b9ff1257810d9372e09ab987e1c83d84ff49fad293e5b","size":1062,"data":"","first_seen":"2025-11-18T06:11:46.508522Z","last_seen":"2026-04-05T16:52:44.523019Z","times_seen":1899,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d90a3226d568a1102e37adfa71e864b4","sha1":"28ac9681caa5c6aac2a8b6f937466a57c068b9cd","sha256":"fbcdb27f868f52199e094badc56843176f8cd094b74a573d4624f1461f6226fd","sha512":"3fb8c0ef52132d75e394450be7aeefb4165b547b867c5dcf18eb77a3c4807f925128416d0bf2f47360d5b0cb8e63bb8c7fb25e934dd5484071a9d942b651d7e7","ssdeep":"","tlshash":"47f0cd36165990795767828b527543ca9c91380f7c01701ff33d478c4f48f6e1265e69","size":586,"data":"","first_seen":"2026-04-04T14:16:57.048177Z","last_seen":"2026-04-05T12:52:23.50476Z","times_seen":412,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7948cc3e5538bcf926df6675d4ae45fe","sha1":"a6419e4c05a0e712b329b692c74f490bf2ffe752","sha256":"7376cba0e6a6b7ac01f10394578ca772d71315ba2d81d78e7d53e0329a2c428f","sha512":"87df1a5240a5456d9c07bf1a6c747d28cd0594268ff89bbc186a5c4790505ef7e131a1a154cdf3d1d681729507d1e401ea9f766a1672904705a3eb9b94edf956","ssdeep":"","tlshash":"25f0c2321a1094ba422f428bd2f50bcedc52180b6e05648a336c07985f6cdfee272c65","size":560,"data":"","first_seen":"2026-04-04T14:16:57.049316Z","last_seen":"2026-04-05T12:52:23.505543Z","times_seen":399,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"42243334d98bad54b8d86d95cdca97b1","sha1":"dc58d321c30cc8450cc4c658b7e6d026927cd3d4","sha256":"d95220339053ab8c610bd527bc11ba442f96b4c77c046c9aa4cce00c619bbfb8","sha512":"40a6d29e8bcaf54316bedd065e9f5b3a62dc69ee974e3e89ef22650c30f36e2cdebf294a4ace172b4b7658cce29a3970b195668bbd026afdda6185651ddf4002","ssdeep":"","tlshash":"ecf0c2211a26e07e416bd2eba1754bc69e512d4f3d01b00e335d0b889f8cdbe2231d7a","size":586,"data":"","first_seen":"2026-04-04T14:16:57.051082Z","last_seen":"2026-04-05T12:52:23.506326Z","times_seen":386,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"bc1f6f26253feea3af69c6f1c623eb41","sha1":"47fe733a32825f37b19169f61676bfb589064cf3","sha256":"f109a14ac692c5831978221f82dae1383e68b951497f9ba55ce8c4d74448358d","sha512":"da3afb6ebc05fdc5b03b4c89f1bce362a5c99af72bb937b5b1a891519786407cd81f62feaf5baab99c27c58647988848dcb14381820d39bb6ceeaf4a89733061","ssdeep":"","tlshash":"96f012b30a22d4b95a6f828791b64fc9ec91180b7c09a44a722d07985f5cdae6272ca5","size":560,"data":"","first_seen":"2026-04-04T14:16:57.052261Z","last_seen":"2026-04-05T12:52:23.510874Z","times_seen":372,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"f06f61937931dc4b1550ecf4a4eb0da9","sha1":"e72a85c08d5f8b71e0abfcf772e7517e29f2f1a3","sha256":"d7c28d5915e15f772e2f2e4b950f12de814a6042776d95ddd167faa4b6d043ce","sha512":"42a3091a8918db2e02cc89d06908eb6a04d28c1bf92a4b003b72074ac7f071717d971319c2b9d8ece3bbafd22de6f85e61a641a8118a1e5810bef62447f34bfd","ssdeep":"","tlshash":"e4f026310669e87d1077828b813247c59c52280f2c05b14a336c07cc0f48d7d1160821","size":586,"data":"","first_seen":"2026-04-04T14:16:57.053501Z","last_seen":"2026-04-05T12:52:23.511684Z","times_seen":358,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"78e0fb49bb7a7d1f1552389ddeb54876","sha1":"0551042565108a2694a2ac7a04a022f4d077447e","sha256":"079b66b04f8796dfa1ebe0bdeb4275a9decc2cd42b186b1716afc35114d010bd","sha512":"3b611d66729e8286659f9fe3ff911eea2b480d67b12bdabc5d580bc73ada1e2b0785c2881f459bc445a034bed1d8340b5b5e21cf2b8a05c9de6360af6f8174fb","ssdeep":"","tlshash":"5a9004d533d35010475313dc01775ccc503444f114544dd04050f4755c55031d3d5c5c","size":43,"data":"","first_seen":"2025-11-12T04:33:15.855922Z","last_seen":"2026-04-05T17:02:33.332018Z","times_seen":10389,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"ffbd09908b64ee83db51343314c115e6","sha1":"53fd23e53fed0632546bdf3c27cbaa1bedb383d7","sha256":"30343ca9c5348318af6d44fc693cb9698d8a200dc52b7ace9c3f70e63199f247","sha512":"d079dd34b078ba6f90da588f6c9567e4366d8ab7a5618bcfb0a5d53d998431c7a7d2308896fde3fe6b64238aa64b271feecaf7dc21bc387fa4755e0a6df0f493","ssdeep":"","tlshash":"aaf0c2320e1090ba412b8387c1b547c9dc91180b3d06644e332c07981f6cdfed272c65","size":560,"data":"","first_seen":"2026-04-04T14:16:57.054633Z","last_seen":"2026-04-05T12:52:23.512327Z","times_seen":345,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"3a9976b96b5adab0394f0aa2640cc10c","sha1":"5bf169394d37355347cd7862a58229ff20b1b5a5","sha256":"053a1b0c83f1c033922a98a7743492f0e0a5f9fc2137506f1cc716505b5f915a","sha512":"f327e6cab537f39b900d18b4440c3ff22b45099b876ba284c776252d55826e987a1a3c3146e689d7f07a4b680629b6247868c6ebacacf9e57b87bbca157c3526","ssdeep":"","tlshash":"a8f07da11612c03e516bc287867503caec122a0f3c41f40a335c078c4f58dfe1330e56","size":586,"data":"","first_seen":"2026-04-04T14:16:57.055772Z","last_seen":"2026-04-05T12:52:23.512939Z","times_seen":326,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"da3d2f00d8e87afbb6e625ad692b110a","sha1":"4120f6e31fed1e0feabb04fd7de255fccfec0f5f","sha256":"9e39961dcce8fb3e41af61e0d2e1d3bc8f965e3f8e416584f541095be05a211c","sha512":"83fb2ddc55ffd3564011b9f791848028ae2c3c263d03375ba8fe640303385ad9ede15790d346b517df60795e260cd8d4ee006f7db794522b1bc24dfd50be9bc0","ssdeep":"","tlshash":"4bf0c2220a10d079512f538781b903c9dca1380b2d06a84b332c07991f6cd6e6262c66","size":560,"data":"","first_seen":"2026-04-04T14:16:57.056745Z","last_seen":"2026-04-05T12:52:23.513536Z","times_seen":306,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"28d4bf5f9a0c1fd436fb5df56d5a99b7","sha1":"c527d024acc377db355373e2b374cc6e6998c004","sha256":"1a4696dfad010e9eae25826105a7c0601801e9313fb97c33a6646a0069ba04a5","sha512":"a0a37686426c6b26729a3a38f2ba232bbdb0aabd6d38831fc0dadc7f1cdccee4fe8f2792fed8518bc43d367177d4004dbd687280d2fabae0f2c14de7202764d2","ssdeep":"","tlshash":"e6f0866116159479716786db9aa507c99c61284f2805b00a331c178c5f4da7d1371d56","size":586,"data":"","first_seen":"2026-04-04T14:16:57.057932Z","last_seen":"2026-04-05T12:52:23.517498Z","times_seen":287,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/themes/Mirages/js/7.10.0/tjtag.2.0.9.js","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f6c720825dae6a0211083456202edd0d","sha1":"f55ba4cd40d6868a5e1716729643bf57a51d36c1","sha256":"149e936303bdd6ff53a9acfc3a955a59885aaf1a4adf498693826d402ee57f65","sha512":"c9408175170cd358265617efa88d3a78f573e7ea90287650427d31f5e82f5b6a964f1b13ce141aa151476fbc063761dd87b1ae5dc78c2f424128452fe2895a20","ssdeep":"","tlshash":"391123a9292c24aa34c3523ff50e6180862a1ecf34add1cfe9961cc455ce10dc18febc","size":1092,"data":"","first_seen":"2026-04-03T15:04:13.576455Z","last_seen":"2026-04-05T12:48:06.567527Z","times_seen":186,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"a2c8960199422670b862d91f551bcf56","sha1":"e693018803df1df07cbdfde25e8ba45000f39b11","sha256":"7f30c9faaa474c82274531c4f6fe4e6262a7b5ca43ad7b083ed95265d076ef5b","sha512":"16d84674f9ef0f5e52cc71e2aa15281ad09d8a49b7f2f651754a5677578bc2c3495c23ad0b2dbefc626ab07df34c77589b3dce582243a808632ec206650fa1ed","ssdeep":"","tlshash":"5ef0c2260e16d479622f42cbc1b703c98c91580b3d06a00a336c079c1f5cdfe9672c65","size":560,"data":"","first_seen":"2026-04-04T14:16:57.059151Z","last_seen":"2026-04-05T12:52:23.518102Z","times_seen":269,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/plugins/ai/common/clipboard.min.js","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"15f52a1ee547f2bdd46e56747332ca2d","sha1":"9a7cb405f9beed005891587d41f76a0720893ffc","sha256":"e17a1d816e13c0826e0ed7febfabc3277f45571234bde0bf9120829a7169edc9","sha512":"ecee695e9734a0246bc64f1151f0d81609f49ced6dfa32ee20e41d38c469e003c1eee678bd28eca73a79cba603b43b385735124db5b304567f2ca2619f214e2b","ssdeep":"192:s6IMH3HEG9JVwkHg4LyAal318/NYusfkApXMdgmkpj:sy0G9J1zG3eFYP/XMmmkpj","tlshash":"77126399b291b0b15ae731a9412f920bf2766969708b90d0d239d4f0acbcdde4463f3d","size":9160,"data":"","first_seen":"2023-03-07T12:23:44Z","last_seen":"2026-04-05T16:59:41.067283Z","times_seen":22994,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"1fe8b95aa326266ac3c84ec463f090ee","sha1":"2d52b70dd4e76e355b086707f39a78e1451b0263","sha256":"9e1fa744174ec14906aa64ef03c61575b0b5ee411240521c99dc654d82ba0379","sha512":"1c93fabe05182dde91fa9a8cd3dec21d5e48650bd18bfa1d45314ebabe8addbe21ca62ec148e3eb22e5e0f82c2ce6dd944ac7021209a2cd712cbce442e2b9725","ssdeep":"","tlshash":"4d9004dd33c35400475311d400d73cc45034447034554d404474d4711c55135d15dc7c","size":40,"data":"","first_seen":"2025-11-15T10:51:27.219486Z","last_seen":"2026-04-05T17:31:32.563301Z","times_seen":7101,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/themes/Mirages/static/jquery/2.2.4/jquery.min.js","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2f6b11a7e914718e0290410e85366fe9","sha1":"69bb69e25ca7d5ef0935317584e6153f3fd9a88c","sha256":"05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e","sha512":"0d40bccaa59fedecf7243d63b33c42592541d0330fefc78ec81a4c6b9689922d5b211011ca4be23ae22621cce4c658f52a1552c92d7ac3615241eb640f8514db","ssdeep":"1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2","tlshash":"1e83c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","size":85578,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-05T16:50:32.425922Z","times_seen":264778,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"eb3fb5dc52d8a7aa757d94e752dae70b","sha1":"6a7d84f776f4a4693889ad69fa8d3667c12e265a","sha256":"29e56ef542ac192fef187b0499fa1c3f3d4474e4738ebc78a05fae764350e6cd","sha512":"21ac9a3035724a424a72fa73c6a5b804e44513a72074be9187156d4eee39a473943313a8b1227399b6c6caeb78e114f6f7922126d32303180613d71bce8fefe7","ssdeep":"","tlshash":"f4f08631161694bd8167c2cbd17907c59c62285f3c02b09f335c07885f98ead2161966","size":586,"data":"","first_seen":"2026-04-04T14:16:57.06114Z","last_seen":"2026-04-05T12:52:23.518703Z","times_seen":251,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"9b934b91c347fa66e9d8e21c3e6b94e0","sha1":"d8b09fb422d55d43c4b1214b3906a651e39d0fc1","sha256":"43e3ca7485925c0eae1ca792e34b6198490bbacb42d674f7ae8a87f0efbb4fc3","sha512":"50fe2b6ddebf0ac057d3346373a94734c2012e5f42d51fc53fb3355e8e163b6367321a63ec0e58a50b6d81904831b8d29101c6bfae9f7b34f237b7a8f7006675","ssdeep":"","tlshash":"a1f0c2b20a12d4b9512b828781b60bcaec51180b7c05a04e723c07981f7cd6e1272d65","size":560,"data":"","first_seen":"2026-04-04T14:16:57.062382Z","last_seen":"2026-04-05T12:52:23.520415Z","times_seen":229,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"dd3fc5d6b50fa8263108d18f303e544c","sha1":"0f56bfa657dfd562a7a63d3af46176df9d0bd20f","sha256":"6525a2c8d1be92fe494985eb7723512306504f21aec62d88658310f67bb94ecc","sha512":"b25e06825412ce3ffc1983a370a29dc350c2d7fafe7fe40abf0302e9df9539e29266466d535df9bf9604bc31c036b5cbc6bb23260c225c608bf66373d1ddf210","ssdeep":"","tlshash":"32f086620615d47d41eb8287956a03c79c61190f7c06b40a335e47c84f9cdbe5231d76","size":586,"data":"","first_seen":"2026-04-04T14:16:57.063729Z","last_seen":"2026-04-05T12:52:23.527212Z","times_seen":205,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"a4fb9b16abf3c56558ca3b486e066267","sha1":"599ea634c48807fe11d3feecdba8a6bbc95bb2b1","sha256":"9c2bcaaa96bebaec25ac1ffc2f3b6078f1ab4c7c7d1517f55a411ab97ab35505","sha512":"075c36aaff8ed6d1197e3dd2ccda99a184ff4403000741a7e139ac252cf144ea34f3e545edeceef85e8d3ec65d2df87cc0f63a3ac99121e3d2131ea63f27d136","ssdeep":"","tlshash":"2af0c2720a10d4ba513b428b91b707c99c91580f3d05a04e322c0b981f5cdee9662c65","size":560,"data":"","first_seen":"2026-04-04T14:16:57.065158Z","last_seen":"2026-04-05T12:52:23.527827Z","times_seen":188,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"02b610a09920887a72f10143c815bae6","sha1":"db510e5484689e6f4afc83d1475274268043d0ee","sha256":"0fb5185a17223cf9841f2cd70aff3c3661831758700e6b83c46545001fbfed1f","sha512":"7618f7c43a2481e447d4789e6f930cced844352785afeb77b72a6c54baad47a7bca8db3036bbbab57aadfaf40d02609495349517eabecc1ab36d1da4f367b087","ssdeep":"","tlshash":"a4f07db10a21d47e102bd387d17547c6ac112c0f6c01714f332c078c4f58ced6121d96","size":586,"data":"","first_seen":"2026-04-04T14:16:57.068616Z","last_seen":"2026-04-05T12:52:23.528394Z","times_seen":165,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"674c30274deb7f6b51f10438aea842b3","sha1":"f473e4b8979651cf6ec84813de817eefec0a2080","sha256":"0fd512ebf6112c0cdae5ee2567370761400c1daede5a65f7e9447bbc51b9dee2","sha512":"800d4c70d2a42210538251eb8639d52e692533ff664d904dbd4b09e6b8f4a1034bd000b96c58de4274f16b15c8206c61f3ddadb8a353995d243146b04a4dfeec","ssdeep":"","tlshash":"03f0c2220a109479612f468781f647c98c95180b6d05a04a323e079c1f5cdee9a66c65","size":560,"data":"","first_seen":"2026-04-04T14:16:57.070477Z","last_seen":"2026-04-05T12:52:23.528951Z","times_seen":144,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"5b2aa4da87b4fca3d55b68168e59b11f","sha1":"12ccc0bb65ac307512f1c74476ed398a0e0cea69","sha256":"614784c218bb9b55f25a9a20e43697a449317381ae9f5d04e760846283850413","sha512":"2eea0ec0588cb6346eee09fd898ad03fada456096aa6009eaeceffa006b7040b63707968f39a2ef514989e1710c3a912f86396c96db7008df2e738f615e0ab10","ssdeep":"","tlshash":"51f026251725a0ba116f82cbc16007c9d8112c9f2c02b00a332c8b8c4f4cdae1660876","size":586,"data":"","first_seen":"2026-04-04T14:16:57.078472Z","last_seen":"2026-04-05T12:52:23.529525Z","times_seen":128,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"891e6040ba7ec8c5da3cc8208aece6db","sha1":"6c7da09e4f61094283bfd01e85f6c3d7096babd7","sha256":"3ea36151ba0f910a1f1b15f6d1903a4a4c23a1bb2fa48f056f7f5c6d61c5e704","sha512":"133faebe3a9662bb8ef786cfa8cdbe7b8f5c81918db3b818fe517d3e7584f9f559c7bfa1b0706c78ee42ce2b14c3ba7accccc431d5df2baeb0f57d5d007c8c7d","ssdeep":"","tlshash":"25f0c2a20b1690be423f868bc1b507cabd52548b7c09600b329c07991f9cd6e1262c65","size":560,"data":"","first_seen":"2026-04-04T14:16:57.082071Z","last_seen":"2026-04-05T12:52:23.530065Z","times_seen":115,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-05T16:47:15.910645Z","times_seen":597236,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/plugins/ai/common/parsley.js","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4e84bbf7a68d90ae5048b572c49df4a2","sha1":"164dcbde378818a3f947919726099dae440d24f6","sha256":"9f685169ab4ac17e2cf4e5a995213cc0d878e9cafd55793260d1609a4aee105b","sha512":"525864c838082d9e05d4e87229b4e95afe8d40c3f82cb3820f5126ec108998d4e2d2855aac8efcdfc718ca84c89cddff08fa69131734daecd990d95a7aa4948c","ssdeep":"","tlshash":"11110eec69e97021155721aada4fc446ba38c97311cc1c043e0d69b0aff457c17dab4e","size":1000,"data":"","first_seen":"2025-11-12T04:33:15.928399Z","last_seen":"2026-04-05T16:57:56.833606Z","times_seen":3533,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/plugins/ai/common/index.js?v=2","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"7100b3bb6374fba57f9a126fab1d6b90","sha1":"7480143687bf34b1a6dddc10d9af91e440df14d3","sha256":"e0ed395efa6183a75018aa9731086ba976d4860fa36c265bc8125a6e204eb9bb","sha512":"cc2417fb1ce9c504815d164698f9e3715193727b43bf7b027617bf801fb976d1662a4360f3a8745185bfd849e7daa495609d2b6a3e79f85950cd4f6424f792fc","ssdeep":"","tlshash":"b87195a0b3ac253c47d6b1942c7517def6bc20a16a03949dfc9c4c2d50bde7f81e8a95","size":3709,"data":"","first_seen":"2026-01-07T06:02:49.720018Z","last_seen":"2026-04-05T12:52:23.459146Z","times_seen":959,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"f14663a30ab3864565b39db8f3c41b08","sha1":"18bc0f91408d47ec822a8eaf2899e123d9d6ef3e","sha256":"d64ab1f116c64be7fecf30aa6b6a252d4cc24a1e8d2ad4ab30328c38d36a07de","sha512":"4da4b68526f83b708c46710f24c30bb0b34f73c1d650fa56dec6b80e21835c11bf383d3324d43583a575364fde99beea258ebe0f6c1a2c463352e3443f91a3e6","ssdeep":"","tlshash":"7bf07da20b20e4b9056fc6e791300bc68c113a1f2c02b00b335c07884fa8dbd9261e29","size":586,"data":"","first_seen":"2026-04-04T14:16:57.084964Z","last_seen":"2026-04-05T12:52:23.530908Z","times_seen":105,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/plugins/tbxw/js/zzz.js","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"78dab9fcf576de8cba46edd716dd2309","sha1":"7113abe41f95159f9bfccf70d01bdda1055af2ad","sha256":"7c66d6c8e2c470780513a282b66e2b5b7429ed863d6a0ecd6054b38dcda004b5","sha512":"dbb858875e532b475f827c930c154cac09e9a952b20053a0f7e1b34a050100a0a3a41f8aabeeab4af2dd90082363fe3ced3a5957f7250a4918d305b49655e040","ssdeep":"768:J1Z4iiyfiD78x6l42SWRV4HC0o10LEnM9OT81agZnEpn6ZFCsUleZ:vZYDc6lXJd1mZpZEdq","tlshash":"da331bc5a19c609153a774d50d7f704bb4637526170d89acf228e8eeecfcaea9039d38","size":50811,"data":"","first_seen":"2023-03-13T16:33:51Z","last_seen":"2026-04-05T17:00:52.62584Z","times_seen":26402,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"56c9d7c13af2ff9c69dc196cf7bd70b2","sha1":"47aa1bb91129397a26620f1b82dc174a694d5053","sha256":"b8974d9fac8e5546696a09a4b51f2da557a77a7c4b1915ff00881e8db371ff07","sha512":"2e177db932a256b4ce6d0908bcf84020ef674c14b27bac6f77b6f1f33b8f03a01df60c149a0049debfa5092cf965c34d2f26f2392c5bd12272dfe6b03c34c219","ssdeep":"","tlshash":"8df0c2a60a109439822e4acb81f507cacc59144bad05740e731c07d81face6e9272d76","size":559,"data":"","first_seen":"2026-04-04T14:16:57.088182Z","last_seen":"2026-04-05T11:11:29.99744Z","times_seen":96,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"pic.lfvjpw.cn//upload_01/xiao/20260402/2026040213000955128.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.961Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET //upload_01/xiao/20260402/2026040213000955128.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 02 Apr 2026 05:00:14 GMT\r\nEtag: \"be3db2953cde8af75e27ccf43b6941f7\"\r\nContent-Type: binary/octet-stream\r\nDate: Thu, 02 Apr 2026 05:02:40 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 4755\r\nContent-Length: 56288\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 2339158143079741799\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":56288,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"be3db2953cde8af75e27ccf43b6941f7","sha1":"392700e7297d1a436dfdb251e3625f73cdf1d592","sha256":"67d1e20f1f471bb331276e7f58685ca739bc4cce345645cd6de4553092b0d499","sha512":"f111239b1f1923946da7fd7056bc3816f9a3d2091bf9bb94f9afd11bb771c0dcc0986f439e889a24d1367c987bafcdb43ee732c1ea5018104126e993966b8085","ssdeep":"1536:q70e+gf+6uHUS1/oOqASaIgvGAqgaf4l4dt/A:qAe+gf+6uHnfq0tXtAI","tlshash":"464302d537cca0a3a7a8031ed9270a6f50c068d56fb2cb158af62f0e6736ce2d4542f5","first_seen":"2026-04-02T06:28:17.122055Z","last_seen":"2026-04-05T12:52:23.448787Z","times_seen":526,"resource_available":false,"data":null}},"time_used":189,"timings":{"blocked":43,"dns":4,"connect":21,"send":0,"wait":47,"receive":1,"ssl":55},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2025-12-10/6e35265a8eb22070080f7feeea5c75fe.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.226Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2025-12-10/6e35265a8eb22070080f7feeea5c75fe.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 11 Dec 2025 03:30:32 GMT\r\nEtag: \"4d4782772c66197e7bb72273464acbcc\"\r\nContent-Type: binary/octet-stream\r\nDate: Thu, 11 Dec 2025 03:30:32 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 772\r\nContent-Length: 266704\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 11289124504053572974\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":266704,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"4d4782772c66197e7bb72273464acbcc","sha1":"bb5180f3a210440991063df7c71a5f2a73235d66","sha256":"d1b7c5ceaec125a25f11bc63a88adefca0ebf8d4fd47586ac9e5e8c86d94c10a","sha512":"a9f581a25de284a7a4496c8d4f601f60b686cf7048ec0b9015e3131fbdef9e6a43af3c91fe84ba4e7335f516bfc38e28f07580bed9393be30a0943bd41ed2185","ssdeep":"6144:HZHcEA6bo7O9Do4nLk2E//R/+YFihoUDtUeZ7:HZ8EzSOhos4DWYFihoUBD","tlshash":"324423cb5875e0a1541ffa2ee80de01da06ad1fd46e4dda886adf2c53f13805c1f2a8d","first_seen":"2025-11-23T05:10:59.088648Z","last_seen":"2026-04-05T17:00:52.674802Z","times_seen":16525,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn//upload_01/xiao/20260327/2026032714233634641.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.306Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET //upload_01/xiao/20260327/2026032714233634641.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 27 Mar 2026 06:23:40 GMT\r\nEtag: \"e7f3ebbc3b179850a5cd6fd9baae8ede\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 27 Mar 2026 06:33:28 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 2084\r\nContent-Length: 71872\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 16250055720678139614\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":71872,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"e7f3ebbc3b179850a5cd6fd9baae8ede","sha1":"9a941e7ef88684c976f70f75725a6b1f9f2dacf3","sha256":"34381930bd487991b124cacced85fa9735ce860640ba114e646354560abd574e","sha512":"3e40a0e5cbf2176a42c015dd3f40eeab396b68e379a2bebd09a5eab1106e50ee20b6db5b93ed2099690b02b5195f7517d0ab6c05b1d4c8a2ecd5542d44fe0b08","ssdeep":"1536:M0avO0f15vGsxDt4i82Q+kvQ88cgFMO6+j4m/HOj7oqqgpLSP:bavvGoDtR8GzbFz3jz/HlHP","tlshash":"706312ac480c80e9cc3feb1f64e043d57dd98be0f5d6c795666c06a79942ce06ca317a","first_seen":"2026-03-28T05:36:37.68013Z","last_seen":"2026-04-05T12:52:23.438251Z","times_seen":546,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ads.zyudkkup.com/api/eventTracking/report.json","fqdn":"ads.zyudkkup.com","domain":"zyudkkup.com","tld":"com"},"ip":{"addr":"156.255.123.151","port":443,"asn":63888,"as":"DATAWING LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:46.635Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zyudkkup.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 03:53:19 GMT","end":"Sat, 20 Jun 2026 03:53:18 GMT"},"fingerprint":{"sha1":"27:F6:4D:51:9C:51:6A:20:E0:1F:AD:77:74:1B:F2:27:39:DB:A1:9A","sha256":"FE:29:F0:5A:06:E3:36:8C:30:6E:4B:70:DB:8C:55:00:E5:EC:C0:C9:64:E4:C5:E2:75:0E:6B:C4:BB:22:BC:07"}}},"request":{"raw":"OPTIONS /api/eventTracking/report.json HTTP/1.1\r\nHost: ads.zyudkkup.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Apr 2026 09:39:46 GMT\r\ncontent-type: text/html; charset=utf-8\r\np3p: CP=\"CAO PSA OUR\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: content-type, token, cf-ray-xf\r\naccess-control-allow-methods: *\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fQhPR4g%2FQrcBcbC88MDbX8RKi83dRb1QfZQpdPUAeYHJ%2BuSwPjnzk2HlwUyrchpF60e2bwJkirrkcVFQ1CnuOSJDMQrUPZDCPaROs%2FlYDiEO%2BDH9o37g%2Bf%2FmwpPwOKhP8E2X\"}]}\r\ncf-ray: 9e779668b9f85ebd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T16:47:07.54892Z","times_seen":13384334,"resource_available":true,"data":null}},"time_used":289,"timings":{"blocked":40,"dns":1,"connect":1,"send":0,"wait":206,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/plugins/tbxw/js/zzz.js","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.556Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/plugins/tbxw/js/zzz.js HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ndate: Sun, 05 Apr 2026 09:06:33 GMT\r\ncontent-encoding: br\r\nserver: nginx/1.28.0\r\nlast-modified: Thu, 20 Jul 2023 08:30:10 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\netag: W/\"64b8f092-c67b\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: dW1YwPyG7s-SkyGH45QVAVKKWn8ITkmlxlmdebdecJFAJ-Azw_2mlw==\r\nage: 1987\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":50811,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (48316)","md5":"78dab9fcf576de8cba46edd716dd2309","sha1":"7113abe41f95159f9bfccf70d01bdda1055af2ad","sha256":"7c66d6c8e2c470780513a282b66e2b5b7429ed863d6a0ecd6054b38dcda004b5","sha512":"dbb858875e532b475f827c930c154cac09e9a952b20053a0f7e1b34a050100a0a3a41f8aabeeab4af2dd90082363fe3ced3a5957f7250a4918d305b49655e040","ssdeep":"768:J1Z4iiyfiD78x6l42SWRV4HC0o10LEnM9OT81agZnEpn6ZFCsUleZ:vZYDc6lXJd1mZpZEdq","tlshash":"da331bc5a19c609153a774d50d7f704bb4637526170d89acf228e8eeecfcaea9039d38","first_seen":"2023-03-13T16:33:51Z","last_seen":"2026-04-05T17:00:52.62584Z","times_seen":26402,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-03-18/9c721f2f1bea6f5ce34b66dc9ee55337.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.322Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-18/9c721f2f1bea6f5ce34b66dc9ee55337.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 19 Mar 2026 10:18:00 GMT\r\nEtag: \"2ae4d745cadaaf6c8e5a769534448423\"\r\nContent-Type: binary/octet-stream\r\nDate: Thu, 19 Mar 2026 10:55:04 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 471\r\nContent-Length: 73120\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 7650907842132156327\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":73120,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"2ae4d745cadaaf6c8e5a769534448423","sha1":"266baee7e1bdf159ea905c2de0a285ac8809d98a","sha256":"25dd63b3272d8a94a561a98fda513f7184794ceb82f4e160a43428ff3af2bbda","sha512":"8525a2890c55972a6f0b38a4ad22280fcbc13b4d9c1ddace427b7279b29258a0cf2ff06ec8b75d23a2b15081f0110dc97e29c576d084245dce09c4f4201839fa","ssdeep":"1536:4X1xCDaMb7gU+MV4Uxh2jX1c9Qp6fo5l/B9XI08lYi0o7/iFCmUn0Nk:YxC+27b+MZ2P4fojYZmi0o+F8nmk","tlshash":"fa63024343fc9789273b3b617b1e68b4810dd895e2c2015c01e375807bbf9ba5ba95cb","first_seen":"2026-03-19T11:57:27.193924Z","last_seen":"2026-04-05T15:42:27.762058Z","times_seen":802,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-03-15/3688d6e1d30f0f088655c7d4b94b0d49.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.326Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-15/3688d6e1d30f0f088655c7d4b94b0d49.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sun, 15 Mar 2026 02:04:15 GMT\r\nEtag: \"badb0e96e2249cf73c2ebd9a61d43cc5\"\r\nContent-Type: binary/octet-stream\r\nDate: Sun, 15 Mar 2026 02:55:04 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN52-P1\r\nAge: 438\r\nContent-Length: 188368\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 12200836411602541051\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":188368,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"badb0e96e2249cf73c2ebd9a61d43cc5","sha1":"ae4a4fb0415e2af6a4199220a0903a909ea24fa0","sha256":"27d3dd4efab288a7f7c6fbfd288c71cbd79e6d1f714cbdac7e3e053c6e016ea9","sha512":"7c9c41bc1f33c13e7738c615989b73772bbb9a5ce172ac06e6888c6722cafd5fb2f50737d93a8d0aaf06f4f9887bd30bf97cc45ea98ce6504388d0eef57ea8e9","ssdeep":"3072:27dejwYjl+IK/T1CSshiiXBpT+/m4r66yj6AWteIo4IZExWfSPndkajSnfPcMN3:2UjwYjonLo7NpTmm4rfyjdieIo4IKxW9","tlshash":"290412776a18a6c1387ae49e14e6154e210df853a00cf939fa285ac4cdee6ecd735c2c","first_seen":"2026-01-19T17:21:33.970992Z","last_seen":"2026-04-05T12:52:23.452316Z","times_seen":737,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-04-02/ffca571e35373fcdd2b0a8747985097d.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.345Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-02/ffca571e35373fcdd2b0a8747985097d.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 01 Apr 2026 17:37:15 GMT\r\nEtag: \"23e14ae135d945cb5069fe0cb5761a85\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 01 Apr 2026 17:55:07 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 140\r\nContent-Length: 1646000\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 6990063237441832617\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1646000,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"5907e342d8f4e47ce7a44e2c866a1adb","sha1":"bbc1c2f20f5b2e0c9e940dc9362f331a59da8d85","sha256":"da7b5803874753c5f11c17dafd2d243f68852437900ad645a127dd0a72ed8139","sha512":"46acee073c581eead9fc4f78341b1026e12b98cacd382664f01cc7cfbec3ad44575c24f49da67970f836513a80a91c518a0d8dcd1e80a76c2d40186bb9b3101e","ssdeep":"24576:34si4YRc51suwtiNy25JSo+ylKRoVOxWnK3bGjksuCV6:3414LmtiA25J0VRoqWnK3bGjgC4","tlshash":"e8253389bc22c391c78f63181dd0e39ebdbbd985571a34d3d82d9d89addb6811a230dc","first_seen":"2026-03-31T12:32:32.340747Z","last_seen":"2026-04-05T17:09:48.637333Z","times_seen":3480,"resource_available":false,"data":null}},"time_used":316,"timings":{"blocked":52,"dns":0,"connect":0,"send":0,"wait":13,"receive":251,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/plugins/FootMenu/assets/foot_menu.css?t=20231029","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.458Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/plugins/FootMenu/assets/foot_menu.css?t=20231029 HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ndate: Sun, 05 Apr 2026 09:07:13 GMT\r\ncontent-encoding: br\r\netag: W/\"6863d377-898\"\r\nserver: nginx/1.22.1\r\nlast-modified: Tue, 01 Jul 2025 12:24:23 GMT\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: R1JasS9H7j5SybTadspoCmF1yATZRZwguprDqo1URkUhMtsWWNPs_A==\r\nage: 1947\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2200,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"64614812ac4674018c2ce1b8b8ccaab7","sha1":"c951c70177dbd690a4d57951cf47165bbf5429dc","sha256":"7bda87c3fb2390f334e74fcaf6d1d4d160916b0b3e73af7bfb0d3d3a9db4b097","sha512":"991ebef21f04d412d5454fdd5c244eceacecc2a5ca993ea13810696a761ebba051b8182513350ba839dc30c6fcf9d0e6e3f1d5ce5df7db0bb7b307f0ca61d88c","ssdeep":"","tlshash":"2b41a43976b2091479a74d64b35a89c4b3bc9603890dfd7efe1e53848f890e1b8d174c","first_seen":"2025-06-18T15:32:14.658498Z","last_seen":"2026-04-05T17:08:33.67237Z","times_seen":5004,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-02-25/92f66d1b1e3b56d4820914148dceb25e.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.302Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-02-25/92f66d1b1e3b56d4820914148dceb25e.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 12:06:23 GMT\r\nEtag: \"f359e4e211f9ef0333facb7935ee2c6a\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 12:06:41 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 2956\r\nContent-Length: 501008\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 11934017629665261158\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":501008,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"f359e4e211f9ef0333facb7935ee2c6a","sha1":"9e022264cf40e011823b4460f13795cfc38afa8b","sha256":"d041ff5176b7f88072c72e38b0dd6f0b4fe15f6eb6a7ad7a8578a6e524025fbb","sha512":"e1312ed955c861fded1da75dd9cc86de0f04a4b498571a398052296445b41c0082c3e0cd34349ebeb5d63d4f399d0cd1d0ad7782ca67e68ee665a58b40d63989","ssdeep":"12288:UosHVKU3eFUqKTvVZE1JZvsIr/ue7weNbxnZgsBRotUeB:xsV3eTKTvVZE1X//weN1ZgstK","tlshash":"98b4239dd2c0c09a069572b0c458276fbda746e3f58c7b3c22e1269e77849899fc807f","first_seen":"2026-02-25T11:18:39.742443Z","last_seen":"2026-04-05T17:19:28.175101Z","times_seen":5988,"resource_available":false,"data":null}},"time_used":196,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":55,"receive":141,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/themes/Mirages/js/layui/css/modules/laydate/default/laydate.css?v=5.3.1","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.610Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/themes/Mirages/js/layui/css/modules/laydate/default/laydate.css?v=5.3.1 HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ndate: Sun, 05 Apr 2026 09:19:39 GMT\r\ncontent-encoding: br\r\nserver: nginx/1.28.0\r\nlast-modified: Thu, 20 Jul 2023 08:30:10 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\netag: W/\"64b8f092-1cc5\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: q_MgOcKoOFEr2cIkX2pR10nFh_F6s44bNjtRQOy9nqMXuNWwUjWasg==\r\nage: 1202\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7365,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7365), with no line terminators","md5":"e9078eef34fe9a44e44bdd55b48fdc55","sha1":"73ef00229810ee179915661786d9b66b7fc2d568","sha256":"ab9dbdf922a26509951347fcfa83704d86afd2df855c827740c23df72fd8ab3f","sha512":"dbf200ca6effc6bee2f7e8f516dafe6b25fa66093f19fff117a8bd87732a3ca0206480319d5f733eb07d18f564cba1dfc6143587cbc5ea1d5d370948d8ab3921","ssdeep":"96:7OyDQi4ijYyC43i7hlVVZ4LyLk5bYsBE2rBOB:7OQQfyPCoiFVqHbrBE2rBA","tlshash":"45e1cc71b1542cd4702bc222b4a87cbfaef8dc02dae3265ce5b8621b85c15b7957d34b","first_seen":"2023-04-11T12:12:51Z","last_seen":"2026-04-05T17:00:52.694345Z","times_seen":26472,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/themes/Mirages/css/7.10.0/search.css?v=1","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.490Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/search.css?v=1 HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ndate: Sun, 05 Apr 2026 09:12:17 GMT\r\ncontent-encoding: gzip\r\nserver: nginx/1.22.1\r\nlast-modified: Tue, 02 Dec 2025 06:53:08 GMT\r\nexpires: Wed, 08 Apr 2026 09:12:17 GMT\r\ncache-control: max-age=259200, public, max-age=2592000, immutable\r\netag: W/\"692e8cd4-eb73\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: Nxc2Jw_PagDCO_98SQM8lUxt0Ho_ylKxqLt0pmFIWA96hyYQ8SKO3w==\r\nage: 1643\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":60275,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, Unicode text, UTF-8 text","md5":"06a9dca907f90e4942b7c534f9043342","sha1":"6aafb93e07c0f7380b62c9720716c977db45d090","sha256":"6aacd41ece660132237597424c80bd80619fbe2ec74527f30315dbb87e0c6a33","sha512":"b6b1aad7ee973d03d125657baa1cd8ff38ca09224b1e7cc8eed9ec2162d21c628e5a6b3daf629ab2adb3045d39612e720c3719ed62f663e597e5f66af8f2186f","ssdeep":"1536:WFPfE+qYZy8RrqdGd5d2dadbdkdwkKLk9R:AZy8vkKLq","tlshash":"4843df1a9b531125f9bb44ac2b6a7b843729c407ee05ceac7bcea544cfcf950b4617c8","first_seen":"2025-12-02T07:19:49.117821Z","last_seen":"2026-04-05T12:52:23.431302Z","times_seen":1884,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/plugins/ai/common/index-ai.js?v=7","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.622Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/plugins/ai/common/index-ai.js?v=7 HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ndate: Sun, 05 Apr 2026 09:33:44 GMT\r\ncontent-encoding: br\r\nserver: nginx/1.22.1\r\nlast-modified: Tue, 02 Dec 2025 06:53:08 GMT\r\nexpires: Wed, 08 Apr 2026 09:33:44 GMT\r\ncache-control: max-age=259200, public, max-age=2592000, immutable\r\netag: W/\"692e8cd4-a5da\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: lt4UQeO6pcxlRTVEQ9tMQDkg-6MCqA9P4YF-r7Zn-2iNsdJcFHsl0g==\r\nage: 356\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":42458,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (306)","md5":"6e07c2432f2f1b646f12af30f5bc40af","sha1":"cb4f5800cb85e1403a83e8ac5ae92339962bf6c1","sha256":"ec9bd9333746398473b39c0482c4536ad3ec32bd7071745d6df0a5701c0019b7","sha512":"64e3422e5436134f05990363e017eaf033ac1089af0aac19be2e61e859f9e0f28365bac7e0c84d0542c98966363f959f05314ec9efefcf1d0e69b4dd0613bfa0","ssdeep":"384:IkSVlcz8cJPkBjDr5pR6SL/wpY18zkJWMNSCoGp5va6Tr6iIIep:MVqz8cJwDr5pR6STCYRJRNn7p5Prhep","tlshash":"e113a50a39ff74118567706a2befa0057630a0177609df087f4d87985fc252996e3bee","first_seen":"2025-12-02T07:19:49.044647Z","last_seen":"2026-04-05T12:52:23.436468Z","times_seen":1884,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/plugins/ai/common/index.js?v=2","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.640Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/plugins/ai/common/index.js?v=2 HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ndate: Sun, 05 Apr 2026 09:29:36 GMT\r\ncontent-encoding: br\r\netag: W/\"695ddbcb-e7d\"\r\nserver: nginx/1.28.0\r\nlast-modified: Wed, 07 Jan 2026 04:06:35 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: 40HEnzEmzlclKbY5qAkQeKIalgon023GTH1rRq7YgGLap52BcxlzKg==\r\nage: 604\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":3709,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"7100b3bb6374fba57f9a126fab1d6b90","sha1":"7480143687bf34b1a6dddc10d9af91e440df14d3","sha256":"e0ed395efa6183a75018aa9731086ba976d4860fa36c265bc8125a6e204eb9bb","sha512":"cc2417fb1ce9c504815d164698f9e3715193727b43bf7b027617bf801fb976d1662a4360f3a8745185bfd849e7daa495609d2b6a3e79f85950cd4f6424f792fc","ssdeep":"","tlshash":"b87195a0b3ac253c47d6b1942c7517def6bc20a16a03949dfc9c4c2d50bde7f81e8a95","first_seen":"2026-01-07T06:02:49.720018Z","last_seen":"2026-04-05T12:52:23.459146Z","times_seen":959,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn//upload_01/xiao/20260331/2026033112260533218.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.169Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET //upload_01/xiao/20260331/2026033112260533218.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 31 Mar 2026 04:26:11 GMT\r\nEtag: \"00adc8471d475068c98e1f85ec7727b0\"\r\nContent-Type: binary/octet-stream\r\nDate: Tue, 31 Mar 2026 04:35:37 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 5825\r\nContent-Length: 81104\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 7844466429247842086\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":81104,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"00adc8471d475068c98e1f85ec7727b0","sha1":"b583487618889004647a495eb7a1cead6b8523e4","sha256":"9b2e5a392f821167f62533ff21f83c6154b3259ff0bfea07949552545d4d91ae","sha512":"05f601566ad8fa03c5df8e45b503c77c86720d55cacf6eb728826cf1cb77b29406bdd914916e2e636d6a2d92b8d32c2bd9506649639f6945ed03c7c62cc6f604","ssdeep":"1536:ARXntCSidU9/T7BteOnsJCnXGpUsvTiPeloqckvFUCB8JG:ARQSiaY6seBs76elo1mFUfQ","tlshash":"c18312591111a3de541cfcd85161cb477418960ec0856ebe6abcffa83ba0f5c6eb881f","first_seen":"2026-03-31T15:41:35.44313Z","last_seen":"2026-04-05T12:52:23.470348Z","times_seen":532,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn//upload_01/xiao/20260330/2026033016115189984.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.296Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET //upload_01/xiao/20260330/2026033016115189984.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 30 Mar 2026 08:11:56 GMT\r\nEtag: \"e4d38071f63064c642d09f158c1e7e03\"\r\nContent-Type: binary/octet-stream\r\nDate: Mon, 30 Mar 2026 08:17:58 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 14317\r\nContent-Length: 82096\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 16707267240807228498\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":82096,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"e4d38071f63064c642d09f158c1e7e03","sha1":"656404009931b9122a7b510135ab24d5c91c4f54","sha256":"be3ffb95ca10be34a01b97a3c189bd9794e7f0cf5c6a78fb34f328ea55831d56","sha512":"4389ca7f126668e10aca348f219aa3ae05025ad6045e67d6d09442a5be85d0088208663de24ef9c46e2305f16199e03a9006588e095a0871d7fc48f297d9605f","ssdeep":"1536:rS3UslFkl6xv0q7fSMHSBpmnjU10ZHcfNTs+s/Kp/qvHX:rSTMlAvZbSVBpmno10RoN4+s/Kkv","tlshash":"0083132c0461dee8d99de413ce08b6be4213d18ed57ff5315a9726aa7630af205df483","first_seen":"2026-03-30T16:40:09.299025Z","last_seen":"2026-04-05T12:52:23.483748Z","times_seen":536,"resource_available":false,"data":null}},"time_used":62,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/plugins/ai/common/vant.min.js","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.604Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/plugins/ai/common/vant.min.js HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ndate: Sun, 05 Apr 2026 09:25:59 GMT\r\ncontent-encoding: br\r\netag: W/\"692e8cd3-3b3ee\"\r\nserver: nginx/1.22.1\r\nlast-modified: Tue, 02 Dec 2025 06:53:07 GMT\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: K_WIF1iGxqvEEdhsjrf78OPSl8J3Sdfj73LUL3A_Ykl_lI5S1t6f3A==\r\nage: 821\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":242670,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (36859)","md5":"48c71ec4ea36fdd75033bbb278a861f3","sha1":"b47d16bde5c94e468ef249bd2126b846a39afe73","sha256":"0b18e273bc785dd0e5cc43218ee879bce10461fdf3b1274a1f2c8962aaecb49a","sha512":"bd3e587cf0fa0c2d777e1918b2067a2a2cce648996ea7e490098d609b20bacec6c2fb6dbe682ac1e212eafe2c1e33364a8cde40439ab6d24638b9b23b69489a1","ssdeep":"6144:XEB3BhYNbHp+fvbtgMAgMgQ8dOq11tUxLEm+Om0RbU:XEBIHpevogQ8dOw1sEam0R4","tlshash":"d23439a0f685f42547b790e6507a0610e1290b48f009d1e0f57ded8e2aede94b6bef7c","first_seen":"2024-08-02T14:48:31Z","last_seen":"2026-04-05T16:55:02.569411Z","times_seen":25956,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-4Z1QLF83R3","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.660Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:36:38 GMT","end":"Mon, 08 Jun 2026 08:36:37 GMT"},"fingerprint":{"sha1":"8B:73:AE:59:60:F4:D1:86:E6:25:8C:8F:1E:F7:92:DD:D3:8C:F0:DA","sha256":"F6:EA:BC:29:37:15:42:CF:41:13:28:BA:F3:C5:86:88:DD:C6:3F:81:75:10:45:14:D6:EC:E6:F0:E6:B6:B1:04"}}},"request":{"raw":"GET /gtag/js?id=G-4Z1QLF83R3 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sun, 05 Apr 2026 09:39:40 GMT\r\nexpires: Sun, 05 Apr 2026 09:39:40 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 155390\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":468443,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"3754fb5e82d2c004646c2bcf6cf5f91f","sha1":"958583d4f28e1f7d4d1c93a7718bc37fde0a5cd7","sha256":"323946aceaa5d0c947e0c5052217158d67aa158c11f2e92bc5ab58b78170a9f0","sha512":"3e690978e4dccf0eac5bd8b694a2d656c247110721947e8a78a9fbd3356325eb231b4d8f8471315f2f118efe5ebd56c0cb69608930607a7ba0e714f652fd3e23","ssdeep":"6144:D93eqQGzLr8DP9aGb/F8x/OW+/5EiWz1SoRSLrgqz+:3zH8IGbt8vci","tlshash":"2da4f9ceb3d674225396f478903f018ba57b29e2b448c8a5f189cce41e7469a4277f7c","first_seen":"2026-04-05T07:05:13.174989Z","last_seen":"2026-04-05T12:52:23.461772Z","times_seen":250,"resource_available":true,"data":null}},"time_used":486,"timings":{"blocked":111,"dns":1,"connect":14,"send":0,"wait":34,"receive":48,"ssl":276},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-03-26/2100c90c9c48bd11d7cb9c7134f032b7.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.357Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-26/2100c90c9c48bd11d7cb9c7134f032b7.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 26 Mar 2026 08:45:55 GMT\r\nEtag: \"56e97081356b4cdbe834471cc492b95b\"\r\nContent-Type: binary/octet-stream\r\nDate: Thu, 26 Mar 2026 08:45:55 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 222\r\nContent-Length: 584704\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 1033868671352684287\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":584704,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"56e97081356b4cdbe834471cc492b95b","sha1":"d67ce5aa74e2a4251f44c63e447f99c1a3743db7","sha256":"1e4e7d73225028284447bf5f931e11ea3de9b9bb7a0be6ad221c19f330fe23d0","sha512":"59c8e2883b5962c00febe111abb951891b0768ad39ba0bea023b1b10a457900a997446804b57e811ba2679e3a8076bb906f347e1d529a08b9d661134c95f1c2b","ssdeep":"12288:8gBj1UC/hxPVvpJpEM6OZOShDr38rbs2Odol8ycvxiScSs+cZ0Fu:8gZJDvpJiXujdG+AjAcV","tlshash":"b6c4330457e5510b63aa0be1a78bf5c7df2768dcc826d0587caae3bb5149da3cf31460","first_seen":"2025-06-14T15:15:15.321259Z","last_seen":"2026-04-05T17:00:52.636454Z","times_seen":18354,"resource_available":false,"data":null}},"time_used":144,"timings":{"blocked":113,"dns":0,"connect":0,"send":0,"wait":11,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-03-10/a96accba24fcb5111d8188a3c71de610.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.325Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-10/a96accba24fcb5111d8188a3c71de610.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 10 Mar 2026 09:21:13 GMT\r\nEtag: \"9c396db6c7e057dad21b49fe0f13baa6\"\r\nContent-Type: binary/octet-stream\r\nDate: Tue, 10 Mar 2026 09:25:04 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 4357\r\nContent-Length: 332160\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 15774490777199486206\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":332160,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"9c396db6c7e057dad21b49fe0f13baa6","sha1":"3fcd3e4cf8a533c6006a2e4f3fb1067e16ddbd53","sha256":"928a566bdf5a36fc89cede3e372989e0242203074582a751ce5b784b19d55225","sha512":"f461baf4b7853cfec7f568893c91c75ba720580fc5621ccfc65db926b5f39d86ecb556ecba3e7b2e39755cf3e318a4422f00b7bef959534b150a7864b18a0b82","ssdeep":"6144:JI7Gw1c1rOs+/lVHhXIuP7IWg6GdHCEjTuwbd1FasB19GktUtndkaCtT:JwcysGJXIu0WpGBfTf1TByktUtn21J","tlshash":"706423583426088f7583bb6cfb9aae5374b1e6232738e709a6c7c04d45173681b397e7","first_seen":"2026-03-11T10:46:45.242029Z","last_seen":"2026-04-05T17:00:39.696465Z","times_seen":1547,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/themes/Mirages/css/7.10.0/common.css?v=13","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.488Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/common.css?v=13 HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ndate: Sun, 05 Apr 2026 09:09:59 GMT\r\ncontent-encoding: br\r\nserver: nginx/1.22.1\r\nlast-modified: Tue, 02 Dec 2025 06:53:08 GMT\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\netag: W/\"692e8cd4-31b4\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: 9nUWldwvbImlkPi9u_7RjKfzBouNAiQQJ0-AI5aw-wQdVD5oB7dp9g==\r\nage: 1781\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":12724,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, Unicode text, UTF-8 text, with very long lines (2170)","md5":"ba6c5876dae07d1c5a14b69ee6dd98e3","sha1":"c21f56c3f0dc18240c927f0f089b4832f20bb98b","sha256":"17731b9b0fee7e4ba48f202e0796420041937f9a618ea53beeef18b96db49727","sha512":"ca6492699231a22aa915e3bfff11736e2f7b1bf8730df8f8917ff8f56a97004d8171fbb6bafaed0b880945a74a0af7cdcf33f79c5bbb0a4f98d0bb0659a563c8","ssdeep":"192:E9Db0NjO9wAMQZ+DbOPhFzedbBdkp9BFGBFozVK0JVk5HzI+DUhlzfTA6b7S0QF2:QVMpf7FkFAFo7eof","tlshash":"3442630a56b71105681b5da80ff563d4162cc10bd906c96e3effbb848f8f2e665f1b88","first_seen":"2025-12-02T07:19:49.072543Z","last_seen":"2026-04-05T12:52:23.473318Z","times_seen":1882,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/themes/Mirages/css/7.10.0/swiper-bundle.min.css?v=4","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.498Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/swiper-bundle.min.css?v=4 HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ndate: Sun, 05 Apr 2026 09:07:10 GMT\r\ncontent-encoding: gzip\r\netag: W/\"692e8cd3-471a\"\r\nserver: nginx/1.22.1\r\nlast-modified: Tue, 02 Dec 2025 06:53:07 GMT\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: msNJ9th_xdEScdh90wLcly3E3h2D58ngb-SZiVec7i8KtRLy3hfuCA==\r\nage: 1950\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":18202,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2242)","md5":"5cde23d8cd3bab0c546a595a1de28d86","sha1":"730ea3343088196d57d6847e126607b70a85f253","sha256":"50206dff50adaa6e3c703b1ec658b20fde42fa84ea9e2d7314e05d59d8ffd5d5","sha512":"70ccca9e815734ab7e3db11d30da07969619b13bc82298d7c047f4ee26cde5e6b6582463d8e298c4e3bad82d5039957b1a1fe636f8d90dc14a9f0d6973034ad6","ssdeep":"384:o6Ubeo9hhC8qYAsLWe31GtTMFZFmsHSyT3rin:oDbJ1LWeFGtTMFZFfSyW","tlshash":"eb82236413721c53661a4e660b7a4774eaa444c30a47cc39b3c1ad88ffb65fc325fae9","first_seen":"2025-07-26T05:03:20.430258Z","last_seen":"2026-04-05T17:00:39.712524Z","times_seen":2698,"resource_available":false,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/plugins/ai/common/image.0821.js","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.610Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/plugins/ai/common/image.0821.js HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ndate: Sun, 05 Apr 2026 09:06:59 GMT\r\ncontent-encoding: br\r\netag: W/\"692e8cd3-4b5b1\"\r\nserver: nginx/1.22.1\r\nlast-modified: Tue, 02 Dec 2025 06:53:07 GMT\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: MWew-idCx-fYIk77UWZSFnV0nVPw5IJQ0g5ywfHj82snMV-vGYpPgA==\r\nage: 1961\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":308657,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3229)","md5":"5e58c86a740cd6c1821106b20c0c7f48","sha1":"88ee6c584e88c228fa8d67d969d853c0aeb95ada","sha256":"9fead600c0800d0a226d684f2604f4c6f1eaf3528b2357fdac942d450538a442","sha512":"1b907e01624056461d591abaca6780eb3e33a23c0da393ad369e27895b3e09984922c68e8b536ce4794499c70aab341047d9529737c8a3afc4a3df5e00b5979d","ssdeep":"3072:LPP0McCvleCNzRxnnpa9PYetJYRw0qvl+itTRRnnpa9v4+tJ4xQU/9Au:LPP0LypY06pYU/l","tlshash":"1564104a9fe31194f513b43c6b3f6805a1e6b0275ad9dc0e791ca9e0cf29428c579bec","first_seen":"2025-11-08T04:26:01.795335Z","last_seen":"2026-04-05T17:00:52.702567Z","times_seen":17831,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2025-12-10/3a3f0f224686cf3e940f62968b584c86.png","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.799Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2025-12-10/3a3f0f224686cf3e940f62968b584c86.png HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 08 Jan 2026 07:47:30 GMT\r\nEtag: \"60af2c4d8abb6b3edfa7e5b3f0af2c90\"\r\nContent-Type: binary/octet-stream\r\nDate: Thu, 08 Jan 2026 07:47:32 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 2420\r\nContent-Length: 139488\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 14576773251713317710\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":139488,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"60af2c4d8abb6b3edfa7e5b3f0af2c90","sha1":"ff01cec91d7ac12be695637f7f9bc1db1846b442","sha256":"33761d1d55e6319804742b0337b23716cfc9bdc57df7664750b11eb6b3b37976","sha512":"88283c6844b67a8bb6f85a933ba88699699caf084097ddd6fd536453892c7cd52f2e244807958a5fa597ddc43c4935cd286347d82fb65f446e8a3ca13df8060d","ssdeep":"3072:VW6g7V1QSflcmvjLY6EyrQatdxQbGxMLCBYIFDvdQpg/YR+rMToePvs:3gXl+CjLbrA5LCBYIFDvF/0+rMTrvs","tlshash":"76d312e10a29afb280c7534bb8925459dc02daf4c66fc66d0d923b1be67e73360945f3","first_seen":"2025-11-17T11:08:20.239469Z","last_seen":"2026-04-05T17:00:52.640149Z","times_seen":13155,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/themes/Mirages/images/banner.png","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.577Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/themes/Mirages/images/banner.png HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 5478\r\ndate: Sun, 05 Apr 2026 08:52:50 GMT\r\naccept-ranges: bytes\r\nserver: nginx/1.22.1\r\nlast-modified: Sat, 11 May 2024 07:40:04 GMT\r\nexpires: Wed, 08 Apr 2026 08:52:50 GMT\r\ncache-control: max-age=259200, public, max-age=2592000, immutable\r\netag: \"663f20d4-1566\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: UH9AVHYL9mmqWishTWmIlM9oDqgy9A8znZbmCVSJ3DNZkjArrTh5pg==\r\nage: 2810\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5478,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 950 x 111, 8-bit colormap, non-interlaced","md5":"4a84aca72c2a8f3b04f821f90ffa2b8c","sha1":"f70f23ac778fb72ac51c6c0c5207929259b742bb","sha256":"236339e8e373145982c7d78c724a6620bfe1b2a4b6fb2576d18c8c6acc417e64","sha512":"85a8798f3a5a79109c856bd23516883bc0f79332ee222eb8e6b3813b0e20753e41c33c491a2cda4ab3825ae64139e634ee2f473d7e75e998b8b83450229325fb","ssdeep":"96:nx4u0a0a0aUM5GLaOam84G9DX1/zJnKNGVOZsxTNitGSizOQssR1YeC0zQnPOPJg:nx4ckLBFyzZINGVOKxSGSYOQjRs0zQnt","tlshash":"b7b18e4284c0846fa00bfb24fb6e7b354fa4e6e09d09fde6b8096ae59f1b571940024e","first_seen":"2024-08-07T12:14:14Z","last_seen":"2026-04-05T12:52:23.46632Z","times_seen":2224,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/themes/Mirages/js/layui/layui.js","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.593Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/themes/Mirages/js/layui/layui.js HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ndate: Sun, 05 Apr 2026 09:26:37 GMT\r\ncontent-encoding: br\r\nserver: nginx/1.22.1\r\nlast-modified: Thu, 20 Jul 2023 08:30:10 GMT\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\netag: W/\"64b8f092-471d6\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: cMwJWZQ3kCsKHZb66k62EyiPjvGpZurIasePDoNYsfwYVKtaE1QHOw==\r\nage: 783\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":291286,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"70ed0e8151d23de969de514bfd802a56","sha1":"569e6c1b0ac0b8efaa7dc0015b691334947a9665","sha256":"92c7997b3dce6ab2368b1bdb34ff4b67ac77957898a126c7eba452a8080bec95","sha512":"947eeb19fb055b07a191ec89625941abbdc8b2247b447dbec2e3958ebd3aabc34ac07a79c559e4752bd49bc44db77d500913aab4fae300077556e347d084b1a9","ssdeep":"3072:tVo+F//NOM0SF0Mz0pZN6TPKWjZIpYCrYtJ+8CZrcNBf4XcIiOb9:Xo+FdO3SF0Mz0Z6TfIpPS+8grcNBQcIZ","tlshash":"02543a9d758574b3237360a6406f990eb17b093daa0a8060f166d4fa2dbdc885237f7f","first_seen":"2023-03-07T12:09:26Z","last_seen":"2026-04-05T17:00:52.631562Z","times_seen":26604,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-04-03/0a29f4402ab4da311545675dcde67dea.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.328Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-03/0a29f4402ab4da311545675dcde67dea.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 03 Apr 2026 13:55:12 GMT\r\nEtag: \"9c981ffb0f033bd849f4fd35e4f36db4\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 03 Apr 2026 13:57:53 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 331\r\nContent-Length: 153712\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 8354386678164779407\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":153712,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"9c981ffb0f033bd849f4fd35e4f36db4","sha1":"6ef2e5731057353642f56ef244bce04f2b23fcbe","sha256":"6eabc75ba61c6b76ef29797f128a25bf8c9fac9498a46bda1434d62f94c68ffd","sha512":"4e953a115d101f50f2f9978f4ba15e06d29daa278afd3c4061b31cac11589bb6b848b9821eaf48e8aed1fedce2d04cbcc66f9d626abceb139b261dfc36b2a7c7","ssdeep":"3072:3sc10WoorZbhEZYwJM8ViPMKwAmJvVOOaWCe8UppHN12bg3OEfrN:8cZoSpw/Jpo0xAwvVbCeZjz2Ep","tlshash":"fae3126e44ef45a2d83fdb2fe310038514b2966482588b2f9ab694fe180d3e0f55efd1","first_seen":"2026-04-03T15:04:13.502917Z","last_seen":"2026-04-05T12:52:23.452825Z","times_seen":521,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-03-10/feab42f787910c409ad1cf2ca00ed245.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.052Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-10/feab42f787910c409ad1cf2ca00ed245.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 10 Mar 2026 09:06:57 GMT\r\nEtag: \"a9dff727b65970e1a6bd972bb1f35107\"\r\nContent-Type: binary/octet-stream\r\nDate: Tue, 10 Mar 2026 09:19:21 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 6391\r\nContent-Length: 494224\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 6086673556403418138\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":494224,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"a9dff727b65970e1a6bd972bb1f35107","sha1":"1e354597d97c2231378995e247f60c555bb4db19","sha256":"909dbd4592ca7e4412a1372b77d380a5f9eb116f01f77050923f9b5880ce4285","sha512":"abf5973a2a882be7c6d965314f21ee410e5273f4391d741f2b66d6b0ba54a4771f19a86c013fe755f71b18032ddc77376b91e9b7c10f5a4289e11dcf4ed8c420","ssdeep":"12288:NC8QHL4w488K2NGlv+oQuLCmKdLzySKv6B8KYC:XwfTKGlvQrdLIChYC","tlshash":"4cb42329052e46d09f9db1749fe1d904431ec4bef95ca0eba450478bff23cbce25662a","first_seen":"2026-03-10T11:07:41.060489Z","last_seen":"2026-04-05T17:19:28.145726Z","times_seen":5602,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":29,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-04-01/d928f86161ef8314c3ab91e31db596ba.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.231Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-01/d928f86161ef8314c3ab91e31db596ba.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 01 Apr 2026 12:30:56 GMT\r\nEtag: \"edf5cac1a01801285511078ad3874636\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 01 Apr 2026 12:30:56 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 2119\r\nContent-Length: 319040\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 4076181699394307723\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":319040,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"edf5cac1a01801285511078ad3874636","sha1":"394cacdd81129d1fb0f0cde5cdc43d03a1082394","sha256":"f6f0dc5b529a90845651a585edd06b749afbb810d7c3dbc674c16e2f4d90d12e","sha512":"cb89264f8eddd68f91497658ec137d25d73119d1ecbf8c1c26cf5066548f1323898e671d06af04f8ca2e278fb3ecf4b08c4daf0a740b5b05dc7c7d0e36fe9e79","ssdeep":"6144:d8cqwwzLykrcT7P2UpRpK4h7DRcO57gR+OEDDvDDEdHfB1DbRuyFfy5gyp:dSwwzLHfyRPuk7gREjDEV3nKWyp","tlshash":"7364234b28d460d2d1c8faa2000d4a1a93cd47547867be16137e78ebcbf7e173a9971b","first_seen":"2026-04-01T13:33:09.049351Z","last_seen":"2026-04-05T17:05:25.314833Z","times_seen":2970,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-03-14/acdf1df6cf169f884069736f6c1659b1.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.353Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-14/acdf1df6cf169f884069736f6c1659b1.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 14 Mar 2026 04:55:04 GMT\r\nEtag: \"45f175e6acf0c1a042a4ab497742101f\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 14 Mar 2026 04:55:05 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 343\r\nContent-Length: 161456\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 2369505560371154969\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":161456,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"45f175e6acf0c1a042a4ab497742101f","sha1":"f05cf4a2ac04f5cec073fe0e77369877f769176e","sha256":"ae12a96a397af8a689d5ec81d63f640c81bcc794ad39f6bb1e70e54e39bfe8ca","sha512":"194cc2a3f3e0d28123766b6bd343e1831d53b5126149e8c99944ad59c25b33617fe3bc5ebb1f56f6b80ade84c7abc170c6c5e2b669c393be00ee7d8f6576d6dd","ssdeep":"3072:oWjfZiaDFz0hxU0Wrh+D3F48JvFrPRA2NVoxMf2flXoUxLLHmRMqhYRndRPq5U:bj5FQJ4+D3F4Qv1PdNQMf2flXoUpLHm8","tlshash":"baf312005ab9b1283ddce94e12db979d20861f05f13525b817bf2aed672282dcfb27c4","first_seen":"2026-03-14T05:53:01.715613Z","last_seen":"2026-04-05T12:52:23.424934Z","times_seen":630,"resource_available":false,"data":null}},"time_used":124,"timings":{"blocked":57,"dns":0,"connect":0,"send":0,"wait":63,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/plugins/ai/common/index.css?v=4","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.540Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/plugins/ai/common/index.css?v=4 HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ndate: Sun, 05 Apr 2026 09:31:22 GMT\r\ncontent-encoding: br\r\nserver: nginx/1.28.0\r\nlast-modified: Tue, 02 Dec 2025 06:53:08 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\netag: W/\"692e8cd4-1771\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: YwYoyr5IKI00oYZoSkQu6oyYx3FVRDPgvN1ZOzynyMf3JY2x2cEyyw==\r\nage: 498\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":6001,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"bb48a1522d1443bb1f9620b5a744d2d9","sha1":"4a7f84c80245ba27b09c726696268107c7da0ba3","sha256":"66c4aa8813468edf5342d86652cb7861180e15afc8635fb8cfa3ca1b67255645","sha512":"d640e56ae84ba3c50e353295563f42211e26e5905c1c5453e04d0ee1f2dde7bb2f5b687976a6cdbc15c04c0c3205c39eccee993c93cfb42df66e79361051a872","ssdeep":"96:2XRNI2UFGs/S31TYgHAl49+P8Pc163m63mZl1Iy45mn:2TI9FY31TYgHA+9+Yc17Hycn","tlshash":"23c135621e673008502ee5985ff92b9c562ed042ff4b4c2e72c67995cfcd2d801bbac2","first_seen":"2025-12-02T07:19:49.042701Z","last_seen":"2026-04-05T12:52:23.458109Z","times_seen":1881,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/plugins/DPlayer/assets/player.js","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.584Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/plugins/DPlayer/assets/player.js HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ndate: Sun, 05 Apr 2026 09:38:21 GMT\r\ncontent-encoding: br\r\nserver: nginx/1.22.1\r\nlast-modified: Thu, 20 Jul 2023 08:30:10 GMT\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\netag: W/\"64b8f092-feb\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: fr6vkmpGZFhpqgTJ0WMrMBUlAEHDvQuWoT-CRHxljDxnLs3Vo1HaMA==\r\nage: 79\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4075,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"6b7de3364454adee5f4ebf6ca671a6de","sha1":"16116d0663ad62be308b32107ad7223b01ddfe63","sha256":"1a2d8dfdf92227f6a597898d0ec0e79470c1519716b987cb77eacfa28d12f9de","sha512":"e74c658bdff61dd92e40d631595dddb038fdc365b513f692288489e111c32cd20e5d2d37bcd133763f871f59654ce5646ea0950dc9335a17e6f9ab05325fe3d5","ssdeep":"","tlshash":"d881221c68f71030525bb4f68a6fd118b2345a871509de20fe0caa5cdf6953e56f2bec","first_seen":"2023-03-13T16:33:51Z","last_seen":"2026-04-05T11:40:29.444422Z","times_seen":2405,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn//upload_01/xiao/20260401/2026040111283750692.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.056Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET //upload_01/xiao/20260401/2026040111283750692.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 01 Apr 2026 03:28:45 GMT\r\nEtag: \"53a502434e586d526845b25dfc920fa3\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 01 Apr 2026 03:32:42 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 6066\r\nContent-Length: 343824\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 13558262885209819860\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":343824,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"53a502434e586d526845b25dfc920fa3","sha1":"a393bd9f39d0227341c181daf06ce8101fbc4768","sha256":"f60f5596daff1479f5658e327a5e99f16b5779c222bf8562be6d0f646a87f0d9","sha512":"a7391971a13f6b91c6919c9308615cf88e8e723971b2f53fed1f226fcac580892d73eac82ecf8150b62d1b906a34b4b072583a1efc1b92b9f722979931fdf96c","ssdeep":"6144:ucUJkDCj+miRyw/2Af1C7xhIMCZhxsAaMqQZalSr4N59h:tUJkujyU82Afc7xNVAaMTZmg4T9h","tlshash":"08742387c629cb260887035f2578c1fe726526baf5bfdbc4105dce5307b0e6f6a65a02","first_seen":"2026-04-01T09:04:27.173108Z","last_seen":"2026-04-05T12:52:23.454479Z","times_seen":529,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-04-04/479aabb583a7b4eadec5c02e46cb4d1a.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.349Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-04/479aabb583a7b4eadec5c02e46cb4d1a.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 04 Apr 2026 09:54:27 GMT\r\nEtag: \"7a8562eaef1218c2d110edcdd2b4b753\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 04 Apr 2026 10:30:04 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 701\r\nContent-Length: 161840\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 16985906462286344828\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":161840,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"7a8562eaef1218c2d110edcdd2b4b753","sha1":"c18f3de364374ddda01a0c767712d9e619a43eef","sha256":"c887413539bd26a496e8742d5868497e60833ea66251069e6aa30fc92af6f435","sha512":"5984c34b348de3bf31afc64331efd33804998bdd5005af46c5b0d86d07fa3f6ad2b9a56edfc414a0b355fe86d9199cd7781942b9ee3c58849d13688dcf9581f2","ssdeep":"3072:3cUYu4S6Vu7cixSLj4QwOUK76N6h0a5rI1+kx3TVxtXXOiVFlZHlg:Ma4S6M4ACwO/a6DrIZ35XX7VnPg","tlshash":"47f3238dc6af9de74a77b5d8b4fe6a5c098cf8c37b4ac4274091d046aa6414efb0f054","first_seen":"2026-04-04T12:09:03.731773Z","last_seen":"2026-04-05T17:00:39.719267Z","times_seen":881,"resource_available":false,"data":null}},"time_used":102,"timings":{"blocked":48,"dns":0,"connect":0,"send":0,"wait":50,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/plugins/ai/images/ai.png","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.575Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/plugins/ai/images/ai.png HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 360\r\ndate: Sun, 05 Apr 2026 09:28:48 GMT\r\naccept-ranges: bytes\r\nserver: nginx/1.22.1\r\nlast-modified: Tue, 02 Dec 2025 06:53:08 GMT\r\netag: \"692e8cd4-168\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: 7XlSHsDV4e0tz7g6bgoMKKdfd7ww5_0gLuuAl2wT1gmTer91PCQ3LA==\r\nage: 652\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":360,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 22 x 19, 8-bit colormap, non-interlaced","md5":"bdfd73be05b313c5c343e02c19e69b35","sha1":"40a591d8ec0f5134270fad42812002458e1fa3b7","sha256":"ea22009d2eb53a8f88f109607d8ff75814059f83ad1e4c1aa54179f5b1385bc6","sha512":"e67420d8689d83569fef893f166ab041b5863fd33f1b8a34056044e25eca04836cdfde2000cc306d1efccaed4340889c643706420f9d927d309100d41cf40474","ssdeep":"","tlshash":"eae0c072728cff3a9cb10273089791f58a2a4f76516491065f15841c68e6644415278f","first_seen":"2025-11-08T04:26:01.793992Z","last_seen":"2026-04-05T17:00:52.651398Z","times_seen":17233,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-04-04/26bb0a09cf1a4af44883ed7b63132f93.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.331Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-04/26bb0a09cf1a4af44883ed7b63132f93.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 04 Apr 2026 09:54:27 GMT\r\nEtag: \"e51ef3e3ccaa62a426cd789a66d473ca\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 04 Apr 2026 10:30:04 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 701\r\nContent-Length: 270864\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 6144750026960196438\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":270864,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"DOS executable (COM), start instruction 0xe9ef8714 1779637f","md5":"e51ef3e3ccaa62a426cd789a66d473ca","sha1":"a05cb57a2f8db0aeae557521e780877145edf257","sha256":"96b2b9bd671adb756ad94afdc92b3aa857675576a8e6d7cd0213257b0f709618","sha512":"175474ef55db136c5e02ad56245b84aaaafd812137da51d51341f379f436590a12225824a4bb6fb5f2e7e2b9b2410e883fcbe5fecf24b0f71f5817453ffe9dbb","ssdeep":"6144:pwgF6Tu1KzzpvLsUEtVrJqnhas/I9j3x90sIvDo:pTF6Tu1QNQ3zJqha93f0sIv0","tlshash":"bf4422a5f3aa67f7e9ba722cf2efdd067ea834f0627b67511d06d103418c7884982474","first_seen":"2026-04-04T11:37:17.990311Z","last_seen":"2026-04-05T16:59:41.045043Z","times_seen":3363,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":10,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/plugins/ai/common/index-ai.css?v=4","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.542Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/plugins/ai/common/index-ai.css?v=4 HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ndate: Sun, 05 Apr 2026 09:31:31 GMT\r\ncontent-encoding: gzip\r\netag: W/\"692e8cd4-2973\"\r\nserver: nginx/1.28.0\r\nlast-modified: Tue, 02 Dec 2025 06:53:08 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: Zjp-_q65hJ0W7eBg_tmsyjCnB0dLZXcd9RpUU8HBotrBDxBKWTRfwg==\r\nage: 489\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10611,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"3ba296423062491e7327df5aec95f784","sha1":"942583c6d36036dd7bc1d83a406ec4c84b6367be","sha256":"d4204047f3419e627a6db02682b13a4dca10cf7affff3f73e608093fa8203535","sha512":"521c016c1bd2397563b4dbb89b9e4da17b67fbf41ff39bdda768fb582d9bc9068a9cde4999d7f4235b93b5284c047fd1e4e39eaa66bb67b81c131e0364b105b7","ssdeep":"96:8XZCoJPUXm+0vApyTLjNTzpdSlp57BvebMhZ4yumJ+ZS6FjXJQjJ3CyZnVVchc8P:8nfAMTN/pMlr7BAWbuA+ZmVckgbplXj","tlshash":"f3229450e25f385b770b80b8bad8ebc4272c6404bf049fa8757579b2468e3d614b37a6","first_seen":"2025-12-02T07:19:49.109457Z","last_seen":"2026-04-05T12:52:23.434163Z","times_seen":1883,"resource_available":false,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/themes/Mirages/css/7.10.0/fonts/fontawesome-webfont.woff2?v=4.7.0","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.888Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4y4z1.qquknwu.cc/usr/themes/Mirages/css/7.10.0/mirages.min.css?v=34\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: font/woff2\r\ncontent-length: 77160\r\ndate: Sun, 05 Apr 2026 09:00:05 GMT\r\naccept-ranges: bytes\r\nserver: nginx/1.22.1\r\nlast-modified: Thu, 20 Jul 2023 08:30:10 GMT\r\nexpires: Wed, 08 Apr 2026 09:00:05 GMT\r\ncache-control: max-age=259200, public, max-age=2592000, immutable\r\netag: \"64b8f092-12d68\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: fxSCAvvoKoS8j7tFXpdrzdPAhtpPB9zDzxHsYRINUgCt2QlNf-kxPg==\r\nage: 2375\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":77160,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 77160, version 4.459","md5":"af7ae505a9eed503f8b8e6982036873e","sha1":"d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c","sha256":"2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe","sha512":"838fefdbc14901f41edf995a78fdac55764cd4912ccb734b8bea4909194582904d8f2afdf2b6c428667912ce4d65681a1044d045d1bc6de2b14113f0315fc892","ssdeep":"1536:/MkbAPfd1vyBKwHz4kco36ZvIaBfRPlajyXUA2jVTc:L0nXnHdfRVEAS2","tlshash":"7d7302e63b6c4943e03d6460708abe9f104b3ab42fe057e5c876db7f2722992b71552c","first_seen":"2023-04-05T03:30:47Z","last_seen":"2026-04-05T16:45:27.588207Z","times_seen":413580,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn//upload_01/xiao/20260331/2026033113141216453.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.207Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET //upload_01/xiao/20260331/2026033113141216453.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 31 Mar 2026 05:14:17 GMT\r\nEtag: \"45bb5d52d426154b9efdb64ed1259b64\"\r\nContent-Type: binary/octet-stream\r\nDate: Tue, 31 Mar 2026 05:23:37 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 5230\r\nContent-Length: 69088\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 18218069221782190282\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":69088,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"45bb5d52d426154b9efdb64ed1259b64","sha1":"16d10b5d0005d13bb59d4ee4f3a9ed4e955fc631","sha256":"a21ddf76bbbb15e870813fb1fde5a09bdb0b32b19ff4639d51fccff4c00302ed","sha512":"d7053a561ce803e74aff2d5b736a5db5ead14d05dd9990e92518f8100ee95cbc91bdf4aa5aa4c2340ca95bdbfba9ae7b0bd2f48ac9a00e99b0173fea0ce9b6ae","ssdeep":"1536:hnlKBYc+BXJKlPLkfKHLqHoEq0ng0SDgnQbcpFJbMF/GskugH6S2ds+UgGVV8:hnKthkfKuHJqEg0SD2DqnAs8dj8","tlshash":"14630284a35768ac2bb1ad3513f1f50d67034d99be657e924e9b472c0a52f8d707b3c0","first_seen":"2026-03-31T15:41:35.504433Z","last_seen":"2026-04-05T12:52:23.432934Z","times_seen":532,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn//upload_01/xiao/20260331/2026033121444781471.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.282Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET //upload_01/xiao/20260331/2026033121444781471.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 31 Mar 2026 13:44:55 GMT\r\nEtag: \"c83ef0647926de6a83a7208e875bcae5\"\r\nContent-Type: binary/octet-stream\r\nDate: Tue, 31 Mar 2026 13:51:13 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1812\r\nContent-Length: 322848\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 6416614494156898609\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":322848,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"c83ef0647926de6a83a7208e875bcae5","sha1":"60a8d0a6e77c9fd7302b311893287ce0214d3717","sha256":"56a7db1f84e3365adb18579600b2af3253b897b6fb6dd3807704f321039f7a7c","sha512":"f867772daf2351681a52f8e5c9da0cee36fa8fb0bf1b9c33720555a0e34a665f0e5b01defa145ab1137b0757856925636a97c529b631c8157cb014977d0be34a","ssdeep":"6144:Y7rqJ5DM/J83hreuVbbfJgjZpFou3frjPuE/j5OZKkeTkhg0e2EZ+:Y7ri5DM/J8pJVbbfJoou3X2ylPkeTkmI","tlshash":"a76423147ee0dcf538e4e9ca341caa53623c26125d75f9ce9352cabe8c1b3f625099e1","first_seen":"2026-03-31T15:41:35.558927Z","last_seen":"2026-04-05T12:52:23.447763Z","times_seen":532,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/themes/Mirages/fonts/OpenSans/300.woff2","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:42.545Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/themes/Mirages/fonts/OpenSans/300.woff2 HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nCookie: _ga_4Z1QLF83R3=GS2.1.s1775381982$o1$g0$t1775381982$j60$l0$h0; _ga=GA1.1.1299751109.1775381982\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: font/woff2\r\ncontent-length: 16344\r\ndate: Sun, 05 Apr 2026 09:32:12 GMT\r\naccept-ranges: bytes\r\nserver: nginx/1.22.1\r\nlast-modified: Thu, 20 Jul 2023 08:30:10 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\netag: \"64b8f092-3fd8\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: l1Ao0ZuJjjkv4Nr66UxRx4AaWw5fF_edY2BeRN-FSQnywAb8mNnjGQ==\r\nage: 450\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16344,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16344, version 1.6554","md5":"c027111d6febba054f7cd5e5fddf2243","sha1":"7c6ebfb74210e4d368ba5df96b2c5aa448a3953e","sha256":"c347496b917562bd48ed65545fbced7c9fb2a3e48c1102708a7e615fd4fb2ed8","sha512":"1a819ee0993cbed2399265606b2adc0866dd34fcab1272b6d1798e08010cab4e38af1a2299d74a706690a3188d0081d92804568982fd23f6d2ce946ac29fb61c","ssdeep":"384:sO3z8BPeD5+oRjlrvO+uuGnSDKDPVb0fOovWO1aDDBAb:pgdeD5jRjpO+ugDKDPZ0mwV1aDD6b","tlshash":"ad72cf62810dd851e31137fd7c6622e0878cb0a392121bfc5bebd8ec09204e67ac43be","first_seen":"2023-08-07T12:25:19Z","last_seen":"2026-04-05T16:35:24.062943Z","times_seen":18016,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/plugins/ai/images/icon-black.png","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.570Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/plugins/ai/images/icon-black.png HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 239\r\ndate: Sun, 05 Apr 2026 09:33:37 GMT\r\naccept-ranges: bytes\r\nserver: nginx/1.22.1\r\nlast-modified: Tue, 02 Dec 2025 06:53:07 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\netag: \"692e8cd3-ef\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: umgnovFprzv44ZepxguQ33ee_TyvTSdbRebFMZ0nLX32fUHPdiC9IA==\r\nage: 363\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":239,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 96, 4-bit colormap, non-interlaced","md5":"2b892c414e0a5db08d3f844bcf77536b","sha1":"ac2af64f80e53c7c19535e472458b4cb575ec5bb","sha256":"9b7c59b938d8eb51e01482d5701c27dbb41239e79ddc8445897d23484248f6fe","sha512":"e4125037093ebc4b9bfd69b1e7eae92bd24ed647522f3fc67f2a11499eb6af27ca73e3a4d409807bd7499d7999440d89d7a89f97af2b07f344ef155d02c90dda","ssdeep":"","tlshash":"40d0a7f2c6646c749aaad05603a960f0bc3771771034a15ebb1e40662a3e36a9395a47","first_seen":"2025-07-12T04:18:50.961651Z","last_seen":"2026-04-05T17:01:50.23523Z","times_seen":19956,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn//upload_01/xiao/20260402/2026040213282886086.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.918Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET //upload_01/xiao/20260402/2026040213282886086.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 02 Apr 2026 05:28:33 GMT\r\nEtag: \"6c3fd53e2a290f24f88b0e6437fc47ad\"\r\nContent-Type: binary/octet-stream\r\nDate: Thu, 02 Apr 2026 05:37:27 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 2668\r\nContent-Length: 221264\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 4526472659585294435\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":221264,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"6c3fd53e2a290f24f88b0e6437fc47ad","sha1":"c84cf4d89257616c5b6eb6ab1a3be98c16890cb9","sha256":"ca540ea137cc1b266671be4058d073832f34d31a9fc70a01268f5ec035e20cf7","sha512":"a9477e405142b471f6e7dc2a72224190751832df5f8393e49ccef1e681b40511bb89ce7fc8bffd4e8618e9a06f95707ae6f757dbc5f2b44017e9c5cbc48c5820","ssdeep":"6144:Fm/sZs3zJsJuuhs9Gskj/Gwfa5iHk5PRIj0tzfQl:4UZsjyQ9BiGwfa5+k5Pqj27Ql","tlshash":"4b2412839a049ee162708da8f6930c7cc6fa7b87632d347c658558a568c084337cbf6e","first_seen":"2026-02-14T11:26:11.260984Z","last_seen":"2026-04-05T12:52:23.447253Z","times_seen":533,"resource_available":false,"data":null}},"time_used":122,"timings":{"blocked":28,"dns":1,"connect":11,"send":0,"wait":9,"receive":34,"ssl":35},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2025-12-15/6aebed6a0ee2de9d35eb1b149e9cb8c3.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.294Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2025-12-15/6aebed6a0ee2de9d35eb1b149e9cb8c3.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 15 Dec 2025 13:46:40 GMT\r\nEtag: \"9be8face9a0c71281c3304b61e86ddd1\"\r\nContent-Type: binary/octet-stream\r\nDate: Mon, 15 Dec 2025 13:47:01 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 248\r\nContent-Length: 667488\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 7981652982105993794\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":667488,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"9be8face9a0c71281c3304b61e86ddd1","sha1":"c870ba41710513af0bc27805e71bfc912be6463f","sha256":"fd84827a448c92a0e456aa7fcce612d239716895273632e9c6728b5323bbce1e","sha512":"1658a60f82c609bc3271c5f901f5dc9725d6ee6f537f460752197dd7fd543da92e59a0f5326628cb2bad0c090cab5e793341c607081e9caf9662de35ea4e5b68","ssdeep":"12288:Bl0eA4CdONfZUiaJgigupqlvTymUX1Om5Vu1u8Mn1jWwX08tJjrm/if:z0tlqZUn+iIrylXMi58Mn1RX/tNr9","tlshash":"cae423403385c22f64bb2f43a8159ba13843dbc8edbdfe05d4f95a1b928176de328578","first_seen":"2025-12-08T12:36:29.171473Z","last_seen":"2026-04-05T17:00:52.660708Z","times_seen":14719,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn//upload_01/xiao/20260330/2026033012214254566.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.300Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET //upload_01/xiao/20260330/2026033012214254566.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 30 Mar 2026 04:21:49 GMT\r\nEtag: \"daf8c252411fccdfd94b427dda89760e\"\r\nContent-Type: binary/octet-stream\r\nDate: Mon, 30 Mar 2026 04:32:25 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 10523\r\nContent-Length: 453408\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 18368963851185283932\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":453408,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"daf8c252411fccdfd94b427dda89760e","sha1":"115ab40e81b90948054002ba9edc1bd46300ddfe","sha256":"23598deb1ab40637d1a0fdbc831852e8dc6d6367317e04009e3cf1137f8ef30f","sha512":"561bee0510670e3b9f3737673a38e4c58c654e604625605d688e5a87d0033dccb2c439268099e4d937b08a23a8a7af5cdf162b62e0154216ba46dc64f16090e0","ssdeep":"12288:3F3Za1pyzOVr/F1cpCO7sD+WhOog7oSMf:Qpye/F1KCJD/Oog7Kf","tlshash":"82a43365ced023b5308828d3ab38e794594c5977fb5c431f86a94a7fdab2704c6ec9e0","first_seen":"2026-03-30T16:40:09.205844Z","last_seen":"2026-04-05T12:52:23.451799Z","times_seen":536,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":57,"receive":94,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-04-02/118d95b3c8ea7d2eedb4bd54e54453f6.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.320Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-02/118d95b3c8ea7d2eedb4bd54e54453f6.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 02 Apr 2026 08:15:12 GMT\r\nEtag: \"acf1b63f186870093e6658b35b86417e\"\r\nContent-Type: binary/octet-stream\r\nDate: Thu, 02 Apr 2026 08:19:26 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 2322\r\nContent-Length: 172400\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 12357915867434675115\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":172400,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"acf1b63f186870093e6658b35b86417e","sha1":"011aebc8d92ea8a683ad97ae328f9d99c7e8f228","sha256":"f08e14b6143143210e6a3aa44f37e9e29021c970ddcde68428966dab7029de07","sha512":"25ee0d62c3e6696ef06ca763ffdd31819bd7bd9bc4c7226a022b3945e4549d7c03de92ab8dd5d92fdeffc5b7b10a1283e70d150df86073426d04389790cc140a","ssdeep":"3072:TnT6GkF18KSNU7okP7XI9+7VwIvUMCx8DB9mxRnqy13CR2zJBdIsgbq7+C2qb9Fl:T+s0I96wUrCxSB9mxQyZdtBlgbq792q1","tlshash":"e0f323f1106cb6e092a436e875a8971c62481be1c4db8f3e387349dc69eff35ae1451e","first_seen":"2026-04-02T13:50:10.027094Z","last_seen":"2026-04-05T15:58:43.57253Z","times_seen":763,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-04-01/49f5a30bc769765d86650ca43c56a94a.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.329Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-01/49f5a30bc769765d86650ca43c56a94a.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 01 Apr 2026 10:55:13 GMT\r\nEtag: \"61b5d004bb8e2a9c005aa7180a66a8ed\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 01 Apr 2026 10:55:28 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1034\r\nContent-Length: 150544\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 17311273668726028691\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":150544,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"61b5d004bb8e2a9c005aa7180a66a8ed","sha1":"611e02b138efebc908cf88097ec1628a9dd5fc85","sha256":"dd9d4a44a5baee8d26ab61ffbda1b70148fcf307b30fb6b6ecfcd512c102ad47","sha512":"c9fbee0b4a6c0861b4b595756469f2fb1f2d34cb26c431c59eb6438dc1f9bd3374ae0b64650e02a2dd5d64afd63a5041d6e12e425d6329ca8fedcf0fda1c6f4a","ssdeep":"3072:Cu4OHV4Qx6B8iM7fQLGUf+mIBWNAyqWD24IA1lJtFLE1T3mVRv:GOM/M7fQtftI0N/vVIilBpF","tlshash":"27e31328cf1b4d9126b7ef8ec08d1d009436e9c28b3f2dec25566756d1094b9f4cae6d","first_seen":"2026-04-01T11:04:29.203387Z","last_seen":"2026-04-05T16:59:41.074066Z","times_seen":3500,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/themes/Mirages/images/logo.jpeg","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.573Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/themes/Mirages/images/logo.jpeg HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\ncontent-length: 43664\r\ndate: Sun, 05 Apr 2026 09:33:42 GMT\r\naccept-ranges: bytes\r\nserver: nginx/1.28.0\r\nlast-modified: Tue, 09 Jul 2024 08:53:11 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\netag: \"668cfa77-aa90\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: dF9gaZhqvy5MCAwrRQIYP-CCih4xFsk-1YJEBY5taoOmjFERNaQU4A==\r\nage: 358\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43664,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], progressive, precision 8, 410x410, components 3","md5":"041f007fc5083f0b410e04c738ed71b6","sha1":"faf48f31d74cb0d71a7a33485d365f57e12bb159","sha256":"5fd9d94e832563c13d83e6803a04491485f4c54d190c0094e7029e9512c1c207","sha512":"a79faf46009c80ac72a442d9cfaa5b17e1d620d836bccd08439bcd8b76838e5b9139532fa3a4c2480fe3b998b8a9990424883c105763dd581d05a2b4e881722a","ssdeep":"768:LTB9zjflgyIsv3+Tyf1drMSetSW8Qg4pIs1spgaq+A0MIV0IdGvlBAKH:fLNIsv8yfb4SecZUIhT3PL6","tlshash":"8013f2dce6dcd3d0c2f3a55d543ee1d88ddf55872220cc7812efa295be8a20b860b419","first_seen":"2024-08-07T12:14:14Z","last_seen":"2026-04-05T12:52:23.482104Z","times_seen":2240,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/plugins/ai/js/index.js?v=6","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.642Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/plugins/ai/js/index.js?v=6 HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ndate: Sun, 05 Apr 2026 09:12:57 GMT\r\ncontent-encoding: br\r\nserver: nginx/1.28.0\r\nlast-modified: Tue, 02 Dec 2025 06:53:08 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\netag: W/\"692e8cd4-f090\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: zMQr7oX4j26Pqd2OkHMxbyXQLVPclrARHF_5Fs9rAjmqCMg75cgRFA==\r\nage: 1603\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":61584,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"929395188bf75250194ec15fb4573922","sha1":"a59de79dd258d10ebb49c5f78745fc4c8e5b0242","sha256":"8088f1e836125d456f4322db643cdc08f83dab6b4134f9a91f5c82c912b68d01","sha512":"bf5e8620275d8aa5ee455890bd786f8918ea86d2348ebc75d73e099c631d2b894c74fb49260eb00afafa57d91d99609b421ecddd053de0746d5fee02ba591f85","ssdeep":"768:rRSlB98le/8BYmN1HT6ekRqcTEXEHkYRJQyTW7xbhxASgpKUgEXEHG4awyd+zzTd:kg+oN1z6v9Rbybc3KJjxZzzTQgl","tlshash":"d253746e22fa550a474330293f9f200a3210a4571d49ee9cbe0d9bd45fdd678e1f2be6","first_seen":"2025-12-02T07:19:49.08143Z","last_seen":"2026-04-05T12:52:23.426114Z","times_seen":1884,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn//upload_01/xiao/20260401/2026040112412128920.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.139Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET //upload_01/xiao/20260401/2026040112412128920.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 01 Apr 2026 04:41:26 GMT\r\nEtag: \"b8fb3de76eabc219dba4025ab6fd10c2\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 01 Apr 2026 04:53:13 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1235\r\nContent-Length: 61200\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 16335701254644037738\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":61200,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"b8fb3de76eabc219dba4025ab6fd10c2","sha1":"9840c5ccc63be2f76a011c1f3f3184df6f445cd1","sha256":"6f17ad3b27c8c39f72bd2737ca0780c88a885c29f2a5dd7eb0c341456a1c0643","sha512":"43c4af419518925dda6534ef74ef4e37b8db71d30b64d1cbab9ae1e4b5a54f1e7daeb755151311a71d6895a2485419a04429fbe075c38bed1c99c83b1bcacad1","ssdeep":"1536:Ff+HHnMhszXoe2Gsl7VGCeNEdAyteMEWLwXr/LrYfq50+n:FmnMhsboe2f7VhdAae4qrzN","tlshash":"fb5312f46408f5208c71a5e60bb07b60b65de91698cf96f6cf9d0c2ea32778b45f11b8","first_seen":"2026-04-01T09:04:27.212656Z","last_seen":"2026-04-05T12:52:23.459692Z","times_seen":529,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-03-19/79abedd0b6a016f0d7d9ed796bf64d98.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.323Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-19/79abedd0b6a016f0d7d9ed796bf64d98.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 19 Mar 2026 14:51:48 GMT\r\nEtag: \"843ded4fb6d13eda19f4eba4ccea4119\"\r\nContent-Type: binary/octet-stream\r\nDate: Thu, 19 Mar 2026 14:52:22 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 352\r\nContent-Length: 74640\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 3359655221284085463\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":74640,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"843ded4fb6d13eda19f4eba4ccea4119","sha1":"92d12b8f73f41603ae546311eda413b50b5447af","sha256":"9fc70e0c8931faeb59717ea4201764fd1d7bd4767524237065c4eed991efe922","sha512":"02223db50aa6a352dc390f02bbce7aae00c4065477a720d92190d12e8471a6dc7068d828d9fdb23e07abc2c69f74b0ba1c030ab91b16e1d00448c7c91240557f","ssdeep":"1536:rUrlSM2WpvLuQ6YI6Me7mh35u2Csp3TMsU41PJ+HKXCF:KlSNWZLuQM5HCwTRU5qyF","tlshash":"2973128c7ea631a524df0c09dc9e29df043a92f5cbbdc64e02041f9e4af628f7915271","first_seen":"2026-03-19T11:57:27.178664Z","last_seen":"2026-04-05T15:42:27.81288Z","times_seen":801,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2025-12-15/e607f164a349e817e6ea12e87608f467.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.351Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2025-12-15/e607f164a349e817e6ea12e87608f467.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 15 Dec 2025 13:45:46 GMT\r\nEtag: \"9be8face9a0c71281c3304b61e86ddd1\"\r\nContent-Type: binary/octet-stream\r\nDate: Mon, 15 Dec 2025 13:46:01 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 309\r\nContent-Length: 667488\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 9119282840553867167\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":667488,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"9be8face9a0c71281c3304b61e86ddd1","sha1":"c870ba41710513af0bc27805e71bfc912be6463f","sha256":"fd84827a448c92a0e456aa7fcce612d239716895273632e9c6728b5323bbce1e","sha512":"1658a60f82c609bc3271c5f901f5dc9725d6ee6f537f460752197dd7fd543da92e59a0f5326628cb2bad0c090cab5e793341c607081e9caf9662de35ea4e5b68","ssdeep":"12288:Bl0eA4CdONfZUiaJgigupqlvTymUX1Om5Vu1u8Mn1jWwX08tJjrm/if:z0tlqZUn+iIrylXMi58Mn1RX/tNr9","tlshash":"cae423403385c22f64bb2f43a8159ba13843dbc8edbdfe05d4f95a1b928176de328578","first_seen":"2025-12-08T12:36:29.171473Z","last_seen":"2026-04-05T17:00:52.660708Z","times_seen":14719,"resource_available":false,"data":null}},"time_used":119,"timings":{"blocked":46,"dns":0,"connect":0,"send":0,"wait":15,"receive":58,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/themes/ads-close.png","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.795Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/themes/ads-close.png HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 1443\r\ndate: Sun, 05 Apr 2026 09:14:26 GMT\r\naccept-ranges: bytes\r\nserver: nginx/1.22.1\r\nlast-modified: Thu, 20 Jul 2023 08:30:10 GMT\r\nexpires: Wed, 08 Apr 2026 09:14:26 GMT\r\ncache-control: max-age=259200, public, max-age=2592000, immutable\r\netag: \"64b8f092-5a3\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: j3BfBV4CgWwRbGjlAciqHOoMn5bWAxD3rWl2HcnfSYiiPnCxQDDnQQ==\r\nage: 1515\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1443,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 129 x 129, 8-bit colormap, non-interlaced","md5":"1840e82f933a7c08af8408edfc255011","sha1":"97006c40ff1f99238f8c3df3c98826ab2ca8eea2","sha256":"ca85e50e73e0552ea9467c120d2221c68cb29d5c30a4ab54b8ef6ea7330afc19","sha512":"fa0020bc21aeca4251213ec69ea2338f8452d1fa9bde26f003d7edffc55ec612fb2c7a21b447d2a1ccd874d0f53a390da40bb93721db9329df13c9d6e5220ae7","ssdeep":"","tlshash":"0321db42a8fabc5f4192405a7649f290a833ad07996bc671121d3efbd573c554c4f741","first_seen":"2023-08-13T16:34:45Z","last_seen":"2026-04-05T17:05:44.927974Z","times_seen":18034,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2025-12-10/551798a4984b63cc96ad1185b61a41dd.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.342Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2025-12-10/551798a4984b63cc96ad1185b61a41dd.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 11 Dec 2025 03:30:13 GMT\r\nEtag: \"4d4782772c66197e7bb72273464acbcc\"\r\nContent-Type: binary/octet-stream\r\nDate: Thu, 11 Dec 2025 03:30:27 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 722\r\nContent-Length: 266704\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 6413993688517599557\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":266704,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"4d4782772c66197e7bb72273464acbcc","sha1":"bb5180f3a210440991063df7c71a5f2a73235d66","sha256":"d1b7c5ceaec125a25f11bc63a88adefca0ebf8d4fd47586ac9e5e8c86d94c10a","sha512":"a9f581a25de284a7a4496c8d4f601f60b686cf7048ec0b9015e3131fbdef9e6a43af3c91fe84ba4e7335f516bfc38e28f07580bed9393be30a0943bd41ed2185","ssdeep":"6144:HZHcEA6bo7O9Do4nLk2E//R/+YFihoUDtUeZ7:HZ8EzSOhos4DWYFihoUBD","tlshash":"324423cb5875e0a1541ffa2ee80de01da06ad1fd46e4dda886adf2c53f13805c1f2a8d","first_seen":"2025-11-23T05:10:59.088648Z","last_seen":"2026-04-05T17:00:52.674802Z","times_seen":16525,"resource_available":false,"data":null}},"time_used":53,"timings":{"blocked":24,"dns":0,"connect":0,"send":0,"wait":22,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/plugins/ai/common/popup.js","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.626Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/plugins/ai/common/popup.js HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ndate: Sun, 05 Apr 2026 08:45:45 GMT\r\ncontent-encoding: br\r\nserver: nginx/1.22.1\r\nlast-modified: Tue, 02 Dec 2025 06:53:08 GMT\r\nexpires: Wed, 08 Apr 2026 08:45:45 GMT\r\ncache-control: max-age=259200, public, max-age=2592000, immutable\r\netag: W/\"692e8cd4-1a0d\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: jOA5iGuITdQY9kHTXy-EZ0YHhwlsgJNXUPntTf4s85vwGb913iwqIQ==\r\nage: 3234\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6669,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"026709ed231cf8d920385fed59c17ca6","sha1":"19696886744402cb73a48a41e625b23f5acbb813","sha256":"3438d0b2d18590fa1f7f0c324a5ba9f42b699de78006ed372ad043bdf46a7e1e","sha512":"aa01a6f89fad627df9437b5bcf8c3feeb7bb9719d12f12ad8e00d031f3092d1de299ffa4cd98229ddbfd3c455a21934e0e391e1c06d979cfe65fbc0f08cf99e4","ssdeep":"96:P1spJ1L0gLrdAZLLCWICzj3nMjnjOSdFsCaxud:QTo3ZLLCvQj3nMjnjOSdFsCaxud","tlshash":"c4d12f9931f3213082abb27e6faba0143230a0477108dd197f4d5f900fc573a66e1bea","first_seen":"2025-11-08T04:26:01.83069Z","last_seen":"2026-04-05T17:00:52.688851Z","times_seen":17929,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/plugins/ai/js/user.js?v=6","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.656Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/plugins/ai/js/user.js?v=6 HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ndate: Sun, 05 Apr 2026 09:07:05 GMT\r\ncontent-encoding: br\r\nserver: nginx/1.28.0\r\nlast-modified: Tue, 02 Dec 2025 06:53:08 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\netag: W/\"692e8cd4-3ab8\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: 7m6B6eaJz4vJ_FKCA-YzJgzHVCkolAyrLhVJVhIP8yZVYZVwd4Q7rQ==\r\nage: 1955\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15032,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"26408a8b354961c977e26332d67f8b36","sha1":"b8d8acdfb48d4c4dad225b86af6cdcf3a312d868","sha256":"fc4bc24fe53e76b87284ab6ab91efeb0aed8e552273d7e785df785955622ccb7","sha512":"f43c0c8b31432f53cb63df177df3553bffee6e7c867dca657aab236a3a94b25f14aa72cd8215b27b606c14cd22e808c43662f9ba58b19c185800de6b01f35bf1","ssdeep":"192:G4pcNs9UU7DzCneMrO4bUDUrdVCr1JB7yifGQ/FoWjxk0vwnaI3QUGMugCNAVrgX:G5Ytj/J6KUBy","tlshash":"e962630af1f904620b1365a46b9b2108753095472a0acd183e7d9bd82f5ed79c2f7bef","first_seen":"2025-11-17T10:42:59.258806Z","last_seen":"2026-04-05T17:14:23.540473Z","times_seen":5930,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.ukphshnh.com/","fqdn":"h4y4z1.ukphshnh.com","domain":"ukphshnh.com","tld":"com"},"ip":{"addr":"154.207.253.62","port":443,"asn":0,"as":"","country":"Seychelles","country_code":"SC"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-05T09:39:39.631Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ukphshnh.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 24 Feb 2026 16:14:44 GMT","end":"Mon, 25 May 2026 17:13:28 GMT"},"fingerprint":{"sha1":"D2:45:7D:8B:81:EC:B9:74:EE:C7:7E:B3:5A:3D:69:3B:5A:D4:09:6B","sha256":"54:D1:52:F4:9D:E5:E7:EB:12:91:66:0C:E7:99:91:5F:99:B5:45:2A:7F:68:F1:1B:EE:EE:79:EA:C9:B2:43:58"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: h4y4z1.ukphshnh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ndate: Sun, 05 Apr 2026 09:39:40 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: https://h4y4z1.qquknwu.cc/\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nx-server: web-5\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lLlO3gVcoMJtqKvKpyRwTmi9MqCME9raCYH0Rk4gKxNxLjtBVpMK%2BEyJjzh9zOL5wUhlJOoQd5xA9K%2BE9O%2F6RUav5veVzQkwodi6ftLLmkVktjwBL6lrU9eKq1zn8xkBdRX5cwRk\"}]}\r\ncf-ray: 9e77963cdda15690-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":197888,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T16:47:07.54892Z","times_seen":13384334,"resource_available":true,"data":null}},"time_used":466,"timings":{"blocked":25,"dns":1,"connect":1,"send":0,"wait":416,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-02-25/63d6e610968843f914a5f6bf899bf8cc.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.334Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-02-25/63d6e610968843f914a5f6bf899bf8cc.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Feb 2026 12:25:07 GMT\r\nEtag: \"b328c0c7d21077dcc512724fb6fbd3a0\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 25 Feb 2026 12:26:49 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Miss from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nContent-Length: 343744\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 4267062493398464195\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":343744,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"b328c0c7d21077dcc512724fb6fbd3a0","sha1":"9c4cf075979de4b4bb02a22ac07d15f603154c73","sha256":"8ffd21d43f6ce8070ae9c78f2ef752d5f1bf8ef1cd65358fe9b7a361940f61c8","sha512":"73a56db882e239eff6b0e1b8c9a3c2c0e71257b1ba8b15805c71f1e63449503b40bc0e78f6077ac0618570ceced37dbe5c697c4c5ed477ad13f1481a2d5e8da7","ssdeep":"6144:NAqzpp4tb+UBk8NlKEAkkf2ehkPDH+7+m3OJSdWUiHxB9eJhHQvuFzFxgwAT7D9M:dpOHBTNUzf2zcSUiHxBQHfF6wAT/KcA","tlshash":"c774237314d928aea8e7c82c697b473311fcfaeb64387f5346de5bcd25058d104ea84a","first_seen":"2026-02-25T11:08:48.248298Z","last_seen":"2026-04-05T17:19:28.160392Z","times_seen":6383,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":8,"dns":0,"connect":0,"send":0,"wait":24,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-04-02/664db8c7a7af694c13b31bad831c53c7.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.340Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-02/664db8c7a7af694c13b31bad831c53c7.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 02 Apr 2026 08:30:06 GMT\r\nEtag: \"3b0751e06ee092387edf1a05bf69a761\"\r\nContent-Type: binary/octet-stream\r\nDate: Thu, 02 Apr 2026 08:30:08 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1680\r\nContent-Length: 60368\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 17891633754920686581\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":60368,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"3b0751e06ee092387edf1a05bf69a761","sha1":"b4982db75249800c35aa6ae1b955cde3161b694e","sha256":"f55cdb1123cb6c7a004830642d4b7e56ceb349aa6fbe25162559091d72bb79fb","sha512":"a7ba1689172c74ab2f9eef15a64cfe1a1c8f1215cbba5742a2061180e837d4c9831e65b7bc184ebe5a601f5288e2c0438e8a7760adc361398cbb0c7455da3c67","ssdeep":"1536:bUa7WKQZgoGfp7d2rtZl1tTtuQU+yepkwKNHgJ6OO:bUaSxHGdkDV5FU+yYknpr","tlshash":"514302e3ebe36a91d1084855c23a89dc456fb8acb1d37d3d3180964ee48ae5738b1e85","first_seen":"2026-04-02T13:50:10.036915Z","last_seen":"2026-04-05T17:00:39.672871Z","times_seen":775,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":25,"dns":0,"connect":0,"send":0,"wait":17,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/upload_01/xiao/20260329/2026032912504099855.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.317Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /upload_01/xiao/20260329/2026032912504099855.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sun, 29 Mar 2026 04:56:00 GMT\r\nEtag: \"d87ae92ccb9b3ccda9abc214da021c9f\"\r\nContent-Type: binary/octet-stream\r\nDate: Sun, 29 Mar 2026 04:56:01 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 2871\r\nContent-Length: 257888\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 18062472575609748821\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":257888,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"d87ae92ccb9b3ccda9abc214da021c9f","sha1":"8fa49f6473a7256294020ee7c7b4088c534960dd","sha256":"13ab222980f38ecb1894f4abbde2105b7ed5a0792314bb0a99b23a8377163980","sha512":"e846e2a866848a9a43d914a4c3de318c1efe68906e40084d845078d7690e3dba40f1cb52b6bba07fedb31f566be770e0f621fec17dd8c861a2d31a4efa945081","ssdeep":"6144:WeEjPyCiFkHWeMHj0XmZh9+arHwnFdKmN1VCk67C0jqtp:Wez9FkHhsYXmZhkarwzN1VRwCbj","tlshash":"c94423ffbc2a73972879ad3bcccc38141597eb18027d5aa1b8bb10adda31d599251980","first_seen":"2026-03-29T11:41:42.292537Z","last_seen":"2026-04-05T12:52:23.465341Z","times_seen":540,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/plugins/DPlayer/assets/DPlayer.min.css?v=1","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.464Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/plugins/DPlayer/assets/DPlayer.min.css?v=1 HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ndate: Sun, 05 Apr 2026 09:07:36 GMT\r\ncontent-encoding: br\r\nserver: nginx/1.28.0\r\nlast-modified: Thu, 20 Jul 2023 08:30:10 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\netag: W/\"64b8f092-b096\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: gILYVevsHkqS8bvKSf2pR82vH9OzIN08PBlTdx5P0xe_fKk7pDO7sQ==\r\nage: 1924\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":45206,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (36675)","md5":"561f19b7ef3f68fadc57c33a964fc9da","sha1":"715fdb568449a95aa5675197d28a26972f3230fe","sha256":"2c467a8a8710fd5a7f50d52100e39f0b24cd1c1928ae4f26ee4bbe67f8f56989","sha512":"3e6fdd77a27fc20dc18b9a54a1c66d68c3ead28dde098a7f9c95accde669216a3ba98a87c34c475f001671d7f0c6e73d98f913b693d72aeffe3bf0fb772f18cb","ssdeep":"768:7FK8KSkZqtIfw3YH4ZqtIfw3YHvHYr/hizxdUDr5+0ysGif0y9W:9HYr/hizxdUDr5+9soyW","tlshash":"4d13bb1618a5329891225b91cbc8676c6738d312e9224f8ff31b780ecf8e69d215ff57","first_seen":"2023-06-15T01:32:19Z","last_seen":"2026-04-05T17:19:28.192403Z","times_seen":6668,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/themes/Mirages/css/7.10.0/fontawesome.min.css","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.473Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/fontawesome.min.css HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ndate: Sun, 05 Apr 2026 09:13:44 GMT\r\ncontent-encoding: br\r\netag: W/\"66a7674a-18d62\"\r\nserver: nginx/1.22.1\r\nlast-modified: Mon, 29 Jul 2024 09:56:26 GMT\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: 0VxZsfoUsHz2WXpZ_viMYL5R3odJ6FH_i_QCkpoPw22zBKfVg0nq9w==\r\nage: 1556\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":101730,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (62331)","md5":"39cadfab66a73045efb12382e22bf500","sha1":"1c083f3d16950ef0b3c047abdc45000651afbe2c","sha256":"2bb5a2ba7c578dcd0fa854c4933d94b95192c4362859a107c129e08bcc639ab7","sha512":"42b32823c9882f41e5bbfc2382008ce2ed9bf93c50de895749162ff43695bfa0e26a42689868688978853435682472e717e0442e92c4553af1bd897ee8a3403f","ssdeep":"1536:inMnM+M8MMMtMFMHQ48Efuuzv4p62QzsJSUpNtJ9yD7y:Spfuuzv2QzsvjtJ9yvy","tlshash":"70a339f8e48905e8a372c84fcb55b36c663af770d5425c81f10f9a4d8ec2b5815eab2d","first_seen":"2025-04-06T23:52:34.672346Z","last_seen":"2026-04-05T15:42:27.848803Z","times_seen":5150,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/themes/Mirages/images/close.png","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.557Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/themes/Mirages/images/close.png HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 328\r\ndate: Sun, 05 Apr 2026 09:34:03 GMT\r\naccept-ranges: bytes\r\nserver: nginx/1.22.1\r\nlast-modified: Tue, 02 Dec 2025 06:53:08 GMT\r\netag: \"692e8cd4-148\"\r\nexpires: Wed, 08 Apr 2026 09:34:03 GMT\r\ncache-control: max-age=259200, public, max-age=2592000, immutable\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: -t0XWnUtO5eH8MbL7TptZFhIzhKsl05w2andKvAx1WG9Cnrf3Ud1fg==\r\nage: 337\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":328,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 30 x 30, 4-bit colormap, non-interlaced","md5":"215a1e584cb0039d319ffd69d9df0e51","sha1":"8a3d3e65a0260d286373b8882487a0ac6a9724c7","sha256":"f4693ad8590376075c38055091de94c7ae92b5abc56182861a53e76c4bc8feb5","sha512":"0b5aa0817a7205e14f38c93038490f57956cc5632a6c50db1e84fe5e9e5b0df100a3ea41c6178ffdba66fc59f04a0cdb479ba5b81d505e7327e60334e7870f67","ssdeep":"","tlshash":"b4e07d93fc7aad38c6caa133b7a4819196bcab7e6564992f2e530169806804d9445318","first_seen":"2025-11-17T11:08:20.211585Z","last_seen":"2026-04-05T17:00:52.686952Z","times_seen":14069,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/plugins/ai/common/parsley.js","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.597Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/plugins/ai/common/parsley.js HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ndate: Sun, 05 Apr 2026 09:31:34 GMT\r\ncontent-encoding: br\r\nserver: nginx/1.22.1\r\nlast-modified: Tue, 02 Dec 2025 06:53:08 GMT\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\netag: W/\"692e8cd4-1730b\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: 0ji7-SyAItmcGEziZOF8RCeuaYWRH8xlY2-3KFGTZa5Jo90xdUZ0sA==\r\nage: 486\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":94987,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (885)","md5":"a442261f7fdcdb3396b2982e7d5ff2d3","sha1":"f2a873ba1e0a2400f6c5f165eb9d4f4d36b4e2dd","sha256":"be43eddbeae875bbc9b68f4a6a95de3fad6798b733dd55f2cdc2bf81a5a33848","sha512":"16aff01ee308ec0adaa0e2be8ee139a1820b2af48f7ba182e595999efa4e3bf64f76dc80dbd9fe6b99152cfe1768bc83cbd0f52013d8cdd17270edf72237743e","ssdeep":"1536:qAj0W4ZuOjkI33R+a0WQ09uH60SkAZzvH6KomR7Gi21l:qAQTuOjkInuH9Sk2vAl","tlshash":"f49371497ae221018d2730bc1fafa0067274811b5409ad94f98d93d0af94d7993faff9","first_seen":"2023-03-12T07:21:41Z","last_seen":"2026-04-05T17:00:52.688349Z","times_seen":17994,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/plugins/ai/common/clipboard.min.js","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.599Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/plugins/ai/common/clipboard.min.js HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ndate: Sun, 05 Apr 2026 09:00:12 GMT\r\ncontent-encoding: br\r\nserver: nginx/1.22.1\r\nlast-modified: Tue, 02 Dec 2025 06:53:08 GMT\r\nexpires: Wed, 08 Apr 2026 09:00:12 GMT\r\ncache-control: max-age=259200, public, max-age=2592000, immutable\r\netag: W/\"692e8cd4-23c8\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: PILEhfY1F4VmCW85z7W2v24QlQ1MHYhS4UcYyBdwDGIlxHgpXO-QBA==\r\nage: 2368\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":9160,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (9067)","md5":"15f52a1ee547f2bdd46e56747332ca2d","sha1":"9a7cb405f9beed005891587d41f76a0720893ffc","sha256":"e17a1d816e13c0826e0ed7febfabc3277f45571234bde0bf9120829a7169edc9","sha512":"ecee695e9734a0246bc64f1151f0d81609f49ced6dfa32ee20e41d38c469e003c1eee678bd28eca73a79cba603b43b385735124db5b304567f2ca2619f214e2b","ssdeep":"192:s6IMH3HEG9JVwkHg4LyAal318/NYusfkApXMdgmkpj:sy0G9J1zG3eFYP/XMmmkpj","tlshash":"77126399b291b0b15ae731a9412f920bf2766969708b90d0d239d4f0acbcdde4463f3d","first_seen":"2023-03-07T12:23:44Z","last_seen":"2026-04-05T16:59:41.067283Z","times_seen":22994,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/themes/clipboard-2.0.js","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.661Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/themes/clipboard-2.0.js HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ndate: Sun, 05 Apr 2026 09:33:32 GMT\r\ncontent-encoding: br\r\nserver: nginx/1.22.1\r\nlast-modified: Thu, 20 Jul 2023 08:30:10 GMT\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\netag: W/\"64b8f092-234a\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: o37IIUS2jsDdESGLjlYwQNPohKnAP63Ge_wWPPcCmasJvR52_gqEUw==\r\nage: 368\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":9034,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (8941)","md5":"ad98572d415d2f2452845a6068a913c0","sha1":"6674f81dd01c76be986cf0a8172d1073e56d7ef4","sha256":"baff7541be9c20f7f977f6993ce39cfa937a7bde69db6e7beebb8f68372682a1","sha512":"3c88ac453f2615f771c7df6032ced6018e46a7e0ad8d86312af17ddf0f32580bd7e78f1404d0031eeed091abe0afac911be6aca1ca9fba4e5cae335de73f6ce9","ssdeep":"192:RJBFlYPHiG9JyHg4LyAahp1v/N/MosfkApXMdgmkpj:R9yKG9JKziVF/MF/XMmmkpj","tlshash":"d7126599b291b0b15ad731a8412f920ff3766869708b90d0d279d4f0acbcdde4463f2d","first_seen":"2023-03-07T12:41:35Z","last_seen":"2026-04-05T17:08:33.667537Z","times_seen":16218,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/themes/Mirages/js/layui/css/modules/layer/default/layer.css?v=3.5.1","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.635Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/themes/Mirages/js/layui/css/modules/layer/default/layer.css?v=3.5.1 HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ndate: Sun, 05 Apr 2026 09:13:45 GMT\r\ncontent-encoding: br\r\nserver: nginx/1.22.1\r\nlast-modified: Thu, 20 Jul 2023 08:30:10 GMT\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\netag: W/\"64b8f092-37bf\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: ciJAMu7y_utK0XK-Sn1pyWnzKJpCYawxm5_3eGUAyoAPGGy3naPdxQ==\r\nage: 1556\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14271,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (14271), with no line terminators","md5":"c234eb06d5f32055092294e78957f17d","sha1":"f15ee0bcb9694f32f5e1d524f2653aa0dd043402","sha256":"5cdf3edb27b0c9f8e48918c486e9ae65a9e5beab806b64c4a7bc5bac53c0f540","sha512":"3f06b51116d7f8026d81c7eb6a3c4d871462d09fe0a5b8cc8b7feaf20cbc88b0b6a545f0ec7cbc17566a9ff609405f58fad6eddfb3a8b3f6d530ede8fa3fad5c","ssdeep":"96:mp+Ntha8qNEp+wRY1vUPXi0nMLPD2OtLzAyPHL/LztJDzyv2OQ7KGx1j9d2/nWUU:1ELr2Otzrzzt42OQ7KGx1j8WUq4S3cU","tlshash":"f75242e144911299b0278721d6dc7eba32f88d43e5630caef2573c1f874c6dba2b6647","first_seen":"2023-03-10T11:40:20Z","last_seen":"2026-04-05T16:54:54.435074Z","times_seen":42699,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/themes/Mirages/js/7.10.0/swiper-bundle.min.js?v=1","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.589Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/themes/Mirages/js/7.10.0/swiper-bundle.min.js?v=1 HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ndate: Sun, 05 Apr 2026 09:03:11 GMT\r\ncontent-encoding: br\r\nserver: nginx/1.22.1\r\nlast-modified: Tue, 02 Dec 2025 06:53:08 GMT\r\nexpires: Wed, 08 Apr 2026 09:03:11 GMT\r\ncache-control: max-age=259200, public, max-age=2592000, immutable\r\netag: W/\"692e8cd4-3bf14\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: p420w3PHjm-EQ_-vBED5G03r3-G3mj2ebzqSGgLIef_EYhD0wvNCRg==\r\nage: 2189\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":245524,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (379)","md5":"2e31805cdab4c9413d030ba29c0325b2","sha1":"bd1b4284d6f4da429d36d77b56e31c68d01f2f44","sha256":"9a9984a95f4b4299560232e0607f0fd19b6e4d11d9fda7fc754617b5a195c060","sha512":"893d3504f1c84d16b80e49af592954b12a8c26a13ec8c1f11d96762841725384d0f0db2594945b3c6af3e5d25ddeaace7e61c9a11169e2f8ec7def1e6fa9cdac","ssdeep":"6144:8Cwpf+iM6mf0iNOQbB2ajId/ZG3PIcrbn:8U","tlshash":"da34300a52b225389293f03e4b5bc414b236941b7e09fda83e5c05685f6d83c57fafe9","first_seen":"2025-07-26T05:03:20.415257Z","last_seen":"2026-04-05T17:00:39.753027Z","times_seen":2694,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn//upload_01/xiao/20260331/2026033122402666520.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.199Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET //upload_01/xiao/20260331/2026033122402666520.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 31 Mar 2026 14:40:30 GMT\r\nEtag: \"1b1c8d5dd2f13b92cae8a15026226488\"\r\nContent-Type: binary/octet-stream\r\nDate: Tue, 31 Mar 2026 14:43:21 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 8078\r\nContent-Length: 226608\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 16129733490703768167\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":226608,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"1b1c8d5dd2f13b92cae8a15026226488","sha1":"04c02183c8b78a3268121bd6ada1308573298c58","sha256":"3e84016775ff8a1c7f79f6a50a8c7cdbce7ec627e2cf27d37a0bbaac6f504c35","sha512":"1321863863ee4a15270a8310876298f4a12d1fd56e63f3f2f7c7686ec8a599de83f2832f3415ed7b540092a26b86ca775ad03dd26e6003e121900a843b206c4b","ssdeep":"6144:fjNidpH+Y6XPFwTJwjEfjOi8Ka/qgeMln7ib/:rNJYGPFwTJKELOila/b7ln7ir","tlshash":"c42422303ddff5755cd324a1519deba30ec96c69a4c5fac23bf4e0e0d60a879254846b","first_seen":"2026-04-01T09:04:27.256206Z","last_seen":"2026-04-05T12:52:23.456129Z","times_seen":529,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-03-19/3eb7014f6ea058a67597b8c26c54f758.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.298Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-19/3eb7014f6ea058a67597b8c26c54f758.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 19 Mar 2026 14:51:55 GMT\r\nEtag: \"0b0fdf9efe1395ca2e8bd6088f05ef94\"\r\nContent-Type: binary/octet-stream\r\nDate: Thu, 19 Mar 2026 14:51:56 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 375\r\nContent-Length: 483104\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 10533403945288176852\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":483104,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"0b0fdf9efe1395ca2e8bd6088f05ef94","sha1":"d953f58f67c88b79b9543dc606d1ebb3f0b698c2","sha256":"50efb6697bdb71826148571cc334ecfca084e97aaa5457f3cea08da707df2701","sha512":"c6b1416b8ba3a54558dd04bb55e2d905fc449e11bd83e18d8d7fa924a6ba2b768bc3183d36d3f3f36268925973e973f216a4c212b47de1834bc8712b2cd9fd45","ssdeep":"12288:A3tpOCsReeKp3qsWwg8KXTtBtNEj1rlDbyPy0:6yCZRaPwg8KntNEprN2f","tlshash":"78a423dc7d5504c8c86ef85866f46f128c341a1983bb9a3f4b9b30b5c6f8306d5ba687","first_seen":"2026-03-18T21:18:37.787698Z","last_seen":"2026-04-05T17:19:28.158921Z","times_seen":5003,"resource_available":false,"data":null}},"time_used":56,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-05T09:39:40.080Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Sun, 05 Apr 2026 09:30:53 GMT\r\nya-status: hit\r\nx-server: web-7\r\nserver: nginx/1.28.0\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: Rr4ujxK2rXlLxLuo9zG7oxt-iRmUsidPf-jfwbVwefiFRr6lByydrQ==\r\nage: 527\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"jQuery:2.2.4","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Parsley.js","description":"Javascript forms validation script.","website":"https://parsleyjs.org","common_platform_enumeration":"","icon":"","categories":["JavaScript libraries"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Clipboard.js:2.0","description":"","website":"https://clipboardjs.com/","common_platform_enumeration":"","icon":"Clipboard.js.svg","categories":["JavaScript libraries"]}],"data":{"size":197888,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1932), with CRLF, LF line terminators","md5":"a39631068c6103c8c4289de8c0392fcb","sha1":"3a98a9fa705ce5b9d9645eb23d84ed4399e869ba","sha256":"d749bc8bafc937409531eecbc3b1aeff1157e15e47040a59ad3f40ac4efd38b6","sha512":"81c2ec3165b85726a442eeb5a8d65d381c22d5e3788d623f8953d1e0cd9da5c7f0664e9c900a8cb040599f7b443657b7083e48e49152bc9b288fe8fd5bef5681","ssdeep":"3072:DcwsZ4fHr8GBu5fK7RVrH8mP+gd/+IPJshd:ts+HoG45kH8T","tlshash":"db14f8517cf144b641a7b0daa9b6af05fe80e007d94add0173ac8ac4afc1ea7d5b3358","first_seen":"2026-04-05T09:35:07.350194Z","last_seen":"2026-04-05T10:04:47.063828Z","times_seen":75,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":49,"dns":19,"connect":1,"send":0,"wait":2,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/plugins/ai/images/avatar.png","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.571Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/plugins/ai/images/avatar.png HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 311\r\ndate: Sun, 05 Apr 2026 09:26:22 GMT\r\naccept-ranges: bytes\r\nserver: nginx/1.22.1\r\nlast-modified: Tue, 02 Dec 2025 06:53:07 GMT\r\netag: \"692e8cd3-137\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: TrfmM-zjsXCE9P5gA1VxhS8N-oqwu4tGt5SMSlbJQbXruJJvxI1TtA==\r\nage: 798\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":311,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 18 x 20, 8-bit colormap, non-interlaced","md5":"30c01d82427d0b622f89b4696cfa8fe1","sha1":"f0316536a6c8f645a3a4bbb4dd0473e3c8853a4f","sha256":"7ceba85b04db09cfa45db7b953297889da29ea113dcc0d037eafb86203b200ee","sha512":"e9cefe20bff8e7812e2b6eb2dfeee8a71950e5fe3859a50967ad54c861da3f25049aef2cf32a1518706670d6c7cc3054afa0ec934fb8e344465d5753f93ce97c","ssdeep":"","tlshash":"98e0cdf35389ecb985a7441a10e36510f10d6979433382dbd755543e51140c4497575a","first_seen":"2025-11-08T04:26:01.782802Z","last_seen":"2026-04-05T17:00:52.685619Z","times_seen":15645,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-04-01/90192b39c9f9cbc3ff68267d122407b5.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.193Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-01/90192b39c9f9cbc3ff68267d122407b5.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 01 Apr 2026 10:31:40 GMT\r\nEtag: \"aa17b2abf016a6a67f1abc758d9f953b\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 01 Apr 2026 10:33:24 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 653\r\nContent-Length: 223536\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 9686117192366722400\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":223536,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"aa17b2abf016a6a67f1abc758d9f953b","sha1":"c6e40dc70565bd90849b6752ef3e0f878080b256","sha256":"5e0f020fc8b0c96f00a6a4b22b024f31de337fbd25ab451cafec5cd48afb8d65","sha512":"119bf79be647226e334d685c9898fdac7b4ea4a9e0736fa3a261483adf43aa84202201b55086e6c067d75ca49b0563a4f63b282ffeb1f4dcd3f195e6f63a97ac","ssdeep":"6144:I3CYPO50ViUpOZeYLeeYY7h91QTQpXCHcqzBp:I34k4ZLeeYYxXCH/7","tlshash":"6b242387013b903a7e17913b9daddda170009eb82802aca1c347a4c9d755facf99eb46","first_seen":"2026-04-01T11:04:29.225549Z","last_seen":"2026-04-05T16:59:41.114255Z","times_seen":3484,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-03-18/f71d03df0e8faead26870705c1a80a8b.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.798Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-18/f71d03df0e8faead26870705c1a80a8b.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 19 Mar 2026 10:55:14 GMT\r\nEtag: \"32c0808917aaefb3cd694e668c49a27b\"\r\nContent-Type: binary/octet-stream\r\nDate: Thu, 19 Mar 2026 11:01:28 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 3013\r\nContent-Length: 344848\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 10652858609755861309\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":344848,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"32c0808917aaefb3cd694e668c49a27b","sha1":"c524c682db189d37200b0a7f70de5466d5ba48b2","sha256":"3ffb47889a3f992e9fde47264d9348623ced9112913b956e5b7ec8fce99394dc","sha512":"84d8d774db3dceb04eb77ad3534a7b7e659927bc16198ac98de9e67e0f704ef6881d55a38ab5bbe4b250661f7a8a34cc45e8ac7ef4fef204831b497ef4c5cada","ssdeep":"6144:Ijku/5PVY2WoU9L0dj+KY6h9WtChhFG7CJfgwmueF+4pvTebsnrVU68Xm6AOrBYT:IjBU2WoUh05PZ/h2CJfgvuz4p7ebcx8Y","tlshash":"f97423a174ecb1de873b6152d9eeb1819dbd2a7fb9121e106c434af8cf0d7c8193416a","first_seen":"2026-03-19T11:57:27.208561Z","last_seen":"2026-04-05T15:42:27.944854Z","times_seen":788,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/themes/Mirages/images/zw.png","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.568Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/themes/Mirages/images/zw.png HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 8315\r\ndate: Sun, 05 Apr 2026 09:33:44 GMT\r\naccept-ranges: bytes\r\nserver: nginx/1.22.1\r\nlast-modified: Mon, 12 Aug 2024 11:53:26 GMT\r\netag: \"66b9f7b6-207b\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: Kv6Td4j_4Xs_JxkhAS3hBRdaEGOUBRB7qhCDeHwF0-056cRbKTvV8Q==\r\nage: 356\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8315,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGB, non-interlaced","md5":"87d7e39ae530f26358014035e5220cb0","sha1":"d7bd412471f941f420c3803010171435e453f032","sha256":"4928acb3a9c904342cbaa4ee364dd04ce00c9839db67550b6321eb2335545db8","sha512":"1280c5a6ce3a9a9ca7947373f282e63ce2b49c375c28ba69b42019aeb43445b8da20c9c777c13d93cd4c08bd1c2577b4576ef6c83c16367667d807abe54ccaf3","ssdeep":"96:P2mZCkJUKLyu69o7KmiRg6kGOACsXk9m/DFcrzET3P3GUce8m5dmxerdnbbPA2c5:XIX/nwKXzdkU7F2zET/GU1Zmxe5zVef","tlshash":"c0029ee84170051ca516dd7a9af9acbb43812660d4fdf22255b39aca361063839f5a8f","first_seen":"2024-08-26T12:26:43Z","last_seen":"2026-04-05T12:52:23.468679Z","times_seen":1931,"resource_available":false,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2025-12-10/3a3f0f224686cf3e940f62968b584c86.png","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.796Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2025-12-10/3a3f0f224686cf3e940f62968b584c86.png HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 08 Jan 2026 07:47:30 GMT\r\nEtag: \"60af2c4d8abb6b3edfa7e5b3f0af2c90\"\r\nContent-Type: binary/octet-stream\r\nDate: Thu, 08 Jan 2026 07:47:32 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 2420\r\nContent-Length: 139488\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 18285681767765451461\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":139488,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"60af2c4d8abb6b3edfa7e5b3f0af2c90","sha1":"ff01cec91d7ac12be695637f7f9bc1db1846b442","sha256":"33761d1d55e6319804742b0337b23716cfc9bdc57df7664750b11eb6b3b37976","sha512":"88283c6844b67a8bb6f85a933ba88699699caf084097ddd6fd536453892c7cd52f2e244807958a5fa597ddc43c4935cd286347d82fb65f446e8a3ca13df8060d","ssdeep":"3072:VW6g7V1QSflcmvjLY6EyrQatdxQbGxMLCBYIFDvdQpg/YR+rMToePvs:3gXl+CjLbrA5LCBYIFDvF/0+rMTrvs","tlshash":"76d312e10a29afb280c7534bb8925459dc02daf4c66fc66d0d923b1be67e73360945f3","first_seen":"2025-11-17T11:08:20.239469Z","last_seen":"2026-04-05T17:00:52.640149Z","times_seen":13155,"resource_available":false,"data":null}},"time_used":230,"timings":{"blocked":100,"dns":1,"connect":8,"send":0,"wait":11,"receive":18,"ssl":89},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/themes/Mirages/fonts/OpenSans/400.woff2","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.886Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/themes/Mirages/fonts/OpenSans/400.woff2 HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: font/woff2\r\ncontent-length: 16644\r\ndate: Sun, 05 Apr 2026 09:34:32 GMT\r\naccept-ranges: bytes\r\nserver: nginx/1.22.1\r\nlast-modified: Thu, 20 Jul 2023 08:30:10 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\netag: \"64b8f092-4104\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: ZTDFPwnMQ39d-zzUKzniL-44i4H2Y6rAZER7Lb97W7l9ri2zDVc-Rw==\r\nage: 308\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":16644,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16644, version 1.6554","md5":"6276351c3fd3053a0cab736572d6ced1","sha1":"326b281cbcf5070d140fadedc4b1354f1a5d916c","sha256":"43640ab0efbdbd50a1162047c1f62f338fb84de407411b98bfa6a1f8666ef0af","sha512":"c9885c9fa086350a150efae1c40c9ab22314db0baf47b457c3de4be5c7e609313b9fec4f9000b133a9f8b365c2d5d3703bbff579833a8b81195062e5f6bfe5e7","ssdeep":"384:JK4eVLUx4mqjtgI4cwDn/HnhbXOU7WYb+KFqEevY5:Y4edUqmBIkD/HhjHWYb+KFGvY5","tlshash":"bf72cf83f467d9f0f42836305db116e3b979ef357761ace0621445aa1232bd02e847dc","first_seen":"2023-05-08T23:10:23Z","last_seen":"2026-04-05T16:36:29.65138Z","times_seen":19847,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/themes/Mirages/css/7.10.0/webfonts/fa-solid-900.woff2","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.890Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4y4z1.qquknwu.cc/usr/themes/Mirages/css/7.10.0/fontawesome.min.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: font/woff2\r\ncontent-length: 156496\r\ndate: Sun, 05 Apr 2026 09:00:05 GMT\r\naccept-ranges: bytes\r\nserver: nginx/1.22.1\r\nlast-modified: Mon, 29 Jul 2024 09:38:06 GMT\r\netag: \"66a762fe-26350\"\r\nexpires: Wed, 08 Apr 2026 09:00:05 GMT\r\ncache-control: max-age=259200, public, max-age=2592000, immutable\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: KC8x7oUM4ZQIcy8FYhiil2bE_9pFSPsygU8WDt_fHSsHQSFCp26kYg==\r\nage: 2375\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":156496,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 156496, version 773.768","md5":"6c4eee562650e53cee32496bdfbe534b","sha1":"1aae708e3b94ee981b452a918d28ed037fbb5e18","sha256":"9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2","sha512":"ebcb5a2e2a908228f77ecd03b45491778cad73ddc39fa3a6334b129aaf9fa36c16c0307aeaad74d77f616b5b34aac52d91e9f4816945253dc9a826ddd71f4d12","ssdeep":"3072:OvM6gZMLmY8uGpjVnlooQ+GQs8jic0f/KkMdE:OU65LoP5QSsuic0f/cdE","tlshash":"8ce31200d620498d9978fd5b2a1fa1ffa7a939c95ed210bad3c30cb93257143bbc2556","first_seen":"2023-12-02T04:06:15Z","last_seen":"2026-04-05T16:42:42.442261Z","times_seen":33052,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-04-04/cc39543e38a09d2e72acb30c49fa16a8.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.201Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-04/cc39543e38a09d2e72acb30c49fa16a8.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 04 Apr 2026 09:53:54 GMT\r\nEtag: \"75f10b7b10d237f65701f2ba4cd0f160\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 04 Apr 2026 09:56:53 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 4069\r\nContent-Length: 243872\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 881733278984802291\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":243872,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"75f10b7b10d237f65701f2ba4cd0f160","sha1":"9a345f23ec749b16f77e9e2268fcaa76dc207def","sha256":"d2ff23efb11bb7babc7218da09e45e5de163e8636c4d8b138babecdde1ea19ed","sha512":"3fc535e7dde7eb45bdfa4cc75d1d851f932e52dbedfd2f1c440681056c5616d948dd1ef4e10a9c2ae1ba38d6d1ddac0c9de3d23139af1322f4a5931589a011f3","ssdeep":"6144:HjXSQ3IS3rvVRw6rKNP6ybJak2sBRvSU752V8bYg:rRT7dRwxt6ybJYv+5Ag","tlshash":"183423a2e1f2d669058c1d72512799e1d7cfe1ec70e562cda7e4c8e60381d822f7f690","first_seen":"2026-04-04T10:46:05.491268Z","last_seen":"2026-04-05T16:59:41.070053Z","times_seen":3363,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn//upload_01/xiao/20260330/2026033016335011380.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.264Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET //upload_01/xiao/20260330/2026033016335011380.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 30 Mar 2026 08:33:55 GMT\r\nEtag: \"92b6b2d728a24ac19a731db347477c33\"\r\nContent-Type: binary/octet-stream\r\nDate: Mon, 30 Mar 2026 08:37:08 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 13167\r\nContent-Length: 55248\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 734099210858293576\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":55248,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"92b6b2d728a24ac19a731db347477c33","sha1":"ef30a8f9772ff55b5ba436a9bc642b9c27a9fdc1","sha256":"6501c1636c2aa3409be8d7c1549c39773a21acabb3d40a2da8ac070bd4592fcf","sha512":"9f583f6574ba571c3913d1b3604be4c31365fa6106674f23d59a22dd8028855b6e868ff6412a2ba74aa57a26c50a20c4440f6f2cc3f85613498e832d6aeb348a","ssdeep":"1536:jppLpjKTTJJ9KWBI0bVJbmmnas+o+56GcY48HIQjouP:93KTTJjKR0HfYoEMYVoQj/P","tlshash":"67430203a649a28b38ff5d46edade18779ea5c2958fc400c6a25cef46750d380f97124","first_seen":"2026-03-30T16:40:09.352918Z","last_seen":"2026-04-05T12:52:23.426661Z","times_seen":536,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/themes/Mirages/fonts/OpenSans/300.woff2","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.898Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/themes/Mirages/fonts/OpenSans/300.woff2 HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: font/woff2\r\ncontent-length: 16344\r\ndate: Sun, 05 Apr 2026 09:32:12 GMT\r\naccept-ranges: bytes\r\nserver: nginx/1.22.1\r\nlast-modified: Thu, 20 Jul 2023 08:30:10 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\netag: \"64b8f092-3fd8\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: wRNrT2ahRT8wbWJ77_QMUBCxAPOnrWm9luL88XJdFXZMpLatNVbEOQ==\r\nage: 448\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16344,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16344, version 1.6554","md5":"c027111d6febba054f7cd5e5fddf2243","sha1":"7c6ebfb74210e4d368ba5df96b2c5aa448a3953e","sha256":"c347496b917562bd48ed65545fbced7c9fb2a3e48c1102708a7e615fd4fb2ed8","sha512":"1a819ee0993cbed2399265606b2adc0866dd34fcab1272b6d1798e08010cab4e38af1a2299d74a706690a3188d0081d92804568982fd23f6d2ce946ac29fb61c","ssdeep":"384:sO3z8BPeD5+oRjlrvO+uuGnSDKDPVb0fOovWO1aDDBAb:pgdeD5jRjpO+ugDKDPZ0mwV1aDD6b","tlshash":"ad72cf62810dd851e31137fd7c6622e0878cb0a392121bfc5bebd8ec09204e67ac43be","first_seen":"2023-08-07T12:25:19Z","last_seen":"2026-04-05T16:35:24.062943Z","times_seen":18016,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/plugins/ai/css/index.css?v=10","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.543Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/plugins/ai/css/index.css?v=10 HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ndate: Sun, 05 Apr 2026 09:13:58 GMT\r\ncontent-encoding: br\r\nserver: nginx/1.22.1\r\nlast-modified: Tue, 02 Dec 2025 06:53:08 GMT\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\netag: W/\"692e8cd4-e0da\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: 2gjc9kkjUfIPgcDJpvQfQXNu6-AmcIeC85H5V066Iidq9Y_M2sQb0A==\r\nage: 1542\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":57562,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"bd620d44c4433ddc445477e8ac4903ad","sha1":"6a1e4771e3cbce1f5919b18a55fcc064a14a1b3b","sha256":"56bba7a6d9c45ac0e015aa4fa2b84c3611154df066aa2dd75d9dbf4cd90b4a32","sha512":"1e84ca3fecf315cbf9065ff84df18cb966d0b82f5accd36e5df91b4dcf18785664161f060135952c5c2398460edd592e62cad62490e675d5324e6c44b75ed4ab","ssdeep":"768:C3/VjKBjwp2GWfTdfsudyFi3doKQRQqQoagvKFxXRC2Yl4:+EsudyFi3iKeBggvKFxXRC2YG","tlshash":"5043340816230905785795babf7b17c56258c087cd0bc96d7fcfa649cf8e228b4b6bc9","first_seen":"2025-12-02T07:19:49.046582Z","last_seen":"2026-04-05T12:52:23.460184Z","times_seen":1882,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-04-01/9689ef1dd67c8debc67a6e331fed4e6c.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.336Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-01/9689ef1dd67c8debc67a6e331fed4e6c.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 01 Apr 2026 07:24:29 GMT\r\nEtag: \"e8f402bbd7ca8d7bf927eaefed9bd9ed\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 01 Apr 2026 07:25:03 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 15\r\nContent-Length: 115744\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 5659248503728375891\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":115744,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"e8f402bbd7ca8d7bf927eaefed9bd9ed","sha1":"8bd4eeae4e7b015e73dc4dabecc4ebdb33336510","sha256":"1312386711b0f183412febf7ed9ed441f484b2b68819b7792ab4ef44a85feba3","sha512":"83a926a023b5138af3091f0064cb453f4dde8bd78cfadf8a4614b52033df8de30ed99abc70155bd2e44925e901c68943fa20965e1c2c09ce5d770ad56341f774","ssdeep":"3072:FYUGtrIeD1cFsiwpu9liXFRJI+4ZpIDKT3CCb:FmZIE1GwUuJCTSi","tlshash":"75b302fe476788fc1e0f092b641394b6a2705899b89cb2b72c5df78d8e8148c47f5839","first_seen":"2026-04-01T09:04:27.226803Z","last_seen":"2026-04-05T17:00:39.727095Z","times_seen":783,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":14,"dns":0,"connect":0,"send":0,"wait":34,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-03-07/3fd7b57c7e8ba4c47be030676f1c8862.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.352Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-07/3fd7b57c7e8ba4c47be030676f1c8862.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 07 Mar 2026 06:50:53 GMT\r\nEtag: \"645193b231bebbdbaefbbaa77eac1364\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 07 Mar 2026 06:51:11 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 136\r\nContent-Length: 507472\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 15150071894812515392\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":507472,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"645193b231bebbdbaefbbaa77eac1364","sha1":"31101e1dfba564435ca61cad3ce38243cae01e18","sha256":"0833cc49c1ccc851144bebd31890cd11b836252b599f742ae0f069296a0cfe35","sha512":"55fec6a28b17930748cdbe8500c653a020a70db219fba2db69460b08418263702eae0359e8682f13270b19322147246dc3dfec87cb29106578e91bf02612a262","ssdeep":"12288:ERgDw8QSNU/TDrgc60Fv/9/Ut4mDGQkKei0taP8Vaam7vubr:ERw34/Dg4dstdfBCaP8Vaam7vqr","tlshash":"85b42323e365ced7cd86aae3a8ba3fc769626336820773dec26115df20140817b5574b","first_seen":"2026-02-15T21:43:33.911102Z","last_seen":"2026-04-05T16:29:47.969526Z","times_seen":1864,"resource_available":false,"data":null}},"time_used":92,"timings":{"blocked":52,"dns":0,"connect":0,"send":0,"wait":13,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/themes/Mirages/js/7.10.0/index.js?v=33","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.588Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/themes/Mirages/js/7.10.0/index.js?v=33 HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ndate: Sun, 05 Apr 2026 09:06:58 GMT\r\ncontent-encoding: br\r\nserver: nginx/1.22.1\r\nlast-modified: Tue, 02 Dec 2025 06:53:08 GMT\r\nexpires: Wed, 08 Apr 2026 09:06:58 GMT\r\ncache-control: max-age=259200, public, max-age=2592000, immutable\r\netag: W/\"692e8cd4-f78\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: UeIo-2umaxxe3x9GYZxfCKCkVSKmiNsbmaOujK8aFhmGIm_1SAQf9g==\r\nage: 1962\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3960,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"eb05cb67a079233ff0563280b3dd125c","sha1":"9fc5ebb696725060bf1964f3ec38a849c4d136d2","sha256":"280f79e4d53124ef45f722876161ce7225c76f3a3f2239f8f93ddd0a03b62e8b","sha512":"8fce42f03702d24f4bf77bab6cf4a9f711dbad17f8acacab1156e34aaadcaf22c2294679465dd83e657eb43c0de960d480618994abe1992510b1254168ff4b55","ssdeep":"","tlshash":"4581aa453ab2503042bf306b8fef74081a156107e986df18b9adc68c4fd06a7a0c739f","first_seen":"2025-12-02T07:19:49.010534Z","last_seen":"2026-04-05T12:52:23.455026Z","times_seen":1884,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/themes/Mirages/static/jquery/2.2.4/jquery.min.js","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.548Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/themes/Mirages/static/jquery/2.2.4/jquery.min.js HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-encoding: br\r\nserver: nginx/1.22.1\r\nlast-modified: Thu, 20 Jul 2023 08:30:10 GMT\r\nexpires: Wed, 08 Apr 2026 08:11:39 GMT\r\ncache-control: max-age=259200, public, max-age=2592000, immutable\r\ndate: Sun, 05 Apr 2026 09:02:03 GMT\r\netag: W/\"64b8f092-14e4a\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: 7qTpPLhW5sYzf2rfch2VLE8OK9v2tFuseJP2uepDRe7QCMBxN91HXg==\r\nage: 2257\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85578,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32065)","md5":"2f6b11a7e914718e0290410e85366fe9","sha1":"69bb69e25ca7d5ef0935317584e6153f3fd9a88c","sha256":"05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e","sha512":"0d40bccaa59fedecf7243d63b33c42592541d0330fefc78ec81a4c6b9689922d5b211011ca4be23ae22621cce4c658f52a1552c92d7ac3615241eb640f8514db","ssdeep":"1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2","tlshash":"1e83c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-05T16:50:32.425922Z","times_seen":264778,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/themes/Mirages/css/7.10.0/mirages.min.css?v=34","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.482Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/mirages.min.css?v=34 HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ndate: Sun, 05 Apr 2026 09:13:44 GMT\r\ncontent-encoding: br\r\nserver: nginx/1.22.1\r\nlast-modified: Fri, 09 Jan 2026 10:05:33 GMT\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\netag: W/\"6960d2ed-3a9bb\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: VVOK66AU-FRjE6x9hxZWI8zgUeTEJT4B2nPcReYDGf7qzg_hsUJvCw==\r\nage: 1556\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":240059,"size_decoded":0,"mime_type":"text/css","magic":"troff or preprocessor input, ASCII text, with very long lines (369)","md5":"a552220e6a0233ba2637bd434bc051f2","sha1":"23f31fbcb4e4469fed5cf6ee7279d4723867aa3b","sha256":"037579d51f5800e84acfa108363b7baa65ed693e8fa79ef47809be7ca89ae421","sha512":"cbf78f5a3d249f7df5a3503ba1c205431348298ff3b95c8de90979357057cadc2c25fc65a199c5f52d1c0fd89f42b8aade9177c2e39ad3fc16989fea57bf815b","ssdeep":"6144:NAWmIgE0YxZp5FfPKnJ9qXCJ9qXnKiiELJ7TEqvF38rmoLgPriaWAd6G:NAWmIp0I5FfPKOFoLgp","tlshash":"99343f6c95b709802217c69c2bcfa6402738b057ec09adadf39677dccfc9a558192bcd","first_seen":"2026-01-09T10:58:05.230828Z","last_seen":"2026-04-05T12:52:23.444422Z","times_seen":862,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/plugins/DPlayer/assets/DPlayer.min.js?v=4","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.582Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/plugins/DPlayer/assets/DPlayer.min.js?v=4 HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ndate: Sun, 05 Apr 2026 09:38:06 GMT\r\ncontent-encoding: br\r\nserver: nginx/1.22.1\r\nlast-modified: Mon, 03 Nov 2025 04:15:20 GMT\r\nexpires: Wed, 08 Apr 2026 09:38:06 GMT\r\ncache-control: max-age=259200, public, max-age=2592000, immutable\r\netag: W/\"69082c58-4a650\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: TcXmZCAGnwzDMJI95-3Dom1KL8ruqAKbIJSEnmkHbnBgxh64TKHErw==\r\nage: 94\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":304720,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"4046f013cf323ea4de2e2518386c3d5a","sha1":"cc1bb7b97ba97a03c92593de7524a22ea87c78b0","sha256":"5c9811be07c774e5465097e43c4945941c501333fe482a90f5286cfb3c88e280","sha512":"b50531b05b763c25361b5fa23e258acf12f1c470bdcf0fd60d1a22451f1f954f55761446344067075cf4bc794177c83dbb9eec21565c2ffcde52bff93acbbae6","ssdeep":"1536:PFri4r9aKySaa3rzg7hSwaKySaa3ref7j3MEwOMEa8vTDadMcBjOsCSwixK1LzV+:HNDyMgjKbixKVhjLIR2INivkJ","tlshash":"4a54b20b364131340262afe8c6db534a36347310e9729729f65ef9de8f9d84c6427b7a","first_seen":"2025-11-01T05:08:56.775869Z","last_seen":"2026-04-05T16:55:02.684551Z","times_seen":26580,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/themes/Mirages/css/7.10.0/webfonts/fa-brands-400.woff2","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.896Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/themes/Mirages/css/7.10.0/webfonts/fa-brands-400.woff2 HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4y4z1.qquknwu.cc/usr/themes/Mirages/css/7.10.0/fontawesome.min.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: font/woff2\r\ncontent-length: 117372\r\ndate: Sun, 05 Apr 2026 09:11:25 GMT\r\naccept-ranges: bytes\r\nserver: nginx/1.22.1\r\nlast-modified: Mon, 29 Jul 2024 09:56:28 GMT\r\netag: \"66a7674c-1ca7c\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: 4e2peeuGmqcpHCXcEm6KmUbJyYXr62Isk5Qz1Xv1VXWJB7mV370lKg==\r\nage: 1695\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":117372,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 117372, version 773.768","md5":"b6356c957274676e6571c1ff5e11c9a8","sha1":"4022f95e001d734ca8f082b8e7627abd205609ec","sha256":"3a8924cd5203a28628716aedb5cef0943da4c3b44e3ffcee90ab06387b41c490","sha512":"83de79c74480fafc62cdac4012ff2a129d8701772ee16216c3d9488826ac21a9c2f8a416fe3208a61bfea7e12c24ac1cc2d26f6d22bd2b0ba39a22d630238b59","ssdeep":"3072:U3JKgVzg5ybfXYe5W59JPQaPWKSsx/DBMnVnqedkAFqPQTzIBIOK2vDMF:IVM5A5GJPQaH/NMtBkAvcnYF","tlshash":"c4b312f88b7ac9a5e304e67b55e4613555a0aec8b180f35453be7c2c221e10dc67afe3","first_seen":"2023-12-02T04:06:15Z","last_seen":"2026-04-05T16:50:00.174159Z","times_seen":19091,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-03-15/57b63adb38b3b3c743530cabfbbb03ec.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.118Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-15/57b63adb38b3b3c743530cabfbbb03ec.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sun, 15 Mar 2026 02:00:15 GMT\r\nEtag: \"5871716c61dd3e9fe100ebf2edf97b54\"\r\nContent-Type: binary/octet-stream\r\nDate: Sun, 15 Mar 2026 02:00:16 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN56-P1\r\nAge: 234\r\nContent-Length: 106560\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 14735491259371805548\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":106560,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"5871716c61dd3e9fe100ebf2edf97b54","sha1":"616933f7045a01d88ddb21822481cba3da10b5a5","sha256":"59ce5035ef6606295b85369fd85bc9eb9f34cad1165d80028dbf5beb3599a28c","sha512":"c94499f70b3b10ecf375036cbc223a70257d405b355b65627f36222b7c64d8bf0c6e2f89a8b7cec12df52b1ed07d02670cc4e8ac8e898674927432abf53316d7","ssdeep":"1536:f6CzWH2XL5XrSuq7CsYbjKxy0+1SwrVR+TsTFUZn9vw7Dh5D5lGWb:pzWH2XLdhq7Cso0y0KashJb5bb","tlshash":"3ea312f4c92f2f916d1525435425bc2cc8c2a27ae978fd0744c2ee9e22def417d4aa68","first_seen":"2026-01-19T17:21:34.024069Z","last_seen":"2026-04-05T12:52:23.453927Z","times_seen":637,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn//upload_01/xiao/20260330/2026033017315672557.jpeg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.228Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET //upload_01/xiao/20260330/2026033017315672557.jpeg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 30 Mar 2026 09:32:02 GMT\r\nEtag: \"2aa6aec2f94666302572930a25869e4f\"\r\nContent-Type: binary/octet-stream\r\nDate: Mon, 30 Mar 2026 09:42:11 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 9263\r\nContent-Length: 97488\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 2913070175818271293\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":97488,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"2aa6aec2f94666302572930a25869e4f","sha1":"75e6c493d9c94b5188b59d22351b32ff6ee087e6","sha256":"742e85938c0fd618919088d4ec10b120cc4655b2c889246ec8b2d561a467c256","sha512":"3976722fadb9bb2d8cb7b431653d8c08822888d27348c67e2dee8c9ef1a031d9cc025e10fe8ff5076f0bb11cb1a74eee5f833d7116f7bdf35032d12ed5fbe429","ssdeep":"1536:IwQkGYP2ovFxId4ZX9wN9R+vvLV8jp1lhrsKpfyTl57uZ1jErAXZ0yW9VmGopMeY:I3apwNwV8jpdrsK8cwkJ0y42pDBubJqe","tlshash":"019312f6735d108142f6eeadaba531f7a3b1f974b810ee070aca4fe8e110595591f382","first_seen":"2026-03-30T16:40:09.321251Z","last_seen":"2026-04-05T12:52:23.4576Z","times_seen":536,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-03-24/dab866bedf716f62e200e2e9aa746c2a.jpg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.354Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-24/dab866bedf716f62e200e2e9aa746c2a.jpg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 24 Mar 2026 13:11:03 GMT\r\nEtag: \"e7d6793147e00baca5f5726852fb737b\"\r\nContent-Type: binary/octet-stream\r\nDate: Tue, 24 Mar 2026 13:11:04 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 752\r\nContent-Length: 40752\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 6910913857403465043\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":40752,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"e7d6793147e00baca5f5726852fb737b","sha1":"b631bd38e510d6ce19d4462b2d98df7e984da617","sha256":"75c128d5d4ff4f85307e65b52c38a32cf402c4123ab19a6cbbaca56d75df6fbf","sha512":"24234fa41941a5224c56a513eefff62ad349d4cdb2f165a5432adad4f197ca433352e0574a8d7f87baaccd5d3cfb1ef90afbabc5725e61c04892df540f756512","ssdeep":"768:XjMSEvjXY/y9UH8G2aKjjQWmyM5r/wXelA2O2cAmpAyjlzcLy:XQSmjYKSH8G2aA3u/SzX","tlshash":"5903f1684d2e53c6d21c90a2b3a3d4a2563789d8854df74b2fe18e5ec575e3e720bb03","first_seen":"2026-03-25T15:57:23.2221Z","last_seen":"2026-04-05T12:52:23.442001Z","times_seen":541,"resource_available":false,"data":null}},"time_used":118,"timings":{"blocked":77,"dns":0,"connect":0,"send":0,"wait":40,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/plugins/ai/common/vant.css","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.538Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/plugins/ai/common/vant.css HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ndate: Sun, 05 Apr 2026 09:34:10 GMT\r\ncontent-encoding: br\r\nserver: nginx/1.28.0\r\nlast-modified: Tue, 02 Dec 2025 06:53:08 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\netag: W/\"692e8cd4-30a89\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: -3iFyaBEg2kaGjDxu2dJLtihrxbC8-rNat1PuARCyaF4BVHEQqQcSg==\r\nage: 330\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":199305,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"ec97f98b8f11e72ca35d2a8939500e67","sha1":"fcdcaecbd29eb74c4d507c0f23d3758052aba3eb","sha256":"52fcb2a7486d329611d7fc1562e0dbcde9f4494728b88dc26932388fee77391f","sha512":"16ec7dfa0d84e113ac71cf66bc4aa1659d3a9089fe76c8e2834d0bd1ee25db5fb2ad0dfe35dbb9ba2340957396a603a09c8ebbacf49c90a65df12f522d9b851d","ssdeep":"1536:VjQbFNJ+jqkiHckCwsBlDOFIxuVoxJPBik/1Al5aIzb2VTVaxA:VuClDsIxuVSmRdJA","tlshash":"ec149495e69091bcbf27f275ab8b96dcf23cf560ed01daa4f10051580ec7bf50623a1a","first_seen":"2025-06-27T04:20:30.581604Z","last_seen":"2026-04-05T16:55:02.616914Z","times_seen":25895,"resource_available":false,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-04-04/d65e1a35b41a3be19f95d30dd2a1ed3e.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.271Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-04/d65e1a35b41a3be19f95d30dd2a1ed3e.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 04 Apr 2026 09:35:52 GMT\r\nEtag: \"555f34e950262d9b6f53d2efc865b4f5\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 04 Apr 2026 09:37:00 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1031\r\nContent-Length: 364176\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 16966020289508340855\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":364176,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"555f34e950262d9b6f53d2efc865b4f5","sha1":"01f6daaeae77a4d781348fcc4022614797723542","sha256":"1434c11cea6e65092d63e05ab538d6735489a43b99a101874345ad0c2733c50e","sha512":"5b8c5afb5a3faa191c3fe9001f51d509f7eb6ed312216843678ebb18716b81fc6dabe2eb873a0daf4215a4a164199bad423f5f3f0a7ed6b212517cb2613e49ce","ssdeep":"6144:hty2rVekj7TpnXVAxMG6T+CiDeIU9HUEKhymF04ouTy4VvF6kDu8XS7a0HIQ:hZckj7RXW56KCivU9HlKhyS04oorVDSl","tlshash":"4474230cb154a0a68012791b2a37e3dd39e8e70aee55db29b05e0a7bf747d0b472147e","first_seen":"2026-04-04T14:16:56.916701Z","last_seen":"2026-04-05T12:52:23.469798Z","times_seen":521,"resource_available":false,"data":null}},"time_used":68,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":34,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/themes/Mirages/js/layui/css/modules/code.css?v=2","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.640Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/themes/Mirages/js/layui/css/modules/code.css?v=2 HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ndate: Sun, 05 Apr 2026 09:26:10 GMT\r\ncontent-encoding: br\r\nserver: nginx/1.28.0\r\nlast-modified: Thu, 20 Jul 2023 08:30:10 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\netag: W/\"64b8f092-527\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: J2T8-xblmZ8yOxnmtyyuY0E-eTP4gmH_e2N1fnr5HBNQkjGKz-V2hA==\r\nage: 811\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":1319,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1319), with no line terminators","md5":"986d0d70b033a195fc1bd1527b06993b","sha1":"69ea79bb09bddd3b988db70ef8b10be9ed0f0065","sha256":"3f27194c2e479212781a76f993b778d724ac9838e780b19472c0357cd3081431","sha512":"a3d1ffa0ba90c8ed8f1330c456760ad7098b683756f1f5d2aae6ec89502c0fe1ff6287e7b1180b9df8f50d517118b610566e9315de055d4780a230488eda10e0","ssdeep":"","tlshash":"d721493aa3852118354bf21574fcbcbca03cb1d6a5ea0eaaff416797c944c51083674f","first_seen":"2023-04-11T12:12:51Z","last_seen":"2026-04-05T17:00:52.648587Z","times_seen":26538,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-03-19/97aee11cfe1beee7eac60bc566295860.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.923Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-19/97aee11cfe1beee7eac60bc566295860.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 19 Mar 2026 14:51:54 GMT\r\nEtag: \"9ddb04d6c9042efb4712480b176fca4b\"\r\nContent-Type: binary/octet-stream\r\nDate: Thu, 19 Mar 2026 14:52:25 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 344\r\nContent-Length: 238208\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 18086780824952452268\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":238208,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"9ddb04d6c9042efb4712480b176fca4b","sha1":"968363ef8310f01f11fb32b10d40d13da1a8fe5a","sha256":"b0dfd63db1409768231c02ea74abee6262dfd8b9269b565267dead839baa5842","sha512":"0a65c857ad6082f3d60912e768ae8e31a1a07e75be14aa79877f60e9944f38a5ee317cc65056db467b54dc8d21828102c23bb1e84c5d48621eaeb4719fca55f9","ssdeep":"3072:5HpwE8Rnr9Z3dL4Yi2YJ44ng5lZnedKBpkHoRDhnDgi0zEdsJot2lyPzToxjM9H8:Fp3CZVpCAlZedWIo/nQ9EBPzToCXhU","tlshash":"9d3412ec67fd5877af32303a25b34e9cbe156b507c32c0562f217509ecaa756b0316a2","first_seen":"2026-03-19T11:57:27.122402Z","last_seen":"2026-04-05T15:42:27.861928Z","times_seen":790,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":6,"dns":0,"connect":0,"send":0,"wait":9,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-03-21/c06d06d0f054c6dbccee479e0d7f5630.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.343Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-21/c06d06d0f054c6dbccee479e0d7f5630.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Sat, 21 Mar 2026 05:46:30 GMT\r\nEtag: \"e48e2b1d63fb2d2cd82346ca01d95f69\"\r\nContent-Type: binary/octet-stream\r\nDate: Sat, 21 Mar 2026 05:55:07 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1883\r\nContent-Length: 146352\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 6108471508082203521\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146352,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"e48e2b1d63fb2d2cd82346ca01d95f69","sha1":"1ada1c6b080b469c287dd5531ce72c445b755269","sha256":"680ccc06b206fe8d5290efc4f2f68b436ed417f3a2edab0012976a2cd2f0614d","sha512":"bc483e72aa9650bf10e29a5fbf3cf8460920a71bfab65fcdf6120c6185219fc959519537346b92f593f8b447cf89c3c81dffc8f0a8c1062bcb60b38e2954c7a2","ssdeep":"3072:mKZQcw1suHEyuTa7HoRYXurvGwCz2PIhZP7qeaw3rJgbA4cYsSO0ErzGr:mKZXTHaqY6aiqOw3qz5sStErzGr","tlshash":"37e313d8aa917683c88e3c199a6b4ee8310c703f15dddb31b4b6c5e82ffe2654184d5b","first_seen":"2026-03-21T05:58:51.159978Z","last_seen":"2026-04-05T16:38:14.781856Z","times_seen":4566,"resource_available":false,"data":null}},"time_used":66,"timings":{"blocked":39,"dns":0,"connect":0,"send":0,"wait":22,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/themes/Mirages/fonts/OpenSans/400.woff2","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:42.543Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/themes/Mirages/fonts/OpenSans/400.woff2 HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nCookie: _ga_4Z1QLF83R3=GS2.1.s1775381982$o1$g0$t1775381982$j60$l0$h0; _ga=GA1.1.1299751109.1775381982\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: font/woff2\r\ncontent-length: 16644\r\ndate: Sun, 05 Apr 2026 09:34:32 GMT\r\naccept-ranges: bytes\r\nserver: nginx/1.22.1\r\nlast-modified: Thu, 20 Jul 2023 08:30:10 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\netag: \"64b8f092-4104\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: vG3KtlsG1cHSNMEgSC4-CD9FgElCtJNv8zvgFyneDO4ANJiw20lmJQ==\r\nage: 310\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":16644,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16644, version 1.6554","md5":"6276351c3fd3053a0cab736572d6ced1","sha1":"326b281cbcf5070d140fadedc4b1354f1a5d916c","sha256":"43640ab0efbdbd50a1162047c1f62f338fb84de407411b98bfa6a1f8666ef0af","sha512":"c9885c9fa086350a150efae1c40c9ab22314db0baf47b457c3de4be5c7e609313b9fec4f9000b133a9f8b365c2d5d3703bbff579833a8b81195062e5f6bfe5e7","ssdeep":"384:JK4eVLUx4mqjtgI4cwDn/HnhbXOU7WYb+KFqEevY5:Y4edUqmBIkD/HhjHWYb+KFGvY5","tlshash":"bf72cf83f467d9f0f42836305db116e3b979ef357761ace0621445aa1232bd02e847dc","first_seen":"2023-05-08T23:10:23Z","last_seen":"2026-04-05T16:36:29.65138Z","times_seen":19847,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ads.zyudkkup.com/api/eventTracking/report.json","fqdn":"ads.zyudkkup.com","domain":"zyudkkup.com","tld":"com"},"ip":{"addr":"156.255.123.151","port":443,"asn":63888,"as":"DATAWING LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:46.907Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zyudkkup.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 03:53:19 GMT","end":"Sat, 20 Jun 2026 03:53:18 GMT"},"fingerprint":{"sha1":"27:F6:4D:51:9C:51:6A:20:E0:1F:AD:77:74:1B:F2:27:39:DB:A1:9A","sha256":"FE:29:F0:5A:06:E3:36:8C:30:6E:4B:70:DB:8C:55:00:E5:EC:C0:C9:64:E4:C5:E2:75:0E:6B:C4:BB:22:BC:07"}}},"request":{"raw":"POST /api/eventTracking/report.json HTTP/1.1\r\nHost: ads.zyudkkup.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json;charset=UTF-8\r\nContent-Length: 2246\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Apr 2026 09:39:47 GMT\r\ncontent-type: application/json\r\ncontent-length: 42\r\np3p: CP=\"CAO PSA OUR\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: content-type, token, cf-ray-xf\r\naccess-control-allow-methods: *\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DmQtHpA8jGBCGfx2sNUkiFkkZr%2FqPLymK6T1aqQkmdcV070j7neKhE67EXlt8ZVk4h24n66NJVM2GovMLn%2F%2FwG3oQYRWGjL6Uskr4TCr0%2FAXqpyrMm%2BJ5FzNG8XiVwfwacjp\"}]}\r\ncf-ray: 9e77966a0d585ebd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":38,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"a18efcf9ab81c59f799055f380d36af2","sha1":"535cb75bec8882d106f8485eb6c852c276cffcbd","sha256":"adcfad9a2421204a720213ffeae74fddf2ab2fb1fcfdb8da62360593697a91c0","sha512":"36a0dac3279f0579a71d4d6a940db6912ae26a1f127d993f1d4e21e7ac5bf1d41bf97aeaca822fa354bd9e219df901a960614f5ef42f4406eac746e5a53d58f7","ssdeep":"","tlshash":"1b800023a82c08830e023acc080e0b0822ec20838e000b20cc8cab28cb880b8f2a2830","first_seen":"2023-04-13T10:09:53Z","last_seen":"2026-04-05T17:00:39.749035Z","times_seen":1949,"resource_available":false,"data":null}},"time_used":203,"timings":{"blocked":-1,"dns":0,"connect":0,"send":1,"wait":201,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/themes/Mirages/js/7.10.0/mirages.main.min.js?v=2","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.587Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/themes/Mirages/js/7.10.0/mirages.main.min.js?v=2 HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ndate: Sun, 05 Apr 2026 09:27:01 GMT\r\ncontent-encoding: br\r\netag: W/\"68772795-344cb\"\r\nserver: nginx/1.22.1\r\nlast-modified: Wed, 16 Jul 2025 04:16:21 GMT\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: QcnUcCPh6xPuuc6T53WkvrZgB8umS68qM62sWGKqSEqP76QZHQD65A==\r\nage: 759\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":214219,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (985)","md5":"362b5781346284f1fb148b6d2b8163cd","sha1":"7382b512aeeb39937e3c93e2ee1c30b1efbd550d","sha256":"50864870f44f052acb4b4d3f99a4a1ccc4c4d5ab3c5dfabeb02917e07620d1f0","sha512":"14ac42f77c4b56fd74da41a4f93e02c38e1eaccf2adce978de683cca08ec8f08b58945b4b22a5785b75671180fc3e490a2fcdfd664b2e49010a47a49ad5d91ca","ssdeep":"1536:AmlzKVudAZc+N/w/NBsdywbCxZLyaGGSI5D2iWBnAY5vnKxGgUr/lKTmcbJ9GmKf:WGjbdHY9KxrnBJguccjol+QRXsG","tlshash":"ff24f60ea6f215325297f0b85a6f8d043235802b5a4adc687d6cd1dc5f1c83c57bafae","first_seen":"2025-07-17T11:56:58.545916Z","last_seen":"2026-04-05T15:17:34.273742Z","times_seen":3086,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-03-19/c23759f712956389bfc2ff966ceef653.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.333Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-19/c23759f712956389bfc2ff966ceef653.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 19 Mar 2026 12:55:07 GMT\r\nEtag: \"b623e1b55f0930c825f1f77ccf2aa695\"\r\nContent-Type: binary/octet-stream\r\nDate: Thu, 19 Mar 2026 12:55:48 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 41477\r\nContent-Length: 312944\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 1941031367682136701\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":312944,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"b623e1b55f0930c825f1f77ccf2aa695","sha1":"2a3fa46412096622bfbf0c8c804e3569563ab50d","sha256":"257c25438d69e04240ed40ad37b4a28caf7fd4aabf061e969ee9235a79f6ba91","sha512":"9640217cfc3e64b0b3f5d8e1c9dc97949071f55ad898a1d2299fb29fdf3e429aaba6a05d5d8c9f00cd6878ab95e5b84db7bdd41e9bf1ee5f72c3d70e5a76e638","ssdeep":"6144:TN11eIfw2XlBj5XN+lXYm2J0ytC/xxX8lTnOJ2xk3/qtXfD:h11eIPT54YCykpxwTnOJX3/wX7","tlshash":"a5642310949180eb15cad88a5ecf5a30a2afc993d7afb41af0d3974b50ec7e93311b57","first_seen":"2026-03-18T12:48:21.453772Z","last_seen":"2026-04-05T17:19:28.142491Z","times_seen":5163,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":6,"dns":0,"connect":0,"send":0,"wait":12,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2025-12-10/eb9629787dca628df784241cc4ad4b21.jpg","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.365Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2025-12-10/eb9629787dca628df784241cc4ad4b21.jpg HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 08 Jan 2026 07:30:28 GMT\r\nEtag: \"2a804d2383da2ce8c3bb8e78c89740cd\"\r\nContent-Type: binary/octet-stream\r\nDate: Thu, 08 Jan 2026 07:30:29 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 247\r\nContent-Length: 61760\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 17100951456786287601\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":61760,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"2a804d2383da2ce8c3bb8e78c89740cd","sha1":"c508b4f8d2dc3d636e8fc570562454cfe8b26814","sha256":"5187c9f01775e1dddb7da539056c592ad5a06ff9e2b282adae57129dfeb91605","sha512":"e5f91c2cd081d9109170b6c61bd80f134ad15ca20b8fbd9560ff04f7284fff1a7d1c89c0599c96e495d85f4e22b74ee72de0fe013583086a9b314ad7b7a33e70","ssdeep":"768:S1d25n0l8NxwoU/3aGAF2s6JC3Ir39ohI+Ny5sV8PE0ueCCF2sYnKBhsHUL1SvJB:SH2n0l8dzlF2Pr5M+YRP5X0Ds0L1UL","tlshash":"8753028ffd89600852b86098e9537320d9e1bf50a1911e91bb0dd5f7eff9ac85323b15","first_seen":"2025-10-18T05:50:10.78991Z","last_seen":"2026-04-05T12:52:23.463307Z","times_seen":1932,"resource_available":false,"data":null}},"time_used":146,"timings":{"blocked":106,"dns":0,"connect":0,"send":0,"wait":38,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/themes/Mirages/js/7.10.0/tjtag.2.0.9.js","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.664Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/themes/Mirages/js/7.10.0/tjtag.2.0.9.js HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ndate: Sun, 05 Apr 2026 08:56:32 GMT\r\ncontent-encoding: br\r\netag: W/\"69cf9b78-8b27\"\r\nserver: nginx/1.22.1\r\nlast-modified: Fri, 03 Apr 2026 10:50:32 GMT\r\nexpires: Wed, 08 Apr 2026 08:56:32 GMT\r\ncache-control: max-age=259200, public, max-age=2592000, immutable\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: jZiaPMO9DZP9dL-uNogzBmGebKhSI7lvrcfCQintT_pLTfagevTL7w==\r\nage: 2588\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":35623,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (35113), with no line terminators","md5":"6eb0cd3097d0c2f3ce5b18a419702ef7","sha1":"8159931219a3c732ff944e0e5e232cb8992e106e","sha256":"3864f7f06b2899b319c944a880159b505f65a10c5d93d06fb7d2c1f900b37cfe","sha512":"9c9a355121d9af6d78c9856b9bbbf7dc288885e46d13d65ad1bc18d653d133076499b0f0f1885f551a33de99b55f12d6b33923e074790a67fe474380860cc7ed","ssdeep":"768:jJnsOGw8wbKBD/w/o3V/xe/beTSt1d2fP9BCENkZZaNlNbu/P7qFs/DInU1tUCjr:LaKE9O7FMpvK","tlshash":"e9f286103fc06851238b5fbbb32b74d4c5ae09ef3945488fd21abc5c6992227ebd6635","first_seen":"2026-04-03T12:35:44.608612Z","last_seen":"2026-04-05T12:52:23.462285Z","times_seen":524,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-04-01/5912fadea6b1ad50589e7bf51911260b.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.313Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-01/5912fadea6b1ad50589e7bf51911260b.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 01 Apr 2026 07:10:25 GMT\r\nEtag: \"90061ee5d89faf2cdfc8675b3a368808\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 01 Apr 2026 07:10:39 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 3698\r\nContent-Length: 247856\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 18406163526593727136\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":247856,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"90061ee5d89faf2cdfc8675b3a368808","sha1":"55d77572b07cbbcfc79c8e18b3a2c04683b31574","sha256":"680ec48e26dd2a307ca129536089d79c305fb1ee85e84bef87e0ec6fdaf351ef","sha512":"8119bde0c797d160b0d52e84e69c1df2c9769ceca74c495da18a3ba29720f966f12fe2a35079bd4f42784458fc2fa9c204d1b37e4f838b4d9b48129d97182aff","ssdeep":"6144:sIagddXlNgNADmnepYFd4K2scoNgCL4te2n3xQCxrYT7:Tag1NVDmXdNtdmxxrYn","tlshash":"b43423c6da538e1cf6d06a3b833244922d271354b5d7a0c6b4d76f7260b86ee7825b33","first_seen":"2026-04-01T09:04:27.1741Z","last_seen":"2026-04-05T17:00:39.764289Z","times_seen":783,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-03-18/af490e514d8f3db072c710e8a0229a4e.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.911Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-03-18/af490e514d8f3db072c710e8a0229a4e.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 19 Mar 2026 10:07:40 GMT\r\nEtag: \"3630dffc0a201221222f69a4a20fea32\"\r\nContent-Type: binary/octet-stream\r\nDate: Thu, 19 Mar 2026 10:08:07 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 3959\r\nContent-Length: 214800\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 2710802680665726964\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":214800,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"DOS executable (COM), maybe with interrupt 22h, start instruction 0xb8bfae8a 3e57cd62","md5":"3630dffc0a201221222f69a4a20fea32","sha1":"beae76e3407b0041882668e7004a0d5abe2fafe4","sha256":"ee5fee7a28e51c20274701c6784cc3268ede9acfd5fd31a385e6672bd26b5212","sha512":"31816b1e4a75ee5437649dec89fcdde7f6f2ba49ea8593ee7cabe1e775e08d4313e24b0940c16117e569bd1b99d2e123ebbea560608b7c8e71cc6699fcaa2240","ssdeep":"3072:SgleipBSCx35qZZoF4SiB6xsgP/KhGsINYAjozCAFnsW+C4sj8kin9Aym1vqshxc:SglTp8C6iF4l6YfI2zxBsW+VssOvNx4P","tlshash":"bd2422dfbc0d55ea19f3d3e098823a9979e5c0f3879250ac84b504f4571a7933cb5987","first_seen":"2026-03-19T11:57:27.184371Z","last_seen":"2026-04-05T15:42:27.821189Z","times_seen":795,"resource_available":false,"data":null}},"time_used":266,"timings":{"blocked":60,"dns":2,"connect":24,"send":0,"wait":36,"receive":92,"ssl":49},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-04-03/60e4aa190135b74578f5b690296941c7.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.142Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-03/60e4aa190135b74578f5b690296941c7.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 03 Apr 2026 13:26:07 GMT\r\nEtag: \"e3ec12cff3263b2a2eeacb9fdc991d7b\"\r\nContent-Type: binary/octet-stream\r\nDate: Fri, 03 Apr 2026 13:27:12 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 2172\r\nContent-Length: 159456\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 11345726075640627364\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":159456,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"e3ec12cff3263b2a2eeacb9fdc991d7b","sha1":"d32f6402bc048a88ab38777596c576ec80ce2a0a","sha256":"1cd51b6b3efa50146d45287698cb10030c9788177d9e74a01557c6904780f0e8","sha512":"5972b84a6409989307c080b39a326a471a4637ec686e3406fd0795b492310cec41d9da75368847d1033d16cd64b64077c0446055c2d914c5e4d8ac88ac9bdd0c","ssdeep":"3072:XL+QlsmGzLoQ6zFToFkwsa1Zq4aMyrF/lYMYU+f3GikeYCyhE9zTAATx8hhqOLN2:XL+QammuB8hqvMsF/M9vGikeYXhElkRU","tlshash":"47f31398e9f1452610720b4d218e3f78b0a09dce9e79f695ece7a1bb533a7342c31764","first_seen":"2026-04-03T15:04:13.531283Z","last_seen":"2026-04-05T12:52:23.432417Z","times_seen":521,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2025-12-10/b715149ffdc8ed313276ed6fb39e1ce9.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.363Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2025-12-10/b715149ffdc8ed313276ed6fb39e1ce9.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 08 Jan 2026 07:30:29 GMT\r\nEtag: \"dfe658fd43dcb4934c7f3f73f1201ab2\"\r\nContent-Type: binary/octet-stream\r\nDate: Thu, 08 Jan 2026 07:30:29 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 247\r\nContent-Length: 250976\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 4270818542508604499\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":250976,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"dfe658fd43dcb4934c7f3f73f1201ab2","sha1":"4ca24386fd33b512098228be30cb285a16424c7a","sha256":"5212087fbfb89e01aba6b6bcc93e9a6b25e095ef3478c1a24844e447cf85461f","sha512":"97f936be69413cb84559b998a620796fad0a2c441fcf7532e8d2b93d50c3e0946e77a3bcece8009da6130e47a823c79cd03dc0e06332034f27aa894b64b2447f","ssdeep":"6144:l/w2DXMmjxj+I0ljhLAPX9Nm06eTF9vz72aLQ4gS3o0:l/ZXTyI0FhAPX3vp7bfv","tlshash":"0d3423b6ca5e29cb90cb80b6d17b4567c8e0734bb6247e16707bc53a37b9b133d16108","first_seen":"2024-10-25T10:17:57.581781Z","last_seen":"2026-04-05T12:52:23.461238Z","times_seen":2168,"resource_available":false,"data":null}},"time_used":146,"timings":{"blocked":108,"dns":0,"connect":0,"send":0,"wait":31,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/plugins/DPlayer/plugin/hls.min.js","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.581Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/plugins/DPlayer/plugin/hls.min.js HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ndate: Sun, 05 Apr 2026 09:11:58 GMT\r\ncontent-encoding: br\r\netag: W/\"688c4c87-805db\"\r\nserver: nginx/1.22.1\r\nlast-modified: Fri, 01 Aug 2025 05:11:35 GMT\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: abNhN-GCjJ5UlV6pY4HgBAQO0KvrV1X6PJY-6wQuipAfVNMMjPneuQ==\r\nage: 1662\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":525787,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"c6b4b0566933bbace745d354bbf66a45","sha1":"37421e0fdc0f834e9b76c83c86b8f8dc5a25f9f5","sha256":"98f063553824f201d7a46e124e1dabdeefbc517e35e800ba0c8cbeedd432ab67","sha512":"b972867cd30918e974a0603937c16d106aca52ae7b52ffecfb1096b093dd21778cc38eac17d777e53a709b9a3c451b5785d9ac2d3ead1b9ad5532dc718389dfc","ssdeep":"6144:tN52SSJ22f+rppL0uMRzXrpbQLTfUUD+6D5U7qKxnU3F4BsibLioRGJ8z0xEnFak:te22eppSRzbpbTiwqKxUHF84xfg","tlshash":"cbb43aed3695a01683c2b169903f5507633a7d0a284cc12cfa2be9db2d7994db13bf74","first_seen":"2025-07-08T11:22:48.878147Z","last_seen":"2026-04-05T17:00:52.658322Z","times_seen":25294,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/plugins/ai/common/vue.prod.js","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.601Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/plugins/ai/common/vue.prod.js HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ndate: Sun, 05 Apr 2026 09:12:51 GMT\r\ncontent-encoding: gzip\r\nserver: nginx/1.28.0\r\nlast-modified: Tue, 02 Dec 2025 06:53:08 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\netag: W/\"692e8cd4-2f925\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: LiAOH7hRiEA7mGTTUzawJhM3OLfRaExRnplrcRTVX9b-3PpWd5CIFA==\r\nage: 1609\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":194853,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (28532)","md5":"9b14a30d9be6b89ccb5d9426baa70059","sha1":"e55a9116be9d0907b48698418b9e348d36bd3624","sha256":"97374c2e6815b02920dc02d8cca04507973d9a4d82aa5dafa20d04c2227ac9d2","sha512":"90840f4551f1ceeb2e764fed6a632d0eb39006fcbec40166664f0e7f0241347d8679fddf6e41658f939d0b00e893f1bf4ae97429f320c6dc60af0d87c4ef9dfc","ssdeep":"3072:c0RkBL/7KE2X44lDzvWUgT5Asswj2z+e7/72oIKc01DcUrIH:c0KuE2X44lDjWXT3j7e2KctH","tlshash":"2c1428b93181703217ea14e250bb0016f33a1525780984e8b5bde8df2d7695a61fffbe","first_seen":"2025-06-27T04:20:30.543622Z","last_seen":"2026-04-05T16:55:02.674497Z","times_seen":25947,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h4y4z1.qquknwu.cc/usr/plugins/ai/common/axios.min.js","fqdn":"h4y4z1.qquknwu.cc","domain":"qquknwu.cc","tld":"cc"},"ip":{"addr":"3.167.2.12","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.611Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qquknwu.cc","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 03 Apr 2026 00:00:00 GMT","end":"Sat, 17 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:14:60:EA:5B:A7:5A:59:7C:DA:11:20:3C:5F:C8:69:FE:35:AB:69","sha256":"85:D4:80:45:EE:F2:C7:81:77:27:B9:14:A1:7E:D0:58:57:60:47:79:74:3B:E9:C9:5B:2D:6E:53:A3:29:F7:92"}}},"request":{"raw":"GET /usr/plugins/ai/common/axios.min.js HTTP/1.1\r\nHost: h4y4z1.qquknwu.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://h4y4z1.qquknwu.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ndate: Sun, 05 Apr 2026 09:11:45 GMT\r\ncontent-encoding: br\r\nserver: nginx/1.22.1\r\nlast-modified: Tue, 02 Dec 2025 06:53:08 GMT\r\nexpires: Wed, 08 Apr 2026 09:11:45 GMT\r\ncache-control: max-age=259200, public, max-age=2592000, immutable\r\netag: W/\"692e8cd4-cc17\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: ddRirJwSEEjCIHRbk5s93if09tQ0vwmwf2iQTR2mLhoz6EwxbDxa-w==\r\nage: 1675\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":52247,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (52208)","md5":"99714d221df650b50da3b7bf97e2987d","sha1":"493b74178a63429fff2aab081b3a1ca73d362085","sha256":"8ad11c4cb079bba93156727270f510292eedcc0716c6f21725074a59ec8b9b96","sha512":"2520851e12838a54d14577bd6a4fc5276f1d729389c7341a09ddd783c33217a5c58ce0e1cbf60c08cf075b44c50dc90d1d651ec16fa47ef8629f8de12ad27103","ssdeep":"768:Wjp+L+sl7x97+om+oCICTUOD3cQ3F1C+SqImCjL/hQBf/MEVgnyzB/c2OiwBaGcj:Up+b0GUOLMPLJQf/CEB6iwOj","tlshash":"2c33b6cd76d6f06243a77174802f610bf23aad16a44d8460f224ece6bcb854e9337f69","first_seen":"2024-05-21T19:06:10Z","last_seen":"2026-04-05T16:55:02.749837Z","times_seen":26874,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn//upload_01/xiao/20260402/2026040223471576714.png","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:40.899Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET //upload_01/xiao/20260402/2026040223471576714.png HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 02 Apr 2026 15:47:22 GMT\r\nEtag: \"9eda8064830e3bcb041baec0d5ddf1dd\"\r\nContent-Type: binary/octet-stream\r\nDate: Thu, 02 Apr 2026 15:57:07 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 1857\r\nContent-Length: 1245280\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 8916246352504216131\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1245280,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"1276e307d207ba9b216e7e48139211a9","sha1":"076c75d53e64ea30afbd58290c17c761a4b0b25b","sha256":"28a33cfbb1e56dcd1b3d095bfc4ba0e21340a4770bd7c8657ae7d481a8e76f20","sha512":"00272f62537c506039809d177534cf82b8fe6184bd310b4ec1526878fafa3df5ba4d21318ded6db5ac155e790606095a2f1510e8f55c0063753642a889ffc4f7","ssdeep":"24576:d+qHb87e71Xg7Aoly7VpRLDSJKN5RyjTl9oRmafuuom5eth9L5k:kaw7eJoArpL2Javgl6Rzfujh9L5k","tlshash":"2b2533df445c71076a83232a200fa6b5dae43e65648fd63b7d1c4b6d2b88e9c2f5102f","first_seen":"2026-04-03T07:43:55.188071Z","last_seen":"2026-04-05T12:52:23.460766Z","times_seen":523,"resource_available":false,"data":null}},"time_used":194,"timings":{"blocked":37,"dns":5,"connect":7,"send":0,"wait":10,"receive":102,"ssl":30},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.lfvjpw.cn/hc237/uploads/default/other/2026-04-01/a1dd589840359bc08f2349cd1b786ba9.gif","fqdn":"pic.lfvjpw.cn","domain":"lfvjpw.cn","tld":"cn"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h4y4z1.qquknwu.cc/","date":"2026-04-05T09:39:41.342Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lfvjpw.cn","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"49:50:94:73:42:C6:0C:BB:3F:F4:80:2C:27:65:FA:CB:AF:DB:18:A3","sha256":"68:95:0A:CE:37:E8:D9:4A:1A:5D:8E:D5:B3:E6:E2:20:17:3A:EC:9F:9F:FB:8A:4C:30:AD:15:F6:9F:C1:9D:A5"}}},"request":{"raw":"GET /hc237/uploads/default/other/2026-04-01/a1dd589840359bc08f2349cd1b786ba9.gif HTTP/1.1\r\nHost: pic.lfvjpw.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://h4y4z1.qquknwu.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 01 Apr 2026 12:35:26 GMT\r\nEtag: \"a5744ad664e010338253087936c9f9b6\"\r\nContent-Type: binary/octet-stream\r\nDate: Wed, 01 Apr 2026 12:55:05 GMT\r\nx-amz-server-side-encryption: AES256\r\nServer: nginx\r\nX-Cache: Hit from cloudfront\r\nX-Amz-Cf-Pop: ARN53-P2\r\nAge: 91\r\nContent-Length: 217904\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 10615315575521470795\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=864000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":217904,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"a5744ad664e010338253087936c9f9b6","sha1":"c6a21f3621ed71ec12cffaef26ef183d8eca5222","sha256":"d4a688e68531a82ae6028df82cb397d8b30eb18cd591ada1885679c59287b96b","sha512":"b55e9a0a913607c2cbd47643356e42ccdb31a463caf7a8e394f362797535dee5091daacc056269ee854a7951332405a673c294dfbc34fd784ea4fda5b7e7fd85","ssdeep":"6144:QHMokeiABeGWZ3JLjhCSWOIBlEt5yOHJ+H/yvydZ:QHMofiAkZthC1OI38nXvy3","tlshash":"c324139d915194736e3746be9cc5f5a837c306cefa28c27902ad182e58d4a3f076a4f8","first_seen":"2026-03-28T16:22:38.383087Z","last_seen":"2026-04-05T16:59:41.075536Z","times_seen":3494,"resource_available":false,"data":null}},"time_used":62,"timings":{"blocked":40,"dns":0,"connect":0,"send":0,"wait":15,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"pic.lfvjpw.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}