{"report_id":"c7c635a5-3364-4185-84d1-46a6e44431c0","version":0,"status":"done","tags":[],"date":"2026-07-02T13:50:04Z","url":{"schema":"http","addr":"j106y.vip","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.130","port":0,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"j106y.vip/home","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"title":"welcome-BET365","dom":{"size":438804,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (49981)","md5":"6f9aebc2a62e012f4c26e89e24e99470","sha1":"bd8074498cde12353f7583e94aa28eade94e0de7","sha256":"fefec4f1c093e0cd6728efd8564b92badf71b0a8312e90b12a2e460cf805c36d","sha512":"f1ba09a98b533d09f17280355d48a996bba0588b0c9e3e2b3c3fff7c990389795d39fae10a4eedf5a8bb73d71c6c9a7de037cc6f392cbf835aee30ce5b79db13","ssdeep":"1536:1025t6k2Khd/dlTAaVxJPhfbO1lJ1ThU7MVOodb7nSakNIdlBBHywc8SiVqUiVqy:ykt6k2Khd/dlLLTO1l/TMIlPXS1VX","tlshash":"54941bf4425c02b6e54b878dfc726e6636e230abffc54608f3ac4691abf2dc2d459851","dom_hash":"domhashd8b84104de126b64e0d6687453958e9a","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"j106y.vip","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.130","port":0,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-06T13:50:04Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null},"summary":[{"fqdn":"photo.365live88.com","ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2022-08-16","domain_rank":0,"first_seen":"2025-11-02T03:06:46.95373Z","last_seen":"2026-06-29T23:40:41.258747Z","alert_count":0,"request_count":74,"received_data":1748445,"sent_data":43142,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}]},{"fqdn":"j106y.vip","ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":402,"request_count":134,"received_data":8892810,"sent_data":75851,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"j106y.vip/js/chunk-svg.1781011881923.7ca9cdc1.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"2e885a50d7dc711be337a96fe33f0c2e","sha1":"8c767dd1bdcbf35f2577bd215ff6fe495cbd0f43","sha256":"603d14d58a247671742688b96c517d62e9c636443b960bc421af5352df4c01f7","sha512":"09289e06b0db84915693f0b78ab40149972b29693d0d6b1e66e4fbe9bddf00380f5f4e8e78961512d91a132226494572994ceade62d3d8a878126fdcdeb8fd95","ssdeep":"3072:/8nz2uaLZSZvx6Q/sIPrekK+mB6Ua94sRZI7gbpF/:/8nz2uasNxpXPrekK+mB6UHsE4pF/","tlshash":"c0a4fcb4c190f4edf704ce196e7c9e1c50321688e0a9e9e52da9fe0d9e85d6b241cdec","size":470763,"data":"","first_seen":"2026-06-12T19:29:57.244213Z","last_seen":"2026-07-02T13:50:16.795389Z","times_seen":159,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"2bbd69200a3d758f89e8076a123ed982","sha1":"dfe2d66f2d85ddc2008401ed15dcba3515392f37","sha256":"b79cd0c532adb639e6139c9394527b217982efdbff4969494986edacd943e2b7","sha512":"ffb7e75ea86b911ed842f7525c08ad5cd4ef5085736e757c47f3b4e09b3c9497dad089fae69953dd819f57b3ac1cb3a54ba037f9a8ad3fa37d7aeac9ac36bcb3","ssdeep":"","tlshash":"07c0c0770f2c7f14110310230174f3ac5431c028fc15b302331f40018b50b0d0c30e40","size":178,"data":"","first_seen":"2026-05-25T23:43:55.293244Z","last_seen":"2026-07-02T19:32:29.566406Z","times_seen":231,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"da7d6cf21ba9b37cce394593785671f7","sha1":"aabeaf8e874da29cee7e1645707577446b8de63b","sha256":"6912a38811267077bd6dd2630bccd25ba04b653b4967a636d75a6ec97c5bd2fd","sha512":"9739d97867822d248e0083a78d8657485d85e70bbb7a75e0fccd283c2bdb980ded0ea78b1a4fb0540c529e602ba88286021df0553bb23e45fc91281f64a4db49","ssdeep":"","tlshash":"de31ce286eb29531a413612a1f6ff2843235d62f3148ef003f0cc7651f24d6ba6356d5","size":1686,"data":"","first_seen":"2026-06-12T10:00:06.928319Z","last_seen":"2026-07-02T19:32:29.567267Z","times_seen":178,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"a15b4803f5b926cf35dd50ad665005e3","sha1":"0dd0dd998736dc9db4ab3c7ee8f7cabc8e1e341b","sha256":"201c5550359d1e530619f58a4f77bfbe382200e2b0c85d4136df96523aee625b","sha512":"e21d282a7abbc3b8aba31153d7969b54c647e3c2bc2f1c786a6f3894ee0322540fc37d99351e5d8998991198a98b26c470c16fef19e5627cff75e0a6157f6e2d","ssdeep":"","tlshash":"b7700000be08a0a80000a0202828080c280238a0803b03080802c8023aa8c80288a802","size":24,"data":"","first_seen":"2026-05-25T23:43:55.294961Z","last_seen":"2026-07-02T19:32:29.568107Z","times_seen":231,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"8f54a6c689ae3fb37bcded37e79fea08","sha1":"0861325faf70167325da7dfd6b4059a6991136aa","sha256":"c9a960988ba6d8cfea2c7e709385252a139280898d9b4010703981ce03184a1c","sha512":"08111d473c9567e7da677c4a5e61e232f670b58e2bac4f1a1d96005b83214368e6bdcf36efa1b99aa4708beb8a11bb3378270d70d1a8faa3b2fbea3abb10b4e6","ssdeep":"","tlshash":"82700008ec0088ab0000a00028000cc8380a00208a3b838f8a00008a2ea28b0000ac00","size":24,"data":"","first_seen":"2026-05-25T23:43:55.29586Z","last_seen":"2026-07-02T19:32:29.569095Z","times_seen":231,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"c45b02b1f350ecba8716f39faa1d6dd9","sha1":"323d186c69f92adfbf21ac33010643886a3ada59","sha256":"81d9bb79dfb8f66568da929cceb338198f5fb8ef0d422c9bc19a97944981d729","sha512":"6cb26d6b01335a5779cf876ebce242b675745c80857fe191e0f42b927c5b8c40ff0896f64e6c28640c9bc1d9380344c6282790f6a7341d5ab74eba28fe93f4d2","ssdeep":"","tlshash":"eb017d9e483788107b2225bd537f5089f1a2516f8e8bcc103c1e5b00eff48ab25a2bd9","size":738,"data":"","first_seen":"2026-05-25T23:43:55.296647Z","last_seen":"2026-07-02T19:32:29.569859Z","times_seen":231,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"077d4be9ad272f7d475481152daff715","sha1":"2f46a2943ac225687c445e0416015d1f97b7f0a1","sha256":"8d289c243d18cc7608ad59bd1b5d4c5edc5a26521213972903495b5ce1f78ff7","sha512":"310f88318435a5cee999868c4f24f906af4f7ba99540a2a5bf79b68f1cc1dc5fcd84b3c45051e8bc2e8ad3e36873f746fbd95aa84b6b92a27a76c5c84fec37d3","ssdeep":"","tlshash":"ac41027d826245a51973346a1f9e730836f340b31149e9113e5c8a802fa9a5f82b7bfa","size":2321,"data":"","first_seen":"2026-05-25T23:43:55.297422Z","last_seen":"2026-07-02T19:32:29.570553Z","times_seen":231,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"e2d3475f1cf5b92ebde88c18cfb52625","sha1":"b178b44e61169b2fc5f25b0120206d3812b19cc1","sha256":"3a448e6329733e72eb2a1d80d1897a5ddf20226acbafb032eecdf71d83fe307a","sha512":"802939763c96de22534a93d89f00066ef7cd4cf58814954ebaa18ad6e77aaf19e99745c8a677625be818d3f378e5fe285ec537561be58e12504a1f3eaa23f363","ssdeep":"","tlshash":"00f0a00e0ee548131963706a4c0f9201203b2513414eea08bffe9bb24f92a6886174cc","size":538,"data":"","first_seen":"2026-05-25T23:43:55.298337Z","last_seen":"2026-07-02T19:32:29.571233Z","times_seen":231,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"196e0f8d81dba38fb58a2eef3490451c","sha1":"4c70fb540d5f49bd92603d0cccd3005fea9b4c4f","sha256":"eabeb94d65d8704477ca411952b078a4fde998d61c9b3cb12b6940389dadfd90","sha512":"17596a9ca2ed22c2f13f6ec692ae8c32bc6aa1a1a4c7a888639c8ea5f2596a16efb37dcbd14bbc8b514c8bce98bc3f7ace246f5fdfe4070417cd670834883566","ssdeep":"192:q2wqx5Cvtib5XOQRzlaECoXZTAoV51nsPhwzvBa/id3+36a/E/97g6I52MdobsIS:q2VwiYwJvSoVXsp+pa/iZcVk97g6nMuQ","tlshash":"78322b69a5b71bba25673036277f301889b080630319fd947c0ff61e4fa54366297be7","size":11902,"data":"","first_seen":"2026-05-25T23:43:55.299247Z","last_seen":"2026-07-02T13:50:16.830274Z","times_seen":217,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"4429af1150d1fa3b53d1df1756276b64","sha1":"1921726e78a10af853be137ddf92f3d86deda32a","sha256":"2f7789347336fe8f5baaeba0f2285060e84c161bd59ee0aa3c7d8c47cf27d580","sha512":"416f1e1d8ee3a03067609ca187a88c5e3a77cb751e8769f902a12c6115e6394121254e4d60e469c50ade2b044dff176c0f7ef93912c563c510279de31d61823e","ssdeep":"","tlshash":"0c11cc5a99e28132aa5b303735bd43887728a023d184df413dcc99456fa8da5cabf6c4","size":930,"data":"","first_seen":"2026-05-25T23:43:55.300055Z","last_seen":"2026-07-02T13:50:16.831342Z","times_seen":217,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-07-02T19:01:35.802606Z","times_seen":230968,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-07-02T20:08:10.809453Z","times_seen":710244,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/js/60024.1781011881923.e9a203dc.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"ac04ba4305a374571b2d241fe1f50dc2","sha1":"e559b9a0a338e35fb6605942f7d14e96c031ae71","sha256":"788282499d13bd0bb6207ed41a15a3d0b2058ca97003d1e1a872e81401f02aa7","sha512":"6edc613a3f8585bf6cfb8c034199265c1c1daf368d0d3a6e2c41bf441a334a7f93139c0b0fb4147b98264567be9b135fab3cbe923e8fe040ec553e9fec04c8ae","ssdeep":"96:UR4NFRSZqe65bD7RM/Rsxkw9usN6tKex9sX2NaenPdqUDDEz:UR4NFRSZqesbD6Rgks0RxeX2NbnPdqUE","tlshash":"3491cbd876d2f071426f9678862f285fe27bead074ccb415d1c1e690aef062d8933d68","size":4601,"data":"","first_seen":"2026-06-12T19:29:57.341024Z","last_seen":"2026-07-02T13:50:16.78167Z","times_seen":137,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/config/gd.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"368318100a3c0f64373230a250953d5a","sha1":"6e0d91639cafd23f1b22aecee332da83c70b93ea","sha256":"dffc9b203a19b9e70363f75f737b7afe2164d6b8c045800d4dd7931d9093aff4","sha512":"91077ca792821795a816a0ee1a9cef242bf2915c02402706c7bd5c027c62f4bc52517b6a5e3db9f4b873e5a3c9d652758cc277c1f5ba07dc12e0d69b4f6e9eeb","ssdeep":"384:bJA61XVpi5LH4NmeJPXwXkQdcAwR0Nw3zzbSGwYg1C:bJA6BZX+oJjzzgY","tlshash":"80721f4d68f7905345a3b03c8bafa114b5388643181cde457e9ce394af6843d97babdc","size":17440,"data":"","first_seen":"2026-05-19T02:14:56.346288Z","last_seen":"2026-07-02T19:32:29.535738Z","times_seen":241,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/js/13575.1781011881923.cda1d494.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"65e5fffbcacf52710ad963a4aeede3be","sha1":"f9c16a3c86649aeacf18e736faacff0cf78192e7","sha256":"36f42498ee253b0d1d5e7ec8bdf406f05c4c91e72f64169b1ff67435d2069099","sha512":"96e8263c115ca75ff63f6ce70ba8ad5af370662f86c2f95a8960a5aa5a30ce4134fa01d7fbd1694ce37f111b69e3e418f0542a7ab1bae4cec570c8c3d8d08986","ssdeep":"1536:917BBHFeKRKp+3ELSPtj6x2DgJoG7PIDmj9VA+s69JAFdE6WIzl+Ik1+eXMa7a4H:7jHoKRKphCnDgJoec+IDWIzls+7Xr0X7","tlshash":"23141a84764170b8c396a165322f601ae22f789650dd9c24f3789ba47f7470df26fabc","size":194916,"data":"","first_seen":"2026-06-12T19:29:57.266361Z","last_seen":"2026-07-02T13:50:16.799032Z","times_seen":156,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/theme.config.ef94991b.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"90d279a2980268d2835cec593c23d286","sha1":"4374bf6da5cbdf8f025434137487bda68077cddf","sha256":"1679f19badc24dea0edab376edfb8583714645e18f705fb849037af6cf0b3ff8","sha512":"362ec1b73cebe1ad224a5b745c9ceebf2b86301deab27e35d6517d499499328b34c24d76a72e5b348d623e64a4d17bfa0ab08d2aa012f02af23c6a72df51817f","ssdeep":"1536:D2JREobVmtlIRM4Sb2mcTa2mnzyJog9CcHWHA:qEtlGu1Jnz45HT","tlshash":"c0b3bb7ae20c963a6177a8bfb46ce111d12f9c0c9b1d5fdef03e60a25710669c831de9","size":108079,"data":"","first_seen":"2026-06-12T19:29:57.324936Z","last_seen":"2026-07-02T13:50:16.794515Z","times_seen":160,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/configPage.js?v=6/9/2026,%2021:37:10","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"e6aa74bb352ef198ba3e1c9a4b01b014","sha1":"2ea8bd6b5045475a36432f7665a129728e822d9e","sha256":"73828e873c0b6e847b37d78941ca436247471dfc90a12f743964f869f75abd5c","sha512":"2faaf24fdf1e4da637af8e9f82d1778bf061b00752dfca0c8f73432ba236a7b69410a7ad2a73727bc83e6cd631fd6555c3cc0d9d3a5d8a7f81818dd66566011f","ssdeep":"","tlshash":"be117aaf57444dffcf1d7e00a08b0a5ea8bc61d261889d4da8e9cf29e1c99002378978","size":949,"data":"","first_seen":"2025-09-04T00:49:32.949926Z","last_seen":"2026-07-02T13:50:16.630556Z","times_seen":1935,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/js/index-a3dad144.1781011881923.1093b11d.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"0fc0f4a0379e369b442d93ffb72561fd","sha1":"497d95fced30bab2efe9ad3a561c35cd40ad5e9c","sha256":"da926a537d946d3158d41a8531082a740aec7a6a4e3b98599d35546182f20806","sha512":"ef5664991d7fb472281b2696b3b25a322bf51f9bcbccf2043f77fdb67ca9a84d90b893029e93bedea935724bbc4b58a77154b35ac40b15f8e691b539cc3102e3","ssdeep":"6144:LrbhFOufhu/LHEY/T8CPis7lVV4YlRlNsmq9D7:3zBw/LHEY/TBas7lVVhsp9X","tlshash":"ed742b90f76ce1bd875e55ff7a329094902c1b41b0c89e58d29e2944fe6b385eeb04bc","size":356584,"data":"","first_seen":"2026-06-12T19:29:57.253128Z","last_seen":"2026-07-02T13:50:16.656978Z","times_seen":148,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/js/21954.1781011881923.57c97863.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"35aef3c03c45b75cc6c2851265c30f23","sha1":"54874afc1d2d6391142418c6c17d7639247b6c9b","sha256":"c7a0283f3d2fde40ce97fe3bb5e79621f9939000c50c3c781a4597c3242ebae2","sha512":"f74356629d65ff26f6928ad3183ba8e6e01848921202f9c14c5aef758ef72acdcabf523209e892df42d230d9c87cb47cda7bd106105ed8447718fc502b2d71db","ssdeep":"768:U/aSfmzKrMdvf0eMQ/96loumY1PI1yBK9LudEz+yUy51y9y0yk6Dio+ILqpTeY:z81R6Ipyk6o","tlshash":"33132088fac2b06dd3eb7330857f505ae66a1dc0668c5434e260d6917e7198dc1fb9f8","size":41946,"data":"","first_seen":"2026-05-29T16:01:53.086335Z","last_seen":"2026-07-02T19:32:29.55571Z","times_seen":153,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"572cb94037fffc2a0a53b465972e15f1","sha1":"0d679b041a7c1ca45cc99e2d229fc2b86762838d","sha256":"6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35","sha512":"f7c4db7986d362b58ff4b4646cdeb71992c0ce28949773c4471915f2cc8828329445777e228ef248f508f721a33dfea3d5694bc7ec18dc6c00134ee23155ff32","ssdeep":"","tlshash":"e3800455714110004f57115050171c444030007155407cc011c0d4710d51030110545c","size":34,"data":"","first_seen":"2023-04-11T21:16:40Z","last_seen":"2026-07-02T19:05:45.493739Z","times_seen":87354,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/home","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-07-02T19:01:35.802606Z","times_seen":230968,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/home","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-07-02T20:08:10.809453Z","times_seen":710244,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/home","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"572cb94037fffc2a0a53b465972e15f1","sha1":"0d679b041a7c1ca45cc99e2d229fc2b86762838d","sha256":"6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35","sha512":"f7c4db7986d362b58ff4b4646cdeb71992c0ce28949773c4471915f2cc8828329445777e228ef248f508f721a33dfea3d5694bc7ec18dc6c00134ee23155ff32","ssdeep":"","tlshash":"e3800455714110004f57115050171c444030007155407cc011c0d4710d51030110545c","size":34,"data":"","first_seen":"2023-04-11T21:16:40Z","last_seen":"2026-07-02T19:05:45.493739Z","times_seen":87354,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/js/83876.1781011881923.7ce40e6b.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"abf84df30621edc23a82d05ff0b8a83a","sha1":"e727ad94ce5d5f5b8fabec0e0b5a966fb6e6594f","sha256":"c3b02d056ac034939c3ff75a10a2da23f5f05f96a36ca1e5cea2157ce0fe12be","sha512":"db2a2a00f51cc6f75cfcbb6d988df74403fae93255982a054710e5f87a2d8407f4f8f02fef8ef1a0e5edb289736296b2d11a3b77cad6c6d9089bb831cda45be5","ssdeep":"6144:0/rOTU2/xB0Jjytg7DiQPkcsz1aL3p2YO+WidjHrrL:0iUjytgPJPT3p2YpHrrL","tlshash":"2f442c44b291f0b8879b42f7922b4056a17f48a1308cacb4f265f990be7555c927fbfc","size":262269,"data":"","first_seen":"2026-06-12T19:29:57.272405Z","last_seen":"2026-07-02T13:50:16.716723Z","times_seen":154,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/js/home.1781011881923.a94e73ca.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"7ad9af47a2c0c93f65e42ff84b45dad7","sha1":"eed3b4bd1191c75416f457ee41317595880f8635","sha256":"c9d64aef33c7a35945a5963b08b2bc3157f403dc91a5c9c9463c82a0d4075af6","sha512":"757a63f9b96bc8a36491424f8e0ae9fd6813983817ab2da87bb3455e18b5cb5f71d5e682919941194e4a588bea925c790888e4d27f8531ee03c777c1e2c92678","ssdeep":"3072:T5daS9tSIMcewi8uJBuoMfqFf2GMkvVJuhxffj7TEOiGRlc:T5ES9tSIMcewiLQqFRmzffjAGHc","tlshash":"93141880b5f0e275575fc2a7d7371025b2271786d0ccac60e1f66b187e2879ab236db8","size":203243,"data":"","first_seen":"2026-06-12T19:29:57.277471Z","last_seen":"2026-07-02T13:50:16.706047Z","times_seen":137,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/js/83749.1781011881923.02b71cf6.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"c1d2645de169d30e7a814fdbd1c1a47d","sha1":"41959bb5171f196d813c4b3c27bb3135d993ff43","sha256":"a400126839acc7fff4ce08e50633afc5560f3eb3e8aae7ec697fff30423bd26a","sha512":"21e02eeba3e71baf0938766c7abf83b68a4f54b149ea679f43c221c429729dacd395ed0e54233ff22be739636dcaf0104cd58083c50df9b6c521fcb2c3e27419","ssdeep":"1536:lcK/KnqHB3vmxuHXvKe+Gruc7iSxTcgOX8JwTl0sI5pQiVFFsdt+H+Xk:rB3vywXSex7HYgOXawTl0sgQi2tkwk","tlshash":"3693e7c4b5f4f5f8279ec5a2973644b8b02527c5b1c8ace0d2e96e147f19b62b0718bc","size":91749,"data":"","first_seen":"2026-06-12T19:29:57.252198Z","last_seen":"2026-07-02T13:50:16.625901Z","times_seen":136,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/js/chunk-init-c0d76f48.1781011881923.0f397bb1.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"815f2acbd0918250f25d4f71409219b0","sha1":"d5778078df7eada22b3175f9182b8b22e828c433","sha256":"12a61f287da39190db34dff1de7188c3d8b76ffbd1c11290962db88fd5e2ab46","sha512":"5ba4adaf4b36b4a402c30c3aaa5be5f02e292391d79400d353a5ca6c61405cb40e5179858abddb1af6dad243899e420111e49004d01d339ce9de23d8f522c379","ssdeep":"1536:zG5qxPvO2lSV822bv0bcbpM/igw/aIwC23QOoKILbjxo4wc0tvB6xVS/J+pKY3Ns:iQz/Dp5/92xoKa/x5wc0dB5/J+UU0","tlshash":"5ef31b987392b1b847dba6e152371075b57e1dd73088e8f0c169a6803f31a9cd52afec","size":161226,"data":"","first_seen":"2026-05-11T06:12:53.502908Z","last_seen":"2026-07-02T13:50:16.638922Z","times_seen":162,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/js/35142.1781011881923.1d227afa.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"8325235b613820a57b71043f360e5b36","sha1":"925ff977edf9892e868d43915f93d29e6feeb113","sha256":"0c505f39a463b09ece16c213b7ead75186dcdc26d25ee02dcba5a62cc0dff7c6","sha512":"efd16c9b7ff0f806890ae77542e8c0d4e954f8c797ff21b8dcde3f240e4940ca3c6d0fe75ee2fda35bf53ff5d0eb691fa7e38cfdfa82c0f231b0cd57458fbcf2","ssdeep":"6144:N0hEyLkbJDb7w/1FOAmBm7cene7Ancbt8sbyAkKJwoSlt5MMjmlHGwwzHUY9SroE:N0hEyLkFDb7w/1FOAmBm7cenaAncbt84","tlshash":"8a742b94b290b17883af86fb731a91a1d24d0e9460ccace4f27e6e407f15746b8775ec","size":340163,"data":"","first_seen":"2026-06-12T19:29:57.248751Z","last_seen":"2026-07-02T13:50:16.706979Z","times_seen":137,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/js/chunk-init-1656f0b4.1781011881923.32336986.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"149a9a32eef525724cd200e4dce7a032","sha1":"29b091925cae6d90319391653e40685f6e6c5735","sha256":"10fcb7c4e44a141964cb31c527462c6e56f78d95c956fb02c50c61fc576cefd2","sha512":"62d80403786c13019e86e1c6b991d73cf52ff5bd25d4eeaec34ca12125d677604a269fc6c56ef301f074c42798f8e7935df623d6a0a62559d70749e53082085f","ssdeep":"1536:z2twqIPBoVbzfsO9ZuqpiXXIOU6Qgpp6KkB2EnBDsAxdrkm4SgiqvHynjM5TCif9:z2twqhOIK2nCLdyACifMur06/D","tlshash":"6dd3ec54b7d0b4b442cf13e6711b2475e3a61ca22058e8f0e31dee647f35689d26faac","size":136038,"data":"","first_seen":"2026-06-12T19:29:57.333908Z","last_seen":"2026-07-02T13:50:16.631571Z","times_seen":159,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/js/chunk-common.1781011881923.b470d60e.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"08afa88982cffd7b96a2190cdafe1c42","sha1":"abb87563ff4cd658f4436118c54f3f39c08f74a4","sha256":"8673d3fc3524eb9d8b4020b3da3109aa5ab5e569ed8d0074f2b72b8643f813ae","sha512":"70c9df3dd7b3e3d41a607627c6a2750f43673649dbd55c7a56606a7d3e67382cb2991f146f7ad2359cc5ff1615f9db484b54642917150351017d0fa4385c3d2f","ssdeep":"1536:jBY8bgGcdWUa2UTY6eryXHuLmbErF/G7D1dMI59H64likx/vocGAClVbGD3tFk7u:jBYCRTY6wjFetH64liC/vocGAcgD3t","tlshash":"65f3e8c5b3a0f07e9a1ed53779331499b12f758274c87c60f1a1ade6bf1a704a436ca8","size":161286,"data":"","first_seen":"2026-06-12T19:29:57.317434Z","last_seen":"2026-07-02T13:50:16.624066Z","times_seen":157,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/js/22872.1781011881923.153832d9.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"f9ee602f8eeb24db94a45e276eb229fd","sha1":"add3d7dea3c94842531e4e52db7b334a705c5e6b","sha256":"3d79813c4166473dcbe19eb56d456a226f183993f5aa4108a4fccae156001245","sha512":"8ad5674af4bbf338d1188a8108d0984786a4c94afddefbd592dbc428928dae301e40d4a936d73d0e29ba68989ccd13abee0988a8a6938495736115c80a53eae7","ssdeep":"3072:XHW7tB4Vgj5tNlxyU5YegxYffj7TEOiGzZl+DJVkzEcx1nKs:XHW7tBwgttXxyUtffjAGzT+DJVkzEcxF","tlshash":"21f31bd4f2c071f6475f45f2a22b0075b26f4d92318c98b0e15ba6597f21a48c7abeec","size":157599,"data":"","first_seen":"2026-06-12T19:29:57.267326Z","last_seen":"2026-07-02T13:50:16.64215Z","times_seen":155,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/js/index-399e2569.1781011881923.9d909473.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"a89a32dae8cc80557b581a69e02f0d02","sha1":"00f9cfeca127af0a139c0670ed8d2e2e7ccf673b","sha256":"6f97c8ce9605a8e9e80a699696c70ec26a4b9bce20badaa6947bf4e5ac52e9d2","sha512":"2ca5bc054575932085e6cd6529613a94f145aa9a3b7731fb85b97b27286a882043110ab45b7eb4673228185ce1560b47968d3aa7b77492f17abf82e778076a9b","ssdeep":"384:pZTANHmDGIaVPkrTBTcK8K+Ehn6A3zgJ9Ks/fT5qZsxbt85F3oWf0Af/nwtU8Zci:znDGIYPkPVf8K5hn33UnKofy5FYxAfPY","tlshash":"e2b2b6e63392bdb8c24f9676f23a58ecc43f9141c30fc4f8d265bd947d98644aa92784","size":23775,"data":"","first_seen":"2026-06-12T19:29:57.227313Z","last_seen":"2026-07-02T13:50:16.819311Z","times_seen":153,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/js/65246.1781011881923.03480a32.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"b98dafd31fe547add2f96acf9bea9922","sha1":"e63706f4b83ed72ce8a0ffee74c7d606968bd280","sha256":"92014e9ab9f7e62a6651d0a69b63f69a84ed58e15ee5dd8e287d46b28fe610cc","sha512":"a676475f44bd6ec6ab9e7421deb8c29430404be3852f96d012418d03e9135d3ec450ee58b4871a4f8ed2a053656c9a9a6523853d6238d701144d9b72c6df8ab8","ssdeep":"1536:f2+iDvYvNjx4Uyao0L8oDNzAuMMsTAQ0mqt2pXYzA4dANVO:e+iDYvPo0L8oZzAuMMsTA7mqt9zA4dAO","tlshash":"a673a501f78272385fa7e290220f2026e16e191505ac5ed8f179ffb93ef0954aa7d7b4","size":73415,"data":"","first_seen":"2026-06-12T19:29:57.345997Z","last_seen":"2026-07-02T13:50:16.657734Z","times_seen":137,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/js/31098.1781011881923.4108b3dd.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"3c55e2f7f495cd530603e700dd3bf229","sha1":"fdcabc58e872fde99b7d704711a75bc32cc2b8c8","sha256":"1c38b781ee4a302e955baab7d3306365881227cafc2814e1085f93f4ab0342d8","sha512":"94954c49e71bd95a7543f652e03bf68b5dd26d00b33c91eda9003ef81e37aa5735e846bc9322d52181550f0d010d125479a73d83dec0fe51fa0c4f2489108326","ssdeep":"1536:Z+0YvC9jlTKAUSseG1SY46DCdlBBo3AgXOG9AsqCfCXsvCfCXsLCfCXsyCfCXsfX:sKK5sY4brG7O3SnLJNpL","tlshash":"6174b6f4c248c6fdea04ce0a7e7d6f2d50723783f2ec56c446aaf8865e92857245c4da","size":352738,"data":"","first_seen":"2026-05-19T02:14:56.370466Z","last_seen":"2026-07-02T13:50:16.708289Z","times_seen":171,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/js/45540.1781011881923.25dfba7d.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"7983a109fba451279f84fe7b75724983","sha1":"9487dc955240c6083cf3497e806dff89bec2061f","sha256":"80bb5c781336a9095ee3e8ae99d724f58a409c7f3c159bf0f320a9c948afe030","sha512":"ddf49f5cfb4721100ef951228391607209e248a8733d48229ff5196fd8a32fc3e759d90c1040dd591b1c0bd97ab83a1c8baaffa70fa96bbe2d556af2379478b0","ssdeep":"6144:1YD4wFsYiSGfKnCKPP6Xm9sm3MCln1OSgpozfEe5a:1YD4wFsYiSAKNH3TY5","tlshash":"e724f894f294f1be075fc1f1d23b501af35b5e6120cc9ca0d296e6942e20b49da77eac","size":229366,"data":"","first_seen":"2026-06-12T19:29:57.328205Z","last_seen":"2026-07-02T13:50:16.653931Z","times_seen":158,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/config/telegram.js?t=1783000171468","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"4ef2154bcfb8399f256c2da15a4cb409","sha1":"e0f8f5578b2e0773ec1d79bb1cec54e1f5d6373d","sha256":"73fa4926373755b52fecfdf3145a0c9953c08af374ea69dda46fe2b3b9ddb022","sha512":"8b64643161386bdefbb7eab04416e78e5e183c50acba7b25b146aa6e733744a326566a01eb7eabb1a0a3f5b87ac8461a7ab3b9ad1c44de37ecea25af09e3eb41","ssdeep":"1536:WK4KZK+Klt3LbbdS4V+vO14KtA9phXTQ+fcZl8LDh7j8d3K+V4WMrnf/NunqxF00:Wj+dgdLbbdSA+1XTQRZ1jSBl","tlshash":"14b31c4c5cf3216285a7b1be8b9f925072759893304def203c4d9ba45f98d3c53eaad8","size":116886,"data":"","first_seen":"2025-05-31T08:16:48.368096Z","last_seen":"2026-07-02T19:32:29.476109Z","times_seen":1470,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/config/initGeetest4.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"87855e19802d75b55afa7bcf3af515c1","sha1":"4af373375728a98d623f2299a68a91e150f2672e","sha256":"9ec8a5ef8c8ffe369dd1a5c4730dce6570c0d90955798c0be4ac04ef1c8f4baa","sha512":"3baa6d9e916abfb3d38b7ebb9372c5987e8f10534bb978383751c0094f8f5a3e764f9b8e44a73d9d4871cbaeca7e1939f0ffaf9499af5c4a71f64c3588167d85","ssdeep":"192:23aP8Ha0D+Nu5dq+EvNiqc4K25MB5VYaiQwSL4SScQVy8QRHIsGiz0iX9rES6Myy:2fe61w1iXKb2sMGUI+KQTwwHlB","tlshash":"00621d0d68f764534553b4388b9fb014b5388a53042cde41be9ce354afa843d9bbabdc","size":14975,"data":"","first_seen":"2026-02-16T20:32:40.162764Z","last_seen":"2026-07-02T19:32:29.486752Z","times_seen":1025,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":[{"level":"log","text":"[Telegram.WebView] \u003e postEventweb_app_set_header_colormap[actor:server1.conn0.watcher14.process7//obj37 class:Object extensible:true frozen:false isError:false ownPropertyLength:1 preview:map[kind:Object ownProperties:map[color_key:map[configurable:true enumerable:true value:bg_color writable:true]] ownPropertiesLength:1] sealed:false type:object]","filename":"https://j106y.vip/config/telegram.js?t=1783000171468","line_number":139,"column_number":13},{"level":"log","text":"[Telegram.WebView] \u003e postEventweb_app_set_bottom_bar_colormap[actor:server1.conn0.watcher14.process7//obj38 class:Object extensible:true frozen:false isError:false ownPropertyLength:1 preview:map[kind:Object ownProperties:map[color:map[configurable:true enumerable:true value:#ffffff writable:true]] ownPropertiesLength:1] sealed:false type:object]","filename":"https://j106y.vip/config/telegram.js?t=1783000171468","line_number":139,"column_number":13},{"level":"log","text":"[Telegram.WebView] \u003e postEventweb_app_request_theme","filename":"https://j106y.vip/config/telegram.js?t=1783000171468","line_number":139,"column_number":13},{"level":"log","text":"[Telegram.WebView] \u003e postEventweb_app_request_viewport","filename":"https://j106y.vip/config/telegram.js?t=1783000171468","line_number":139,"column_number":13},{"level":"log","text":"[Telegram.WebView] \u003e postEventweb_app_request_safe_area","filename":"https://j106y.vip/config/telegram.js?t=1783000171468","line_number":139,"column_number":13},{"level":"log","text":"[Telegram.WebView] \u003e postEventweb_app_request_content_safe_area","filename":"https://j106y.vip/config/telegram.js?t=1783000171468","line_number":139,"column_number":13}]},"http":[{"url":{"schema":"https","addr":"j106y.vip/js/chunk-common.1781011881923.b470d60e.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:31.520Z","timestamp":1783000171520,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /js/chunk-common.1781011881923.b470d60e.js HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:32 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-27606\"\r\nCache-Control: public, max-age=31536000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000172=HjX/wKANgSgk7bf4ruTlq+LWjZ5tlyE8jm2EEJGuE4mheqVYNrZ//oApmuDjLa5keWF0IBTGmCbND7j+yf4a4ICt6FJFD26xI/UFMj6uUnqti0kaCFRix+Q3KWwNu23VovzGZBKgfgLL89YMXfilGqREPmpygQxY5P+q0KHtzcZEl6CjmvhH/Y6eByFT6wyv\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282b19f231788a9cc8f\r\nX-Cache-Status: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":161286,"size_decoded":36940,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"08afa88982cffd7b96a2190cdafe1c42","sha1":"abb87563ff4cd658f4436118c54f3f39c08f74a4","sha256":"8673d3fc3524eb9d8b4020b3da3109aa5ab5e569ed8d0074f2b72b8643f813ae","sha512":"70c9df3dd7b3e3d41a607627c6a2750f43673649dbd55c7a56606a7d3e67382cb2991f146f7ad2359cc5ff1615f9db484b54642917150351017d0fa4385c3d2f","ssdeep":"1536:jBY8bgGcdWUa2UTY6eryXHuLmbErF/G7D1dMI59H64likx/vocGAClVbGD3tFk7u:jBYCRTY6wjFetH64liC/vocGAcgD3t","tlshash":"65f3e8c5b3a0f07e9a1ed53779331499b12f758274c87c60f1a1ade6bf1a704a436ca8","first_seen":"2026-06-12T19:29:57.317434Z","last_seen":"2026-07-02T13:50:16.624066Z","times_seen":157,"resource_available":true,"data":null}},"time_used":1775,"timings":{"blocked":1035,"dns":0,"connect":0,"send":0,"wait":430,"receive":310,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/js/83749.1781011881923.02b71cf6.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:34.765Z","timestamp":1783000174765,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /js/83749.1781011881923.02b71cf6.js HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:35 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-16665\"\r\nCache-Control: public, max-age=31536000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000175=ou+1S2ys1bA+xDtGhRhEUsQUTlT6EfDUgxJlzi8nHWtVGx673ZMWeXxY+kUixE3mpGtiyAwglSJwaVzfevidH/0RRvYZj9t/HShIGZs1YJLGAfjXokQt4XscbFj/gGjtz1M9z68Ad+uekUFXcT8ChCxW2B8SbrGDBiFEOHfN/3V1oEWZi9/dc5qNyNbdYO4f\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282f19f2317919ecbeb\r\nX-Cache-Status: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":91749,"size_decoded":29137,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (64016), with no line terminators","md5":"c1d2645de169d30e7a814fdbd1c1a47d","sha1":"41959bb5171f196d813c4b3c27bb3135d993ff43","sha256":"a400126839acc7fff4ce08e50633afc5560f3eb3e8aae7ec697fff30423bd26a","sha512":"21e02eeba3e71baf0938766c7abf83b68a4f54b149ea679f43c221c429729dacd395ed0e54233ff22be739636dcaf0104cd58083c50df9b6c521fcb2c3e27419","ssdeep":"1536:lcK/KnqHB3vmxuHXvKe+Gruc7iSxTcgOX8JwTl0sI5pQiVFFsdt+H+Xk:rB3vywXSex7HYgOXawTl0sgQi2tkwk","tlshash":"3693e7c4b5f4f5f8279ec5a2973644b8b02527c5b1c8ace0d2e96e147f19b62b0718bc","first_seen":"2026-06-12T19:29:57.252198Z","last_seen":"2026-07-02T13:50:16.625901Z","times_seen":136,"resource_available":true,"data":null}},"time_used":930,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":715,"receive":215,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202508/_webp_size1884x434_8953c3b5-a3a1-4b97-a677-4b5efb3fb94a.jpg","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.494Z","timestamp":1783000176494,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202508/_webp_size1884x434_8953c3b5-a3a1-4b97-a677-4b5efb3fb94a.jpg HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:36 GMT\r\nContent-Type: image/webp\r\nContent-Length: 37528\r\nConnection: keep-alive\r\nEtag: \"906ab41cba21ba54bbb80ed3dacbb04b\"\r\nLast-Modified: Wed, 10 Dec 2025 10:48:21 GMT\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=esja0k52Lt1lKmHifIMldZzy9Pje255JgZexvtNwKT29Pu5L4boYGObSJyQGhtWSC%2FvJ6M%2B4cmTEinS40zLIkYjyU3vwrcpJPdMs9oa3KNKFvnJISQTIp7%2BpyTnadSa6HzAmpvQNUAx7ptwz1EiiZls%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nAge: 53369\r\nCf-Cache-Status: HIT\r\nCF-RAY: a14e1d619c618b3f-HKG\r\nalt-svc: h3=\":443\"; ma=86400\r\nCache-Control: public, max-age=2592000, immutable, public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nServer: Nginx\r\nL-Safe: 1783000176=NdFBkxXc2aBuloZavKUBNjKtLnFCMcJ7RWx+tgtmSmceEy/OZPV6RefCdc30KPcfeVDI36FETqNEwf5TswFffXfgYhDudGSbB7xHa4WI15N4GY5d4tS34h8zc+0+b2VX7WRkQOSrwF8QRMiWISfiBhc1iArFZfopyF5UhnQetX8GyWkheDnQDv+qB1PtbJmJ\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282b19f231797fccc9f\r\nX-Cache-Status: BYPASS\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":37528,"size_decoded":38683,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1884x434, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"906ab41cba21ba54bbb80ed3dacbb04b","sha1":"e08f7dbbfa8dbd35da5d1dcd0f053655549ab960","sha256":"a1ab44f6e154a62ec1ef0e0298fd9b4844f915511f4f611b7c0249fe0c18cf96","sha512":"e2f606f28782502ed4817ea9526830bb828b6519748e5ffb9877151958d0e4b971f028c39fe42c321df89af615265f25fce12495edfc0a668b07032b17b38f1e","ssdeep":"768:FlLwXc9bK7xo/wY1n6usZ+BDB6rZgXCEMyLjPzfQ/rbRe:XLwc9e7xoR5BDCgPMQfU3I","tlshash":"56f2f12f58773be86d763b7184e94068b008659b7f4b0c56087f338b866f73617e11a6","first_seen":"2026-04-24T23:10:16.777817Z","last_seen":"2026-07-02T13:50:16.627111Z","times_seen":436,"resource_available":false,"data":null}},"time_used":944,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":727,"receive":217,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/5e77fde4d7b54ee0b1b62d327b0bbe2a?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.837Z","timestamp":1783000176837,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /img/fb/team/5e77fde4d7b54ee0b1b62d327b0bbe2a?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/img/home-bg.1e09954b.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.909Z","timestamp":1783000176909,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /img/home-bg.1e09954b.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://j106y.vip/css/home.1781011881923.38488e2a.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:37 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:10 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281706-fae\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000177=EqBF+Bh0dVrEWopR4QSbe3gLv530Txf9gxNuWcqAwwJyFQmzoSIFPuT6Qs0RexA5gv1Yl/y9jvDjY+CtiBAxSJv82bFPDJJgMPhlRJp2cKfy77f4EN8iv+KjcXxTN6eOFQTquVNLWTDDnl+3v+CPUuvJ9zVFdpEes6xII4+OwztLzfFpjUCaTlEamp1i27kN\r\nAge: 0\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282e19f2317999bcfff\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4014,"size_decoded":4736,"mime_type":"image/png","magic":"PNG image data, 278 x 80, 8-bit colormap, non-interlaced","md5":"ed0eb6c81f949885511fbbe4d666a2f0","sha1":"d74fb98c3b01727753bb182eb5ee5d6eedf3da4a","sha256":"7fecf4ed61ab1535aafe2800474ac643b49264b83f54fc1da596d7334868ae75","sha512":"dd2f749e24e6b35f80fa77856c9c8b1cb1e0cacb9250b947403283e152d8bb9e7bf539df00ca6743d4162aeac014e47ce82191b62847fabe6cbb5693b4cd7fec","ssdeep":"","tlshash":"1a816c7eb31a4997296ff194138b387d74b0709d0b546934388a9c31a4791fcf39e526","first_seen":"2025-08-29T11:05:53.155399Z","last_seen":"2026-07-02T13:50:16.629338Z","times_seen":1700,"resource_available":false,"data":null}},"time_used":295,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":295,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202503/_webp_size649x578_ca5ef219-cb88-4c5a-b68c-c85984b21465.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.990Z","timestamp":1783000176990,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202503/_webp_size649x578_ca5ef219-cb88-4c5a-b68c-c85984b21465.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/gpmaster/_webp_size704x442_73525908-fb7b-43df-ab6b-ee9a1274a74c.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.111Z","timestamp":1783000177111,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/gpmaster/_webp_size704x442_73525908-fb7b-43df-ab6b-ee9a1274a74c.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/configPage.js?v=6/9/2026,%2021:37:10","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:31.504Z","timestamp":1783000171504,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /configPage.js?v=6/9/2026,%2021:37:10 HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:31 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 949\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:20 GMT\r\nETag: \"6a281710-3b5\"\r\nCache-Control: public, max-age=31536000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nServer: Nginx\r\nL-Safe: 1783000171=3ij61lhseI31F3UnQVuXjzGQjzqdbei8CD0HyPDczYO/7PQxr6Ye7P/lIYM5GRJnMN18ipj/a0byiPMay64a2xCJ4utz7wnubM1R1mmpLOAtbLVuN0TWZQDyjWJTj08i/CA2jW11n20J9eJbw3qYOWWe6fVWYUYpujUIZW42djiEj0PPGQ1BXIn4xMvlNqfM\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283019f2317847ec759\r\nX-Cache-Status: BYPASS\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":949,"size_decoded":1622,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (917), with no line terminators","md5":"e6aa74bb352ef198ba3e1c9a4b01b014","sha1":"2ea8bd6b5045475a36432f7665a129728e822d9e","sha256":"73828e873c0b6e847b37d78941ca436247471dfc90a12f743964f869f75abd5c","sha512":"2faaf24fdf1e4da637af8e9f82d1778bf061b00752dfca0c8f73432ba236a7b69410a7ad2a73727bc83e6cd631fd6555c3cc0d9d3a5d8a7f81818dd66566011f","ssdeep":"","tlshash":"be117aaf57444dffcf1d7e00a08b0a5ea8bc61d261889d4da8e9cf29e1c99002378978","first_seen":"2025-09-04T00:49:32.949926Z","last_seen":"2026-07-02T13:50:16.630556Z","times_seen":1935,"resource_available":true,"data":null}},"time_used":312,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":312,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/js/chunk-init-1656f0b4.1781011881923.32336986.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:31.518Z","timestamp":1783000171518,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /js/chunk-init-1656f0b4.1781011881923.32336986.js HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:32 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-21366\"\r\nCache-Control: public, max-age=31536000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000172=HjX/wKANgSgk7bf4ruTlq+LWjZ5tlyE8jm2EEJGuE4mheqVYNrZ//oApmuDjLa5keWF0IBTGmCbND7j+yf4a4ICt6FJFD26xI/UFMj6uUnqti0kaCFRix+Q3KWwNu23VovzGZBKgfgLL89YMXfilGqREPmpygQxY5P+q0KHtzcZEl6CjmvhH/Y6eByFT6wyv\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282e19f2317882dcffa\r\nX-Cache-Status: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":136038,"size_decoded":38262,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (44088)","md5":"149a9a32eef525724cd200e4dce7a032","sha1":"29b091925cae6d90319391653e40685f6e6c5735","sha256":"10fcb7c4e44a141964cb31c527462c6e56f78d95c956fb02c50c61fc576cefd2","sha512":"62d80403786c13019e86e1c6b991d73cf52ff5bd25d4eeaec34ca12125d677604a269fc6c56ef301f074c42798f8e7935df623d6a0a62559d70749e53082085f","ssdeep":"1536:z2twqIPBoVbzfsO9ZuqpiXXIOU6Qgpp6KkB2EnBDsAxdrkm4SgiqvHynjM5TCif9:z2twqhOIK2nCLdyACifMur06/D","tlshash":"6dd3ec54b7d0b4b442cf13e6711b2475e3a61ca22058e8f0e31dee647f35689d26faac","first_seen":"2026-06-12T19:29:57.333908Z","last_seen":"2026-07-02T13:50:16.631571Z","times_seen":159,"resource_available":true,"data":null}},"time_used":1618,"timings":{"blocked":893,"dns":0,"connect":0,"send":0,"wait":470,"receive":255,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/img/zeren.c0aa584f.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:34.930Z","timestamp":1783000174930,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /img/zeren.c0aa584f.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:37 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-cfa\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000177=EqBF+Bh0dVrEWopR4QSbe3gLv530Txf9gxNuWcqAwwJyFQmzoSIFPuT6Qs0RexA5gv1Yl/y9jvDjY+CtiBAxSJv82bFPDJJgMPhlRJp2cKfy77f4EN8iv+KjcXxTN6eOFQTquVNLWTDDnl+3v+CPUuvJ9zVFdpEes6xII4+OwztLzfFpjUCaTlEamp1i27kN\r\nAge: 0\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283719f23179bedcd05\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3322,"size_decoded":4049,"mime_type":"image/png","magic":"PNG image data, 414 x 130, 4-bit colormap, non-interlaced","md5":"217588cbcd6216a09cac17953ae710b1","sha1":"de250755d284bb75dcee38ee45f2fc839987dcba","sha256":"24c2821b322d0c9087bcb0727dc0307311f6cfbb52af9f8a93308e48705f706e","sha512":"da190054ec0862c9927bb3bd928481459d53d4d778e9b2928c2507f2a34df5791d43adda750fcf184b767c1ba3a3f92e45dc57242a80869e253a9b37639abb4a","ssdeep":"","tlshash":"50616c01eb9130b8129c286701bd3fcda4c64d993d203d798d87b29bd6f970d288b123","first_seen":"2025-08-29T11:05:53.326961Z","last_seen":"2026-07-02T19:51:45.121417Z","times_seen":1685,"resource_available":false,"data":null}},"time_used":2869,"timings":{"blocked":2571,"dns":0,"connect":0,"send":0,"wait":298,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/ecb/8f83064248a6651521ab9b26970d60fa83f0bf5f79fe68600101b67707c272184849423924c3e9832923a30acedcbfec8ac50fef89fb","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:35.954Z","timestamp":1783000175954,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /ecb/8f83064248a6651521ab9b26970d60fa83f0bf5f79fe68600101b67707c272184849423924c3e9832923a30acedcbfec8ac50fef89fb HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nContent-Type: application/x-www-form-urlencoded\r\nx-request-source: https://j106y.vip\r\nXign: pWAHMRc8bFZxjiVLOGf8UP0LHiV0c0Q1R/tsVisEN7eQn9uqgsUrNq3JUEVP7AAwIsk/fOGe6IHnwpcxwrT2nUJ4pXBkcJqYox+PyVbJZkAGqtfcxFcrhY5WIWdhNfVSWCXmfF7IQKVIPAdGzKs765h7ijuM8QVJ3nDm1L3rPG8=\r\ntimestamp: 1783000175932\r\nsign: 3p3r3e3oo6j6449d\r\nversion: 5.6.12.0\r\nclient-type: web\r\ndevice-id: wtZjiNmmYm4mYBwpzNKrht4ssYykCjyC\r\nlang: zh-CN\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:36 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nExpires: Thu, 02 Jul 2026 13:59:36 GMT\r\nCache-Control: public, max-age=600, s-maxage=600, must-revalidate, stale-while-revalidate=30\r\nX-XSS-Protection: 1; mode=block\r\nX-Request-ID: 875292ce66e84e2ca3bd9066c23e0635\r\nPragma: public\r\nX-Content-Type-Options: nosniff\r\nStrict-Transport-Security: max-age=63072000; includeSubdomains; preload\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true, true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000176=NdFBkxXc2aBuloZavKUBNjKtLnFCMcJ7RWx+tgtmSmceEy/OZPV6RefCdc30KPcfeVDI36FETqNEwf5TswFffXfgYhDudGSbB7xHa4WI15N4GY5d4tS34h8zc+0+b2VX7WRkQOSrwF8QRMiWISfiBhc1iArFZfopyF5UhnQetX8GyWkheDnQDv+qB1PtbJmJ\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283019f23179942c762\r\nX-Cache-Status: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6698,"size_decoded":7731,"mime_type":"application/json","magic":"data","md5":"9b12746c2b5339c383b2a86475c1399e","sha1":"5ddaedde38e6e169a61911b974d827e8c4398a26","sha256":"6f78b32e362421e259a83fbeb9af7421170514195f5f0e3771bf2775e08182a2","sha512":"88ad1f89b1de600581219f3cf0960fe554643aaa558aca751b0ff05d13bedce4535f02bc05b1d4caf9c9cd15113cedd0e379d3ffa2a6e60ea5c7ac8e71d6bab6","ssdeep":"192:VYj3/Gi/7YtYtezNE53FwineFcGcId4AaWFV86qTLkZLL/ql6zs2cB+XcBJu0uwu:i/dn8zcFLlyaWFV8LTLk1Dv42cB+XcrC","tlshash":"dc22af080615e3c0dad98cf6745f2df06f1463a085b47efceb58d67b1a8831c229e95a","first_seen":"2026-07-02T13:50:16.63338Z","last_seen":"2026-07-02T13:50:16.63338Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1179,"timings":{"blocked":866,"dns":0,"connect":0,"send":0,"wait":313,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/41a19acde383438d8178fa20d0036875?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.749Z","timestamp":1783000176749,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/41a19acde383438d8178fa20d0036875?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:37 GMT\r\nContent-Type: image/png\r\nContent-Length: 204\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 6716\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"41a19acde383438d8178fa20d0036875\"; filename*=utf-8''41a19acde383438d8178fa20d0036875\r\nContent-Md5: hMlQhW40mtnOS/RjbHyzOg==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"Fp7ODpYbUA48akUwFMLepDiI4-P5\"\r\nLast-Modified: Thu, 25 Jun 2026 21:21:37 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg121;QNM3\r\nX-M-Reqid: 1neSdkXlN\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: cWQAAAC0eE0bd74Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":204,"size_decoded":957,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 4-bit colormap, non-interlaced","md5":"84c950856e349ad9ce4bf4636c7cb33a","sha1":"9ece0e961b500e3c6a453014c2dea43888e3e3f9","sha256":"7417e3bb914bf2a7b35392a45b56a7a5c1430985580b84142535ff599e99bd58","sha512":"b7eb0f04eaefaebe407590f587e7656b55fcac4870940d4c899800153555fb90dddea49bf17978143b7033ea9e52a8039451df2a3a225e0ebb160ba15be0c828","ssdeep":"","tlshash":"b8d022e137c0acb0f1548272421540e0fc09905314218a9f273cab2e0ed1b022768687","first_seen":"2026-06-03T15:14:26.966314Z","last_seen":"2026-07-02T13:50:16.636184Z","times_seen":9,"resource_available":false,"data":null}},"time_used":960,"timings":{"blocked":699,"dns":0,"connect":0,"send":0,"wait":261,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/b25b91b4bdfd4f11a87b7eade26d5eb7?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.762Z","timestamp":1783000176762,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/b25b91b4bdfd4f11a87b7eade26d5eb7?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:37 GMT\r\nContent-Type: image/png\r\nContent-Length: 13925\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 7347\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"b25b91b4bdfd4f11a87b7eade26d5eb7\"; filename*=utf-8''b25b91b4bdfd4f11a87b7eade26d5eb7\r\nContent-Md5: Cn/amnkL5NkapaKJ1qmQsw==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"FjIN0zLeHVkbV065H_V3RbUbDXLM\"\r\nLast-Modified: Tue, 19 May 2026 13:58:12 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg119;QNM3\r\nX-M-Reqid: 5PBwHNEzQ\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: jesAAAD1dXaIdr4Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13925,"size_decoded":14680,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"0a7fda9a790be4d91aa5a289d6a990b3","sha1":"320dd332de1d591b574eb91ff57745b51b0d72cc","sha256":"e9b16f5cc6c7cbfba1e96c803584dc8c7c707c20441e34865d2dd20c91b80f55","sha512":"791f1339358b70340bc604b7f5142a9b1bf87b7076fdcda1bbbc3d97fe1377b3c93f2b8cc19fc275930977927bb993377f0770d2550e640d76555caf23384ddc","ssdeep":"192:jz9/J7elMdBsQouxA1ZE+aXyXeJE1aOvUDdlZa+W8HB7Cwlihl58i71XJ+Oil1mB:d/3dGi+Evs85lt+1Z+/l1m30cMpL07","tlshash":"1352cf71f2cc45e32f3720922386da144fe03cb766b6ca653f4b2c966b326db9217509","first_seen":"2024-12-10T14:50:18.057788Z","last_seen":"2026-07-02T13:50:16.637227Z","times_seen":9,"resource_available":false,"data":null}},"time_used":1277,"timings":{"blocked":963,"dns":0,"connect":0,"send":0,"wait":314,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/gpmaster/_webp_size328x442_c0a34e2a-97fa-40dc-8123-594806696886.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.055Z","timestamp":1783000177055,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/gpmaster/_webp_size328x442_c0a34e2a-97fa-40dc-8123-594806696886.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:40 GMT\r\nContent-Type: image/webp\r\nContent-Length: 13338\r\nConnection: keep-alive\r\nEtag: \"c9888ec9eb68e23af8c466de36aa1374\"\r\nLast-Modified: Tue, 02 Dec 2025 14:08:14 GMT\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=m2MxAi0WiskRFl1OyG1Ghj%2B18BO7DEiTML%2BKDQaPH3wcpXHn8z1XQA0Oq2LwD12JWpDR%2F7MOLHu6gEjgOSVPeF36BKY4kPJGv989BXJlBu1tB8167yDsFziMMU0d3WJkYuMpZwndu1H6uzqprZUs5uw%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nAge: 0\r\nCf-Cache-Status: HIT\r\nCF-RAY: a14e1d766bee0953-HKG\r\nalt-svc: h3=\":443\"; ma=86400\r\nCache-Control: public, max-age=2592000, immutable, public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nServer: Nginx\r\nL-Safe: 1783000180=/HKbVSD/7vRre6xAbJ/Z8ubw9TW1k6ODWXaxTL+J+WkSwcoNzoRwe6DSIb4eclOBywGI/tjcPogehrmEOo67xkbsDokiBoI2bOwHFRdZVp30oXkqS61CSJE40xu0XKdMeLCB2NbXxnp9SpTDW52q7OAsisMFf4omgDBMFUU6Zxii2+nY5c479iFlDvqAV4EH\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282b19f2317a5ddccba\r\nX-Cache-Status: MISS\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13338,"size_decoded":14487,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"c9888ec9eb68e23af8c466de36aa1374","sha1":"9f390e12dc110576b1f87b5705379cce7c8d821c","sha256":"8ff81de4e5b37505789b23808f901d64ab7d3dd91a813438ff0c762971c445c2","sha512":"6234782d00cacdac98ef61238100e1e4b6d3a44b462264cddf34237f74cc589576644b8b1a8e1e309c0acf400d17b899dad9717654f487f86a28224d4e2744e6","ssdeep":"384:sfQdwsWMYKGas1GU33KVwYl/0VPxDNUrIJeYcsFAl33l8Ta0V+t:vdTqGU3aJB0VPx0IJ4sFApWT5q","tlshash":"f052ae4ef297816890419138d0d51cb6583550ee8ffb29ad2e78e7c9630173ee4abb3d","first_seen":"2026-04-24T23:10:16.827229Z","last_seen":"2026-07-02T13:50:16.638114Z","times_seen":428,"resource_available":false,"data":null}},"time_used":3322,"timings":{"blocked":2933,"dns":0,"connect":0,"send":0,"wait":389,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/js/chunk-init-c0d76f48.1781011881923.0f397bb1.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:31.516Z","timestamp":1783000171516,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /js/chunk-init-c0d76f48.1781011881923.0f397bb1.js HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:32 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-275ca\"\r\nCache-Control: public, max-age=31536000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000172=HjX/wKANgSgk7bf4ruTlq+LWjZ5tlyE8jm2EEJGuE4mheqVYNrZ//oApmuDjLa5keWF0IBTGmCbND7j+yf4a4ICt6FJFD26xI/UFMj6uUnqti0kaCFRix+Q3KWwNu23VovzGZBKgfgLL89YMXfilGqREPmpygQxY5P+q0KHtzcZEl6CjmvhH/Y6eByFT6wyv\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283019f23178811c75b\r\nX-Cache-Status: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":161226,"size_decoded":53264,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65535), with no line terminators","md5":"815f2acbd0918250f25d4f71409219b0","sha1":"d5778078df7eada22b3175f9182b8b22e828c433","sha256":"12a61f287da39190db34dff1de7188c3d8b76ffbd1c11290962db88fd5e2ab46","sha512":"5ba4adaf4b36b4a402c30c3aaa5be5f02e292391d79400d353a5ca6c61405cb40e5179858abddb1af6dad243899e420111e49004d01d339ce9de23d8f522c379","ssdeep":"1536:zG5qxPvO2lSV822bv0bcbpM/igw/aIwC23QOoKILbjxo4wc0tvB6xVS/J+pKY3Ns:iQz/Dp5/92xoKa/x5wc0dB5/J+UU0","tlshash":"5ef31b987392b1b847dba6e152371075b57e1dd73088e8f0c169a6803f31a9cd52afec","first_seen":"2026-05-11T06:12:53.502908Z","last_seen":"2026-07-02T13:50:16.638922Z","times_seen":162,"resource_available":true,"data":null}},"time_used":1624,"timings":{"blocked":863,"dns":0,"connect":0,"send":0,"wait":465,"receive":296,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/261f60aefa6e4eb7ae14884615abd83d?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.873Z","timestamp":1783000176873,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/261f60aefa6e4eb7ae14884615abd83d?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:40 GMT\r\nContent-Type: image/png\r\nContent-Length: 33038\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 15552\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"261f60aefa6e4eb7ae14884615abd83d\"; filename*=utf-8''261f60aefa6e4eb7ae14884615abd83d\r\nContent-Md5: pmpLlAQ6zyrALbRUpKF1PQ==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"Fmix1vFHZiXd7IouIDONFNMhnkuy\"\r\nLast-Modified: Tue, 19 May 2026 13:57:58 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg119;QNM3\r\nX-M-Reqid: Y81mUjbMT\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: ABwAAACVXcsSb74Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":33038,"size_decoded":33794,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced","md5":"a66a4b94043acf2ac02db454a4a1753d","sha1":"68b1d6f1476625ddec8a2e20338d14d3219e4bb2","sha256":"0e7c1cb5dd2e431a179fbbb08c5d288a3c89a23a481c63656579dca5a97bc98f","sha512":"1eee667b1b7fbf98f0e64cca90d8e7a45e8207483a2ace4dfa1199d08c9aec8c7e9db216395d33339e0c9c23ccc8b4590c4cefd816b0045ccd8601917d5832d5","ssdeep":"768:oLB0un3xhgM9QtR8Jp36sLMHiz2ETSL5XIrtmC+YRRLCozrT:oLCch77H7LMoi5XI5mqDX/","tlshash":"34e2f192446aa3fe1578d074adfbcfde00dbe3698e57838c8a1eb861d15431f54790e0","first_seen":"2025-03-28T02:30:49.260277Z","last_seen":"2026-07-02T19:51:45.191165Z","times_seen":26,"resource_available":false,"data":null}},"time_used":3620,"timings":{"blocked":3312,"dns":0,"connect":0,"send":0,"wait":275,"receive":33,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/d4efc3648b614bc4af807ff390166161?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.901Z","timestamp":1783000176901,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /img/fb/team/d4efc3648b614bc4af807ff390166161?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202506/_webp_size1260x1156_03543abb-5967-4969-b0c5-87347b24c4d6.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.986Z","timestamp":1783000176986,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202506/_webp_size1260x1156_03543abb-5967-4969-b0c5-87347b24c4d6.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":148768,"size_decoded":149916,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"2c43663cd3eeae27a4e751556307f507","sha1":"231f268ff0432bf21cea23c1a2cc12003c10f7be","sha256":"cdd625ad600403b36dcbcf589300926ee189bf9d47b2cc2c0715f91c5f6968a5","sha512":"d9ba3dcde4fcd162ea361339bce1c4b8313875af3fe94297a7a55cb8d245e815421dbfb9e5017c19e6a6d50b5ca654e02a326190c2e300b0fd369aa245726567","ssdeep":"3072:IgpSjBxCU8A3MroXYq21tKxGDaxxoyg4KtBHs7T8YMA4q8B4:IgpSjBGYuOYqGKx7ygoBqT8Yln8","tlshash":"3ee313b7f29017bdda91ca376b9f02f832041f64f4077e34a5509801839daada2bb572","first_seen":"2026-04-24T23:10:16.7755Z","last_seen":"2026-07-02T13:50:16.640522Z","times_seen":442,"resource_available":false,"data":null}},"time_used":2963,"timings":{"blocked":2249,"dns":0,"connect":0,"send":0,"wait":376,"receive":338,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202503/_webp_size649x578_ad0ed5ff-8fa0-4231-a619-ce0616ad2a8d.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.072Z","timestamp":1783000177072,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202503/_webp_size649x578_ad0ed5ff-8fa0-4231-a619-ce0616ad2a8d.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:40 GMT\r\nContent-Type: image/webp\r\nContent-Length: 43980\r\nConnection: keep-alive\r\nEtag: \"fe9109b6cf4f5478cc8e8fa2df5009fe\"\r\nLast-Modified: Sat, 06 Dec 2025 06:22:15 GMT\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SHNDJVf3Zv1TrMAFxHn4K%2FcBJhRnM1fNRfWI%2BBaYQIb2LKa%2FB%2F%2BY2nqJbRgWRL2BedkmuhQYrQDxeU9jL23sF3TYVeqMXMsaL%2BRZ6CU7vZEtxzPBdIfn4tdVkhU1NqnPZG5IORbjLYZAnIn0TAJv9Yc%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nAge: 0\r\nCf-Cache-Status: HIT\r\nCF-RAY: a14e1d796bd58570-HKG\r\nalt-svc: h3=\":443\"; ma=86400\r\nCache-Control: public, max-age=2592000, immutable, public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nServer: Nginx\r\nL-Safe: 1783000180=/HKbVSD/7vRre6xAbJ/Z8ubw9TW1k6ODWXaxTL+J+WkSwcoNzoRwe6DSIb4eclOBywGI/tjcPogehrmEOo67xkbsDokiBoI2bOwHFRdZVp30oXkqS61CSJE40xu0XKdMeLCB2NbXxnp9SpTDW52q7OAsisMFf4omgDBMFUU6Zxii2+nY5c479iFlDvqAV4EH\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283019f2317a7d2c774\r\nX-Cache-Status: MISS\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/webp","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":3796,"timings":{"blocked":3421,"dns":0,"connect":0,"send":0,"wait":365,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202508/_webp_size1298x1156_df036cfa-66a5-49f7-b863-3c22d1a3d180.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.085Z","timestamp":1783000177085,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202508/_webp_size1298x1156_df036cfa-66a5-49f7-b863-3c22d1a3d180.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:37 GMT\r\nContent-Type: image/webp\r\nContent-Length: 120978\r\nConnection: keep-alive\r\nEtag: \"1af718e662844a31716cc9bf3248f8e4\"\r\nLast-Modified: Wed, 10 Dec 2025 11:52:31 GMT\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Bg11pWl5D2j625LtYWYBoQ9COKwENMulmzqZAvBS15R1%2FbwqQCJPxa1VRIF7ew7YA%2F08wcsTKz%2F7GTT28yPOzbTUjoBO14ZHTrJK7uOGCHloxC5tYaGmG3MWlfUL4VZ8rztsY8ulJlEyCasETn3kNPQ%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nAge: 0\r\nCf-Cache-Status: HIT\r\nCF-RAY: a14e1d63ea3edda0-HKG\r\nalt-svc: h3=\":443\"; ma=86400\r\nCache-Control: public, max-age=2592000, immutable, public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nServer: Nginx\r\nL-Safe: 1783000177=EqBF+Bh0dVrEWopR4QSbe3gLv530Txf9gxNuWcqAwwJyFQmzoSIFPuT6Qs0RexA5gv1Yl/y9jvDjY+CtiBAxSJv82bFPDJJgMPhlRJp2cKfy77f4EN8iv+KjcXxTN6eOFQTquVNLWTDDnl+3v+CPUuvJ9zVFdpEes6xII4+OwztLzfFpjUCaTlEamp1i27kN\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282f19f23179a4bcbf5\r\nX-Cache-Status: MISS\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":120978,"size_decoded":122128,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"1af718e662844a31716cc9bf3248f8e4","sha1":"e54b87093f05f4d0c5d96fbc689f0ed37ffcbcaa","sha256":"670ccce96c9f21fc7364791b4870e1915788e14fb105a16cae131cae271279b4","sha512":"93a7b9e3a5b4438343a8f1abe967cf1b3d21a347b42526dd8604da5f9c953c14ad2dc83bcd7e3f340a9b3b90b9a4c98f90ec88c689875b8e2b0536f0b9ca7975","ssdeep":"3072:nO0/MDrjGP/ngyzlMkxT730AhwPBv78vHWJ8AxCsDozmmeYj:JgrA/nnKBrpvovHWLxCqImE","tlshash":"a0c312ee7ec309b8e112676d12dd07968e16e06f482b0d959e2f40392b02716ef7dc5d","first_seen":"2026-04-24T23:10:16.785822Z","last_seen":"2026-07-02T13:50:16.641394Z","times_seen":407,"resource_available":false,"data":null}},"time_used":894,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":455,"receive":439,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202508/_webp_size1298x1156_79864bfb-d71a-4513-a524-8823b86ee01d.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.091Z","timestamp":1783000177091,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202508/_webp_size1298x1156_79864bfb-d71a-4513-a524-8823b86ee01d.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/gpmaster/_webp_size704x442_7f760e34-ebbd-4cfc-bc28-666cc8a6234f.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.115Z","timestamp":1783000177115,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/gpmaster/_webp_size704x442_7f760e34-ebbd-4cfc-bc28-666cc8a6234f.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/js/22872.1781011881923.153832d9.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:31.526Z","timestamp":1783000171526,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /js/22872.1781011881923.153832d9.js HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:33 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-2679f\"\r\nCache-Control: public, max-age=31536000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000173=OxtiLSZypOd/3GpkdMh/Qlj7mb5uQpI+QPVV7J9PzMA8uZWhKnqgc7XKieUFl/zPGxZ/I8r59A54jtOqCQQLj0R67lm5E4v/ebaILwucuF/gykM2PWcBtSd8syW86mNexB+fUW/cNUUve94aIRMs8mwuw5spbkf4YYv1dDc+69iqnBZ17WtpsoSLm/w7vno+\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282b19f23178af2cc90\r\nX-Cache-Status: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":157599,"size_decoded":50860,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"f9ee602f8eeb24db94a45e276eb229fd","sha1":"add3d7dea3c94842531e4e52db7b334a705c5e6b","sha256":"3d79813c4166473dcbe19eb56d456a226f183993f5aa4108a4fccae156001245","sha512":"8ad5674af4bbf338d1188a8108d0984786a4c94afddefbd592dbc428928dae301e40d4a936d73d0e29ba68989ccd13abee0988a8a6938495736115c80a53eae7","ssdeep":"3072:XHW7tB4Vgj5tNlxyU5YegxYffj7TEOiGzZl+DJVkzEcx1nKs:XHW7tBwgttXxyUtffjAGzT+DJVkzEcxF","tlshash":"21f31bd4f2c071f6475f45f2a22b0075b26f4d92318c98b0e15ba6597f21a48c7abeec","first_seen":"2026-06-12T19:29:57.267326Z","last_seen":"2026-07-02T13:50:16.64215Z","times_seen":155,"resource_available":true,"data":null}},"time_used":2038,"timings":{"blocked":1620,"dns":0,"connect":0,"send":0,"wait":345,"receive":73,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/img/bj2.a8fabbac.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:34.915Z","timestamp":1783000174915,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /img/bj2.a8fabbac.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://j106y.vip/css/home.1781011881923.38488e2a.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:35 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-5809c\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000175=ou+1S2ys1bA+xDtGhRhEUsQUTlT6EfDUgxJlzi8nHWtVGx673ZMWeXxY+kUixE3mpGtiyAwglSJwaVzfevidH/0RRvYZj9t/HShIGZs1YJLGAfjXokQt4XscbFj/gGjtz1M9z68Ad+uekUFXcT8ChCxW2B8SbrGDBiFEOHfN/3V1oEWZi9/dc5qNyNbdYO4f\r\nAge: 0\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282e19f23179558cffd\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":360604,"size_decoded":360168,"mime_type":"image/png","magic":"PNG image data, 1920 x 641, 8-bit/color RGBA, non-interlaced","md5":"e0fe8ffeed1841f74df53c3b0c1f2db0","sha1":"77bf6dfe664cdc936776654af151f49368479ec3","sha256":"db4d87e8a403e388c54dd5d114b738c82e1d2dbe65b95630fd5782179f0d7d54","sha512":"825bf73262c2b613b6a8a8397f869db6b2cd4118e554689d228503e7a04c4e674d49c5649e4ac8e2423a7b526c0f6621c259566d0e9bb6ebfa0712a7352968fa","ssdeep":"6144:iAHwIFRCiRIygxWS9v34xfZzuwbIYGzl8BPp0eIiOk3Fg7la6RUIs4pU2:rwy0IgxDEfQwbjw8dpmiOiFgpLHFU2","tlshash":"2874238d711d48cc9c9b45003dd82d9e1c55aa2f7aab20b58264fed24d17ddeec0ea3b","first_seen":"2023-11-10T19:12:00Z","last_seen":"2026-07-02T13:50:16.642957Z","times_seen":1689,"resource_available":false,"data":null}},"time_used":1331,"timings":{"blocked":893,"dns":0,"connect":0,"send":0,"wait":308,"receive":130,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/img/help.4e3cf897.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:34.922Z","timestamp":1783000174922,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /img/help.4e3cf897.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://j106y.vip/css/index-399e2569.1781011881923.a7b0b4f4.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:37 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-2852\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000177=EqBF+Bh0dVrEWopR4QSbe3gLv530Txf9gxNuWcqAwwJyFQmzoSIFPuT6Qs0RexA5gv1Yl/y9jvDjY+CtiBAxSJv82bFPDJJgMPhlRJp2cKfy77f4EN8iv+KjcXxTN6eOFQTquVNLWTDDnl+3v+CPUuvJ9zVFdpEes6xII4+OwztLzfFpjUCaTlEamp1i27kN\r\nAge: 0\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282b19f23179cc0ccaa\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10322,"size_decoded":11050,"mime_type":"image/png","magic":"PNG image data, 112 x 112, 8-bit/color RGBA, non-interlaced","md5":"6dd52a6a4d07f2786b1926fac1b4b06a","sha1":"9c9908204401fbe65d33cf7df8881639d6aea37d","sha256":"e02471f47b506ab510d0e0dc4224cffc03c34f950b649ce347ccd71af0bcf0ab","sha512":"fdd52f532e5c2e2c182db20e2053eee0ca8c26cec51ff75e1bc341b01911461ac72fa75887fa3114188ba32aa6341c0974d81d071fc42b605e72f73dfb87ab9c","ssdeep":"192:x0C+pMwjX2XZ456BAJu+1KzdjCfDrRq6wUPlJyh2h4PAmWP5yQSkHxfYX32H5TRm:EjGXZau+1MjCrrRLlqGOnWcQSkRQX3IG","tlshash":"3822c054370836084f737a4362ac4e837a06040ffdf9b7919a6372659a5b94e44cfb66","first_seen":"2023-07-01T07:21:14Z","last_seen":"2026-07-02T13:50:16.643733Z","times_seen":1763,"resource_available":false,"data":null}},"time_used":3142,"timings":{"blocked":2784,"dns":0,"connect":0,"send":0,"wait":358,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/86046d13c6df4987a25e06f1804db689?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.794Z","timestamp":1783000176794,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/86046d13c6df4987a25e06f1804db689?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:38 GMT\r\nContent-Type: image/png\r\nContent-Length: 55738\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 91162\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"86046d13c6df4987a25e06f1804db689\"; filename*=utf-8''86046d13c6df4987a25e06f1804db689\r\nContent-Md5: UQ75dlX45CgH/xCLwrBocw==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"Frdlo9wDYu_CP2qlXk5H29sur2RA\"\r\nLast-Modified: Fri, 10 Apr 2026 19:33:08 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg121;QNM3\r\nX-M-Reqid: jnmtf15Te\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: gz4AAADcKfNNKr4Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":55738,"size_decoded":56494,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"510ef97655f8e42807ff108bc2b06873","sha1":"b765a3dc0362efc23f6aa55e4e47dbdb2eaf6440","sha256":"607a9044da34367d88e4b1ecebd7470df5c0ae8defc92fea4be3fa6ef4542993","sha512":"e3c1e5e7a340820b71824ef7f72faf0988e7d90eed4df9c6ca34831e4482deff4b1a4af20d0ede4e78b944baf840674a8620b0e5e3b3313e72752b17e5df6a47","ssdeep":"1536:jiqOTOV5TeyP9FKvZtVskhkA9u/zvGrNoWvGmO+EwTY+:jiqOAtfX0tThkA9u/z+ruWYw/","tlshash":"2a4302b313b226ca81a0487a75c6d57171b6893edd9f1bd01bbe53464c32c628bc2edd","first_seen":"2025-06-24T17:27:40.295791Z","last_seen":"2026-07-02T13:50:16.644531Z","times_seen":50,"resource_available":false,"data":null}},"time_used":1947,"timings":{"blocked":1467,"dns":0,"connect":0,"send":0,"wait":313,"receive":167,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/bf6aca57ce03451fb12f930bd5f71616?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.838Z","timestamp":1783000176838,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/bf6aca57ce03451fb12f930bd5f71616?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:39 GMT\r\nContent-Type: image/png\r\nContent-Length: 28908\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 74969\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"bf6aca57ce03451fb12f930bd5f71616\"; filename*=utf-8''bf6aca57ce03451fb12f930bd5f71616\r\nContent-Md5: 2s23yV9oHsPa8INNur1e6g==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"FhwiZVyKmlrGm3ARLFlAGXqZOPNk\"\r\nLast-Modified: Wed, 01 Jul 2026 03:02:01 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg119;QNM3\r\nX-M-Reqid: CSn1mBzdy\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: E94AAAD3HGEIOb4Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28908,"size_decoded":29664,"mime_type":"image/png","magic":"PNG image data, 184 x 184, 8-bit/color RGB, non-interlaced","md5":"dacdb7c95f681ec3daf0834dbabd5eea","sha1":"1c22655c8a9a5ac69b70112c5940197a9938f364","sha256":"c8fbab8431b5b09ab6eb43a1b0615e6742a1d5747cb93bbd84a182ee09cf2673","sha512":"b0fbabe0648160a0b73f19ab23a119512dbb70385fcfef2ac15dd6e403a9434cfb4bd0511d211f4c44122e0294cd9bc3cd2453f276601dacda10f478b5ffaac5","ssdeep":"768:w1zYrtjjiBh/GTlSP6ghvjF68ZLx9nsj5d/:8YpjIh/+lSSmjEY9nU","tlshash":"ead2e0d4d5e4c2f6c6f56f701201caa61d8e4eb83c87a2121818636e6ac1ded672b763","first_seen":"2026-02-15T16:17:36.074333Z","last_seen":"2026-07-02T13:50:16.645292Z","times_seen":31,"resource_available":false,"data":null}},"time_used":2970,"timings":{"blocked":2632,"dns":0,"connect":0,"send":0,"wait":298,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/f189cf1271004cd5aeddd3e3efdd0900?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.843Z","timestamp":1783000176843,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/f189cf1271004cd5aeddd3e3efdd0900?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:39 GMT\r\nContent-Type: image/png\r\nContent-Length: 13898\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 74968\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"f189cf1271004cd5aeddd3e3efdd0900\"; filename*=utf-8''f189cf1271004cd5aeddd3e3efdd0900\r\nContent-Md5: wfy4SAeunxH+bcOvuvt3Nw==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"Fl5H-9IYXt8ZPR2Z7vU9POJFGRZG\"\r\nLast-Modified: Wed, 01 Jul 2026 03:01:57 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg121;QNM3\r\nX-M-Reqid: YVo4XbLqR\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: QhAAAAA3kX0IOb4Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":13898,"size_decoded":14654,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"c1fcb84807ae9f11fe6dc3afbafb7737","sha1":"5e47fbd2185edf193d1d99eef53d3ce245191646","sha256":"009cf8c26bde84f8c518cc5aefedd5261245ab6cdc2d42bb7231425f63d8e0ed","sha512":"fa0bcb3b33459d5e0d9d4c98983b3e57b916435415dcc73f6fdea182f3dc69eb0d80aa8f8ee17a998c79fcdab1ec911c83913a2be371ce8e5288c4b3e37fb251","ssdeep":"192:HMsOvYWFc6Z9EZw5XkGZc4hC0EAfretADqGlEPfk/fgVnigIlzdk+tFZ:HMsjWFcAEZ74nKtAiP83w2FN","tlshash":"4a52d14ada32c372cfc7419f346f62cea726c814c2902891e7db5deb0ca257252dc60b","first_seen":"2025-04-01T11:41:17.833905Z","last_seen":"2026-07-02T13:50:16.64608Z","times_seen":43,"resource_available":false,"data":null}},"time_used":3076,"timings":{"blocked":2787,"dns":0,"connect":0,"send":0,"wait":289,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/7bcdfd6eda5a4050bc2e77c6a7bd8473?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.844Z","timestamp":1783000176844,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/7bcdfd6eda5a4050bc2e77c6a7bd8473?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:39 GMT\r\nContent-Type: image/png\r\nContent-Length: 87199\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 74968\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"7bcdfd6eda5a4050bc2e77c6a7bd8473\"; filename*=utf-8''7bcdfd6eda5a4050bc2e77c6a7bd8473\r\nContent-Md5: FaCi+4gU/9EmueO897elEA==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"FvZ6zTzqUvKiWC8UMYehDrl6Bacd\"\r\nLast-Modified: Wed, 01 Jul 2026 03:01:55 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg119;QNM3\r\nX-M-Reqid: He9bQLZmu\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: NhIAAAATEX8IOb4Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":87199,"size_decoded":87955,"mime_type":"image/png","magic":"PNG image data, 220 x 220, 8-bit/color RGB, non-interlaced","md5":"15a0a2fb8814ffd126b9e3bcf7b7a510","sha1":"f67acd3cea52f2a2582f143187a10eb97a05a71d","sha256":"ebfef596b5f334fd8b690b5d128e39722f2e5b0766e98cf8a47aedd280bf00c2","sha512":"c16959d38cb2367a805d6d9641a22770f3857978b5e14e6355e1d44eabd4b5e93e0b3c19b50a8e261b51028489f7d2e21a30129a1d889aaed35a6deee51097ef","ssdeep":"1536:X7KZe+rH7LAJGvAhoxSio1aD5kPSawMePeeLuFVs+V2SaodQ2z5BwI:rKZ1oXWSio1JSxMeGeLuFVs+V2s1cI","tlshash":"7a831252ee0a623f4670431836b9798cacc80276fa96edec64436320fc4f755637a757","first_seen":"2025-10-01T19:35:50.054567Z","last_seen":"2026-07-02T13:50:16.64685Z","times_seen":37,"resource_available":false,"data":null}},"time_used":3313,"timings":{"blocked":2847,"dns":0,"connect":0,"send":0,"wait":278,"receive":188,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/0e3eaaea7fd24d4b851030ddb505cb1a?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.879Z","timestamp":1783000176879,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/0e3eaaea7fd24d4b851030ddb505cb1a?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:40 GMT\r\nContent-Type: image/png\r\nContent-Length: 35136\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 15550\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"0e3eaaea7fd24d4b851030ddb505cb1a\"; filename*=utf-8''0e3eaaea7fd24d4b851030ddb505cb1a\r\nContent-Md5: UUsvah720m4kBlpq+XNy5g==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"FlvWFzlALJEZ_5OOPPXk3jxtlbQN\"\r\nLast-Modified: Tue, 19 May 2026 13:57:57 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg119;QNM3\r\nX-M-Reqid: n43w7tvQN\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: fg0AAACilR4Tb74Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":35136,"size_decoded":35892,"mime_type":"image/png","magic":"PNG image data, 179 x 179, 8-bit/color RGBA, non-interlaced","md5":"514b2f6a1ef6d26e24065a6af97372e6","sha1":"5bd61739402c9119ff938e3cf5e4de3c6d95b40d","sha256":"505d97a3a0ea3e3c4c5a968f8bd0503b899fb5e8c98adc6d7e3ec0b22f986790","sha512":"ce4a8ebb3714f081703269fc1e3b5f5eae2fc37bc8402f22faecd3d4a77aa7175f9e881fe5f4542da66e626dcd16699551194b60a007ed99a90c92f758e97781","ssdeep":"768:VdJO+xm5zNEJnkJRORTRA7I+EZIjrbXJ2V0Zvv6450sfOqSHM:nJO+M5hEJn0OR1w6I3fZvvP50sfOo","tlshash":"8bf2f1ded730319dfe04e5d44c9019658830407fbee90a62a91ea99d71bcf2ca91ea1e","first_seen":"2025-03-07T06:52:36.023119Z","last_seen":"2026-07-02T19:51:45.211167Z","times_seen":16,"resource_available":false,"data":null}},"time_used":3926,"timings":{"blocked":3617,"dns":0,"connect":0,"send":0,"wait":269,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/79115ed4b47e474cb3e4b5c467d1681a?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.733Z","timestamp":1783000176733,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/79115ed4b47e474cb3e4b5c467d1681a?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:37 GMT\r\nContent-Type: image/png\r\nContent-Length: 20510\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 53368\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"79115ed4b47e474cb3e4b5c467d1681a\"; filename*=utf-8''79115ed4b47e474cb3e4b5c467d1681a\r\nContent-Md5: GFTx9JqlBMMt4mI+HC3zwg==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"Fo7vzAco8q2nphOec5BBLXEYgDgO\"\r\nLast-Modified: Sun, 28 Jun 2026 03:26:31 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg121;QNM3\r\nX-M-Reqid: Bjy3z9MPG\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: OnYAAACagTWtTL4Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20510,"size_decoded":21266,"mime_type":"image/png","magic":"PNG image data, 250 x 167, 8-bit/color RGBA, non-interlaced","md5":"1854f1f49aa504c32de2623e1c2df3c2","sha1":"8eefcc0728f2ada7a6139e7390412d711880380e","sha256":"4d9104567f0073b9d7408fdcb234deef6d9a922f81c32cf67a1875a49c7870f5","sha512":"993b51fbac960e52634bcf9cd055bfa7656b3fa2b51cb6338ccab7eedf823dbc7b467812875eb4c78e71e45414bff0380239b6574e4d8ed50beb86008506713f","ssdeep":"384:YY6TN8/7ImzaGn7E3sXKDUEu5CDGKIbrv9wZakG8QNKocL6oai5:ZpaG7yst3+Cby+8oLcL6Xw","tlshash":"1e92c09f9696f53a684a55f730250ebeedf0334720a948120cb51d3277ecb269618b3f","first_seen":"2026-06-05T08:53:37.770549Z","last_seen":"2026-07-02T19:45:35.900885Z","times_seen":23,"resource_available":false,"data":null}},"time_used":1018,"timings":{"blocked":-1,"dns":0,"connect":245,"send":0,"wait":491,"receive":26,"ssl":256},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/bc3bba8b451d4cd8932f712385d259ae?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.894Z","timestamp":1783000176894,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /img/fb/team/bc3bba8b451d4cd8932f712385d259ae?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/40558a15eb0d44058507a776501c78df?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.904Z","timestamp":1783000176904,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /img/fb/team/40558a15eb0d44058507a776501c78df?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/gpmaster/_webp_size328x442_bbac9ff6-d09b-48f7-9e60-77639d6ba1ec.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.057Z","timestamp":1783000177057,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/gpmaster/_webp_size328x442_bbac9ff6-d09b-48f7-9e60-77639d6ba1ec.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:40 GMT\r\nContent-Type: image/webp\r\nContent-Length: 10174\r\nConnection: keep-alive\r\nEtag: \"786d2731ac4145dbdb474c2ef236dbe0\"\r\nLast-Modified: Tue, 02 Dec 2025 14:07:48 GMT\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0%2FDEiatHu2IhW8QWQhen%2F4ceK1hsP54vJ%2Fx2LOwrUThhrIdcU2T8n5%2F%2FFq9Xp3Qx47IsnNn9wNLQJY2veHGUvg1pdi8AqbcPSksAij4jo65e9kblWFfNVf6DD5on0PK2UXc1GaXdkuJ29NqYeWfM%2BuY%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nAge: 0\r\nCf-Cache-Status: HIT\r\nCF-RAY: a14e1d76ea311c66-HKG\r\nalt-svc: h3=\":443\"; ma=86400\r\nCache-Control: public, max-age=2592000, immutable, public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nServer: Nginx\r\nL-Safe: 1783000180=/HKbVSD/7vRre6xAbJ/Z8ubw9TW1k6ODWXaxTL+J+WkSwcoNzoRwe6DSIb4eclOBywGI/tjcPogehrmEOo67xkbsDokiBoI2bOwHFRdZVp30oXkqS61CSJE40xu0XKdMeLCB2NbXxnp9SpTDW52q7OAsisMFf4omgDBMFUU6Zxii2+nY5c479iFlDvqAV4EH\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282b19f2317a63cccbb\r\nX-Cache-Status: MISS\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10174,"size_decoded":11329,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"786d2731ac4145dbdb474c2ef236dbe0","sha1":"e25bf96d16a7d8c9ba8cb8977c5223823b576354","sha256":"a5582288a05ad90cab5e153a954cc868cbf69672d5811c24564ed2292638b772","sha512":"aab8876381867a1eca57b4f3b8c18c5244840ce1283a71b3387e80ea096b2c956dd8cd3461861cf6be2d063f980a1c59495aa8d3c47f1579017239ac07ecd1c3","ssdeep":"192:Oz8jXYXj6SZFy5siAvpSdg/2OwNHKThGZ0G9g1/5gqWLbG0X6YqIsyT:nXbMFy5siMSdNQh3oSe6Ye","tlshash":"1c22afa5b4ff3f61484df1f1f78ad342559a697432be475d79b5467218082988c303f2","first_seen":"2026-04-24T23:10:16.833619Z","last_seen":"2026-07-02T13:50:16.649103Z","times_seen":424,"resource_available":false,"data":null}},"time_used":3384,"timings":{"blocked":3002,"dns":0,"connect":0,"send":0,"wait":382,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/gpmaster/_webp_size328x442_ce6f5a12-ce60-4931-b7a7-3cfa94c956bf.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.066Z","timestamp":1783000177066,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/gpmaster/_webp_size328x442_ce6f5a12-ce60-4931-b7a7-3cfa94c956bf.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:40 GMT\r\nContent-Type: image/webp\r\nContent-Length: 11070\r\nConnection: keep-alive\r\nEtag: \"9d6366dada143310062f824e5f7dd46e\"\r\nLast-Modified: Tue, 02 Dec 2025 14:08:23 GMT\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=m6s%2BSDUFzErNkN0%2BBZ3bQBszidCw%2BLR5WFKaA%2FybEnRSMff9RLfgE3Nk9ODCI3yl2iLcpqitLZhSRyaAjVlGqgPTD2pky07EIHbaNcuoNrFFpZngJL%2BVsoBulwV0%2FJDLt7JZYw2VCqEy20%2BozLeArwY%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nAge: 0\r\nCf-Cache-Status: HIT\r\nCF-RAY: a14e1d78bcb78623-HKG\r\nalt-svc: h3=\":443\"; ma=86400\r\nCache-Control: public, max-age=2592000, immutable, public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nServer: Nginx\r\nL-Safe: 1783000180=/HKbVSD/7vRre6xAbJ/Z8ubw9TW1k6ODWXaxTL+J+WkSwcoNzoRwe6DSIb4eclOBywGI/tjcPogehrmEOo67xkbsDokiBoI2bOwHFRdZVp30oXkqS61CSJE40xu0XKdMeLCB2NbXxnp9SpTDW52q7OAsisMFf4omgDBMFUU6Zxii2+nY5c479iFlDvqAV4EH\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282b19f2317a766ccbd\r\nX-Cache-Status: MISS\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11070,"size_decoded":12227,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"9d6366dada143310062f824e5f7dd46e","sha1":"def0e81d351b0b1c8cec0603c0dfe6955438d059","sha256":"10b2cb9f1220e8ece8b47ee11eae49d1c947eec915c13165c241a59f1c8105e6","sha512":"afc9daaa38494954719bc7ef5f87c1bf6020e2d098b690a55d7f6ebcb26d463f6cd890941446e0c4cfc64771e8e7f74035e362c347f17818b1ec2801a2639f14","ssdeep":"192:6HWhsuhcANwPA6DmRamGZOxPCHE775EhPDR4oETR57jX:kWZhsDG8Olz75u7RsTXj","tlshash":"fa32b07de235930096a34cbecb5be3304bba629233b0b58cdc459df12597cb42e70926","first_seen":"2026-04-24T23:10:16.712242Z","last_seen":"2026-07-02T13:50:16.649732Z","times_seen":423,"resource_available":false,"data":null}},"time_used":3644,"timings":{"blocked":3321,"dns":0,"connect":0,"send":0,"wait":323,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202505/_webp_size656x844_f676ec47-4b6f-4d37-b476-fd69f2381a1a.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.098Z","timestamp":1783000177098,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202505/_webp_size656x844_f676ec47-4b6f-4d37-b476-fd69f2381a1a.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202503/_webp_size649x578_96811f47-5a2c-446d-a8ca-696df160de09.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.107Z","timestamp":1783000177107,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202503/_webp_size649x578_96811f47-5a2c-446d-a8ca-696df160de09.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/img/service.68be110a.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:34.923Z","timestamp":1783000174923,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /img/service.68be110a.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://j106y.vip/css/index-399e2569.1781011881923.a7b0b4f4.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:37 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-2991\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000177=EqBF+Bh0dVrEWopR4QSbe3gLv530Txf9gxNuWcqAwwJyFQmzoSIFPuT6Qs0RexA5gv1Yl/y9jvDjY+CtiBAxSJv82bFPDJJgMPhlRJp2cKfy77f4EN8iv+KjcXxTN6eOFQTquVNLWTDDnl+3v+CPUuvJ9zVFdpEes6xII4+OwztLzfFpjUCaTlEamp1i27kN\r\nAge: 0\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283019f23179cf1c766\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10641,"size_decoded":11369,"mime_type":"image/png","magic":"PNG image data, 112 x 112, 8-bit/color RGBA, non-interlaced","md5":"993784a38ddc1156572bfc3308055ead","sha1":"becff431867226bf323b5a6535fa383992f107eb","sha256":"abca3af980888b08c6cbd57366b3ac94344d66ea048484c4f9867e300ee8703a","sha512":"48790c6340f273a58295fc6607306353ab69d5a818569fe36ef1bffc8fff084b23d37b401e10502b830c67a5efedca56c1c9d778d6198e4069018d055f1869f0","ssdeep":"192:NdsarkpjwOOmfStcnaHtzB3l2eKD9RdfXtRqi3ln+ojjjKMGlnyL5H7nx+:nJQpjgOz9Dd0orKMGlnA5Hbs","tlshash":"8822c0c41e1be1b6d2ffa916b28543a04b3421fda1a24c342d828c04ccad56ac91f9e7","first_seen":"2023-07-01T07:21:14Z","last_seen":"2026-07-02T13:50:16.650496Z","times_seen":1758,"resource_available":false,"data":null}},"time_used":3144,"timings":{"blocked":2833,"dns":0,"connect":0,"send":0,"wait":311,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202508/_webp_size1280x294_3ce652c0-55c8-48f5-a72d-a300accd6573.jpg","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.498Z","timestamp":1783000176498,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202508/_webp_size1280x294_3ce652c0-55c8-48f5-a72d-a300accd6573.jpg HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/ca52b26ee2154c67b4a792795f2493bb?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.753Z","timestamp":1783000176753,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/ca52b26ee2154c67b4a792795f2493bb?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:37 GMT\r\nContent-Type: image/png\r\nContent-Length: 67785\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 92963\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"ca52b26ee2154c67b4a792795f2493bb\"; filename*=utf-8''ca52b26ee2154c67b4a792795f2493bb\r\nContent-Md5: +yj9bC/PXOWUXSN59Jg0bw==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"FhrKqR3w9GthTKnrnI3ekFzeVObq\"\r\nLast-Modified: Tue, 19 May 2026 13:57:57 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg121;QNM3\r\nX-M-Reqid: qnebo4DQI\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: hNwAAABykmKqKL4Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":67785,"size_decoded":68541,"mime_type":"image/png","magic":"PNG image data, 245 x 244, 8-bit/color RGBA, non-interlaced","md5":"fb28fd6c2fcf5ce5945d2379f498346f","sha1":"1acaa91df0f46b614ca9eb9c8dde905cde54e6ea","sha256":"0f745712faf28225afc496de02d2bf51e9fa2fd233623ca77eb1f27b71e41386","sha512":"5bdb8b3051449949f5911902d2477791ca762a60114f3ceceb88164e9da790500c8d4938aae7fedac5b85921c638814a39899b163571cbf9e7f37f441313e585","ssdeep":"1536:lvF9zE8gUZnTdrf9W3KptPT/8E66eSDTiEp/g0uE4ifn38cftAq0Vmwt:l99zE8gUFhf9WqB8E669DTi0o0uZC3fS","tlshash":"b863029313e0b55fe385a29e2e22e36ef03d3976fc33647c191ca8254356187a7a1167","first_seen":"2025-08-01T05:00:14.144007Z","last_seen":"2026-07-02T13:50:16.651314Z","times_seen":52,"resource_available":false,"data":null}},"time_used":1515,"timings":{"blocked":880,"dns":0,"connect":0,"send":0,"wait":307,"receive":328,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/img/SPORT.aab253e7.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.945Z","timestamp":1783000176945,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /img/SPORT.aab253e7.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:38 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-d854\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000178=rgsd0pWZBr0l5Ng5mIi2GDeTGvudQ6H9sjIO8r6cNqkJRHp69lh1vPgi97tRhC6q7YvYpiLtI+fH13Ni7zoR1wtp1uvO4un5Wk5MtbZcN/OkYbkYx5eCAUgVTLDmmsTiOjckzdOzxKOTE+4dIP9SNQ3fl1UZ1aLhtGBIiZPtL7LBzFPaQsoRNzEsnw6Yx03t\r\nAge: 0\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282b19f23179e26ccac\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":55380,"size_decoded":56118,"mime_type":"image/png","magic":"PNG image data, 582 x 307, 8-bit colormap, non-interlaced","md5":"3990a0dcf110f100c97ab413079e969e","sha1":"8087b72a149b71f4f5fc43b0f8bc07b89b621583","sha256":"6ddc189e7780b1313933d4903be9fbf6644b6a590e9aba83a6e4e50fdafb170e","sha512":"6b092584d42ec1423ecb94383907f29571e93308944813286d6e74b10f6eccb27536924220780f9a080dc259a095718a33f0757fc0adb04d737c83a6fa1647e5","ssdeep":"768:aEivx5zbZ4L0zze87wWbuKu4YIsZdCPX4ueh17yEs7NsGJSLsBQ1MDAaYHKJTbYC:aEi3eL0za8xbw4UmXI1VfJIRDYqz6W","tlshash":"bc43022944944c242384f1a6ac778dbc6dffa348a5f38f639a842bec7dcd84d95f4811","first_seen":"2023-11-10T19:12:00Z","last_seen":"2026-07-02T13:50:16.652231Z","times_seen":1691,"resource_available":false,"data":null}},"time_used":1585,"timings":{"blocked":1116,"dns":0,"connect":0,"send":0,"wait":371,"receive":98,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202506/_webp_size1164x872_0e80d399-2c93-4f64-89db-61a96d3b05e4.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.023Z","timestamp":1783000177023,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202506/_webp_size1164x872_0e80d399-2c93-4f64-89db-61a96d3b05e4.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/gpmaster/_webp_size328x442_91f2d885-8341-4928-bace-352c8c691bef.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.064Z","timestamp":1783000177064,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/gpmaster/_webp_size328x442_91f2d885-8341-4928-bace-352c8c691bef.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:40 GMT\r\nContent-Type: image/webp\r\nContent-Length: 11602\r\nConnection: keep-alive\r\nEtag: \"5b6551f12b1b84f1734c1a1990de36e3\"\r\nLast-Modified: Tue, 02 Dec 2025 14:08:32 GMT\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=V3oD4tJqP2U%2Bjjsn69zH2x6%2B7SQ%2FC2YaLsguGDtcHMrrGST3uZhve1K%2FCW2uwViYU9WcH%2FT%2F41Y8q949XnQRQ7EiC%2By745N6b0b8eZ7q7WnYeNnGuWJJjIMmTYidGiFMEHrPw9fjybkPR0kDq1eH1hw%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nAge: 0\r\nCf-Cache-Status: HIT\r\nCF-RAY: a14e1d789cddddfb-HKG\r\nalt-svc: h3=\":443\"; ma=86400\r\nCache-Control: public, max-age=2592000, immutable, public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nServer: Nginx\r\nL-Safe: 1783000180=/HKbVSD/7vRre6xAbJ/Z8ubw9TW1k6ODWXaxTL+J+WkSwcoNzoRwe6DSIb4eclOBywGI/tjcPogehrmEOo67xkbsDokiBoI2bOwHFRdZVp30oXkqS61CSJE40xu0XKdMeLCB2NbXxnp9SpTDW52q7OAsisMFf4omgDBMFUU6Zxii2+nY5c479iFlDvqAV4EH\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282e19f2317a757d00a\r\nX-Cache-Status: MISS\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11602,"size_decoded":12759,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"5b6551f12b1b84f1734c1a1990de36e3","sha1":"4a9abbac21133dee3830561cdd3803655c193744","sha256":"fdf8c30716a64d0ba082686010f70ff0347eb4bc57f861ff9ca67ef41700059c","sha512":"c02da03187076f9921fd89e31f1d92cc60c78da95d5b35e179d76d11842191eb9f52431e4a7322e0a9c5d6d54b8c484aa6dea6d6f653557818f3383300b97f61","ssdeep":"192:U9/EwHQZEoeKC69DzEtpjQM8dUNCtSyj2OG5hSutqwILUXr/mt/XqzLYKHiifMfi:4/EwwZpe4Y3MMqUN/Qlw84IL4/M/an/H","tlshash":"0f32c043a66ed2fab717ab660556d304de22e0d468553406d7ebd43a302effeb180d0b","first_seen":"2026-04-24T23:10:16.72574Z","last_seen":"2026-07-02T13:50:16.653108Z","times_seen":423,"resource_available":false,"data":null}},"time_used":3627,"timings":{"blocked":3305,"dns":0,"connect":0,"send":0,"wait":322,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202503/_webp_size649x578_b0506ddf-52e0-4b2d-8f59-16f795505312.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.074Z","timestamp":1783000177074,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202503/_webp_size649x578_b0506ddf-52e0-4b2d-8f59-16f795505312.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202508/_webp_size1298x1156_f26e0b0b-19a9-470f-90cf-ab38984671ab.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.083Z","timestamp":1783000177083,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202508/_webp_size1298x1156_f26e0b0b-19a9-470f-90cf-ab38984671ab.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/js/45540.1781011881923.25dfba7d.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:31.522Z","timestamp":1783000171522,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /js/45540.1781011881923.25dfba7d.js HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:33 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-37ff6\"\r\nCache-Control: public, max-age=31536000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000173=OxtiLSZypOd/3GpkdMh/Qlj7mb5uQpI+QPVV7J9PzMA8uZWhKnqgc7XKieUFl/zPGxZ/I8r59A54jtOqCQQLj0R67lm5E4v/ebaILwucuF/gykM2PWcBtSd8syW86mNexB+fUW/cNUUve94aIRMs8mwuw5spbkf4YYv1dDc+69iqnBZ17WtpsoSLm/w7vno+\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283719f231789d3ccfd\r\nX-Cache-Status: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":229366,"size_decoded":65835,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"7983a109fba451279f84fe7b75724983","sha1":"9487dc955240c6083cf3497e806dff89bec2061f","sha256":"80bb5c781336a9095ee3e8ae99d724f58a409c7f3c159bf0f320a9c948afe030","sha512":"ddf49f5cfb4721100ef951228391607209e248a8733d48229ff5196fd8a32fc3e759d90c1040dd591b1c0bd97ab83a1c8baaffa70fa96bbe2d556af2379478b0","ssdeep":"6144:1YD4wFsYiSGfKnCKPP6Xm9sm3MCln1OSgpozfEe5a:1YD4wFsYiSAKNH3TY5","tlshash":"e724f894f294f1be075fc1f1d23b501af35b5e6120cc9ca0d296e6942e20b49da77eac","first_seen":"2026-06-12T19:29:57.328205Z","last_seen":"2026-07-02T13:50:16.653931Z","times_seen":158,"resource_available":true,"data":null}},"time_used":1797,"timings":{"blocked":1326,"dns":0,"connect":0,"send":0,"wait":364,"receive":107,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/b89bfee9bada43d0976322b84f055f95?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.805Z","timestamp":1783000176805,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/b89bfee9bada43d0976322b84f055f95?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:38 GMT\r\nContent-Type: image/png\r\nContent-Length: 10545\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 89361\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"b89bfee9bada43d0976322b84f055f95\"; filename*=utf-8''b89bfee9bada43d0976322b84f055f95\r\nContent-Md5: 79rjVyrrMk+zOOyUDX8a1w==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"FlbpVmORes5IAFc-s4_SdMfl3QSw\"\r\nLast-Modified: Tue, 19 May 2026 13:58:01 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg121;QNM3\r\nX-M-Reqid: GFRVQl7ee\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: 4PIAAAD1IlLxK74Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10545,"size_decoded":11301,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"efdae3572aeb324fb338ec940d7f1ad7","sha1":"56e95663917ace4800573eb38fd274c7e5dd04b0","sha256":"be8135f3e1288761f51a8fa0ccc9ab88f4d23ca0ac2768bd6864836dcac7b79a","sha512":"b566484ec1bf6a3c9c2163d0d91cfe87ee27379622a0681230febc442d9ecfbc5d305ba53b042d1f52714b2505b32043fe1001b9ee41ab7583f0eca9cd2e4101","ssdeep":"192:gMwBWv0Jn36bh2nHql3E4/jjXZF2xvXN0v9gqzfZFfbamea:gMwKc6bh2Hql04//6Mv9LZFfbamea","tlshash":"ca22be8afff9fed979a538d5bf1d7e760e10e689b820d4c8431f6e40d61830244693a5","first_seen":"2026-06-12T12:44:02.365989Z","last_seen":"2026-07-02T13:50:16.654807Z","times_seen":29,"resource_available":false,"data":null}},"time_used":2144,"timings":{"blocked":1859,"dns":0,"connect":0,"send":0,"wait":285,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/api/sport/match/player/match","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.916Z","timestamp":1783000176916,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /api/sport/match/player/match HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nx-request-source: https://j106y.vip\r\nXign: g8WqCC9kLPf24W5Cm37HNCw94w/ad5SxZXV6xZwBz75obYezNqrelP9H97uXpH9AC3GlBI6r5ycRbvpeVYGj3rYITUEu3IcQymEHfUaYdZfbrUPxs9E2SgKTTo0jCNF5llFdhbNWfTSp74d0MeQd82+g7Uegcadb550jXeJC7ZY=\r\ntimestamp: 1783000176757\r\nsign: 7m713m5hf39272gc\r\nversion: 5.6.12.0\r\nclient-type: web\r\ndevice-id: wtZjiNmmYm4mYBwpzNKrht4ssYykCjyC\r\nlang: zh-CN\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:37 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCache-Control: no-cache, no-store, max-age=0\r\ncontent-encoding: gzip\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nServer: Nginx\r\nL-Safe: 1783000177=EqBF+Bh0dVrEWopR4QSbe3gLv530Txf9gxNuWcqAwwJyFQmzoSIFPuT6Qs0RexA5gv1Yl/y9jvDjY+CtiBAxSJv82bFPDJJgMPhlRJp2cKfy77f4EN8iv+KjcXxTN6eOFQTquVNLWTDDnl+3v+CPUuvJ9zVFdpEes6xII4+OwztLzfFpjUCaTlEamp1i27kN\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282b19f231799a2cca3\r\nX-Cache-Status: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":60,"size_decoded":688,"mime_type":"application/json","magic":"JSON text data","md5":"ad1b5cbc37e087c212a41eca07a863ae","sha1":"f990fb40077ca4c90bbde8ffb87c73e1c06fd931","sha256":"0fca88eefe8bb5f59242b88e2b8b179148a088b4cde3499e1c56fef8c84c309a","sha512":"fe056eef22791a958cc37f63c1cc4b3f35bd990c34d1d321f34504b7b99769b571fe46cf18ede31f7ca0e564baf63aaca9d4f3601395bd7a3ce424e50a2aaf87","ssdeep":"","tlshash":"56a002473a282ea49bc31066b50e7a5500a421749a55f469cc8e623dc755453b546531","first_seen":"2024-05-26T00:49:06Z","last_seen":"2026-07-02T13:50:16.655557Z","times_seen":1817,"resource_available":false,"data":null}},"time_used":346,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":346,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/kc523-1/noData/cms_noimg.png?1781011825626","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.935Z","timestamp":1783000176935,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /kc523-1/noData/cms_noimg.png?1781011825626 HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:38 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 30 Sep 2025 12:19:27 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68dbcacf-269a\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000178=rgsd0pWZBr0l5Ng5mIi2GDeTGvudQ6H9sjIO8r6cNqkJRHp69lh1vPgi97tRhC6q7YvYpiLtI+fH13Ni7zoR1wtp1uvO4un5Wk5MtbZcN/OkYbkYx5eCAUgVTLDmmsTiOjckzdOzxKOTE+4dIP9SNQ3fl1UZ1aLhtGBIiZPtL7LBzFPaQsoRNzEsnw6Yx03t\r\nAge: 0\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283019f2317a0dcc76c\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9882,"size_decoded":4610,"mime_type":"image/png","magic":"PNG image data, 1920 x 700, 8-bit/color RGBA, non-interlaced","md5":"85e60fd8767b18839ffb552a5d543f8a","sha1":"341cfd68a5b39cb246af6ade1e3171c857d2df5a","sha256":"4b7ad68306ffac25830d1016ba86154890deef8bd77a03257b767b37de1c8338","sha512":"785f028aab80d3f96794431f84025483f490d7d642022404a7b14ccb4785aa52fe4a21048d44acda3bd160eedeaccfb4959a677986dfe47ef038d80724f2acb2","ssdeep":"96:74iGykVWI7TGvGJUgTFSebsBzYofEC16+TqBK7R7LWKaR8a8D7uZNgAMXFL73:74iyHunEFSebsvP1nTP7IF2uAAMX5","tlshash":"141259118573d43cd82ce57926df6fb93b709f996890476e8328e7342f2a2f78d60848","first_seen":"2023-05-01T09:33:58Z","last_seen":"2026-07-02T19:51:45.187115Z","times_seen":2562,"resource_available":false,"data":null}},"time_used":2132,"timings":{"blocked":1824,"dns":0,"connect":0,"send":0,"wait":308,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/js/index-a3dad144.1781011881923.1093b11d.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:31.527Z","timestamp":1783000171527,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /js/index-a3dad144.1781011881923.1093b11d.js HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:33 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-570e8\"\r\nCache-Control: public, max-age=31536000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000173=OxtiLSZypOd/3GpkdMh/Qlj7mb5uQpI+QPVV7J9PzMA8uZWhKnqgc7XKieUFl/zPGxZ/I8r59A54jtOqCQQLj0R67lm5E4v/ebaILwucuF/gykM2PWcBtSd8syW86mNexB+fUW/cNUUve94aIRMs8mwuw5spbkf4YYv1dDc+69iqnBZ17WtpsoSLm/w7vno+\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283019f23178af4c75c\r\nX-Cache-Status: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":356584,"size_decoded":117591,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (64562), with no line terminators","md5":"0fc0f4a0379e369b442d93ffb72561fd","sha1":"497d95fced30bab2efe9ad3a561c35cd40ad5e9c","sha256":"da926a537d946d3158d41a8531082a740aec7a6a4e3b98599d35546182f20806","sha512":"ef5664991d7fb472281b2696b3b25a322bf51f9bcbccf2043f77fdb67ca9a84d90b893029e93bedea935724bbc4b58a77154b35ac40b15f8e691b539cc3102e3","ssdeep":"6144:LrbhFOufhu/LHEY/T8CPis7lVV4YlRlNsmq9D7:3zBw/LHEY/TBas7lVVhsp9X","tlshash":"ed742b90f76ce1bd875e55ff7a329094902c1b41b0c89e58d29e2944fe6b385eeb04bc","first_seen":"2026-06-12T19:29:57.253128Z","last_seen":"2026-07-02T13:50:16.656978Z","times_seen":148,"resource_available":true,"data":null}},"time_used":2384,"timings":{"blocked":1622,"dns":0,"connect":0,"send":0,"wait":378,"receive":384,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/js/65246.1781011881923.03480a32.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:34.888Z","timestamp":1783000174888,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /js/65246.1781011881923.03480a32.js HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:35 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-11ec7\"\r\nCache-Control: public, max-age=31536000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000175=ou+1S2ys1bA+xDtGhRhEUsQUTlT6EfDUgxJlzi8nHWtVGx673ZMWeXxY+kUixE3mpGtiyAwglSJwaVzfevidH/0RRvYZj9t/HShIGZs1YJLGAfjXokQt4XscbFj/gGjtz1M9z68Ad+uekUFXcT8ChCxW2B8SbrGDBiFEOHfN/3V1oEWZi9/dc5qNyNbdYO4f\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283719f23179385cd01\r\nX-Cache-Status: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":73415,"size_decoded":19758,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (48666)","md5":"b98dafd31fe547add2f96acf9bea9922","sha1":"e63706f4b83ed72ce8a0ffee74c7d606968bd280","sha256":"92014e9ab9f7e62a6651d0a69b63f69a84ed58e15ee5dd8e287d46b28fe610cc","sha512":"a676475f44bd6ec6ab9e7421deb8c29430404be3852f96d012418d03e9135d3ec450ee58b4871a4f8ed2a053656c9a9a6523853d6238d701144d9b72c6df8ab8","ssdeep":"1536:f2+iDvYvNjx4Uyao0L8oDNzAuMMsTAQ0mqt2pXYzA4dANVO:e+iDYvPo0L8oZzAuMMsTA7mqt9zA4dAO","tlshash":"a673a501f78272385fa7e290220f2026e16e191505ac5ed8f179ffb93ef0954aa7d7b4","first_seen":"2026-06-12T19:29:57.345997Z","last_seen":"2026-07-02T13:50:16.657734Z","times_seen":137,"resource_available":true,"data":null}},"time_used":818,"timings":{"blocked":465,"dns":0,"connect":0,"send":0,"wait":343,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/kc523-1/sponsor/sponsor_nav_web_2.png?1781011825626","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:34.902Z","timestamp":1783000174902,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /kc523-1/sponsor/sponsor_nav_web_2.png?1781011825626 HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/ecb/8f83064249b06e0660afdb30b60772fdcdfbb3036fb467600d10b16d76dc640e","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:35.947Z","timestamp":1783000175947,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /ecb/8f83064249b06e0660afdb30b60772fdcdfbb3036fb467600d10b16d76dc640e HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nContent-Type: application/x-www-form-urlencoded\r\nx-request-source: https://j106y.vip\r\nXign: I3WMsxgBufIYW0EfGIksnyFvCmk4bgxvqHdx2B1mfyk3hdz/ixKC00RMFjUq1/m0qTUp1GuEDiftewuG30pBTxSoWL4+NziRvbg2k8zzqdwxuD1W//+HqiQ9Kau6kkTnvaOPHjU0fX+Q8ML2ZmjFZCK1t5vWPe5yQlKlR632e0Y=\r\ntimestamp: 1783000175932\r\nsign: 1b5b5e2p47k2e2mf\r\nversion: 5.6.12.0\r\nclient-type: web\r\ndevice-id: wtZjiNmmYm4mYBwpzNKrht4ssYykCjyC\r\nlang: zh-CN\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:36 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nExpires: Thu, 02 Jul 2026 13:59:36 GMT\r\nCache-Control: public, max-age=600, s-maxage=600, must-revalidate, stale-while-revalidate=30\r\nX-XSS-Protection: 1; mode=block\r\nX-Request-ID: 8030c81cb446475181d624e4964df80d\r\nPragma: public\r\nX-Content-Type-Options: nosniff\r\nStrict-Transport-Security: max-age=63072000; includeSubdomains; preload\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true, true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000176=NdFBkxXc2aBuloZavKUBNjKtLnFCMcJ7RWx+tgtmSmceEy/OZPV6RefCdc30KPcfeVDI36FETqNEwf5TswFffXfgYhDudGSbB7xHa4WI15N4GY5d4tS34h8zc+0+b2VX7WRkQOSrwF8QRMiWISfiBhc1iArFZfopyF5UhnQetX8GyWkheDnQDv+qB1PtbJmJ\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282e19f23179785cffe\r\nX-Cache-Status: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4994,"size_decoded":6027,"mime_type":"application/json","magic":"data","md5":"0782856977a38f8ab937973cd8da230b","sha1":"d460025696add03e609b2c7fc643bbc6c6405924","sha256":"c71a50002275050d6245bb050652e41faed25b5be3753978bd5f7a1c49c09ea9","sha512":"3d9a1033a00675e62ce106574a9f28d083b99821a1e7e2d1f3b5595d6adcff3ab3cc27332a18c32938e0d28cd5b3ec14e30964d0f685af907ea84cecf7e6a2a2","ssdeep":"192:VeAeYfHEMp+bRSs25rEOWBGF4K2zz+UHXO/TpSczMoobS:x1fHERuN60Mz60ITp5zR0S","tlshash":"5ef1af6122e2f7808999d3fd2a2116a85049c719f5c7b734c22a91bf4167c7a47add60","first_seen":"2026-07-02T13:50:16.658424Z","last_seen":"2026-07-02T13:50:16.658424Z","times_seen":1,"resource_available":false,"data":null}},"time_used":724,"timings":{"blocked":422,"dns":0,"connect":0,"send":0,"wait":302,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/28db6a557f374b3ebbdba81f169d7cca?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.797Z","timestamp":1783000176797,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/28db6a557f374b3ebbdba81f169d7cca?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:38 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 10814\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 78334\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"28db6a557f374b3ebbdba81f169d7cca\"; filename*=utf-8''28db6a557f374b3ebbdba81f169d7cca\r\nContent-Md5: 8f8LHu5ntNsLkf1Gh13nVw==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"FiJeP9aGk1zJ13lcWD4qzWEq5tnV\"\r\nLast-Modified: Sat, 11 Apr 2026 19:32:52 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg119;QNM3\r\nX-M-Reqid: y3GIiZaww\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: wjIAAAAhkZv4Nb4Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10814,"size_decoded":11571,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"f1ff0b1eee67b4db0b91fd46875de757","sha1":"225e3fd686935cc9d7795c583e2acd612ae6d9d5","sha256":"5289c5cd6ffe695d2359c36b498444bcbaa466c75a4ee9b31b97bac2724200e0","sha512":"bbbdfa76b061341063c48ba8bc0a10e32db83857dbb0ac02f3fc11d473deb6397156c10eb41fb018ffe75fbfd56e0058d077fa44c6268a700d2e798f9ebb0976","ssdeep":"192:EVj1wyQxRmTyTIZ1o9AjMEVwkHgUXktsZJor+JZ5M0TxwzVx6K8Gl5G:CwxRGyTCGSHkOLJrpTixh5G","tlshash":"0722c0d72963f51ad078f7ff5126283bfb4abc126e7046369d4049738a09742be0c6a3","first_seen":"2026-01-24T15:18:57.161731Z","last_seen":"2026-07-02T13:50:16.660615Z","times_seen":31,"resource_available":false,"data":null}},"time_used":2034,"timings":{"blocked":1502,"dns":0,"connect":0,"send":0,"wait":532,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202508/_webp_size1298x1156_de72e240-4300-48d6-8f6e-b9cb363e7924.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.092Z","timestamp":1783000177092,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202508/_webp_size1298x1156_de72e240-4300-48d6-8f6e-b9cb363e7924.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/fonts/DINPro.9ee75b04.ttf","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:34.975Z","timestamp":1783000174975,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /fonts/DINPro.9ee75b04.ttf HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://j106y.vip/css/46431.1781011881923.bc5df1d1.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:35 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 119892\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:10 GMT\r\nETag: \"6a281706-1d454\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nServer: Nginx\r\nL-Safe: 1783000175=ou+1S2ys1bA+xDtGhRhEUsQUTlT6EfDUgxJlzi8nHWtVGx673ZMWeXxY+kUixE3mpGtiyAwglSJwaVzfevidH/0RRvYZj9t/HShIGZs1YJLGAfjXokQt4XscbFj/gGjtz1M9z68Ad+uekUFXcT8ChCxW2B8SbrGDBiFEOHfN/3V1oEWZi9/dc5qNyNbdYO4f\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282b19f23179394cc98\r\nX-Cache-Status: BYPASS\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":119892,"size_decoded":120571,"mime_type":"application/octet-stream","magic":"TrueType Font data, 10 tables, 1st \"OS/2\", 30 names, Macintosh, 2005 Albert-Jan Pool published by FSI FontShop International GmbHDIN Pro RegularRegularAlbert-Ja","md5":"028cefac160ed3b006f47106fbc68d1c","sha1":"efcecac09684435facd7397e4f6163a5069802c2","sha256":"fb841a09a82787982ad1774bdeb45e8e06ff4909161a9ce33fd42f8822c5ddc3","sha512":"3a5a284d0c4da6593b857ba785a4ba7d5f2e2b73d22a2ef25435b9558063d2486228d76a3cd5d3a59b5abe4c0da696a75373111b3569a94a9dea1516cf16091f","ssdeep":"3072:YhtN/CZnt1tbtKtHtFNgz1QZt0tbt2ktwtNstAtqNaEctWpy8TLtsIb66AUeo:YhtNGnt1tbtKtHt7t0tbtxtwtNstAtqV","tlshash":"5ac308c153e8fa4ad83996388511c7434226ff2de65d4f36ffd94d8c688e8e9064e6e0","first_seen":"2023-05-08T18:58:40Z","last_seen":"2026-07-02T19:05:45.472305Z","times_seen":4295,"resource_available":false,"data":null}},"time_used":940,"timings":{"blocked":389,"dns":0,"connect":0,"send":0,"wait":333,"receive":218,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202508/_webp_size1884x434_f0600e57-43d6-4af4-8f1c-08ad10ecab8d.jpg","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.489Z","timestamp":1783000176489,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202508/_webp_size1884x434_f0600e57-43d6-4af4-8f1c-08ad10ecab8d.jpg HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:36 GMT\r\nContent-Type: image/webp\r\nContent-Length: 35520\r\nConnection: keep-alive\r\nEtag: \"cd3987864cb3f095323f43e0248e2180\"\r\nLast-Modified: Wed, 10 Dec 2025 10:48:07 GMT\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NCN%2FWciDjUAFXd7eZ4N2uUcYvERkOvVlZtaI9G0AnhnPOTu6EpHky1ZRb47xN8ivAemXBKcTLCAAyD8qPDqpx2MocknfCJ9K%2B1M7ZrrSQ3I15d8p4KSDFJyrtnH7CaEeSyYCZ1rXtnvLi%2BhaCZM2mrg%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nAge: 10237\r\nCf-Cache-Status: HIT\r\nCF-RAY: a14e1d61ac3e03d7-HKG\r\nalt-svc: h3=\":443\"; ma=86400\r\nCache-Control: public, max-age=2592000, immutable, public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nServer: Nginx\r\nL-Safe: 1783000176=NdFBkxXc2aBuloZavKUBNjKtLnFCMcJ7RWx+tgtmSmceEy/OZPV6RefCdc30KPcfeVDI36FETqNEwf5TswFffXfgYhDudGSbB7xHa4WI15N4GY5d4tS34h8zc+0+b2VX7WRkQOSrwF8QRMiWISfiBhc1iArFZfopyF5UhnQetX8GyWkheDnQDv+qB1PtbJmJ\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283619f231797f8c606\r\nX-Cache-Status: BYPASS\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":35520,"size_decoded":36675,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1884x434, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"cd3987864cb3f095323f43e0248e2180","sha1":"57b2593c8fb12efd02723c4297cc32c426e77017","sha256":"f86c999282c8cc66a7a94042d0d117be0e025906c4bd5647298e312a2c309ca9","sha512":"ba70094c63b1d4360f2ade43b4a26c9b412fe366e805223c019a6b1418e656067f54a94daf0eed2e9fac0fce3623ef9c0dac9cf092d6503388d9400146a25f25","ssdeep":"768:S4wSvosDYmjc1AHEBOLMSkdFqvZa6Hfj/9q3uTOdbXjzZBniHc9QjK:SytDYAkByMZPqvg6Hfj/9FTSXjfiH0Qe","tlshash":"bcf2f20a3c565b1f01ff3414b7028a68004b264c603face2cd99b8ce5dbf94d859e556","first_seen":"2026-04-24T23:10:16.816486Z","last_seen":"2026-07-02T13:50:16.662554Z","times_seen":438,"resource_available":false,"data":null}},"time_used":651,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":611,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/48d7be79ad28452bbc9d398f285a8696?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.830Z","timestamp":1783000176830,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /img/fb/team/48d7be79ad28452bbc9d398f285a8696?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/9dd9cd6d51294a3ca6c2df039d594ef0?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.881Z","timestamp":1783000176881,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/9dd9cd6d51294a3ca6c2df039d594ef0?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:40 GMT\r\nContent-Type: image/png\r\nContent-Length: 9407\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 15550\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"9dd9cd6d51294a3ca6c2df039d594ef0\"; filename*=utf-8''9dd9cd6d51294a3ca6c2df039d594ef0\r\nContent-Md5: GFRxCT4kel17/a0FsST41A==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"Fvka8N917SCAdxg_xNDokD2miR5U\"\r\nLast-Modified: Tue, 19 May 2026 13:57:57 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg119;QNM3\r\nX-M-Reqid: Pq9HJ9b66\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: 9vEAAABcryITb74Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9407,"size_decoded":10162,"mime_type":"image/png","magic":"PNG image data, 203 x 203, 8-bit colormap, non-interlaced","md5":"185471093e247a5d7bfdad05b124f8d4","sha1":"f91af0df75ed208077183fc4d0e8903da6891e54","sha256":"57d7c471951ccf7d0d4cd3ed30122dac83f1d052e39dacacaee3e71117875547","sha512":"44d73d8f67e3739e7157aaa2524f6b89d0556d3d749ca4816128c2e57898f58ecb0494dcce60811dbf735c7244c2e6544716ddcc1dd95f8fa81b6f4aa538941b","ssdeep":"192:X50eHdyqNrxMqnoAcJfzbQ4RLKhmswK8buOKy:9HFxqxbQALKca4uOn","tlshash":"f812a0ebdc921941f9167cd252b5002490dd60902ec994ba77fdf432dc6858741f68ef","first_seen":"2025-04-15T05:18:26.173983Z","last_seen":"2026-07-02T19:51:45.126752Z","times_seen":10,"resource_available":false,"data":null}},"time_used":3926,"timings":{"blocked":3669,"dns":0,"connect":0,"send":0,"wait":257,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/009ff267a16a4a53a7669d6067d19497?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.882Z","timestamp":1783000176882,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/009ff267a16a4a53a7669d6067d19497?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:40 GMT\r\nContent-Type: image/png\r\nContent-Length: 9307\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 13779\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"009ff267a16a4a53a7669d6067d19497\"; filename*=utf-8''009ff267a16a4a53a7669d6067d19497\r\nContent-Md5: t4jK1FYwdvx4P8Tzx+NKlg==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"FispB0dgkfzMv0F2EHDOfXbQKxVV\"\r\nLast-Modified: Sat, 23 May 2026 16:13:46 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg121;QNM3\r\nX-M-Reqid: 1QJDcyr1o\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: KuwAAABhSpCvcL4Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9307,"size_decoded":10062,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced","md5":"b788cad4563076fc783fc4f3c7e34a96","sha1":"2b2907476091fcccbf41761070ce7d76d02b1555","sha256":"a5f8136a702ea362e7133ef202fda389176206abcca988ef93ca2b7752c77541","sha512":"7aa7cea8adaf70e74b4b023d4c8daa4a5e1825d6fb5cb2014c245b5f7770f2d5afdafa47d110e93df659e208703ac880529010e05ff450fa5de6d57cf13e5c8a","ssdeep":"192:PjcCfv/rXDvNBqi/5fnTTDU2BPwFGNW0hgx/UOzktQu:PJHvNtBfT0A4FGK/Bz3u","tlshash":"6912aeee87513d314f4eda0b92e52520eaa4c02a07bb524e149b6fce0ebdcd529f25d1","first_seen":"2024-08-19T19:29:43.542548Z","last_seen":"2026-07-02T19:51:45.167898Z","times_seen":15,"resource_available":false,"data":null}},"time_used":3990,"timings":{"blocked":3715,"dns":0,"connect":0,"send":0,"wait":275,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202508/_webp_size1298x1156_aa2a4724-288d-4252-82c6-453d0458d8c1.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.090Z","timestamp":1783000177090,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202508/_webp_size1298x1156_aa2a4724-288d-4252-82c6-453d0458d8c1.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202603/_webp_size1080x1196_b15d1708-bfce-458e-bd99-5bc1134b7122.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.150Z","timestamp":1783000177150,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202603/_webp_size1080x1196_b15d1708-bfce-458e-bd99-5bc1134b7122.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/50ab760477514d4fb00cf5e2841cd2d6?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.827Z","timestamp":1783000176827,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /img/fb/team/50ab760477514d4fb00cf5e2841cd2d6?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/bd9e4b342002471d98305bb3bd9e18a9?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.892Z","timestamp":1783000176892,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /img/fb/team/bd9e4b342002471d98305bb3bd9e18a9?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/bucketimg/cc0812c4-2802-41c7-8bd9-a4c28c15eb86.gif","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.939Z","timestamp":1783000176939,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/bucketimg/cc0812c4-2802-41c7-8bd9-a4c28c15eb86.gif HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:38 GMT\r\nContent-Type: image/gif\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nEtag: W/\"b7ad12fe390d68c88df2db78219cab9c\"\r\nLast-Modified: Wed, 28 Aug 2024 20:04:41 GMT\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ysL%2F97QPxyJvCtOf1eREyArCJWDG9uWAbzNBBbbBAlAYZx8Zhc4NXKtqzjygguw6zsE4PsehjeUODur788zR9FETLadQ%2FgZ8Qm%2FMKvoNR0Tih1%2BWBU10XPZ14rRo51jt3x4Yu5eJ3Ab%2FNZ%2FBxHWHvsY%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nAge: 0\r\nCf-Cache-Status: HIT\r\nCF-RAY: a14e1d69fc2208b4-HKG\r\nalt-svc: h3=\":443\"; ma=86400\r\nCache-Control: public, max-age=2592000, immutable, public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000178=rgsd0pWZBr0l5Ng5mIi2GDeTGvudQ6H9sjIO8r6cNqkJRHp69lh1vPgi97tRhC6q7YvYpiLtI+fH13Ni7zoR1wtp1uvO4un5Wk5MtbZcN/OkYbkYx5eCAUgVTLDmmsTiOjckzdOzxKOTE+4dIP9SNQ3fl1UZ1aLhtGBIiZPtL7LBzFPaQsoRNzEsnw6Yx03t\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282e19f23179e23d003\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":302697,"size_decoded":301145,"mime_type":"image/gif","magic":"GIF image data, version 89a, 200 x 200","md5":"b7ad12fe390d68c88df2db78219cab9c","sha1":"078960add6b85bc7199d3cc2de4714ff0e3a24ef","sha256":"a596d3cbec189f8c534cd58299ed7a13e56e515d14be3129984b219461d83612","sha512":"b15aee2efafb21410b7b89c4269f59cb86bafcff8b1f2238ed24c61b0f13959a15355005ff7eb645d8d182f02afe48c8867bf6e22d5d5a401a36dfbf86f7e162","ssdeep":"6144:fBOLj+QpSwjHvIJFo5AWMAUoGwhw2gWcXFyZNDyfIJmFvF:fQLj1pPjHv1nlwIhcXw/8IJ+","tlshash":"66542397426ccc571c4da579e80e3f1ea706556cfd119e3b50c5c4c23928a6dbcb0aeb","first_seen":"2025-07-30T05:00:30.953127Z","last_seen":"2026-07-02T13:50:16.665305Z","times_seen":141,"resource_available":false,"data":null}},"time_used":1611,"timings":{"blocked":1127,"dns":0,"connect":0,"send":0,"wait":361,"receive":123,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202503/_webp_size649x578_2a74177b-d024-4ea3-8b58-fce53f91051b.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.070Z","timestamp":1783000177070,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202503/_webp_size649x578_2a74177b-d024-4ea3-8b58-fce53f91051b.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:40 GMT\r\nContent-Type: image/webp\r\nContent-Length: 65510\r\nConnection: keep-alive\r\nEtag: \"1841972db1eb6b1b08f2b8849b98ffad\"\r\nLast-Modified: Sat, 06 Dec 2025 06:23:06 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nAge: 0\r\nCf-Cache-Status: HIT\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LosglreoPA%2B1UHcg9WDYtNM8JXYogpltjnZSwVjkRa23spUUYGxaoaWXKplO08r84HbCVMucPzSbOoOc2VQyzKZmEWAMg7LctDHrozNChBA7mI4wK3CGnM1yxgM9lwK0EyHJ%2BzwjfTw0zEN0CqcXvQE%3D\"}]}\r\nCF-RAY: a14e1d793a50b4c7-HKG\r\nalt-svc: h3=\":443\"; ma=86400\r\nCache-Control: public, max-age=2592000, immutable, public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nServer: Nginx\r\nL-Safe: 1783000180=/HKbVSD/7vRre6xAbJ/Z8ubw9TW1k6ODWXaxTL+J+WkSwcoNzoRwe6DSIb4eclOBywGI/tjcPogehrmEOo67xkbsDokiBoI2bOwHFRdZVp30oXkqS61CSJE40xu0XKdMeLCB2NbXxnp9SpTDW52q7OAsisMFf4omgDBMFUU6Zxii2+nY5c479iFlDvqAV4EH\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282b19f2317a7aeccbe\r\nX-Cache-Status: MISS\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":65510,"size_decoded":66657,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"1841972db1eb6b1b08f2b8849b98ffad","sha1":"6194c3f706be3f6aa4cf9042d0cc4b9c2a77a1a4","sha256":"0b162dd98f34fc830303fa40c47a002b14c2b6f4947a7378247db3c924bb7fac","sha512":"e9fb0eff09d46b3c88de962b1d6a020fd55f98d777e56ee4a0ac8aa615d14faa3d95de3ac35a92451ef4be5c8141532327b97c6fa95d5090aa61847b2b24d370","ssdeep":"1536:HsAMZEDXiepWzfRKc7nC3BQkbf9ptwv+AOtedy3JMw:HsAMZwMrC3BVTtAy3iw","tlshash":"5a5302765eef65629bf42eeb0331c6856fcb5a10803814b83059e1e5ee85c29f61d372","first_seen":"2026-04-24T23:10:16.852267Z","last_seen":"2026-07-02T13:50:16.66623Z","times_seen":425,"resource_available":false,"data":null}},"time_used":3743,"timings":{"blocked":3384,"dns":0,"connect":0,"send":0,"wait":341,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202503/_webp_size649x578_6ba5f6e7-0a03-42b1-aae6-3de33d838c71.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.076Z","timestamp":1783000177076,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202503/_webp_size649x578_6ba5f6e7-0a03-42b1-aae6-3de33d838c71.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:40 GMT\r\nContent-Type: image/webp\r\nContent-Length: 72698\r\nConnection: keep-alive\r\nEtag: \"8173a97e42cbe83253f569868015813a\"\r\nLast-Modified: Sat, 06 Dec 2025 06:22:44 GMT\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=s3jTMfnYjulZa2RyR5xa8eeyK7i%2FieR2igGGehM8lqQDHuEyJgyVcfWxNN56kJmi22I8ruEq4f37uQUxaa3cqvThjL5BR%2BjOTl2Rnf3dq5RPzH%2FEszFRLmUSdebwBVsZDv6RV4lyl9Lqu0aV%2BhLTrzQ%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nAge: 0\r\nCf-Cache-Status: HIT\r\nCF-RAY: a14e1d7a9a28dd5d-HKG\r\nalt-svc: h3=\":443\"; ma=86400\r\nCache-Control: public, max-age=2592000, immutable, public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nServer: Nginx\r\nL-Safe: 1783000180=/HKbVSD/7vRre6xAbJ/Z8ubw9TW1k6ODWXaxTL+J+WkSwcoNzoRwe6DSIb4eclOBywGI/tjcPogehrmEOo67xkbsDokiBoI2bOwHFRdZVp30oXkqS61CSJE40xu0XKdMeLCB2NbXxnp9SpTDW52q7OAsisMFf4omgDBMFUU6Zxii2+nY5c479iFlDvqAV4EH\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282e19f2317a895d00c\r\nX-Cache-Status: MISS\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":72698,"size_decoded":73849,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"8173a97e42cbe83253f569868015813a","sha1":"42ea560648d24b5b2f7a2707de2db0bdebc8f41e","sha256":"b6bf9777cb024d6afd79cdfab403bf54676a54ea6065abf0e8d02344a42bf8fd","sha512":"619c7b0a75af0e07e0929b087fda0183eae617910500da47727ff8b6d29e6dc98846c2e19a1fbe6d042c648c32aa24db9e0cd047a55f7256ca565e66376edaa8","ssdeep":"1536:ZYxIgPfY+3lbLKrfSQK0ds+ePjygtx4Ifql:Z0vfY+3lKrq4ds+QJtx2l","tlshash":"3663020b5a1dc95a0ae20441673a5bdeecc72324e27535c5a075fcbffad3f75414281a","first_seen":"2026-04-24T23:10:16.700652Z","last_seen":"2026-07-02T13:50:16.668069Z","times_seen":407,"resource_available":false,"data":null}},"time_used":3986,"timings":{"blocked":3627,"dns":0,"connect":0,"send":0,"wait":337,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/css/46431.1781011881923.bc5df1d1.css","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:31.511Z","timestamp":1783000171511,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /css/46431.1781011881923.bc5df1d1.css HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:32 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-552d2\"\r\nCache-Control: public, max-age=31536000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000172=HjX/wKANgSgk7bf4ruTlq+LWjZ5tlyE8jm2EEJGuE4mheqVYNrZ//oApmuDjLa5keWF0IBTGmCbND7j+yf4a4ICt6FJFD26xI/UFMj6uUnqti0kaCFRix+Q3KWwNu23VovzGZBKgfgLL89YMXfilGqREPmpygQxY5P+q0KHtzcZEl6CjmvhH/Y6eByFT6wyv\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282b19f231786d9cc8d\r\nX-Cache-Status: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":348882,"size_decoded":87418,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"93f90e3733fc4af32a4ef4b34416c531","sha1":"bbe0b8f50268073f57565c76a1ac45b46f6c668e","sha256":"ce07d563179018eb4ccfcaf005a871d6baee3ad2ac4400e6e4768a2d35c5aa1e","sha512":"664e0ea56bcf02d80d7e148c8c999493c6501c5b8b6138fb0c5a05c0c0a9c3b5facac9d711aa2ce216eb335328be867456dbbbb2864f99531faffa5fb74eaade","ssdeep":"6144:z4+4r0H8Tu4+4r5cRlGuEQUQ929srbnpTP4T:z4+4ZTu4+4yaT","tlshash":"b774fa6caf1030ae15a7cb27b660f5199c36a443f9bfde9af3e53d580789a510623c13","first_seen":"2026-05-09T01:34:22.507922Z","last_seen":"2026-07-02T13:50:16.669541Z","times_seen":207,"resource_available":false,"data":null}},"time_used":1646,"timings":{"blocked":-1,"dns":0,"connect":290,"send":0,"wait":435,"receive":614,"ssl":305},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/img/sports.60212fd6.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:34.910Z","timestamp":1783000174910,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /img/sports.60212fd6.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:35 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-1c734\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000175=ou+1S2ys1bA+xDtGhRhEUsQUTlT6EfDUgxJlzi8nHWtVGx673ZMWeXxY+kUixE3mpGtiyAwglSJwaVzfevidH/0RRvYZj9t/HShIGZs1YJLGAfjXokQt4XscbFj/gGjtz1M9z68Ad+uekUFXcT8ChCxW2B8SbrGDBiFEOHfN/3V1oEWZi9/dc5qNyNbdYO4f\r\nAge: 0\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283019f231794ddc75f\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":116532,"size_decoded":117108,"mime_type":"image/png","magic":"PNG image data, 666 x 541, 8-bit colormap, non-interlaced","md5":"fc82aa907334f929011fc2a6ec906f55","sha1":"f76bd75b9d1235807c70c7d763a1865d7c3f8d4e","sha256":"2ae1d61176960d7ddfddcb30a69d22b9da893687370d8cd26f4917d129a1bf3b","sha512":"12ef7a828d7d4228596b0db0ad77b200e8ffcfe2457d12821a4e9778b62668ebeef075c2bc79076e36291e3015afbfe276a2ca230ead018b38e2d3fd803dd31f","ssdeep":"3072:/ZEgiWqpGRwEyiwX0wgOZzbKoSxNiSvrUeO4h:/ZLf/R2iVwgAKoSPiSvVOy","tlshash":"76b3021c79775a2083c6bcb40b583aeae09b3dc19d169808d68b7791993df43c970bed","first_seen":"2023-11-10T19:12:00Z","last_seen":"2026-07-02T13:50:16.670975Z","times_seen":1843,"resource_available":false,"data":null}},"time_used":1128,"timings":{"blocked":780,"dns":0,"connect":0,"send":0,"wait":314,"receive":34,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/img/bj3.a7dbd558.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:34.917Z","timestamp":1783000174917,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /img/bj3.a7dbd558.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://j106y.vip/css/home.1781011881923.38488e2a.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:36 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-16cb\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000176=NdFBkxXc2aBuloZavKUBNjKtLnFCMcJ7RWx+tgtmSmceEy/OZPV6RefCdc30KPcfeVDI36FETqNEwf5TswFffXfgYhDudGSbB7xHa4WI15N4GY5d4tS34h8zc+0+b2VX7WRkQOSrwF8QRMiWISfiBhc1iArFZfopyF5UhnQetX8GyWkheDnQDv+qB1PtbJmJ\r\nAge: 0\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283619f231795c4c603\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5835,"size_decoded":6413,"mime_type":"image/png","magic":"PNG image data, 1003 x 171, 8-bit/color RGBA, non-interlaced","md5":"b79234bcd23ce7e063481b3605bcdd45","sha1":"eace4c48cc352cfb10fb6fcffed50748f18aa78d","sha256":"2dbca2ee9a515b178cb6a5ce670a5dafa30941ad8c753fa3e94642f8dacca13d","sha512":"40fa685181391f1ca805440f53683045d1fbd5c0f36cf471f53641c6f289481f42fefc4d1f2b2fdfe8a20d7488ef0537f10352492e46af76770b49fe8876def7","ssdeep":"96:brOIaX7VK+RUSrZ3rnZ1L++y+hsVoK4CBVVikox3n0muoE7Nqh7zwGto:K7VK+RBZ3l1i+y+3peikr3oEJqh7MCo","tlshash":"91c18f03f313ed339b875f190abe4dc3498b2f9a4725a7d6285b5aa89654819c062e82","first_seen":"2025-08-29T11:05:53.328141Z","last_seen":"2026-07-02T13:50:16.672294Z","times_seen":1750,"resource_available":false,"data":null}},"time_used":1418,"timings":{"blocked":977,"dns":0,"connect":0,"send":0,"wait":441,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/img/appdown.6e7c9177.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:34.925Z","timestamp":1783000174925,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /img/appdown.6e7c9177.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://j106y.vip/css/index-399e2569.1781011881923.a7b0b4f4.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:37 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-277f\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000177=EqBF+Bh0dVrEWopR4QSbe3gLv530Txf9gxNuWcqAwwJyFQmzoSIFPuT6Qs0RexA5gv1Yl/y9jvDjY+CtiBAxSJv82bFPDJJgMPhlRJp2cKfy77f4EN8iv+KjcXxTN6eOFQTquVNLWTDDnl+3v+CPUuvJ9zVFdpEes6xII4+OwztLzfFpjUCaTlEamp1i27kN\r\nAge: 0\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282e19f23179cf9d002\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10111,"size_decoded":10839,"mime_type":"image/png","magic":"PNG image data, 112 x 112, 8-bit/color RGBA, non-interlaced","md5":"716d097b193628397635cfac41b561fa","sha1":"545d1876219bed15fe850a499a08322de6a26866","sha256":"50276d87fae9c1e30a32c32b4e90dcc2e227cabb4e3bb1d60ecb22fb50c5f2ff","sha512":"47ea5928e921bec4ce4d9c807ee921f6115a6dd27af6fa7325e6d988058d22cf36c03693ebc56665203809cfd6d008cd410380e688e90b36d7eeec18ce6aa92f","ssdeep":"192:cALsiDRih/bWKl4Hq2BHZE6+3paMeCsuTvB6hi6tswYmd:lBEv2Hq2BHS1ZaMJtB+tsud","tlshash":"4622d047a584327b826ec79c8fe98c112470ad1ce6f04d5ac44e711128e8df3503baf2","first_seen":"2023-07-01T07:21:14Z","last_seen":"2026-07-02T13:50:16.673619Z","times_seen":1754,"resource_available":false,"data":null}},"time_used":3139,"timings":{"blocked":2841,"dns":0,"connect":0,"send":0,"wait":298,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/993fe8478cba455b8cc0ab81d9956f0b?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.801Z","timestamp":1783000176801,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/993fe8478cba455b8cc0ab81d9956f0b?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:38 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 2940\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 3593\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"993fe8478cba455b8cc0ab81d9956f0b\"; filename*=utf-8''993fe8478cba455b8cc0ab81d9956f0b\r\nContent-Md5: sIeSC9ghxfu6ZPpbmXEsJA==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"FjLMCkCbnP28mXflwOa9RFdjl-0J\"\r\nLast-Modified: Thu, 25 Jun 2026 21:21:38 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg121;QNM3\r\nX-M-Reqid: Yh2G5nkKC\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: 3LgAAAAzv57yeb4Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2940,"size_decoded":3695,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"b087920bd821c5fbba64fa5b99712c24","sha1":"32cc0a409b9cfdbc9977e5c0e6bd44576397ed09","sha256":"af00791589c8ad233ff90dcdedb66f06d922e129123e0e66d28fcccbc51c9ed4","sha512":"e5e801370bc8ea4b6ee7b9f172cfe6a4e1b5e7702a134b84660096b6112ff7198bedab01335277e4deea8813b9a4315cf9477612a53e0c2facf457dade7dcac4","ssdeep":"","tlshash":"f5515d8b39810bd5ed5db168a73913c772d0399840796fd47e43e1d1a614da8593f290","first_seen":"2023-11-15T14:54:41Z","last_seen":"2026-07-02T13:50:16.674647Z","times_seen":55,"resource_available":false,"data":null}},"time_used":2015,"timings":{"blocked":1668,"dns":0,"connect":0,"send":0,"wait":347,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/41f9772421804259924daa04da85ac78?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.803Z","timestamp":1783000176803,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/41f9772421804259924daa04da85ac78?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:38 GMT\r\nContent-Type: image/png\r\nContent-Length: 23934\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 3593\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"41f9772421804259924daa04da85ac78\"; filename*=utf-8''41f9772421804259924daa04da85ac78\r\nContent-Md5: Dbrv5gq3DCCV5+/c36opdg==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"FuX-snTR3Jg6FmnoNmvm8gwaHiBj\"\r\nLast-Modified: Thu, 25 Jun 2026 21:21:38 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg119;QNM3\r\nX-M-Reqid: VYc3ozMnK\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: E3IAAABZj6Lyeb4Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23934,"size_decoded":24689,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"0dbaefe60ab70c2095e7efdcdfaa2976","sha1":"e5feb274d1dc983a1669e8366be6f20c1a1e2063","sha256":"f2cdc1d04612fa80e4270edcd6d5962b52c1836cfbe97aab248b38493eb7134d","sha512":"bd30d7d0c3fd764e3212ce95afe11cb7ca9a148999d48eedfe925195ea012d989cca1a59f89bed02b3674dca21f8c076a7346a7d40b427300c663f12aa6d1c5e","ssdeep":"384:5BbOXpJ/GGpSsQFGayQsYz/P60Qm62QiY5zOqXps4QmuqxXvEKGFWouzBvo:fOH+cQFGjQj/tQm62QZ555DFErFWo+C","tlshash":"50b2e2a97575dd4d7067301e01a35eb534351e2fa0e727862508d0be3bb3b9a03683f6","first_seen":"2025-08-25T20:56:20.994858Z","last_seen":"2026-07-02T13:50:16.676663Z","times_seen":48,"resource_available":false,"data":null}},"time_used":2020,"timings":{"blocked":1717,"dns":0,"connect":0,"send":0,"wait":284,"receive":19,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/1a8f47f30d694cabbc67a275f6b84077?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.809Z","timestamp":1783000176809,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /img/fb/team/1a8f47f30d694cabbc67a275f6b84077?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/kc523-1/sponsor/sponsor_nav_web_1.png?1781011825626","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:34.900Z","timestamp":1783000174900,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /kc523-1/sponsor/sponsor_nav_web_1.png?1781011825626 HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/99296dadcf004506935ebf9fd19b8e36?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.744Z","timestamp":1783000176744,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/99296dadcf004506935ebf9fd19b8e36?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:37 GMT\r\nContent-Type: image/png\r\nContent-Length: 9089\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 38947\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"99296dadcf004506935ebf9fd19b8e36\"; filename*=utf-8''99296dadcf004506935ebf9fd19b8e36\r\nContent-Md5: wzGh0q9W//9HAmZMPAWr5A==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"FrkW9qFGXlmKXlO6oyThqpOYbLLN\"\r\nLast-Modified: Sun, 28 Jun 2026 09:26:56 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg121;QNM3\r\nX-M-Reqid: np8cvJh1z\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: Eg4AAABS9e7KWb4Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9089,"size_decoded":9844,"mime_type":"image/png","magic":"PNG image data, 250 x 167, 8-bit/color RGBA, non-interlaced","md5":"c331a1d2af56ffff4702664c3c05abe4","sha1":"b916f6a1465e598a5e53baa324e1aa93986cb2cd","sha256":"824947d0637432c77cec57b4d3aab5290275c04d81a1a57c9dd41c78f6d478c4","sha512":"84d7e9ee444baa6e8411650f1ab3eee222722e831e677c3822f2109acbe8bb6d6644d5cb5b3980dd90e2c68eaa7ddd9fd973c20dd6116097ee55d5ab83e1349b","ssdeep":"192:ABX2ddKd5fRVXTXEoGUqlJ0ESUr+ykURfzTsoD/Q:g95f3XDEoGfjVsojQ","tlshash":"9f12bfce2594bcf1423ead202eb72bd80091211f840d3f93f1df5b9616a5585b87aed6","first_seen":"2026-06-05T08:53:37.76273Z","last_seen":"2026-07-02T19:45:35.914041Z","times_seen":18,"resource_available":false,"data":null}},"time_used":740,"timings":{"blocked":-1,"dns":0,"connect":237,"send":0,"wait":257,"receive":0,"ssl":246},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/e5a01c3a3cf640e1983c827cc184c861?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.871Z","timestamp":1783000176871,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/e5a01c3a3cf640e1983c827cc184c861?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:40 GMT\r\nContent-Type: image/png\r\nContent-Length: 72800\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 20957\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"e5a01c3a3cf640e1983c827cc184c861\"; filename*=utf-8''e5a01c3a3cf640e1983c827cc184c861\r\nContent-Md5: +FxDiTYkTYAwyx3M89SahQ==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"FnWfwrEjRLHzbgZbicMX8IB0GYQy\"\r\nLast-Modified: Fri, 26 Jun 2026 21:22:23 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg121;QNM3\r\nX-M-Reqid: DU6RSd11m\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: rI8AAAAUVzEoar4Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":72800,"size_decoded":73556,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"f85c438936244d8030cb1dccf3d49a85","sha1":"759fc2b12344b1f36e065b89c317f08074198432","sha256":"5ee52e7278a3bb2488af127d636e7c7cf7b857a6d6cbf42fa31c6b25af2fa4ae","sha512":"b2e5744c7a8b5592d9ca42b12cf65922c38bfa0715e57c334e78ff22ee91686d4e4c1b4edb7394787a90a92378af1abdd1f708980310fac565270f48579f4c09","ssdeep":"1536:CuKt1Eu8ZxSckohmGBZjyJOS8hUUSGFAuBP:CuKn0xSWX+ed9Z","tlshash":"4c630274a7f7b2e08f5328c4b0214db1be9bc46415a67e417c1ad2b4bf4a376a79b304","first_seen":"2026-04-28T09:21:33.864495Z","last_seen":"2026-07-02T19:51:45.190666Z","times_seen":49,"resource_available":false,"data":null}},"time_used":3746,"timings":{"blocked":3300,"dns":0,"connect":0,"send":0,"wait":283,"receive":163,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/img/away-bg.00d4ba2a.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.913Z","timestamp":1783000176913,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /img/away-bg.00d4ba2a.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://j106y.vip/css/home.1781011881923.38488e2a.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:37 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:10 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281706-f2b\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000177=EqBF+Bh0dVrEWopR4QSbe3gLv530Txf9gxNuWcqAwwJyFQmzoSIFPuT6Qs0RexA5gv1Yl/y9jvDjY+CtiBAxSJv82bFPDJJgMPhlRJp2cKfy77f4EN8iv+KjcXxTN6eOFQTquVNLWTDDnl+3v+CPUuvJ9zVFdpEes6xII4+OwztLzfFpjUCaTlEamp1i27kN\r\nAge: 0\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283719f23179d16cd06\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3883,"size_decoded":4605,"mime_type":"image/png","magic":"PNG image data, 277 x 80, 8-bit colormap, non-interlaced","md5":"ce3e5a71ef5dcf15c030882243e12315","sha1":"d4fdd1329ecac30941a67bd5108bad525c791c12","sha256":"3c2aad01ce2fce6463d6ed3bde348515922dd019d8a670b07b53d66b39c68d3d","sha512":"f6a55d8c079529988760a1c22541c097af159a3653f5ffe89c5c31ee20371f2c879c64797319f4176be77c821294f0f72d83ad77f2a0141203c857c8f987966c","ssdeep":"","tlshash":"6f815cf693e66bd0d5675106a3a14c89624d69d925a325530923f45ec3bb1ac02fe381","first_seen":"2025-08-29T11:05:53.10673Z","last_seen":"2026-07-02T13:50:16.696472Z","times_seen":1693,"resource_available":false,"data":null}},"time_used":1165,"timings":{"blocked":866,"dns":0,"connect":0,"send":0,"wait":299,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/img/CHESS.80cb714e.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.949Z","timestamp":1783000176949,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /img/CHESS.80cb714e.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:38 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-e587\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000178=rgsd0pWZBr0l5Ng5mIi2GDeTGvudQ6H9sjIO8r6cNqkJRHp69lh1vPgi97tRhC6q7YvYpiLtI+fH13Ni7zoR1wtp1uvO4un5Wk5MtbZcN/OkYbkYx5eCAUgVTLDmmsTiOjckzdOzxKOTE+4dIP9SNQ3fl1UZ1aLhtGBIiZPtL7LBzFPaQsoRNzEsnw6Yx03t\r\nAge: 0\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283719f23179e42cd07\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":58759,"size_decoded":59473,"mime_type":"image/png","magic":"PNG image data, 582 x 307, 8-bit colormap, non-interlaced","md5":"727b4dc207a4141335b27fa73f76fb10","sha1":"bb63b02e635f5503d76c4fc3532c2c652a06cac8","sha256":"5d840214ae46c94540df7d0a94963cc398b32c7b868edddb6a4f2a2faf113e42","sha512":"c1512f9d9a191ea10e806fe3a8f812f78dec9832568373b7b5362fafe9aef6783947d248deb2fc8d30ba1c61fd3b94f308298e69c1de32686110fa35f7bd4ed4","ssdeep":"1536:gtPCh483gu6aLw9AJeteTzkprgTWEHbP4BzrJ:344U9Xte3kprgKE7gZJ","tlshash":"0543025a13c1159f422f37b8148758a6d8154f9f38f32ea11a9e2afda58cb0af431c3d","first_seen":"2023-11-10T19:12:00Z","last_seen":"2026-07-02T13:50:16.697653Z","times_seen":1679,"resource_available":false,"data":null}},"time_used":1539,"timings":{"blocked":1143,"dns":0,"connect":0,"send":0,"wait":319,"receive":77,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/gpmaster/_webp_size328x442_392325e1-efd7-4953-83f1-410dea55a03c.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.050Z","timestamp":1783000177050,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/gpmaster/_webp_size328x442_392325e1-efd7-4953-83f1-410dea55a03c.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:40 GMT\r\nContent-Type: image/webp\r\nContent-Length: 13178\r\nConnection: keep-alive\r\nEtag: \"38581a2c1fb9355639ffb5a31aa0642d\"\r\nLast-Modified: Tue, 02 Dec 2025 14:07:28 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nAge: 0\r\nCf-Cache-Status: HIT\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4TqP7GeOgMwz9GCZyDR0aBl0TTGDHN%2F%2B%2FW1pOF47cTX%2FF6fDZ20bzwIaC0liDgYhr1nX4E3sLeFGoH4u3lP4sYEoUwD%2F%2F8srVSoy4KdKLKPQjd5r%2B6ByoataIAo0%2FyUFACZTESJxe2VfF3SiOcKRJ%2Fs%3D\"}]}\r\nCF-RAY: a14e1d762be82100-HKG\r\nalt-svc: h3=\":443\"; ma=86400\r\nCache-Control: public, max-age=2592000, immutable, public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nServer: Nginx\r\nL-Safe: 1783000180=/HKbVSD/7vRre6xAbJ/Z8ubw9TW1k6ODWXaxTL+J+WkSwcoNzoRwe6DSIb4eclOBywGI/tjcPogehrmEOo67xkbsDokiBoI2bOwHFRdZVp30oXkqS61CSJE40xu0XKdMeLCB2NbXxnp9SpTDW52q7OAsisMFf4omgDBMFUU6Zxii2+nY5c479iFlDvqAV4EH\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282f19f2317a59ccbfa\r\nX-Cache-Status: MISS\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13178,"size_decoded":14339,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"38581a2c1fb9355639ffb5a31aa0642d","sha1":"dc4eee50f114bf0f120b50766fd207ec5522e9dd","sha256":"88d44a033517e73fcf97528b670ccfa16743d61b2c0c7deca8d7fc247e2595d3","sha512":"e1757677642582409db9344003b4c9454757755bf157f2491aabdf2b1c454d3d0073f4b0012faa1e9681397e7004428f087b8a1e338f3812137007909ed9ed89","ssdeep":"384:yPsoyVYHcsbr84JZQ4zAogmntgxn7uxj8+4n:toyVUbrXDQ4UogKWlWQ+u","tlshash":"3542cf151f4044575ecd7aeb108a5ebcc9450918e63cac716493bc388ef09bf4aeb6ed","first_seen":"2026-04-24T23:10:16.737591Z","last_seen":"2026-07-02T13:50:16.699065Z","times_seen":430,"resource_available":false,"data":null}},"time_used":3252,"timings":{"blocked":2849,"dns":0,"connect":0,"send":0,"wait":403,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/gpmaster/_webp_size328x442_bdd30f19-a4d8-4eb3-b2d5-d24180d2e353.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.062Z","timestamp":1783000177062,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/gpmaster/_webp_size328x442_bdd30f19-a4d8-4eb3-b2d5-d24180d2e353.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:40 GMT\r\nContent-Type: image/webp\r\nContent-Length: 15228\r\nConnection: keep-alive\r\nEtag: \"6a267f5e09a632be650a3775bc739a4d\"\r\nLast-Modified: Tue, 02 Dec 2025 14:16:53 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nAge: 0\r\nCf-Cache-Status: HIT\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RLU4g0A6EUHv1onvEfXC5DmU0jKDMYrnbbpCTzfi4nR8A8kbqQLfa4AHLUzKbr4HBR7JLVmWS7sJYPm%2BC%2B%2F35Z2BX2FNjEn7LjpjEg4MAO0y9DzU1Dg3OQSWsER0kdlzwv6u6IN7e%2BBv3mj6imGT%2FUU%3D\"}]}\r\nCF-RAY: a14e1d787d3a8b92-HKG\r\nalt-svc: h3=\":443\"; ma=86400\r\nCache-Control: public, max-age=2592000, immutable, public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nServer: Nginx\r\nL-Safe: 1783000180=/HKbVSD/7vRre6xAbJ/Z8ubw9TW1k6ODWXaxTL+J+WkSwcoNzoRwe6DSIb4eclOBywGI/tjcPogehrmEOo67xkbsDokiBoI2bOwHFRdZVp30oXkqS61CSJE40xu0XKdMeLCB2NbXxnp9SpTDW52q7OAsisMFf4omgDBMFUU6Zxii2+nY5c479iFlDvqAV4EH\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282f19f2317a71ccbfe\r\nX-Cache-Status: MISS\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15228,"size_decoded":16381,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"6a267f5e09a632be650a3775bc739a4d","sha1":"5289878ed6bc3c5b6b06a9986ec15a3c6946fcc5","sha256":"88151c14f52fcf8359fe0a5b86c3a14bee6df5f37cfccabd75a86a559e3737aa","sha512":"0c3f82afc7a20b69b90d2ca8d6d00e07c5c097353a5a81024069fb7ed724ee50c335e9fed0860cc92d1274939c0476cbf8cc49b058813775df45f96a3028af3e","ssdeep":"384:1jnjswfCwfOcnPcxsiO8JvyITPiO3BBBJRqn0Rf/dzVPC1D:11fCwFnUl1uwRqnc/dxa1D","tlshash":"e862c1c96f1cf1dabc9c9d3c7a944d369d0c4472a4d804e980b69d2bf98eac78501f2e","first_seen":"2026-04-24T23:10:16.724806Z","last_seen":"2026-07-02T13:50:16.700245Z","times_seen":427,"resource_available":false,"data":null}},"time_used":3613,"timings":{"blocked":3251,"dns":0,"connect":0,"send":0,"wait":362,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202503/_webp_size649x578_ebfde7c7-fdc6-4b58-9f46-2e709f79d7d7.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.073Z","timestamp":1783000177073,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202503/_webp_size649x578_ebfde7c7-fdc6-4b58-9f46-2e709f79d7d7.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:40 GMT\r\nContent-Type: image/webp\r\nContent-Length: 52382\r\nConnection: keep-alive\r\nEtag: \"d82815d2e1685b08148f834895263ba3\"\r\nLast-Modified: Sat, 06 Dec 2025 06:31:00 GMT\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=k%2F9bFsNgwTpFD0TncsxlasrSMcedx83fdDkudiN2uks15lz0BMl3d%2Fb32QenKpUBeBEut8xL9vFO25EVHQnr9B5B4mTBdavAIgkZXa6GZRhZlF7ThUODENAy%2BAQNyglW2bSi2uzPkjc0%2FFDZUdf1hYo%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nAge: 0\r\nCf-Cache-Status: HIT\r\nCF-RAY: a14e1d7a5dd284c7-HKG\r\nalt-svc: h3=\":443\"; ma=86400\r\nCache-Control: public, max-age=2592000, immutable, public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nServer: Nginx\r\nL-Safe: 1783000180=/HKbVSD/7vRre6xAbJ/Z8ubw9TW1k6ODWXaxTL+J+WkSwcoNzoRwe6DSIb4eclOBywGI/tjcPogehrmEOo67xkbsDokiBoI2bOwHFRdZVp30oXkqS61CSJE40xu0XKdMeLCB2NbXxnp9SpTDW52q7OAsisMFf4omgDBMFUU6Zxii2+nY5c479iFlDvqAV4EH\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283619f2317a848c60c\r\nX-Cache-Status: MISS\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":52382,"size_decoded":53533,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d82815d2e1685b08148f834895263ba3","sha1":"77d1ecea682ed9c5c6be0f1644f2314eb3db64e2","sha256":"4dfee4506bce2de57a4d8d608edd295e0f8233b44b869f6d94481d17931a42d6","sha512":"9941cf4ea9abb6631c519ddd7067d21ac74afd06329b64581be00aa28b89e4ae7dd9750fcec2913df15a4f5fd7209a2049ae62bfec1c802d304a710105ed5d0c","ssdeep":"768:i2/E0Y/tLxLsxLHzZGHtzwzzxgHi5hUOjl7pE1+J1r5k+A8okW8winHfG1HL:xEHVNshHzIIxEuh7q4JxqXPin/G","tlshash":"a13301689c11db25d8805a2dd62fbfce984330e2231f0bca5b13d95e0bf1a852f44c9e","first_seen":"2026-04-24T23:10:16.886375Z","last_seen":"2026-07-02T13:50:16.701206Z","times_seen":419,"resource_available":false,"data":null}},"time_used":3958,"timings":{"blocked":3550,"dns":0,"connect":0,"send":0,"wait":380,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/kc523-1/sponsor/sponsor_web_1.png?1781011825626","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:34.988Z","timestamp":1783000174988,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /kc523-1/sponsor/sponsor_web_1.png?1781011825626 HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:38 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 30 Sep 2025 12:19:27 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68dbcacf-a556\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000178=rgsd0pWZBr0l5Ng5mIi2GDeTGvudQ6H9sjIO8r6cNqkJRHp69lh1vPgi97tRhC6q7YvYpiLtI+fH13Ni7zoR1wtp1uvO4un5Wk5MtbZcN/OkYbkYx5eCAUgVTLDmmsTiOjckzdOzxKOTE+4dIP9SNQ3fl1UZ1aLhtGBIiZPtL7LBzFPaQsoRNzEsnw6Yx03t\r\nAge: 0\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282f19f23179feacbf7\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":42326,"size_decoded":42413,"mime_type":"image/png","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 428x169, components 3","md5":"e0ecbe5a9349aaa328ffd6f9515f9007","sha1":"79ebc30d345c812a3e3a122f152829d161b00a52","sha256":"452d27839b3f3f35d11c9a26f06d6cc9db56dc8c61261ee43e0512f69abf71f4","sha512":"fd322bf3ca925ce2eb45317adae1dee0f1c2e4f30035738052a97ccc054ffb576a92a46758559c8d13cff6be549caca5541d14c5692cbec2758ab2b3c7f3324a","ssdeep":"768:2o9mjFjepo5h5jLasrCO57PIrvmMOSf4t7q5bo6Wruv9CSMsfRLMD7XZ0:2ogpymTxRrwmDSM7mbo6WrutR60","tlshash":"8713f2ebe1075d80bb946c9b3925eec61da50f047bc78d68c5e055f921290bb0fa33a7","first_seen":"2023-11-10T19:12:00Z","last_seen":"2026-07-02T19:51:45.110713Z","times_seen":1799,"resource_available":false,"data":null}},"time_used":3903,"timings":{"blocked":3530,"dns":0,"connect":0,"send":0,"wait":342,"receive":31,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/45e6c205c0124229990c10cda636d07c?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.729Z","timestamp":1783000176729,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/45e6c205c0124229990c10cda636d07c?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:37 GMT\r\nContent-Type: image/png\r\nContent-Length: 34795\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 53368\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"45e6c205c0124229990c10cda636d07c\"; filename*=utf-8''45e6c205c0124229990c10cda636d07c\r\nContent-Md5: rs/nKOOe4WYwGCqq+0WNbg==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"FsZ6v2SoqZmUdc96VCJiPdW2x2Gc\"\r\nLast-Modified: Sun, 28 Jun 2026 03:26:31 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg119;QNM3\r\nX-M-Reqid: lAXfj1kHB\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: GWYAAAAJAEutTL4Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":34795,"size_decoded":35551,"mime_type":"image/png","magic":"PNG image data, 450 x 300, 8-bit/color RGBA, non-interlaced","md5":"aecfe728e39ee16630182aaafb458d6e","sha1":"c67abf64a8a9999475cf7a5422623dd5b6c7619c","sha256":"0515852a72b422c72af773a340d9ce66180e0ebbfc7c786c77e7d8b9c962229b","sha512":"8435bab2854d61aaa6db268bc0a575296b4497828327d77beebeb0a18da295634d697a7dfbdc12777bf5a4808dbeb27d31233fb5dd524cc8a28f741fc8c91c32","ssdeep":"768:EjyUUUZ+4tPptkqU7Gg8OH0i4JxR8/gQv2iwwRx0zLTQn9:E5jW8OH0JxS//6wRcTQ9","tlshash":"2af2e1e463c2fa393666a6da1b061389a70cc051938049515fbbfc6a4413da75ffb0f7","first_seen":"2026-06-05T08:53:37.740071Z","last_seen":"2026-07-02T19:51:45.107205Z","times_seen":28,"resource_available":false,"data":null}},"time_used":1189,"timings":{"blocked":-1,"dns":0,"connect":264,"send":0,"wait":526,"receive":128,"ssl":271},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202508/_webp_size1298x1156_13f1f273-ad7d-4854-b9a3-7f3eb8823296.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.079Z","timestamp":1783000177079,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202508/_webp_size1298x1156_13f1f273-ad7d-4854-b9a3-7f3eb8823296.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-02T13:49:28.476Z","timestamp":1783000168476,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:30 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nCache-Control: public, s-maxage=600, max-age=0\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000170=+soe8cnfAsyReURRCb/7LNCsy0MEqqVyuhVuwCNOhKyCf1i/XxU+mwZebIwotn9SSNLDI52yNrUHLSB3eR2+X5u7Yt6ozMHd4ZpMcT7plIJ6ZXgOWEMWY65brtmL1z2kI9S5bLJ1aaa9nnEKHG07W207LmYelz8RlK9Q4+BqvcyJ2dY7GjnBPtw7SP2ltB+u\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283019f2317817ec757\r\nX-Cache-Status: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":24594,"size_decoded":11457,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5777)","md5":"e79ba8d5268f3090203c26b2ec87119f","sha1":"67ec737a939ce7eb32f6c9ab0f6cb36a5d0c5045","sha256":"f03b70608a46781f56d44226537411cfd4da69014f8c6540319977c45398149b","sha512":"378079455a3539b8fa003afc4351f6acd844d704e0f41250b71dda29b445cb99821596e562eed3afea6a7d0b6de1ff61e22754a4c3d9384952d09b90f4dc3e55","ssdeep":"384:21ERlxqNBPJu2VwiYwJvSoVXsp+pa/iZcVk97g6nMusplIiz:1RXqrJuiNYiKop/E6wkpcu2llz","tlshash":"05b2195a9df3497a2423303a1f7fb20869b0d0134309ed803e4de7594f95aaa56f3bd6","first_seen":"2026-06-12T19:29:57.247756Z","last_seen":"2026-07-02T13:50:16.704028Z","times_seen":165,"resource_available":true,"data":null}},"time_used":2649,"timings":{"blocked":-1,"dns":1324,"connect":314,"send":0,"wait":391,"receive":0,"ssl":620},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/config/telegram.js?t=1783000171468","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:31.529Z","timestamp":1783000171529,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /config/telegram.js?t=1783000171468 HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:33 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-1c896\"\r\nCache-Control: public, max-age=31536000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000173=OxtiLSZypOd/3GpkdMh/Qlj7mb5uQpI+QPVV7J9PzMA8uZWhKnqgc7XKieUFl/zPGxZ/I8r59A54jtOqCQQLj0R67lm5E4v/ebaILwucuF/gykM2PWcBtSd8syW86mNexB+fUW/cNUUve94aIRMs8mwuw5spbkf4YYv1dDc+69iqnBZ17WtpsoSLm/w7vno+\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283719f23178ba3ccfe\r\nX-Cache-Status: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":116886,"size_decoded":18895,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (483)","md5":"4ef2154bcfb8399f256c2da15a4cb409","sha1":"e0f8f5578b2e0773ec1d79bb1cec54e1f5d6373d","sha256":"73fa4926373755b52fecfdf3145a0c9953c08af374ea69dda46fe2b3b9ddb022","sha512":"8b64643161386bdefbb7eab04416e78e5e183c50acba7b25b146aa6e733744a326566a01eb7eabb1a0a3f5b87ac8461a7ab3b9ad1c44de37ecea25af09e3eb41","ssdeep":"1536:WK4KZK+Klt3LbbdS4V+vO14KtA9phXTQ+fcZl8LDh7j8d3K+V4WMrnf/NunqxF00:Wj+dgdLbbdSA+1XTQRZ1jSBl","tlshash":"14b31c4c5cf3216285a7b1be8b9f925072759893304def203c4d9ba45f98d3c53eaad8","first_seen":"2025-05-31T08:16:48.368096Z","last_seen":"2026-07-02T19:32:29.476109Z","times_seen":1470,"resource_available":true,"data":null}},"time_used":2141,"timings":{"blocked":1797,"dns":0,"connect":0,"send":0,"wait":333,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/js/home.1781011881923.a94e73ca.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:34.170Z","timestamp":1783000174170,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /js/home.1781011881923.a94e73ca.js HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:34 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-319eb\"\r\nCache-Control: public, max-age=31536000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000174=wWdLAvL7giG3ugqAOzp8kD+MaGSfg3qXUEZVe6MYGcqorkzZ3o9ReiRy6Cb1aZuYSDRP2kPvmsecI7BI38u3mC0q811EYMXtu2qoUkxaoIUn84jsxRwtAF9sNX/UFg9xm/UZO5wqqXb10AsOnTF+oOlEgTc8qRgKJOKkqHymC+fWJj+cqNyXb80wn4A1mksQ\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282b19f23178ee7cc93\r\nX-Cache-Status: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":203243,"size_decoded":60718,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (64174), with no line terminators","md5":"7ad9af47a2c0c93f65e42ff84b45dad7","sha1":"eed3b4bd1191c75416f457ee41317595880f8635","sha256":"c9d64aef33c7a35945a5963b08b2bc3157f403dc91a5c9c9463c82a0d4075af6","sha512":"757a63f9b96bc8a36491424f8e0ae9fd6813983817ab2da87bb3455e18b5cb5f71d5e682919941194e4a588bea925c790888e4d27f8531ee03c777c1e2c92678","ssdeep":"3072:T5daS9tSIMcewi8uJBuoMfqFf2GMkvVJuhxffj7TEOiGRlc:T5ES9tSIMcewiLQqFRmzffjAGHc","tlshash":"93141880b5f0e275575fc2a7d7371025b2271786d0ccac60e1f66b187e2879ab236db8","first_seen":"2026-06-12T19:29:57.277471Z","last_seen":"2026-07-02T13:50:16.706047Z","times_seen":137,"resource_available":true,"data":null}},"time_used":426,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":332,"receive":94,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/js/35142.1781011881923.1d227afa.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:34.641Z","timestamp":1783000174641,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /js/35142.1781011881923.1d227afa.js HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:34 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-530c3\"\r\nCache-Control: public, max-age=31536000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000174=wWdLAvL7giG3ugqAOzp8kD+MaGSfg3qXUEZVe6MYGcqorkzZ3o9ReiRy6Cb1aZuYSDRP2kPvmsecI7BI38u3mC0q811EYMXtu2qoUkxaoIUn84jsxRwtAF9sNX/UFg9xm/UZO5wqqXb10AsOnTF+oOlEgTc8qRgKJOKkqHymC+fWJj+cqNyXb80wn4A1mksQ\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283719f23179122cd00\r\nX-Cache-Status: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":340163,"size_decoded":94183,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (64894), with no line terminators","md5":"8325235b613820a57b71043f360e5b36","sha1":"925ff977edf9892e868d43915f93d29e6feeb113","sha256":"0c505f39a463b09ece16c213b7ead75186dcdc26d25ee02dcba5a62cc0dff7c6","sha512":"efd16c9b7ff0f806890ae77542e8c0d4e954f8c797ff21b8dcde3f240e4940ca3c6d0fe75ee2fda35bf53ff5d0eb691fa7e38cfdfa82c0f231b0cd57458fbcf2","ssdeep":"6144:N0hEyLkbJDb7w/1FOAmBm7cene7Ancbt8sbyAkKJwoSlt5MMjmlHGwwzHUY9SroE:N0hEyLkFDb7w/1FOAmBm7cenaAncbt84","tlshash":"8a742b94b290b17883af86fb731a91a1d24d0e9460ccace4f27e6e407f15746b8775ec","first_seen":"2026-06-12T19:29:57.248751Z","last_seen":"2026-07-02T13:50:16.706979Z","times_seen":137,"resource_available":true,"data":null}},"time_used":682,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":516,"receive":166,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/js/31098.1781011881923.4108b3dd.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:35.413Z","timestamp":1783000175413,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /js/31098.1781011881923.4108b3dd.js HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:35 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-561e2\"\r\nCache-Control: public, max-age=31536000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000175=ou+1S2ys1bA+xDtGhRhEUsQUTlT6EfDUgxJlzi8nHWtVGx673ZMWeXxY+kUixE3mpGtiyAwglSJwaVzfevidH/0RRvYZj9t/HShIGZs1YJLGAfjXokQt4XscbFj/gGjtz1M9z68Ad+uekUFXcT8ChCxW2B8SbrGDBiFEOHfN/3V1oEWZi9/dc5qNyNbdYO4f\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282b19f231793c3cc99\r\nX-Cache-Status: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":352738,"size_decoded":65643,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65338), with no line terminators","md5":"3c55e2f7f495cd530603e700dd3bf229","sha1":"fdcabc58e872fde99b7d704711a75bc32cc2b8c8","sha256":"1c38b781ee4a302e955baab7d3306365881227cafc2814e1085f93f4ab0342d8","sha512":"94954c49e71bd95a7543f652e03bf68b5dd26d00b33c91eda9003ef81e37aa5735e846bc9322d52181550f0d010d125479a73d83dec0fe51fa0c4f2489108326","ssdeep":"1536:Z+0YvC9jlTKAUSseG1SY46DCdlBBo3AgXOG9AsqCfCXsvCfCXsLCfCXsyCfCXsfX:sKK5sY4brG7O3SnLJNpL","tlshash":"6174b6f4c248c6fdea04ce0a7e7d6f2d50723783f2ec56c446aaf8865e92857245c4da","first_seen":"2026-05-19T02:14:56.370466Z","last_seen":"2026-07-02T13:50:16.708289Z","times_seen":171,"resource_available":true,"data":null}},"time_used":579,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":391,"receive":188,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/ed9f4a1c40934d5f9221964fe88edca7?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.757Z","timestamp":1783000176757,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/ed9f4a1c40934d5f9221964fe88edca7?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:37 GMT\r\nContent-Type: image/png\r\nContent-Length: 12830\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 6716\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"ed9f4a1c40934d5f9221964fe88edca7\"; filename*=utf-8''ed9f4a1c40934d5f9221964fe88edca7\r\nContent-Md5: /XI0e8ycZEJnEH9XePMhQQ==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"FnYP2aiiPqmWFwlBzMHyLcY0Se4U\"\r\nLast-Modified: Sat, 27 Jun 2026 03:33:34 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg121;QNM3\r\nX-M-Reqid: xIV4z3BV6\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: VU4AAADYek0bd74Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12830,"size_decoded":13585,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"fd72347bcc9c644267107f5778f32141","sha1":"760fd9a8a23ea996170941ccc1f22dc63449ee14","sha256":"ee435afd5859b8466b658a0e57600dd17069514e3c05761d945da7f213e05b55","sha512":"ba788e17484de25885ca2182eb121e1d12b378111d73f53e01919d006aaddd75a3e3b6158c4f05f4d855362cb2b69246fa5cdda4c92d43ee01b784b884f5f37e","ssdeep":"384:nWbMcMWlnqzf/n6SEktAMuys2O2XYfYwaJuE+7x5wzY2:WbMcMyqzf/6USMFpC4JuE+XI","tlshash":"3942cf42e057387731861646083bee84ee491ab916bc897c4d1fce3573afb485f8e6c8","first_seen":"2023-08-25T07:55:34Z","last_seen":"2026-07-02T13:50:16.710235Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1227,"timings":{"blocked":934,"dns":0,"connect":0,"send":0,"wait":293,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/ff48f3b7603f4d599196f18d6bb8efad?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.888Z","timestamp":1783000176888,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/ff48f3b7603f4d599196f18d6bb8efad?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:40 GMT\r\nContent-Type: image/png\r\nContent-Length: 11374\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 11976\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"ff48f3b7603f4d599196f18d6bb8efad\"; filename*=utf-8''ff48f3b7603f4d599196f18d6bb8efad\r\nContent-Md5: jz6ZHZ+MGZrD8W8jprqwXw==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"Fm42MePHxY3m6UgOsFfPVlqTAz_U\"\r\nLast-Modified: Fri, 13 Mar 2026 20:31:48 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg119;QNM3\r\nX-M-Reqid: ekearjAP5\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: 8lIAAADMykVTcr4Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11374,"size_decoded":12130,"mime_type":"image/png","magic":"PNG image data, 80 x 99, 8-bit/color RGBA, non-interlaced","md5":"8f3e991d9f8c199ac3f16f23a6bab05f","sha1":"6e3631e3c7c58de6e9480eb057cf565a93033fd4","sha256":"46121ac60f26773e0fa0870be6095f914bbb4fd6c63d4706535dd78806299c40","sha512":"9843fb42f9cd4e4a01f42aca3043ea7237a8c392b398c41facae6fcd0e54fe6807d3dfeed626b8fcd95f8e9ebada3ed206080754e2ce06e364b5f2dbdf9fac04","ssdeep":"192:59DW/V3Ps8iy3pyDbaTwdAW/2faFOccRU2qZEXn9SLhYkCJDm1eMW5mcdLX2:rcs8iIp0aOAW/2fu6UfU9SdyJoeRjdLm","tlshash":"b332bfcaf6057824d67a5414cdda04a976a82286bc18009877037fe4be3dcbfd73e087","first_seen":"2026-06-16T09:31:22.229683Z","last_seen":"2026-07-02T19:51:45.15592Z","times_seen":8,"resource_available":false,"data":null}},"time_used":4191,"timings":{"blocked":3926,"dns":0,"connect":0,"send":0,"wait":265,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/gpmaster/_webp_size328x442_50b16c20-cbfb-4c4c-ba8a-249055c85af3.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.052Z","timestamp":1783000177052,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/gpmaster/_webp_size328x442_50b16c20-cbfb-4c4c-ba8a-249055c85af3.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:40 GMT\r\nContent-Type: image/webp\r\nContent-Length: 18518\r\nConnection: keep-alive\r\nEtag: \"aa3d869158cd9f4a691ab5256b366ce1\"\r\nLast-Modified: Tue, 02 Dec 2025 14:07:39 GMT\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Zz4C449GyuV%2B0NUlZbjrIZ1wv1vvCiMqle%2Fjb5poYF1K4kSWBIfdIBdPXI6a0AODz4KSneHEs2jhxARULYk5ez4yAttYMl8wgo5nEEM1oX4A4YPxIrBKivW98WC0gPevJ92dHFUWlVw1uhmxUhJ8f4I%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nAge: 0\r\nCf-Cache-Status: HIT\r\nCF-RAY: a14e1d766af5095d-HKG\r\nalt-svc: h3=\":443\"; ma=86400\r\nCache-Control: public, max-age=2592000, immutable, public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nServer: Nginx\r\nL-Safe: 1783000180=/HKbVSD/7vRre6xAbJ/Z8ubw9TW1k6ODWXaxTL+J+WkSwcoNzoRwe6DSIb4eclOBywGI/tjcPogehrmEOo67xkbsDokiBoI2bOwHFRdZVp30oXkqS61CSJE40xu0XKdMeLCB2NbXxnp9SpTDW52q7OAsisMFf4omgDBMFUU6Zxii2+nY5c479iFlDvqAV4EH\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282e19f2317a5dcd009\r\nX-Cache-Status: MISS\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18518,"size_decoded":19665,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"aa3d869158cd9f4a691ab5256b366ce1","sha1":"46a9a87daa6c88e7055d5286cbc30e5a30bf34d2","sha256":"cacdf3b3bb35cc05bcdbadac055a705917d7ef2e422198f081e2482ba755eb5b","sha512":"d791059c03544004a3eb112223fdc6f44828e2ac740fc99c53aec39007ab4af73c6bdc3af541c57cc2805993d9f938bc1aaa46b1252c28c55d68fd135ac89ead","ssdeep":"384:+/SrnnTDDsTm3Dgi6CrYqpWrWrM5LW7A1zNb+EIItGXfeXCq:+/SrnzsS3zJiK81hS4","tlshash":"fc82d07a08094e73b16953616be5e8648b174f58100da7bf3d0166c9e32de6f74b80bc","first_seen":"2026-04-24T23:10:16.832516Z","last_seen":"2026-07-02T13:50:16.714718Z","times_seen":426,"resource_available":false,"data":null}},"time_used":3307,"timings":{"blocked":2933,"dns":0,"connect":0,"send":0,"wait":372,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/img/left.34013cd8.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:34.912Z","timestamp":1783000174912,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /img/left.34013cd8.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://j106y.vip/css/home.1781011881923.38488e2a.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:35 GMT\r\nContent-Type: image/png\r\nContent-Length: 237\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nETag: \"6a281707-ed\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nServer: Nginx\r\nL-Safe: 1783000175=ou+1S2ys1bA+xDtGhRhEUsQUTlT6EfDUgxJlzi8nHWtVGx673ZMWeXxY+kUixE3mpGtiyAwglSJwaVzfevidH/0RRvYZj9t/HShIGZs1YJLGAfjXokQt4XscbFj/gGjtz1M9z68Ad+uekUFXcT8ChCxW2B8SbrGDBiFEOHfN/3V1oEWZi9/dc5qNyNbdYO4f\r\nAge: 0\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283719f231794efcd02\r\nX-Cache-Status: MISS\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":237,"size_decoded":901,"mime_type":"image/png","magic":"PNG image data, 14 x 44, 8-bit colormap, non-interlaced","md5":"5ecca260da6fc5e2843405c20ac69817","sha1":"3918cfad7493b6860ded9e259ba90bc6a853f1b1","sha256":"078a4aac39c49a33cbabf23cda7579fa7b76e875e6b6d24d16cfcbf9f8b250df","sha512":"b76a870a79a87a450e5d30a218d75093b57415c563e64a8ffd6839a31b36379dbc08398698b9c1368ecda671d65045d5cfebe3363b98d746d89dcaad15bcd8ce","ssdeep":"","tlshash":"6dd0a99be2076faed1c70bb3732e0ca18a8124e892944b088042c622ca663a1dd82042","first_seen":"2025-08-29T11:05:53.221032Z","last_seen":"2026-07-02T13:50:16.715431Z","times_seen":1760,"resource_available":false,"data":null}},"time_used":1102,"timings":{"blocked":788,"dns":0,"connect":0,"send":0,"wait":314,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/kc523-1/logo/logoWhite.png?1781011825626","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:34.984Z","timestamp":1783000174984,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /kc523-1/logo/logoWhite.png?1781011825626 HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/db30f77db62b442eb5b9228a28c749bf?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.825Z","timestamp":1783000176825,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /img/fb/team/db30f77db62b442eb5b9228a28c749bf?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/afc9d963ea6d4c63926b11128e19317a?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.835Z","timestamp":1783000176835,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /img/fb/team/afc9d963ea6d4c63926b11128e19317a?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/94bc40936a9248038209d405dd8923a7?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.877Z","timestamp":1783000176877,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/94bc40936a9248038209d405dd8923a7?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:40 GMT\r\nContent-Type: image/png\r\nContent-Length: 67013\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 15550\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"94bc40936a9248038209d405dd8923a7\"; filename*=utf-8''94bc40936a9248038209d405dd8923a7\r\nContent-Md5: CoyZxMPDCY6kiHXc2JD+iA==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"FuEJCZCbhq754F00x-leH07k4hwE\"\r\nLast-Modified: Tue, 19 May 2026 13:57:56 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg121;QNM3\r\nX-M-Reqid: HacLgTr0S\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: HdYAAAA8lx8Tb74Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":67013,"size_decoded":67769,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced","md5":"0a8c99c4c3c3098ea48875dcd890fe88","sha1":"e10909909b86aef9e05d34c7e95e1f4ee4e21c04","sha256":"cf314725a4499eb6e3e714ae73548c62eb21f6959055f9265c8044fd3a71e99c","sha512":"9fa8f830313cb375fbea56a77e610ff46fcbbb911bd7e659dfdabe4a9f1cf9f551278958746d2ab43bc57175a4cfc37fe3a37b3963da380f5d78f6d172c1b718","ssdeep":"1536:CZ8cyIrT7jBluEpgsndY9pwxZ/skuxT7kj7Rx8CFpTiy8iaF:UPyCrnuEbndY9pUZKS3znpaF","tlshash":"e963f2dfc1983d6b57ad30e97177337b2c01072982bc67a3e35da975c042a4ca486eb6","first_seen":"2025-06-20T01:32:32.038982Z","last_seen":"2026-07-02T19:51:45.167335Z","times_seen":14,"resource_available":false,"data":null}},"time_used":4036,"timings":{"blocked":3573,"dns":0,"connect":0,"send":0,"wait":308,"receive":155,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202503/_webp_size649x578_188684fd-5a0b-43f3-8a6e-b9c558e44ec4.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.006Z","timestamp":1783000177006,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202503/_webp_size649x578_188684fd-5a0b-43f3-8a6e-b9c558e44ec4.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/gpmaster/_webp_size328x422_936e6f39-c72d-42ec-ab51-2bd5a806c902.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.100Z","timestamp":1783000177100,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/gpmaster/_webp_size328x422_936e6f39-c72d-42ec-ab51-2bd5a806c902.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/js/83876.1781011881923.7ce40e6b.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:31.525Z","timestamp":1783000171525,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /js/83876.1781011881923.7ce40e6b.js HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:33 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-4007d\"\r\nCache-Control: public, max-age=31536000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000173=OxtiLSZypOd/3GpkdMh/Qlj7mb5uQpI+QPVV7J9PzMA8uZWhKnqgc7XKieUFl/zPGxZ/I8r59A54jtOqCQQLj0R67lm5E4v/ebaILwucuF/gykM2PWcBtSd8syW86mNexB+fUW/cNUUve94aIRMs8mwuw5spbkf4YYv1dDc+69iqnBZ17WtpsoSLm/w7vno+\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282e19f23178af0cffb\r\nX-Cache-Status: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":262269,"size_decoded":77907,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"abf84df30621edc23a82d05ff0b8a83a","sha1":"e727ad94ce5d5f5b8fabec0e0b5a966fb6e6594f","sha256":"c3b02d056ac034939c3ff75a10a2da23f5f05f96a36ca1e5cea2157ce0fe12be","sha512":"db2a2a00f51cc6f75cfcbb6d988df74403fae93255982a054710e5f87a2d8407f4f8f02fef8ef1a0e5edb289736296b2d11a3b77cad6c6d9089bb831cda45be5","ssdeep":"6144:0/rOTU2/xB0Jjytg7DiQPkcsz1aL3p2YO+WidjHrrL:0iUjytgPJPT3p2YpHrrL","tlshash":"2f442c44b291f0b8879b42f7922b4056a17f48a1308cacb4f265f990be7555c927fbfc","first_seen":"2026-06-12T19:29:57.272405Z","last_seen":"2026-07-02T13:50:16.716723Z","times_seen":154,"resource_available":true,"data":null}},"time_used":2519,"timings":{"blocked":1618,"dns":0,"connect":0,"send":0,"wait":356,"receive":545,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/css/83749.1781011881923.2e202a68.css","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:34.763Z","timestamp":1783000174763,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /css/83749.1781011881923.2e202a68.css HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:35 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-6f2f\"\r\nCache-Control: public, max-age=31536000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000175=ou+1S2ys1bA+xDtGhRhEUsQUTlT6EfDUgxJlzi8nHWtVGx673ZMWeXxY+kUixE3mpGtiyAwglSJwaVzfevidH/0RRvYZj9t/HShIGZs1YJLGAfjXokQt4XscbFj/gGjtz1M9z68Ad+uekUFXcT8ChCxW2B8SbrGDBiFEOHfN/3V1oEWZi9/dc5qNyNbdYO4f\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282b19f2317919ecc95\r\nX-Cache-Status: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28463,"size_decoded":6305,"mime_type":"text/css","magic":"ASCII text, with very long lines (28463), with no line terminators","md5":"1ead8072763d5fe20963f033dc63d94e","sha1":"36eeb0853a1b5681ab464dc1ef3682160e420e60","sha256":"8f014d5d9b2798ecfc473bac7c23f80295b94af3cbeff054fcaf973b286f8240","sha512":"92670a870b9db4259e71072ab72699e3431fa9eb53027f4b90c954b51eaf1869f5f50987808e5c625e9101ea4ea3aca655b81ba73f3ba2ced4cd480eb9a915cc","ssdeep":"384:DYCKpsUIc1F8l1TANI34yQyqPPQwmfzIfRbHx6+OhCcbakzeYaTONdqdK:DYCKpcPE64yDqbodqdK","tlshash":"07d2739ae5d4b13e6c1fbb35ebc5a1ecb1399450df620e7af202762547c3af1012216d","first_seen":"2026-04-29T03:41:13.425526Z","last_seen":"2026-07-02T13:50:16.717343Z","times_seen":541,"resource_available":false,"data":null}},"time_used":449,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":449,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/kc523-1/sponsor/sponsor.json?1781011825626","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:34.883Z","timestamp":1783000174883,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /kc523-1/sponsor/sponsor.json?1781011825626 HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:35 GMT\r\nContent-Type: application/json\r\nContent-Length: 646\r\nConnection: keep-alive\r\nLast-Modified: Tue, 30 Sep 2025 12:19:27 GMT\r\nETag: \"68dbcacf-286\"\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nServer: Nginx\r\nL-Safe: 1783000175=ou+1S2ys1bA+xDtGhRhEUsQUTlT6EfDUgxJlzi8nHWtVGx673ZMWeXxY+kUixE3mpGtiyAwglSJwaVzfevidH/0RRvYZj9t/HShIGZs1YJLGAfjXokQt4XscbFj/gGjtz1M9z68Ad+uekUFXcT8ChCxW2B8SbrGDBiFEOHfN/3V1oEWZi9/dc5qNyNbdYO4f\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283919f231791c7cb13\r\nX-Cache-Status: BYPASS\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":646,"size_decoded":1261,"mime_type":"application/json","magic":"JSON text data","md5":"10d2161de8cf99c474812f4c43645a26","sha1":"71884ef7281cdcb5084088f16d4550ce8790e634","sha256":"bb02fd7438bb49dd4decb6f76a71f11e93355332fd9f965d6f9f13bb8175aeca","sha512":"bf0fd1232309fcc5582d5c42644e1c7b4b8d235b1066e988ff55e0dd94a956f89742401f00c2d904359041c8e0c2bac8e9316252fab60db5eb0a3b4c935172f0","ssdeep":"","tlshash":"d8f0f44ad8b25b93211fb57c58cd050470294a8f0eccaac4baac987c4f598ddd1e839e","first_seen":"2023-06-16T04:51:50Z","last_seen":"2026-07-02T13:50:16.718783Z","times_seen":1944,"resource_available":false,"data":null}},"time_used":483,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":482,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/ecb/8f8306425ab46d0221b2c56ef50f72e487d5bb0255ee7333091abb7c08c465094a574c3c12d0e1812241fe43c0d5f0ea88d857f698a4fd081b","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:35.940Z","timestamp":1783000175940,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /ecb/8f8306425ab46d0221b2c56ef50f72e487d5bb0255ee7333091abb7c08c465094a574c3c12d0e1812241fe43c0d5f0ea88d857f698a4fd081b HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nContent-Type: application/x-www-form-urlencoded\r\nx-request-source: https://j106y.vip\r\nXign: 1EQWYlP+AUAkx3sZqmTE8d2AVo7EpM+a94KQfHF6M1KMQyzgJ/hIHM9QNqiMbuA6a/7O35EAAa4vi6tNKyZggBmhJRb4ubR3TSk/RBq5eAEkEMAitIO20J9V3C+kNYfoUbvBoGEIVAzOISSkiGKEXFHPTf7jtfRDJZo6++ibBso=\r\ntimestamp: 1783000175931\r\nsign: mu4k3k305g4p2v3j\r\nversion: 5.6.12.0\r\nclient-type: web\r\ndevice-id: wtZjiNmmYm4mYBwpzNKrht4ssYykCjyC\r\nlang: zh-CN\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:36 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nExpires: Thu, 02 Jul 2026 13:54:36 GMT\r\nCache-Control: public, max-age=300, s-maxage=300, must-revalidate, stale-while-revalidate=30\r\nX-XSS-Protection: 1; mode=block\r\nX-Request-ID: 8d6beced8f20417bb11caf13b9b6d0a1\r\nPragma: public\r\nX-Content-Type-Options: nosniff\r\nStrict-Transport-Security: max-age=63072000; includeSubdomains; preload\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true, true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000176=NdFBkxXc2aBuloZavKUBNjKtLnFCMcJ7RWx+tgtmSmceEy/OZPV6RefCdc30KPcfeVDI36FETqNEwf5TswFffXfgYhDudGSbB7xHa4WI15N4GY5d4tS34h8zc+0+b2VX7WRkQOSrwF8QRMiWISfiBhc1iArFZfopyF5UhnQetX8GyWkheDnQDv+qB1PtbJmJ\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282d19f23179607be96\r\nX-Cache-Status: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":34785,"size_decoded":35828,"mime_type":"application/json","magic":"data","md5":"206b9de25c07a9c9f014923e332f341c","sha1":"b97d17f6156cc7d6d915cf7914d0d5e03eb26966","sha256":"1a8e5a610b29412013e0c28d9e4e7573ebd4f89fcb6a7d63d2bda4c08777db00","sha512":"1903988da3ec422395c9ca8c5ac0101d2a4dae5d701d64c7aa81596897bfee87e7484361365f61eb17164bb7407e3e0571aadc67a72e571f52171e0b11f9b212","ssdeep":"1536:O/HeLjEJDgNNY3N/myJU5d357l9TyGbr+Z3QV:8wNNaJU5d1yGbru3g","tlshash":"0233d0034610f7b0d3fa90fba10a27e06209ced463ebbde5cb35a1641f5612e23cd59a","first_seen":"2026-07-02T13:50:16.719919Z","last_seen":"2026-07-02T13:50:16.719919Z","times_seen":1,"resource_available":false,"data":null}},"time_used":794,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":554,"receive":240,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/241a9435d0f54d4d8b52c39a009abe8b?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.820Z","timestamp":1783000176820,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /img/fb/team/241a9435d0f54d4d8b52c39a009abe8b?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/826bba612cc3458e9f3d9d0d21cba2ab?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.863Z","timestamp":1783000176863,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/826bba612cc3458e9f3d9d0d21cba2ab?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:40 GMT\r\nContent-Type: image/png\r\nContent-Length: 6273\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 49766\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"826bba612cc3458e9f3d9d0d21cba2ab\"; filename*=utf-8''826bba612cc3458e9f3d9d0d21cba2ab\r\nContent-Md5: uYc8vaZLAWt3TtqZtyAyyA==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"FkPM0DhgFhUzK_DTlZyy2G4I7w-k\"\r\nLast-Modified: Tue, 19 May 2026 13:58:00 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg121;QNM3\r\nX-M-Reqid: PhaXl0XtO\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: ynoAAADVP5v0T74Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6273,"size_decoded":7028,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit colormap, non-interlaced","md5":"b9873cbda64b016b774eda99b72032c8","sha1":"43ccd038601615332bf0d3959cb2d86e08ef0fa4","sha256":"58fcbc95c13ed4b6d5c71ffa1420cec47803b99748e01d2034c00638731d537e","sha512":"7e48d7f17f262b9ebfc2293df5cacc031ce80d08fd3f2052b70094ec8030586fe2cedf567c5c9eb33ef69cea78cd9191ed047407ca93df4497235f514dace390","ssdeep":"96:FqQ+5OSzJwA5sDZGoyiA8AuMrOU+Wh9RPiJfwoLP+gBRmEyVjrLMasaDDpDSW3Xm:FqcSOAQZryVZCWwNxFHmrbzdeAXm","tlshash":"69d18dce2c0027e5990cce64f29868ac8d22147b1ad1780d87f658e627f681faab570d","first_seen":"2023-10-04T01:17:15Z","last_seen":"2026-07-02T19:51:45.166757Z","times_seen":126,"resource_available":false,"data":null}},"time_used":3391,"timings":{"blocked":3139,"dns":0,"connect":0,"send":0,"wait":252,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/e4bbc185fea44a208038465f565c15f9?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.869Z","timestamp":1783000176869,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/e4bbc185fea44a208038465f565c15f9?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:40 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 25373\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 20958\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"e4bbc185fea44a208038465f565c15f9\"; filename*=utf-8''e4bbc185fea44a208038465f565c15f9\r\nContent-Md5: eX8ZykYcYhFfcB+BcNr9AQ==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"FhH5tUvkGFqu80Ym2L5vY5JnAHp8\"\r\nLast-Modified: Fri, 26 Jun 2026 21:22:23 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg121;QNM3\r\nX-M-Reqid: eHN0doMmd\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: 6mQAAAB6rA0oar4Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":25373,"size_decoded":26130,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3","md5":"797f19ca461c62115f701f8170dafd01","sha1":"11f9b54be4185aaef34626d8be6f639267007a7c","sha256":"fda590ba20fab9ffcd61af50ff69133f0d275617de160002ad1724fdc465dbe8","sha512":"fde0335d891bf3c3730ffe3a20b12382baf8b3c8c63e5c6782085dcb3fd3c9ce9ff1392aa4079aef715bc595829b256a125031146746adef51e7d097b44a1fdc","ssdeep":"768:elMzX7Jg91SSzjKGUiuklV2/IG55OOqrXe:e2X+8SPK9r9IGOOCe","tlshash":"35b2e1c32ba95f74db1b4b8072d44d522f9707c569ca21b909031ca6f629ffb408b0bd","first_seen":"2026-06-30T17:45:52.102858Z","last_seen":"2026-07-02T19:51:45.181782Z","times_seen":50,"resource_available":false,"data":null}},"time_used":3574,"timings":{"blocked":3235,"dns":0,"connect":0,"send":0,"wait":304,"receive":35,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/img/vs.21f89f73.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.911Z","timestamp":1783000176911,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /img/vs.21f89f73.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://j106y.vip/css/home.1781011881923.38488e2a.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:37 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:10 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281706-51a\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000177=EqBF+Bh0dVrEWopR4QSbe3gLv530Txf9gxNuWcqAwwJyFQmzoSIFPuT6Qs0RexA5gv1Yl/y9jvDjY+CtiBAxSJv82bFPDJJgMPhlRJp2cKfy77f4EN8iv+KjcXxTN6eOFQTquVNLWTDDnl+3v+CPUuvJ9zVFdpEes6xII4+OwztLzfFpjUCaTlEamp1i27kN\r\nAge: 0\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282b19f23179d0bccab\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1306,"size_decoded":2033,"mime_type":"image/png","magic":"PNG image data, 70 x 28, 8-bit colormap, non-interlaced","md5":"41cff06a80e61ee3fcd32f7c29a6493e","sha1":"bb70bb0a3a0fde7a132788777aee629392c756e9","sha256":"3240fcea2e4168dc863b8aea602750e6a1fe11a557c18ac6a381781ef487746b","sha512":"fce7ff9f62b51c4f8994f0a8ec4a56f21570d0cd163471d99b357eb0a9a735c800b389c4a8a611ba441b208cea7eb483140042f5d11ef110b591c1c1898bbb8d","ssdeep":"","tlshash":"e921eaffe15b2c75ccb59bb3bc6c12656809582970866b137125e7588c539217f0c461","first_seen":"2025-08-29T11:05:53.184813Z","last_seen":"2026-07-02T13:50:16.725517Z","times_seen":1699,"resource_available":false,"data":null}},"time_used":1176,"timings":{"blocked":855,"dns":0,"connect":0,"send":0,"wait":321,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/img/bj.ada43481.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:34.919Z","timestamp":1783000174919,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /img/bj.ada43481.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://j106y.vip/css/home.1781011881923.38488e2a.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:36 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-6b4d0\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000176=NdFBkxXc2aBuloZavKUBNjKtLnFCMcJ7RWx+tgtmSmceEy/OZPV6RefCdc30KPcfeVDI36FETqNEwf5TswFffXfgYhDudGSbB7xHa4WI15N4GY5d4tS34h8zc+0+b2VX7WRkQOSrwF8QRMiWISfiBhc1iArFZfopyF5UhnQetX8GyWkheDnQDv+qB1PtbJmJ\r\nAge: 0\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282b19f231795c5cc9b\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":439504,"size_decoded":440358,"mime_type":"image/png","magic":"PNG image data, 1920 x 927, 8-bit colormap, non-interlaced","md5":"2c55f8fcc8edb773be5014d8deb72c4e","sha1":"e7e55505bf22de833ec6b82a229e70bdba93b58f","sha256":"21c44535cffd825752bf9a535001b4b605147e3434cf2906fc2c8fcdcd992c1a","sha512":"bab93e8eb191df623bd7e238ae8d5cf7feae73e2a768d7b591d4dd8b7aafc199fce7c34066a272fc9137959a78a6bcd9fb388f39d4a0938f5674aaee815a3cf7","ssdeep":"12288:K+TyFzCVXhEu0hvb3kkjOO9FNkh4k6yvwUKA4AuJiT9h+:tTyFGjENkkyOWh87UK/JiT9h+","tlshash":"739423b1df0b89c858a39043dc74f99263e8d0a6bdc40ab80bf14b9176709dbbbf5116","first_seen":"2023-08-17T12:39:32Z","last_seen":"2026-07-02T13:50:16.745438Z","times_seen":1676,"resource_available":false,"data":null}},"time_used":1901,"timings":{"blocked":991,"dns":0,"connect":0,"send":0,"wait":325,"receive":585,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/kc523-1/sponsor/sponsor_web_3.png?1781011825626","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:34.991Z","timestamp":1783000174991,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /kc523-1/sponsor/sponsor_web_3.png?1781011825626 HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:38 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 30 Sep 2025 12:19:27 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68dbcacf-9faf\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000178=rgsd0pWZBr0l5Ng5mIi2GDeTGvudQ6H9sjIO8r6cNqkJRHp69lh1vPgi97tRhC6q7YvYpiLtI+fH13Ni7zoR1wtp1uvO4un5Wk5MtbZcN/OkYbkYx5eCAUgVTLDmmsTiOjckzdOzxKOTE+4dIP9SNQ3fl1UZ1aLhtGBIiZPtL7LBzFPaQsoRNzEsnw6Yx03t\r\nAge: 0\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282e19f2317a007d004\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":40879,"size_decoded":41248,"mime_type":"image/png","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 428x169, components 3","md5":"c26161f438986f6e2d677c34d653285e","sha1":"faf6c47a013a9944bb8cac197688908422992039","sha256":"58d11e173550b3420b35c4e4be3eeb76b59ac790d9fb59b535ffe55d3b470fa9","sha512":"97649de556447ef6aa6cdd7d0bec46837cfb328335daa3b862cbaa5e23ca5a8f2af296703c9e961cbad02bb797ebf1f99ced2d1d245fbbb3a428e39d26428c76","ssdeep":"768:ub+4OMIuYE3McXMuDR64Q7sRFKJdsCA1Hunj5tyKxGGTVtkDGlT2oTO:uS4OMXYODNDR6XsRFisCAk39t6oi","tlshash":"db03f108254f2d4466ec90bbc7a1e0f7ee1d103dddb7e30c35a685163e46ca559fa0e6","first_seen":"2023-11-10T19:12:00Z","last_seen":"2026-07-02T13:50:16.74685Z","times_seen":1791,"resource_available":false,"data":null}},"time_used":3877,"timings":{"blocked":3558,"dns":0,"connect":0,"send":0,"wait":310,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/64840ee96fdc49dca527942a6a4d7b7a?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.765Z","timestamp":1783000176765,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/64840ee96fdc49dca527942a6a4d7b7a?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:38 GMT\r\nContent-Type: image/png\r\nContent-Length: 37429\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 7348\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"64840ee96fdc49dca527942a6a4d7b7a\"; filename*=utf-8''64840ee96fdc49dca527942a6a4d7b7a\r\nContent-Md5: qQVeRUADO5XMu+sLJlgAnw==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"Fly9wxSyE4c1gudz8u10dwxjCmu0\"\r\nLast-Modified: Tue, 19 May 2026 13:58:13 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg119;QNM3\r\nX-M-Reqid: byhNp6mmw\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: P4oAAAArMXaIdr4Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":37429,"size_decoded":38184,"mime_type":"image/png","magic":"PNG image data, 200 x 237, 8-bit/color RGBA, non-interlaced","md5":"a9055e4540033b95ccbbeb0b2658009f","sha1":"5cbdc314b213873582e773f2ed74770c630a6bb4","sha256":"2bed7a3cc29c38d001f116ec35900561a6bf3ee27d6a6be3c1b05174b3ab91c0","sha512":"36e7e22f7e881df200f208cdb9453f51774fee9c7e5c92b8e4da5ee9c6910c959337d7c92053ecf66b261fa000ec259b69099dd67922fbcddb78cd3c648d7ccd","ssdeep":"768:iBALvMpyAUyyVdtdLlBqxALe7oQYPE1GwI0fjIpZBlcbLkFnwz1zpHD/TTkNS:iBALqC/dhBS7XYP2g0bI5lqI9wB/nkI","tlshash":"caf2f18ee1559f47ca8032badb682356070964df5ea9022bf58e576380fc8342f1ce76","first_seen":"2026-07-02T12:47:40.200496Z","last_seen":"2026-07-02T13:50:16.747775Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1538,"timings":{"blocked":1092,"dns":0,"connect":0,"send":0,"wait":328,"receive":118,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/21f9d4895e8d4eebbff8d274b92b44c1?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.786Z","timestamp":1783000176786,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/21f9d4895e8d4eebbff8d274b92b44c1?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:38 GMT\r\nContent-Type: image/png\r\nContent-Length: 10985\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 89360\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"21f9d4895e8d4eebbff8d274b92b44c1\"; filename*=utf-8''21f9d4895e8d4eebbff8d274b92b44c1\r\nContent-Md5: XCDxESB0kWmeXkCpikI5Aw==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"FmLTlvnmgL3TuL-6Nd4HG29OsMoj\"\r\nLast-Modified: Tue, 19 May 2026 13:57:59 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg121;QNM3\r\nX-M-Reqid: UxarbmrZS\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: B0sAAABDZGHxK74Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":10985,"size_decoded":11741,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"5c20f111207491699e5e40a98a423903","sha1":"62d396f9e680bdd3b8bfba35de071b6f4eb0ca23","sha256":"d5be24a326d7e0664d92b480ce3f6d8ba1e49dc4849d15f60435f81cb8b126f0","sha512":"3e2afe9ddaccc8455db801092405d5d7459fa5e2af0d76317ffc57cbd41a615cf30fb32a27634ceaad94fef7ea536dc341491dd9717c9173516f366c66aa3439","ssdeep":"192:r5GGETps4tbDnwt4EfjNk6Zh0P9dHRjKf0lE22HLQCrW51GfD5:r5GGEls4JDnTgNk6v0PXQYvIQCrmyD5","tlshash":"f632c0e9efe0e9327fdff44a021516df0c970954578a133a61d2334a968db1e640d68f","first_seen":"2026-06-17T11:08:58.067513Z","last_seen":"2026-07-02T13:50:16.748669Z","times_seen":28,"resource_available":false,"data":null}},"time_used":1531,"timings":{"blocked":1242,"dns":0,"connect":0,"send":0,"wait":289,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/gpmaster/_webp_size328x442_4d4d0270-e129-42d7-8f6f-0802c910d540.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.047Z","timestamp":1783000177047,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/gpmaster/_webp_size328x442_4d4d0270-e129-42d7-8f6f-0802c910d540.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:40 GMT\r\nContent-Type: image/webp\r\nContent-Length: 11920\r\nConnection: keep-alive\r\nEtag: \"013c35e9baa4c707701c1a2cf8534d3d\"\r\nLast-Modified: Tue, 02 Dec 2025 14:08:51 GMT\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=S51JMpfw6LhxJC0KkRKfKzSUDP8KgGnFQ%2BtNm1HkOgtImSK7gH72nxt0lOwyWzFREYYDqS28fKuxMUY%2B1HYEkrexeWgog%2BTaSi2ETGcfCDN5IQ7zG4hWDeMsck0go0ZnuDnlY50QjuIKGnRDQM7vkTE%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nAge: 0\r\nCf-Cache-Status: HIT\r\nCF-RAY: a14e1d74fb261096-HKG\r\nalt-svc: h3=\":443\"; ma=86400\r\nCache-Control: public, max-age=2592000, immutable, public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nServer: Nginx\r\nL-Safe: 1783000180=/HKbVSD/7vRre6xAbJ/Z8ubw9TW1k6ODWXaxTL+J+WkSwcoNzoRwe6DSIb4eclOBywGI/tjcPogehrmEOo67xkbsDokiBoI2bOwHFRdZVp30oXkqS61CSJE40xu0XKdMeLCB2NbXxnp9SpTDW52q7OAsisMFf4omgDBMFUU6Zxii2+nY5c479iFlDvqAV4EH\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283019f2317a508c770\r\nX-Cache-Status: MISS\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11920,"size_decoded":13069,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"013c35e9baa4c707701c1a2cf8534d3d","sha1":"2139b155d847e1eb2d17fc298760cb039598f89b","sha256":"f1d2851323d84d5dde72bf02ab6ed8f8f55eddc2a9607799e1ff211e0ede29fd","sha512":"e80a60ee340f8de57181fe71da391673d3bb834b91b622b5032c3674e8b85ee3c1610574b1b1d883b42e94d94a45823a63657a90cfa2062674776ebe9637c8cf","ssdeep":"192:H0RkcJGKX9YQtzAe5IIq83lxzCfVJGpYWrJUcm1aTfRbuArP+UcJaYrR5Vc:UXGjQtzAxILj2tJGrJRmETflDzcoGR5V","tlshash":"ec32b065c3da9c54c4027bfdab0239f95c5e7b45783bc7de68893d150288f90be218b1","first_seen":"2026-04-24T23:10:16.764405Z","last_seen":"2026-07-02T13:50:16.751446Z","times_seen":430,"resource_available":false,"data":null}},"time_used":3071,"timings":{"blocked":2727,"dns":0,"connect":0,"send":0,"wait":344,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/gpmaster/_webp_size328x442_0b2c7f25-c17b-4d07-adb1-68f1823633a2.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.101Z","timestamp":1783000177101,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/gpmaster/_webp_size328x442_0b2c7f25-c17b-4d07-adb1-68f1823633a2.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/gpmaster/_webp_size328x442_0fa85f10-2205-44f2-82c2-66bd141c7d57.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.103Z","timestamp":1783000177103,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/gpmaster/_webp_size328x442_0fa85f10-2205-44f2-82c2-66bd141c7d57.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202503/_webp_size649x578_b82399e1-d771-428f-9811-f7e15cda0f21.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.109Z","timestamp":1783000177109,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202503/_webp_size649x578_b82399e1-d771-428f-9811-f7e15cda0f21.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/img/pay.8f35ebe1.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:34.929Z","timestamp":1783000174929,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /img/pay.8f35ebe1.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:37 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-154d\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000177=EqBF+Bh0dVrEWopR4QSbe3gLv530Txf9gxNuWcqAwwJyFQmzoSIFPuT6Qs0RexA5gv1Yl/y9jvDjY+CtiBAxSJv82bFPDJJgMPhlRJp2cKfy77f4EN8iv+KjcXxTN6eOFQTquVNLWTDDnl+3v+CPUuvJ9zVFdpEes6xII4+OwztLzfFpjUCaTlEamp1i27kN\r\nAge: 0\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282b19f23179bc8cca9\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5453,"size_decoded":6142,"mime_type":"image/png","magic":"PNG image data, 492 x 132, 4-bit colormap, non-interlaced","md5":"05d444b76263f6958a37ac82e45daa67","sha1":"a067d3a654da1ec4c51d8f049aabaa112183e355","sha256":"49166910b376f5487f30174e60fcf13aaaca9620ef1aa58cfb2c94a8c111ea8d","sha512":"7d276d57b068ec4a0125512e0781c501a96bf6c30b30304d247251190c6421a9ed7a03ec208a590d19d9a1183e3837b06d141bddd99abb7b0ee4e2a1ba28b28b","ssdeep":"96:u9g9Yof8+keuD1Kai/MXG5BHMsDiCNPFH/qX4iWXnqvcIzDRHSVyl07TrOKCm0R4:u9g9rJuYai//7FiSXnqvNYGmrOKcPwzp","tlshash":"74b18e749d6efb2a26b315c30d7499c21ea45c9e0d94f1c2244776963c732de3270985","first_seen":"2025-08-29T11:05:53.301829Z","last_seen":"2026-07-02T19:51:45.189636Z","times_seen":1688,"resource_available":false,"data":null}},"time_used":2858,"timings":{"blocked":2534,"dns":0,"connect":0,"send":0,"wait":324,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/ba10075c16484bb39b1af8b4c10ec63b?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.713Z","timestamp":1783000176713,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/ba10075c16484bb39b1af8b4c10ec63b?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:37 GMT\r\nContent-Type: image/png\r\nContent-Length: 1324\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 67757\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"ba10075c16484bb39b1af8b4c10ec63b\"; filename*=utf-8''ba10075c16484bb39b1af8b4c10ec63b\r\nContent-Md5: wdFE4vDeSAZ76fvawcFH4Q==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"FsWQW-KpLq8238fzDlhTcVTuiZFF\"\r\nLast-Modified: Sun, 28 Jun 2026 09:26:56 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg119;QNM3\r\nX-M-Reqid: ks3geYIuY\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: H7cAAADaz_eWP74Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1324,"size_decoded":2079,"mime_type":"image/png","magic":"PNG image data, 250 x 167, 8-bit/color RGBA, non-interlaced","md5":"c1d144e2f0de48067be9fbdac1c147e1","sha1":"c5905be2a92eaf36dfc7f30e58537154ee899145","sha256":"7b25a3f2bc6a7ed96bb24a0f74160198bbc37da8c86a20dc7ce30c684d8ea046","sha512":"fe030469a7cb6d3b084df0bb57d7b1eccadb06bb41538da26f3abf8a07bf68dd270de883f610b6faed5f14c8b3e4fd34afe8e8de499e27acb0dd7d7d23aefa65","ssdeep":"","tlshash":"642103a5ec0e4ce1a37089e651fcfa6903f4fba60c3984755094cb49d6532fecacc115","first_seen":"2026-06-16T09:31:22.358627Z","last_seen":"2026-07-02T19:45:35.949116Z","times_seen":43,"resource_available":false,"data":null}},"time_used":787,"timings":{"blocked":-1,"dns":0,"connect":255,"send":0,"wait":266,"receive":0,"ssl":265},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/gpmaster/_webp_size328x442_465faf5d-2f6d-44ba-896b-8d6bffead8bd.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.058Z","timestamp":1783000177058,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/gpmaster/_webp_size328x442_465faf5d-2f6d-44ba-896b-8d6bffead8bd.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:40 GMT\r\nContent-Type: image/webp\r\nContent-Length: 10758\r\nConnection: keep-alive\r\nEtag: \"1be21ba94f35a4ac4384d8d158cc42f6\"\r\nLast-Modified: Tue, 02 Dec 2025 14:08:05 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nAge: 0\r\nCf-Cache-Status: HIT\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Jy27nzBsgehsfdckdyRTqxqldS2ITcS%2BOh%2B87wraR3wla%2BEMUf4ahGuMwlaG%2Fjg96TD8isffo1fytCnlZyy0%2BWyg%2B%2Ftb3p8InByMO3bSHEPM5DCvKJsNCmGr28jBMaCsPBaq6TyfbHbdwcCcmhv11II%3D\"}]}\r\nCF-RAY: a14e1d772ff13d96-HKG\r\nalt-svc: h3=\":443\"; ma=86400\r\nCache-Control: public, max-age=2592000, immutable, public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nServer: Nginx\r\nL-Safe: 1783000180=/HKbVSD/7vRre6xAbJ/Z8ubw9TW1k6ODWXaxTL+J+WkSwcoNzoRwe6DSIb4eclOBywGI/tjcPogehrmEOo67xkbsDokiBoI2bOwHFRdZVp30oXkqS61CSJE40xu0XKdMeLCB2NbXxnp9SpTDW52q7OAsisMFf4omgDBMFUU6Zxii2+nY5c479iFlDvqAV4EH\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283019f2317a66ac772\r\nX-Cache-Status: MISS\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10758,"size_decoded":11915,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"1be21ba94f35a4ac4384d8d158cc42f6","sha1":"3dc86d6c7bd530771ada51859a6c47c39258402b","sha256":"e2322e5c3f299528f388653e9dee3d3ca69e9f0006d1d0530cad7062dc2c3cbb","sha512":"40ce1b1f21df22b5ff6df16248f358d1cf0eb862f764bccf75cec2bb7cebae008ed8452e6fba25c2e091fe61c36fd30d25e6d3b46fd107985140debd9dacb09f","ssdeep":"192:jQnnxvnAz9rf9dKD/x0vFIcyKAY7MLUnEpeiqd6ufnQD4rVdg9NpEDy2lc:4A9r76/xEycyUkLuID6Hg9zey2l","tlshash":"dc22c09b145b3135fc1664bdbd5e5b0250ad8cc102b886290cbe44ba808f9caadbfb05","first_seen":"2026-04-24T23:10:16.865837Z","last_seen":"2026-07-02T13:50:16.758376Z","times_seen":425,"resource_available":false,"data":null}},"time_used":3421,"timings":{"blocked":3064,"dns":0,"connect":0,"send":0,"wait":357,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/kc523-1/sponsor/sponsor.json?1781011825626","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:34.880Z","timestamp":1783000174880,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /kc523-1/sponsor/sponsor.json?1781011825626 HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:35 GMT\r\nContent-Type: application/json\r\nContent-Length: 646\r\nConnection: keep-alive\r\nLast-Modified: Tue, 30 Sep 2025 12:19:27 GMT\r\nETag: \"68dbcacf-286\"\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nServer: Nginx\r\nL-Safe: 1783000175=ou+1S2ys1bA+xDtGhRhEUsQUTlT6EfDUgxJlzi8nHWtVGx673ZMWeXxY+kUixE3mpGtiyAwglSJwaVzfevidH/0RRvYZj9t/HShIGZs1YJLGAfjXokQt4XscbFj/gGjtz1M9z68Ad+uekUFXcT8ChCxW2B8SbrGDBiFEOHfN/3V1oEWZi9/dc5qNyNbdYO4f\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282d19f231791c7be92\r\nX-Cache-Status: BYPASS\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":646,"size_decoded":1261,"mime_type":"application/json","magic":"JSON text data","md5":"10d2161de8cf99c474812f4c43645a26","sha1":"71884ef7281cdcb5084088f16d4550ce8790e634","sha256":"bb02fd7438bb49dd4decb6f76a71f11e93355332fd9f965d6f9f13bb8175aeca","sha512":"bf0fd1232309fcc5582d5c42644e1c7b4b8d235b1066e988ff55e0dd94a956f89742401f00c2d904359041c8e0c2bac8e9316252fab60db5eb0a3b4c935172f0","ssdeep":"","tlshash":"d8f0f44ad8b25b93211fb57c58cd050470294a8f0eccaac4baac987c4f598ddd1e839e","first_seen":"2023-06-16T04:51:50Z","last_seen":"2026-07-02T13:50:16.718783Z","times_seen":1944,"resource_available":false,"data":null}},"time_used":471,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":471,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/img/loading.da46bff6.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:34.993Z","timestamp":1783000174993,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /img/loading.da46bff6.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:38 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-7384c\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000178=rgsd0pWZBr0l5Ng5mIi2GDeTGvudQ6H9sjIO8r6cNqkJRHp69lh1vPgi97tRhC6q7YvYpiLtI+fH13Ni7zoR1wtp1uvO4un5Wk5MtbZcN/OkYbkYx5eCAUgVTLDmmsTiOjckzdOzxKOTE+4dIP9SNQ3fl1UZ1aLhtGBIiZPtL7LBzFPaQsoRNzEsnw6Yx03t\r\nAge: 0\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282b19f2317a100ccb2\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/6ada8b993af04b66ac57da67b504da2e?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.799Z","timestamp":1783000176799,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/6ada8b993af04b66ac57da67b504da2e?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:38 GMT\r\nContent-Type: image/png\r\nContent-Length: 18672\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 78334\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"6ada8b993af04b66ac57da67b504da2e\"; filename*=utf-8''6ada8b993af04b66ac57da67b504da2e\r\nContent-Md5: EZH1CReTkPMOLFLbuXJCzw==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"FoAMZatQG_dVbZ7eD1swhAWusY5J\"\r\nLast-Modified: Sat, 11 Apr 2026 19:32:53 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg119;QNM3\r\nX-M-Reqid: C5YPs4mab\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: _NMAAAAbZJr4Nb4Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18672,"size_decoded":19428,"mime_type":"image/png","magic":"PNG image data, 180 x 229, 8-bit/color RGBA, non-interlaced","md5":"1191f509179390f30e2c52dbb97242cf","sha1":"800c65ab501bf7556d9ede0f5b308405aeb18e49","sha256":"0e98d62cde63ce5c10e0a78871442edad4f996f54228e244eb33f4e762d7435a","sha512":"bc917c5edbfb449c41dca7b848bb1737b9b4d31f4e840c4104f3f6fe5351080bb54e07988db64b3009a317b3ea32b13317fd360f04bd34191e54040a5175b208","ssdeep":"384:QUYkDcOC94KnwS+l7nmdOLIQ/kIIg3sv9MMmlJ:Q/l5A7mmIQhsQ","tlshash":"8782c089e88ce591e1aada4147130d13f7f9667a9f7b8c2e7c622fed1b4028c995049c","first_seen":"2025-02-24T02:30:01.350727Z","last_seen":"2026-07-02T13:50:16.759713Z","times_seen":43,"resource_available":false,"data":null}},"time_used":2080,"timings":{"blocked":1652,"dns":0,"connect":0,"send":0,"wait":406,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/1e8aef104ca24ef699d673f19ba187a9?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.841Z","timestamp":1783000176841,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /img/fb/team/1e8aef104ca24ef699d673f19ba187a9?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/1935a0a4fc5c43be92d1288e7affa3d5?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.886Z","timestamp":1783000176886,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/1935a0a4fc5c43be92d1288e7affa3d5?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:40 GMT\r\nContent-Type: image/png\r\nContent-Length: 17523\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 13778\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"1935a0a4fc5c43be92d1288e7affa3d5\"; filename*=utf-8''1935a0a4fc5c43be92d1288e7affa3d5\r\nContent-Md5: YpdktgcYG8ZNXmOeOEiG+A==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"Fko2gKehYjwnncQgJSMoNVuoUoet\"\r\nLast-Modified: Sat, 23 May 2026 16:13:45 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg121;QNM3\r\nX-M-Reqid: sTxN78et8\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: YJEAAADay6-vcL4Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17523,"size_decoded":18279,"mime_type":"image/png","magic":"PNG image data, 98 x 98, 8-bit/color RGBA, non-interlaced","md5":"629764b607181bc64d5e639e384886f8","sha1":"4a3680a7a1623c279dc420252328355ba85287ad","sha256":"5fc5aa7f9602ff4e09e134c4fae16bec63173af4632bed86f237fc403c0fd78c","sha512":"a648fcfabb7e5e78d4f0c5f8abb3a870a52812072e3d9509118cf8d77ea372e9aae44197d31695b4c36e2e70bc5559ec230f156a7142010fd5d937a57d1fe03b","ssdeep":"384:LYID3p5uAgf8Dld2Kijyw+On1uOEu1RU2Q5AhDe2NEdGVF:t9gARl0Xhrn1vTR7Q5zdGVF","tlshash":"1c72c0f30670a5865afc4521efb66b8055c4c65cc66faa6c5f83af22c64c90630e719a","first_seen":"2025-06-25T05:42:43.476952Z","last_seen":"2026-07-02T19:51:45.18558Z","times_seen":8,"resource_available":false,"data":null}},"time_used":4201,"timings":{"blocked":3925,"dns":0,"connect":0,"send":0,"wait":270,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/3342f5a56fd542eea4b57627a3bf0b9e?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.902Z","timestamp":1783000176902,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /img/fb/team/3342f5a56fd542eea4b57627a3bf0b9e?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/28c9613790f24bbba9ac8a053f140dc6?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.905Z","timestamp":1783000176905,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /img/fb/team/28c9613790f24bbba9ac8a053f140dc6?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/4163f795bbbe4a0697929e05622fd0b5?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.759Z","timestamp":1783000176759,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/4163f795bbbe4a0697929e05622fd0b5?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:37 GMT\r\nContent-Type: image/png\r\nContent-Length: 91572\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 6716\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"4163f795bbbe4a0697929e05622fd0b5\"; filename*=utf-8''4163f795bbbe4a0697929e05622fd0b5\r\nContent-Md5: iSsVEG3o7oT7SYD7T7eEHQ==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"FgdIx23OF_xXskdiS2G8lact5Mn8\"\r\nLast-Modified: Sat, 27 Jun 2026 03:33:34 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg121;QNM3\r\nX-M-Reqid: zlYTLiFMH\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: HosAAADPZVsbd74Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":91572,"size_decoded":92327,"mime_type":"image/png","magic":"PNG image data, 246 x 246, 8-bit/color RGBA, non-interlaced","md5":"892b15106de8ee84fb4980fb4fb7841d","sha1":"0748c76dce17fc57b247624b61bc95a72de4c9fc","sha256":"792eaadaac66f8997e5dff1b78b8b3c753f59e5590b25452cfb202450defad9e","sha512":"c1584952c935f7f1c78ee2395eb1292563f8efa8c74f85612e4d924e2ed1cf04b46b241fea6533ff8ae9bd220c1a3a99ac1e458353bc7d58553db51d49e8fd02","ssdeep":"1536:9ymnD9DZisgM1cy3pp0zpSiUVLpgZaHNVJdaBHmtTxSmfaTFsx2HI5cp:9XndVgMayMIiUVLpbtD0snasx2Kq","tlshash":"9c9312956ad846fefc8345468fd59d060cfc4929fab06cd4d074c1ee2e1ea12b6852c3","first_seen":"2026-05-25T13:15:02.878204Z","last_seen":"2026-07-02T13:50:16.761627Z","times_seen":10,"resource_available":false,"data":null}},"time_used":1802,"timings":{"blocked":948,"dns":0,"connect":0,"send":0,"wait":347,"receive":507,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/cf16c3a57d3b40c3963f3a268ec9c6e1?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.823Z","timestamp":1783000176823,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /img/fb/team/cf16c3a57d3b40c3963f3a268ec9c6e1?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/10527b84ea9949b9914c172d9c001e10?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.857Z","timestamp":1783000176857,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/10527b84ea9949b9914c172d9c001e10?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:39 GMT\r\nContent-Type: image/png\r\nContent-Length: 11610\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 53370\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"10527b84ea9949b9914c172d9c001e10\"; filename*=utf-8''10527b84ea9949b9914c172d9c001e10\r\nContent-Md5: FZtPSfBS4H3L94aQHwxsbA==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"Ftqn3JBBnOBMfMVLZuwhhRdcuaJe\"\r\nLast-Modified: Tue, 19 May 2026 13:58:00 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg119;QNM3\r\nX-M-Reqid: 3mHTIEH0e\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: dAUAAAB1tVqtTL4Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11610,"size_decoded":12366,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced","md5":"159b4f49f052e07dcbf786901f0c6c6c","sha1":"daa7dc90419ce04c7cc54b66ec2185175cb9a25e","sha256":"7faf71b67b4c67258382f4ceab697845a2adbe8416f70505d123f4ecb4002e96","sha512":"f64fa9ca528ae6fe95ade062ad87d66213da2fdf618aaddd1559a364f7206b9f7ac9f948ec3bfa8aafad62513373d6d7cc46f6803175ba9126647e7af0b83bd8","ssdeep":"192:2tCBzjd92u0WMiIpvhCRTzOP4RmDFGF4N8knhx4Eb+n0/pucwm:UCBtfMi+pCRTaP4iG/aan0/gcT","tlshash":"c932af44833531f90c465bf98e9b6524f175dcb703b3c637c63e46e99e04652ea4894f","first_seen":"2025-02-26T15:38:27.730424Z","last_seen":"2026-07-02T19:51:45.12965Z","times_seen":49,"resource_available":false,"data":null}},"time_used":3205,"timings":{"blocked":2925,"dns":0,"connect":0,"send":0,"wait":280,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202508/_webp_size1298x1156_04beb05f-bdcc-4bf4-a35f-b560e45e45b0.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.087Z","timestamp":1783000177087,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202508/_webp_size1298x1156_04beb05f-bdcc-4bf4-a35f-b560e45e45b0.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:41 GMT\r\nContent-Type: image/webp\r\nContent-Length: 73676\r\nConnection: keep-alive\r\nEtag: \"41e79b39dc26bbaf7f40e04fea71c634\"\r\nLast-Modified: Wed, 10 Dec 2025 11:53:06 GMT\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2B0D%2B%2FdZ6FL%2FYY8yPV%2Fo2QMXn6JLCPriEh97yHsCLNxd7bQt1jBq30WyIs6koGkf%2B25e%2FKMwGN8dXE7uRe8l%2F3mqbL2Tq6EtWOG6OxV5u%2BKdpLWrMvTKKOf8ucOfDMqIgDxkyblcZvlNk9OnDcEO5Ybk%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nAge: 0\r\nCf-Cache-Status: HIT\r\nCF-RAY: a14e1d7d9a9a0ced-HKG\r\nalt-svc: h3=\":443\"; ma=86400\r\nCache-Control: public, max-age=2592000, immutable, public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nServer: Nginx\r\nL-Safe: 1783000181=eGH6nTlY7PZVQWH/VL0+MFCf/2GNtpPgiS6qRKxbTGMNmnC7AwCfL7k00AKVcehImAAwzPCvLsSo/uLtLuwvTQPthrtKzxpQU1edstunNlqcynPw2GJXIWNhIogAaF31BUObeFlr0QzRmiyqXj4oBd9fAXFvx5HfcebP7FUBxYyP71+x0CBGfYeWR8y8tgdh\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282e19f2317aa66d00d\r\nX-Cache-Status: MISS\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/webp","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/js/21954.1781011881923.57c97863.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:34.154Z","timestamp":1783000174154,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /js/21954.1781011881923.57c97863.js HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:34 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-a3da\"\r\nCache-Control: public, max-age=31536000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000174=wWdLAvL7giG3ugqAOzp8kD+MaGSfg3qXUEZVe6MYGcqorkzZ3o9ReiRy6Cb1aZuYSDRP2kPvmsecI7BI38u3mC0q811EYMXtu2qoUkxaoIUn84jsxRwtAF9sNX/UFg9xm/UZO5wqqXb10AsOnTF+oOlEgTc8qRgKJOKkqHymC+fWJj+cqNyXb80wn4A1mksQ\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283019f23178ed7c75d\r\nX-Cache-Status: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":41946,"size_decoded":9458,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (41946), with no line terminators","md5":"35aef3c03c45b75cc6c2851265c30f23","sha1":"54874afc1d2d6391142418c6c17d7639247b6c9b","sha256":"c7a0283f3d2fde40ce97fe3bb5e79621f9939000c50c3c781a4597c3242ebae2","sha512":"f74356629d65ff26f6928ad3183ba8e6e01848921202f9c14c5aef758ef72acdcabf523209e892df42d230d9c87cb47cda7bd106105ed8447718fc502b2d71db","ssdeep":"768:U/aSfmzKrMdvf0eMQ/96loumY1PI1yBK9LudEz+yUy51y9y0yk6Dio+ILqpTeY:z81R6Ipyk6o","tlshash":"33132088fac2b06dd3eb7330857f505ae66a1dc0668c5434e260d6917e7198dc1fb9f8","first_seen":"2026-05-29T16:01:53.086335Z","last_seen":"2026-07-02T19:32:29.55571Z","times_seen":153,"resource_available":true,"data":null}},"time_used":319,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":319,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202508/_webp_size1884x434_8fe89870-1081-42db-97b7-f8272ac29ae0.jpg","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.492Z","timestamp":1783000176492,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202508/_webp_size1884x434_8fe89870-1081-42db-97b7-f8272ac29ae0.jpg HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:36 GMT\r\nContent-Type: image/webp\r\nContent-Length: 35652\r\nConnection: keep-alive\r\nEtag: \"460db28ebf94215162fde2f45aa09227\"\r\nLast-Modified: Wed, 10 Dec 2025 10:48:14 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nAge: 10235\r\nCf-Cache-Status: HIT\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=R2sAPpmZG8dKgTlusX6gTwK0K78TFaaK7s%2BK5b0MHemuGsIBNHjZPxpgloOJIAINcDTuE1Tgri62w1qRBIPWoYv8oGm%2Fj4NG0X9E13B1juMqObgCnuCtK7nEpBUFZ5cWUkXnN%2F4jTaVUaqa8MPJceKs%3D\"}]}\r\nCF-RAY: a14e1d604ad1e2f8-HKG\r\nalt-svc: h3=\":443\"; ma=86400\r\nCache-Control: public, max-age=2592000, immutable, public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nServer: Nginx\r\nL-Safe: 1783000176=NdFBkxXc2aBuloZavKUBNjKtLnFCMcJ7RWx+tgtmSmceEy/OZPV6RefCdc30KPcfeVDI36FETqNEwf5TswFffXfgYhDudGSbB7xHa4WI15N4GY5d4tS34h8zc+0+b2VX7WRkQOSrwF8QRMiWISfiBhc1iArFZfopyF5UhnQetX8GyWkheDnQDv+qB1PtbJmJ\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282f19f231797facbf4\r\nX-Cache-Status: BYPASS\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":35652,"size_decoded":36807,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1884x434, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"460db28ebf94215162fde2f45aa09227","sha1":"0225f7e91dc41547efad18932766b6c015ad8067","sha256":"6f2bb6b02eec8a75b36f50f9a85e80a7153785bb31d41c7204bfd276c6407fcc","sha512":"e95968ce697aedd21f9c2bca132aeb5704265c25d540eda3e4d08832b3d0d0e71e454d137ed5de531807499279ab56121b0a5975f340670b2ece902d60fbcc0d","ssdeep":"768:tNbBFG8Mzu+7ftXGrZ98VqOhCHza3+conChKku0aOwq9J9r7Z1I:bDG8MZh2rZQqYNUkWOR9J5jI","tlshash":"44f2e18ec1c932eee97bc29101be2be0ff89966bf15857662dd2c0c98e51311848fc5d","first_seen":"2026-04-24T23:10:16.885462Z","last_seen":"2026-07-02T13:50:16.768386Z","times_seen":438,"resource_available":false,"data":null}},"time_used":509,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":423,"receive":86,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/c7c9b246cce641c1803b623d7b659c55?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.832Z","timestamp":1783000176832,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /img/fb/team/c7c9b246cce641c1803b623d7b659c55?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202503/_webp_size649x578_07a2d840-d1e1-4217-9d3b-badf80b88abd.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.026Z","timestamp":1783000177026,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202503/_webp_size649x578_07a2d840-d1e1-4217-9d3b-badf80b88abd.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:39 GMT\r\nContent-Type: image/webp\r\nContent-Length: 77072\r\nConnection: keep-alive\r\nEtag: \"81934df1c48f153ec91149ba3c3beb37\"\r\nLast-Modified: Sat, 06 Dec 2025 06:20:21 GMT\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XWCPOE0lhesods5Iy9Yln8ItZbPx6oj%2FdJwebM37mhJr666PAzefKVAf2afRYIZVwjBVvgKVaqAWRRQMBNHoUjPBn59PI3yRLiiISmkI1IHEccunfDuRdsbnNhX0%2F%2F%2Fl7bJb43r3ukbQh1VwRtagqVo%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nAge: 0\r\nCf-Cache-Status: HIT\r\nCF-RAY: a14e1d735dd11056-HKG\r\nalt-svc: h3=\":443\"; ma=86400\r\nCache-Control: public, max-age=2592000, immutable, public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nServer: Nginx\r\nL-Safe: 1783000179=3wO66BVSV5R6/mgkpnnrprcbt1xV9ECfXJZrLFZ7c74ted537YpWSkHEyyYMH6WWkFPX7l3e0fZBtJhYxt4jkZpIedH78HDhXuz36KSqnISOfnjBuvLGf4G64mQwIQUkqyHtP+htEtyFDSzt9wHsPubKoADySk/KIXwi+qaU0LLlw5aS+J0d3MDZBzmFtg4f\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283719f2317a400cd0b\r\nX-Cache-Status: MISS\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":77072,"size_decoded":78223,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"81934df1c48f153ec91149ba3c3beb37","sha1":"263dec3db6f316ad859fae46f18adc5cbb9e5c61","sha256":"9393129dc2d2eb90aa6b0e3cae170e77eccc785d4fca575804e1d25a2bee1383","sha512":"9d322a35877bc71c33fad174b47d6377f214fba0f11bc6a6180c5032765a9f4332354a4e6192a33049ab7a20a79ef58804de08d54098f64d8511c08b50e2b6ca","ssdeep":"1536:vow5Jv2vmGSpZk1IdIwZojJkcFgxPAifiE3TcBUPpCoS+LsAEZhO96:vowCOGYZk1w7q+PaE3T8uS+Lr2hO96","tlshash":"a573127b5c2c0bb32fc676c6e2e9b5c82cc817b1478556cf5b7958af95a4311232c02a","first_seen":"2026-04-24T23:10:16.861629Z","last_seen":"2026-07-02T13:50:16.770912Z","times_seen":431,"resource_available":false,"data":null}},"time_used":2995,"timings":{"blocked":2513,"dns":0,"connect":0,"send":0,"wait":366,"receive":116,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202503/_webp_size649x578_95e34ac6-aa0b-4d3f-9ae0-451b7e2983d6.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.034Z","timestamp":1783000177034,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202503/_webp_size649x578_95e34ac6-aa0b-4d3f-9ae0-451b7e2983d6.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:37 GMT\r\nContent-Type: image/webp\r\nContent-Length: 72760\r\nConnection: keep-alive\r\nEtag: \"f3567ecc873ade2418801f0f5a4a755f\"\r\nLast-Modified: Sat, 06 Dec 2025 06:17:08 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nAge: 0\r\nCf-Cache-Status: HIT\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PuqvRn8LksFuwfWYjUSjyv9jSaRugEnexLfLyqh8Si9FXSV1kMiB4en1A1urKlCj2c%2Bv%2BUwkt8GU6ibOJVZ5PfxGIAcfw9SbEb2ZmACaCvvi8%2FTtGtDziDOSO2Hi0B00O6jkbgdRXpuAntFuOW5jROY%3D\"}]}\r\nCF-RAY: a14e1d63ccf60655-HKG\r\nalt-svc: h3=\":443\"; ma=86400\r\nCache-Control: public, max-age=2592000, immutable, public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nServer: Nginx\r\nL-Safe: 1783000177=EqBF+Bh0dVrEWopR4QSbe3gLv530Txf9gxNuWcqAwwJyFQmzoSIFPuT6Qs0RexA5gv1Yl/y9jvDjY+CtiBAxSJv82bFPDJJgMPhlRJp2cKfy77f4EN8iv+KjcXxTN6eOFQTquVNLWTDDnl+3v+CPUuvJ9zVFdpEes6xII4+OwztLzfFpjUCaTlEamp1i27kN\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282b19f23179a19cca4\r\nX-Cache-Status: MISS\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":72760,"size_decoded":73909,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"f3567ecc873ade2418801f0f5a4a755f","sha1":"e8fc02b34bd284bdffb53faea4cf595658b0313c","sha256":"4b1a175ed7a2578bee0892a9483844a11bd86070caf612d6714d961747b38420","sha512":"857339772b7cd720df654fc85ac26d103e6cb1ef75e2e1b3dd377b6403b34112dd44a07521fdcd476bdb0b657c3525cb25796ad3ae24a8820ef947c6718d9c44","ssdeep":"1536:GqiacLi4hDdd3WrRvp1BtjWbzMEws521D5kBTVhe3w/PKgXJcuSOe:G71L7hgrhXBtjgzMEF5A+VkEPhNe","tlshash":"0b6302ccd2cc9aa0c4a46cd7f4057b38a962b589664f997303e2e387cac4bd917171bd","first_seen":"2026-04-24T23:10:16.730515Z","last_seen":"2026-07-02T13:50:16.771768Z","times_seen":431,"resource_available":false,"data":null}},"time_used":679,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":492,"receive":187,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202503/_webp_size649x578_e50c5112-b480-4217-95c2-f187843fa431.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.077Z","timestamp":1783000177077,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202503/_webp_size649x578_e50c5112-b480-4217-95c2-f187843fa431.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:40 GMT\r\nContent-Type: image/webp\r\nContent-Length: 54466\r\nConnection: keep-alive\r\nEtag: \"d564e11aa2a3009b6985896da404739e\"\r\nLast-Modified: Sat, 06 Dec 2025 06:22:05 GMT\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wejx1lOo27%2B3Cyc1LuYl%2F%2BSXEJ0vCODT4qMlEqEcAb0rrwr3F3UzXbtsxltP98KbYMSxZf1lzKkcjMETT3vmckXKHFpZa91dC46iAu%2BVdWaNlczyraqNQQkAQUf68AV3gDrsK1ioYwortWLJ0qRRwCE%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nAge: 0\r\nCf-Cache-Status: HIT\r\nCF-RAY: a14e1d7abfb6064f-HKG\r\nalt-svc: h3=\":443\"; ma=86400\r\nCache-Control: public, max-age=2592000, immutable, public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nServer: Nginx\r\nL-Safe: 1783000180=/HKbVSD/7vRre6xAbJ/Z8ubw9TW1k6ODWXaxTL+J+WkSwcoNzoRwe6DSIb4eclOBywGI/tjcPogehrmEOo67xkbsDokiBoI2bOwHFRdZVp30oXkqS61CSJE40xu0XKdMeLCB2NbXxnp9SpTDW52q7OAsisMFf4omgDBMFUU6Zxii2+nY5c479iFlDvqAV4EH\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282b19f2317a8a7ccc1\r\nX-Cache-Status: MISS\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":54466,"size_decoded":55617,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d564e11aa2a3009b6985896da404739e","sha1":"5701d82c9e2fd24ec69db4bdc9ee3e32cffca139","sha256":"75d785fba01e17e56ae0ba404eb302e8537d3a7b7f84d11128164946a3987384","sha512":"1f6a7673f6ccb42f0f1e5135154db412145225615504419fcd52655726f8ac4c85ec419c54167c1d4e71c60cfbd30f87f7bc07d53858adb3e30e184f2fdb5623","ssdeep":"1536:+USdyAD4v4ReUeNhO2po1VPvBu3czLES5WjB6lieR:Wdym04TGeLvlQAC6geR","tlshash":"fa330269024c6463719556f833feb42aa760a7c63801a4799a8f3594fe24ce874cfd6c","first_seen":"2026-04-24T23:10:16.721458Z","last_seen":"2026-07-02T13:50:16.772994Z","times_seen":414,"resource_available":false,"data":null}},"time_used":4036,"timings":{"blocked":3645,"dns":0,"connect":0,"send":0,"wait":358,"receive":33,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202508/_webp_size1298x1156_b219e889-d34b-4c28-b534-674fb2e77fdd.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.093Z","timestamp":1783000177093,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202508/_webp_size1298x1156_b219e889-d34b-4c28-b534-674fb2e77fdd.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/img/partner.dca3fc6e.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:34.928Z","timestamp":1783000174928,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /img/partner.dca3fc6e.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:37 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-7129\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000177=EqBF+Bh0dVrEWopR4QSbe3gLv530Txf9gxNuWcqAwwJyFQmzoSIFPuT6Qs0RexA5gv1Yl/y9jvDjY+CtiBAxSJv82bFPDJJgMPhlRJp2cKfy77f4EN8iv+KjcXxTN6eOFQTquVNLWTDDnl+3v+CPUuvJ9zVFdpEes6xII4+OwztLzfFpjUCaTlEamp1i27kN\r\nAge: 0\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282e19f23179bc7d001\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28969,"size_decoded":29325,"mime_type":"image/png","magic":"PNG image data, 480 x 151, 8-bit/color RGBA, non-interlaced","md5":"7374b72d05130af2d77119eb0eb4ba10","sha1":"5b3e5e621329685de250121b2fd9c798f46f7d65","sha256":"059a622a7f1f0f1f239d624f19b0f5531c0f0aedadb8ccd40d2570a76dd56752","sha512":"c2d0f744838a882c8ac15de6bb0bfbeb3dd2f31550cc7a259b9890ea38eddf835902171c1346ed7e1d2005ba18b929d598002d60b7355df72073d955521b18b0","ssdeep":"768:tAAoY1X4ITISUWhiqmMiuCaUENwHoacq8zqWx6:abaX4SIYIdMMow8zqi6","tlshash":"a2d2e0ecdc3058f1f533894dc979813a6f3886ba05e359817a36f92bddc3e8506491e6","first_seen":"2025-08-29T11:05:53.287538Z","last_seen":"2026-07-02T19:51:45.205355Z","times_seen":1687,"resource_available":false,"data":null}},"time_used":2840,"timings":{"blocked":2534,"dns":0,"connect":0,"send":0,"wait":301,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/ecb/8f8306425fb46e096ba9db3ab31b67b681fbb31575ff397b0117","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:35.942Z","timestamp":1783000175942,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /ecb/8f8306425fb46e096ba9db3ab31b67b681fbb31575ff397b0117 HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nContent-Type: application/x-www-form-urlencoded\r\nx-request-source: https://j106y.vip\r\nXign: RzgDITprQPrlDBKe0PwkaiqNYKfeJt/2vLpxxpvqeHcN/NclNmaqixiNbo6urXoCQgK+C6PLuOjmKLDqsBLCkP+J71Jzud5J6/bnLm+0D+L8EAfikJyKQtdbGAe/6fpnqozyNqAodxE571AGPIvfYuB3YZKQKIQzKXRosHFgxDY=\r\ntimestamp: 1783000175932\r\nsign: 6q3o6r5d2j6q7p3i\r\nversion: 5.6.12.0\r\nclient-type: web\r\ndevice-id: wtZjiNmmYm4mYBwpzNKrht4ssYykCjyC\r\nlang: zh-CN\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:36 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nExpires: Thu, 02 Jul 2026 13:59:36 GMT\r\nCache-Control: public, max-age=600, s-maxage=600, must-revalidate, stale-while-revalidate=30\r\nX-XSS-Protection: 1; mode=block\r\nX-Request-ID: 909fe7efa28747c6ac96cb623ec5c712\r\nPragma: public\r\nX-Content-Type-Options: nosniff\r\nStrict-Transport-Security: max-age=63072000; includeSubdomains; preload\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true, true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000176=NdFBkxXc2aBuloZavKUBNjKtLnFCMcJ7RWx+tgtmSmceEy/OZPV6RefCdc30KPcfeVDI36FETqNEwf5TswFffXfgYhDudGSbB7xHa4WI15N4GY5d4tS34h8zc+0+b2VX7WRkQOSrwF8QRMiWISfiBhc1iArFZfopyF5UhnQetX8GyWkheDnQDv+qB1PtbJmJ\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283919f2317960fcb16\r\nX-Cache-Status: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2142,"size_decoded":3175,"mime_type":"application/json","magic":"data","md5":"f4f87a72cbbf02d90ae42988e778e2ce","sha1":"4c50d0910a88116638fb885ca42b5e079d86a351","sha256":"697524edb29653b44c122e780030b6cd3d7c656cac4e0903382886ef25eaa506","sha512":"b1c48db004175eff33b752c0454a7acc64a3a3f09c93cdc21ccbeb921ba6f5ce90c96d35a36e8124bfbd0945637086e9fb4324450817eb02ceca144015d6d7ee","ssdeep":"","tlshash":"c9612c18a1139b30a31fb570d01195a5cf4b91e4ffefac18c72dd578db4a9089a9cb3a","first_seen":"2026-07-02T13:50:16.775417Z","last_seen":"2026-07-02T13:50:16.775417Z","times_seen":1,"resource_available":false,"data":null}},"time_used":442,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":442,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/a8169d226dac4e93b82e336856107e61?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.859Z","timestamp":1783000176859,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/a8169d226dac4e93b82e336856107e61?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:39 GMT\r\nContent-Type: image/png\r\nContent-Length: 3396\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 49765\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"a8169d226dac4e93b82e336856107e61\"; filename*=utf-8''a8169d226dac4e93b82e336856107e61\r\nContent-Md5: NgGdkwjrFw8yEUOYgetn0A==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"FmYbslm0tk2Kj5NAa1G-WrJkXgJ4\"\r\nLast-Modified: Tue, 19 May 2026 13:57:49 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg119;QNM3\r\nX-M-Reqid: c2VyBKLYX\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: uA4AAABuRZv0T74Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3396,"size_decoded":4151,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"36019d9308eb170f3211439881eb67d0","sha1":"661bb259b4b64d8a8f93406b51be5ab2645e0278","sha256":"1a755de34fb09286b44cef3fa97a2327250337839fcb9d04163a3881b85634d5","sha512":"110f1ff60705185f707f0c3004be435fe22cb22a861d4c84a512d89509e678918e260d3d1269184ffc7d965b84a46a486f6ac29054a73dcf9f0bcf9cdac599c1","ssdeep":"","tlshash":"dc616dc7aa58383c901880cdad3e900823f71e52245d77924494e97a7f2e3a908cb991","first_seen":"2025-07-11T23:15:51.040187Z","last_seen":"2026-07-02T19:51:45.112863Z","times_seen":22,"resource_available":false,"data":null}},"time_used":3235,"timings":{"blocked":2969,"dns":0,"connect":0,"send":0,"wait":266,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/9588c57f019149b7a402ea65aaf29018?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.817Z","timestamp":1783000176817,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /img/fb/team/9588c57f019149b7a402ea65aaf29018?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/config/gd.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:31.508Z","timestamp":1783000171508,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /config/gd.js HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:32 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-4420\"\r\nCache-Control: public, max-age=31536000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000172=HjX/wKANgSgk7bf4ruTlq+LWjZ5tlyE8jm2EEJGuE4mheqVYNrZ//oApmuDjLa5keWF0IBTGmCbND7j+yf4a4ICt6FJFD26xI/UFMj6uUnqti0kaCFRix+Q3KWwNu23VovzGZBKgfgLL89YMXfilGqREPmpygQxY5P+q0KHtzcZEl6CjmvhH/Y6eByFT6wyv\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282b19f231786d6cc8c\r\nX-Cache-Status: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17440,"size_decoded":5524,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"368318100a3c0f64373230a250953d5a","sha1":"6e0d91639cafd23f1b22aecee332da83c70b93ea","sha256":"dffc9b203a19b9e70363f75f737b7afe2164d6b8c045800d4dd7931d9093aff4","sha512":"91077ca792821795a816a0ee1a9cef242bf2915c02402706c7bd5c027c62f4bc52517b6a5e3db9f4b873e5a3c9d652758cc277c1f5ba07dc12e0d69b4f6e9eeb","ssdeep":"384:bJA61XVpi5LH4NmeJPXwXkQdcAwR0Nw3zzbSGwYg1C:bJA6BZX+oJjzzgY","tlshash":"80721f4d68f7905345a3b03c8bafa114b5388643181cde457e9ce394af6843d97babdc","first_seen":"2026-05-19T02:14:56.346288Z","last_seen":"2026-07-02T19:32:29.535738Z","times_seen":241,"resource_available":true,"data":null}},"time_used":1063,"timings":{"blocked":-1,"dns":0,"connect":293,"send":0,"wait":466,"receive":0,"ssl":304},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/js/60024.1781011881923.e9a203dc.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:34.643Z","timestamp":1783000174643,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /js/60024.1781011881923.e9a203dc.js HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:35 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-11f9\"\r\nCache-Control: public, max-age=31536000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000175=ou+1S2ys1bA+xDtGhRhEUsQUTlT6EfDUgxJlzi8nHWtVGx673ZMWeXxY+kUixE3mpGtiyAwglSJwaVzfevidH/0RRvYZj9t/HShIGZs1YJLGAfjXokQt4XscbFj/gGjtz1M9z68Ad+uekUFXcT8ChCxW2B8SbrGDBiFEOHfN/3V1oEWZi9/dc5qNyNbdYO4f\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283619f23179124c5fd\r\nX-Cache-Status: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4601,"size_decoded":2490,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4601), with no line terminators","md5":"ac04ba4305a374571b2d241fe1f50dc2","sha1":"e559b9a0a338e35fb6605942f7d14e96c031ae71","sha256":"788282499d13bd0bb6207ed41a15a3d0b2058ca97003d1e1a872e81401f02aa7","sha512":"6edc613a3f8585bf6cfb8c034199265c1c1daf368d0d3a6e2c41bf441a334a7f93139c0b0fb4147b98264567be9b135fab3cbe923e8fe040ec553e9fec04c8ae","ssdeep":"96:UR4NFRSZqe65bD7RM/Rsxkw9usN6tKex9sX2NaenPdqUDDEz:UR4NFRSZqesbD6Rgks0RxeX2NbnPdqUE","tlshash":"3491cbd876d2f071426f9678862f285fe27bead074ccb415d1c1e690aef062d8933d68","first_seen":"2026-06-12T19:29:57.341024Z","last_seen":"2026-07-02T13:50:16.78167Z","times_seen":137,"resource_available":true,"data":null}},"time_used":523,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":523,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/82d769a30cd640cc8ef2444bc205dde4?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.751Z","timestamp":1783000176751,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/82d769a30cd640cc8ef2444bc205dde4?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:37 GMT\r\nContent-Type: image/png\r\nContent-Length: 41672\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 92963\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"82d769a30cd640cc8ef2444bc205dde4\"; filename*=utf-8''82d769a30cd640cc8ef2444bc205dde4\r\nContent-Md5: EZNq+v8IVVqtDxeSezilzA==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"Fghh-xoTKg8SIVAVMGRAFbvTpkfA\"\r\nLast-Modified: Tue, 19 May 2026 13:57:57 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg119;QNM3\r\nX-M-Reqid: PVfuTpxTm\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: 5HwAAAA3tF6qKL4Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":41672,"size_decoded":42428,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced","md5":"11936afaff08555aad0f17927b38a5cc","sha1":"0861fb1a132a0f1221501530644015bbd3a647c0","sha256":"e39e3222097516a82de3b8df145dd21ec952d948e8d06e1111cf139a54ec04ff","sha512":"741e773f91f82f5a7a9999a61d631f3314ef9153aa6e59eba3abfa2da247aebe559f5f73307c52c53d816be2a877f7679ec5e65aeb68f3dfb5b4a7a73f203803","ssdeep":"768:w2xVmce5GaoHzRVAfdSeLAErOa/ICeP+i1f08M8+W4xlVnrgfNa:3x1n/AfdSyrXDmf078+flVr8Na","tlshash":"b213f10411e02c11f165c694347a438babf7e7c8afcb05caddba416ecfd64d8320e982","first_seen":"2025-03-16T06:48:52.329775Z","last_seen":"2026-07-02T13:50:16.782542Z","times_seen":61,"resource_available":false,"data":null}},"time_used":1309,"timings":{"blocked":710,"dns":0,"connect":0,"send":0,"wait":340,"receive":259,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/d04b59d2dd25490ea5447d22d2d86f2c?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.779Z","timestamp":1783000176779,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/d04b59d2dd25490ea5447d22d2d86f2c?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:38 GMT\r\nContent-Type: image/png\r\nContent-Length: 38144\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 7288\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"d04b59d2dd25490ea5447d22d2d86f2c\"; filename*=utf-8''d04b59d2dd25490ea5447d22d2d86f2c\r\nContent-Md5: 7TK3aKbbWtGVuPL9F7zlbg==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"FgJEI0HPrdh2DXrNdxe_HhI9-r3c\"\r\nLast-Modified: Sun, 14 Jun 2026 20:28:08 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg121;QNM3\r\nX-M-Reqid: BspZ2lrtP\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: w0wAAAC1A0mWdr4Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":38144,"size_decoded":38899,"mime_type":"image/png","magic":"PNG image data, 200 x 252, 8-bit/color RGBA, non-interlaced","md5":"ed32b768a6db5ad195b8f2fd17bce56e","sha1":"02442341cfadd8760d7acd7717bf1e123dfabddc","sha256":"281fc219508ddcb8728479c601bcbaf12354673c70663ffc792046ce4e504add","sha512":"394752834f8f1e24d9f0f974f8ca3f3351f16c75bfe07ee8bcca5833847d2bd36210da2a860eaa9cf315380e73c0e373243e40485b0b25067d60e5097819b7b4","ssdeep":"768:jaDUMEWQ4aiWUIwkKLgB4BpVw0QAFdXLU6YYynYIaIAPUOJlasV:wPQKWUIxKLhBpbFdXLUtFamO+0","tlshash":"c203f1eee7c006d8092513adbd9090a194773a19f14dcb9ef4eb561069e6ce0e4f3bd2","first_seen":"2024-12-10T14:50:17.896885Z","last_seen":"2026-07-02T13:50:16.783344Z","times_seen":12,"resource_available":false,"data":null}},"time_used":1686,"timings":{"blocked":1231,"dns":0,"connect":0,"send":0,"wait":314,"receive":141,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/c306e802100d4fedbefd09a1e1dd7db9?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.813Z","timestamp":1783000176813,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /img/fb/team/c306e802100d4fedbefd09a1e1dd7db9?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/84beb32dfe884e2b842669527d248870?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.875Z","timestamp":1783000176875,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/84beb32dfe884e2b842669527d248870?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:40 GMT\r\nContent-Type: image/png\r\nContent-Length: 50265\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 15551\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"84beb32dfe884e2b842669527d248870\"; filename*=utf-8''84beb32dfe884e2b842669527d248870\r\nContent-Md5: 6zPBXh3++GC/yHISp6SI8A==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"FjjAqLlMSX_iNOKwtU3yJfMRdYBy\"\r\nLast-Modified: Tue, 19 May 2026 13:57:58 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg119;QNM3\r\nX-M-Reqid: MNGe4x8wb\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: anYAAAAJ2esSb74Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":50265,"size_decoded":51021,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced","md5":"eb33c15e1dfef860bfc87212a7a488f0","sha1":"38c0a8b94c497fe234e2b0b54df225f311758072","sha256":"3780335220bef39aef655f20752838b776e30cc620fffa313ceb3e0b9864ebca","sha512":"26b11b572d8f6b21b7a4fbd2b4c83ad7c0e992ad50ec029029b5d857182fe44dac1688bf9205b22f670cd00499490a68c967d2111a2863c4cdf9ccd8c6d9ceac","ssdeep":"768:AUqBbsV5Y2SancVDxrJKgXqcwME+RM9GWY0uzZFzVh4K/ZrBP:Fm8jSasrI+7wMiAWlu9Hh4mJBP","tlshash":"1f33026c837207ba4c64c2a558494c593733e730f86548c2eb70fdc46d7a605596bbdf","first_seen":"2025-03-30T02:59:21.093848Z","last_seen":"2026-07-02T19:51:45.21053Z","times_seen":22,"resource_available":false,"data":null}},"time_used":3719,"timings":{"blocked":3363,"dns":0,"connect":0,"send":0,"wait":281,"receive":75,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/assets/logo/favicon.ico","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:34.471Z","timestamp":1783000174471,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /assets/logo/favicon.ico HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:34 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 585615\r\nConnection: keep-alive\r\nLast-Modified: Wed, 01 Apr 2026 05:40:09 GMT\r\nETag: \"69ccafb9-8ef8f\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nServer: Nginx\r\nL-Safe: 1783000174=wWdLAvL7giG3ugqAOzp8kD+MaGSfg3qXUEZVe6MYGcqorkzZ3o9ReiRy6Cb1aZuYSDRP2kPvmsecI7BI38u3mC0q811EYMXtu2qoUkxaoIUn84jsxRwtAF9sNX/UFg9xm/UZO5wqqXb10AsOnTF+oOlEgTc8qRgKJOKkqHymC+fWJj+cqNyXb80wn4A1mksQ\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283019f23179053c75e\r\nX-Cache-Status: BYPASS\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":585615,"size_decoded":586282,"mime_type":"image/x-icon","magic":"PNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced","md5":"abd1eb812e495d993fb310ca906ea605","sha1":"77a61cd2ad4a89c22f4a979571d3c259870732f5","sha256":"ccd41d39ff7fbed7a9200f685d9b0198736d1a2f737e9d32f83ddaeef39a4180","sha512":"e8221a9acda08a0a0bc5410cd14bc72d30e6fa66cc6e7a4bc07b53f5c94b5ec670f19571246ab2f55ec2924f679543780e9f55e0ecf8a169ce3b91e38da07d25","ssdeep":"12288:zObp4IC0/qFNYge/0z5g2c+UTxVi1+4g+/F5:ibpa2qFNNe8zy+si1+4V/F5","tlshash":"e8c4230df5a39834d5dc996741db54e0c790e4183db25e323ba3448ea3d05b8ea267f7","first_seen":"2026-03-20T12:57:26.707036Z","last_seen":"2026-07-02T13:50:16.78571Z","times_seen":606,"resource_available":false,"data":null}},"time_used":1128,"timings":{"blocked":61,"dns":0,"connect":0,"send":0,"wait":333,"receive":734,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/undefined","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:34.886Z","timestamp":1783000174886,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /undefined HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:35 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nCache-Control: public, s-maxage=600, max-age=0\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000175=ou+1S2ys1bA+xDtGhRhEUsQUTlT6EfDUgxJlzi8nHWtVGx673ZMWeXxY+kUixE3mpGtiyAwglSJwaVzfevidH/0RRvYZj9t/HShIGZs1YJLGAfjXokQt4XscbFj/gGjtz1M9z68Ad+uekUFXcT8ChCxW2B8SbrGDBiFEOHfN/3V1oEWZi9/dc5qNyNbdYO4f\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282b19f231791c7cc96\r\nX-Cache-Status: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":24594,"size_decoded":11457,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5777)","md5":"e79ba8d5268f3090203c26b2ec87119f","sha1":"67ec737a939ce7eb32f6c9ab0f6cb36a5d0c5045","sha256":"f03b70608a46781f56d44226537411cfd4da69014f8c6540319977c45398149b","sha512":"378079455a3539b8fa003afc4351f6acd844d704e0f41250b71dda29b445cb99821596e562eed3afea6a7d0b6de1ff61e22754a4c3d9384952d09b90f4dc3e55","ssdeep":"384:21ERlxqNBPJu2VwiYwJvSoVXsp+pa/iZcVk97g6nMusplIiz:1RXqrJuiNYiKop/E6wkpcu2llz","tlshash":"05b2195a9df3497a2423303a1f7fb20869b0d0134309ed803e4de7594f95aaa56f3bd6","first_seen":"2026-06-12T19:29:57.247756Z","last_seen":"2026-07-02T13:50:16.704028Z","times_seen":165,"resource_available":true,"data":null}},"time_used":507,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":507,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/img/license.ea57c78d.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:34.926Z","timestamp":1783000174926,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /img/license.ea57c78d.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:37 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-7b8\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000177=EqBF+Bh0dVrEWopR4QSbe3gLv530Txf9gxNuWcqAwwJyFQmzoSIFPuT6Qs0RexA5gv1Yl/y9jvDjY+CtiBAxSJv82bFPDJJgMPhlRJp2cKfy77f4EN8iv+KjcXxTN6eOFQTquVNLWTDDnl+3v+CPUuvJ9zVFdpEes6xII4+OwztLzfFpjUCaTlEamp1i27kN\r\nAge: 0\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283019f23179badc764\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1976,"size_decoded":2698,"mime_type":"image/png","magic":"PNG image data, 161 x 52, 4-bit colormap, non-interlaced","md5":"60a2c7c150b01809fbb7b97932684b5b","sha1":"67fc9647c452a17b519c6a51dc8c38daa23755f9","sha256":"c5ce31558a1f979ae78c7779d2f312b196750375541e9c147b73d6e44d47c276","sha512":"2328442fa1c74e47c6eff4adab55920c7e7738e7ae51bd2b222fb696bbcf8201a14805089a33baa80c28a40db47061048d817c384bd72735b2e0c0116ff63c6f","ssdeep":"","tlshash":"b3412a6266729beced1a8c47592c7df1d8338ca1a200e1c150ed761f1bf8e1060e7a94","first_seen":"2025-08-29T11:05:53.23289Z","last_seen":"2026-07-02T13:50:16.786701Z","times_seen":1701,"resource_available":false,"data":null}},"time_used":2833,"timings":{"blocked":2508,"dns":0,"connect":0,"send":0,"wait":325,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/kc523-1/sponsor/sponsor_web_2.png?1781011825626","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:34.990Z","timestamp":1783000174990,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /kc523-1/sponsor/sponsor_web_2.png?1781011825626 HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:38 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 30 Sep 2025 12:19:27 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"68dbcacf-a049\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000178=rgsd0pWZBr0l5Ng5mIi2GDeTGvudQ6H9sjIO8r6cNqkJRHp69lh1vPgi97tRhC6q7YvYpiLtI+fH13Ni7zoR1wtp1uvO4un5Wk5MtbZcN/OkYbkYx5eCAUgVTLDmmsTiOjckzdOzxKOTE+4dIP9SNQ3fl1UZ1aLhtGBIiZPtL7LBzFPaQsoRNzEsnw6Yx03t\r\nAge: 0\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282b19f23179ffbccb0\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":41033,"size_decoded":41398,"mime_type":"image/png","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 428x169, components 3","md5":"66036fddf71ff69f45c146ca63883070","sha1":"4b3076a271d5042ef1b6cffc2ff49f421a819f08","sha256":"93c59a52fe04b0050dd4552a135177533afbe2dec54f10c516610b0dee857e0c","sha512":"29c2fc65e144e5d13c011e4897e0bdf771c7b4c249875eca4fa25589625696c71ec015e7e8ef3a5ee45f2a6ae9df3663da0bb736a6fb13c9628f0d0957827c71","ssdeep":"768:6eyNeN9huVfPKv0KhazApErcA6cFKSkS+pbTCx81TxUqIUgYWxDHc9wZGbYGniRl:6eXXh8KcQakywKK++tTCi6xD89HbxiD","tlshash":"b003f15c4c413e7777f19baae00ac84224d11fd4fdd5e3e61a8bc659a843a68bc2540e","first_seen":"2023-11-10T19:12:00Z","last_seen":"2026-07-02T13:50:16.78749Z","times_seen":1799,"resource_available":false,"data":null}},"time_used":3938,"timings":{"blocked":3547,"dns":0,"connect":0,"send":0,"wait":329,"receive":62,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/api/tenant/domain/list","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:35.949Z","timestamp":1783000175949,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /api/tenant/domain/list HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nx-request-source: https://j106y.vip\r\nXign: kDOdnij2MamOqwRzVUSPAdlUYhw4NTfUy16YEjGWXD02o4BdV7COQJ4QRSLtys54vpcqLKs+bE+C2K6oEJ9ie3T0HBNV/W2QLpsTyS/NdRswSL+Nb54leNvJYKT4/eKTxJE/IZfgSQT4PcXxIcegXi95WSu9qYdtbPzZO0yeSuE=\r\ntimestamp: 1783000175929\r\nsign: 66t4k343m4i1g3i3\r\nversion: 5.6.12.0\r\nclient-type: web\r\ndevice-id: wtZjiNmmYm4mYBwpzNKrht4ssYykCjyC\r\nlang: zh-CN\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:36 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Thu, 02 Jul 2026 13:59:36 GMT\r\nCache-Control: public, max-age=600, s-maxage=600, must-revalidate, stale-while-revalidate=30\r\nX-XSS-Protection: 1; mode=block\r\nX-Request-ID: fd35ff71d74b4deda194c7bb2453e9d8\r\nPragma: public\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nX-Content-Type-Options: nosniff\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000176=NdFBkxXc2aBuloZavKUBNjKtLnFCMcJ7RWx+tgtmSmceEy/OZPV6RefCdc30KPcfeVDI36FETqNEwf5TswFffXfgYhDudGSbB7xHa4WI15N4GY5d4tS34h8zc+0+b2VX7WRkQOSrwF8QRMiWISfiBhc1iArFZfopyF5UhnQetX8GyWkheDnQDv+qB1PtbJmJ\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283719f2317978ecd03\r\nX-Cache-Status: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1108,"size_decoded":1825,"mime_type":"application/json","magic":"JSON text data","md5":"5d9e96bd132a2c24281ae50f2b09efe4","sha1":"503ea18100d0f1573baa195933355a1372e93841","sha256":"7f205b18b5deaae96622989dbc8ad73999a9616e96ef26d909f19525deadb328","sha512":"ab5a589dc81944d2fe05d656777e9e490d42a2fd68c7e577387cfdd47c9b0c5276ca2f91a3868407c373e500d00bb5360a5ae035c7c0cb1addf47f20755a268b","ssdeep":"","tlshash":"fb11c6101c6f12c8d6e8d29263503345388d8b76056db91b69d6b74fae0583a32120a4","first_seen":"2025-08-29T11:05:53.144028Z","last_seen":"2026-07-02T13:50:16.788262Z","times_seen":1776,"resource_available":false,"data":null}},"time_used":727,"timings":{"blocked":430,"dns":0,"connect":0,"send":0,"wait":296,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/2b5e78e2295d46169803bd9b33ab0221?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.891Z","timestamp":1783000176891,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/2b5e78e2295d46169803bd9b33ab0221?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:41 GMT\r\nContent-Type: image/png\r\nContent-Length: 67185\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 10174\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"2b5e78e2295d46169803bd9b33ab0221\"; filename*=utf-8''2b5e78e2295d46169803bd9b33ab0221\r\nContent-Md5: cGCV97sccYLMe3+aQ1aiqQ==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"FnJFfLJ0_hGiAKe3KuoVFuQsmy0V\"\r\nLast-Modified: Tue, 19 May 2026 13:58:04 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg119;QNM3\r\nX-M-Reqid: jkAE2O60I\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: vqEAAAAHYA33c74Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":67185,"size_decoded":67941,"mime_type":"image/png","magic":"PNG image data, 198 x 255, 8-bit/color RGBA, non-interlaced","md5":"706095f7bb1c7182cc7b7f9a4356a2a9","sha1":"72457cb274fe11a200a7b72aea1516e42c9b2d15","sha256":"c6c018cc9d9f2d0959e82070827209c9a9f96c04783dd4cb98e6c0485861b6aa","sha512":"1d9c5980a243eb6ea775b6aa32a484e483aa1e80adae872dd5b9b8ef29d77a85961f00630c0bc4e81e3fa1afda2ecd98c3240e7c70a147d8ea64c4e9781dfda0","ssdeep":"1536:KR79uUJ3SdQZRuEOKigvaQ/y89AIjIMlaj//gOPJfwK6pEtd:KFVJrZQE8SZ2MlQ4wfF6pEtd","tlshash":"246302229011d7b92d443c6fe912421df6e2f29850b96416cfd489fdf29bb2c3db1a4b","first_seen":"2025-03-28T02:30:49.233305Z","last_seen":"2026-07-02T19:51:45.161581Z","times_seen":10,"resource_available":false,"data":null}},"time_used":4477,"timings":{"blocked":4019,"dns":0,"connect":0,"send":0,"wait":346,"receive":112,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/img/LIVE.88ccbf98.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.947Z","timestamp":1783000176947,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /img/LIVE.88ccbf98.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:38 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-f0e1\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000178=rgsd0pWZBr0l5Ng5mIi2GDeTGvudQ6H9sjIO8r6cNqkJRHp69lh1vPgi97tRhC6q7YvYpiLtI+fH13Ni7zoR1wtp1uvO4un5Wk5MtbZcN/OkYbkYx5eCAUgVTLDmmsTiOjckzdOzxKOTE+4dIP9SNQ3fl1UZ1aLhtGBIiZPtL7LBzFPaQsoRNzEsnw6Yx03t\r\nAge: 0\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283019f23179e29c768\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":61665,"size_decoded":62394,"mime_type":"image/png","magic":"PNG image data, 582 x 307, 8-bit colormap, non-interlaced","md5":"372d01a2bda7ccdca1e7966af39c2327","sha1":"d438c1947b711d032c5621a6b4b08bbbca2c338d","sha256":"4eac7be4c06fa607ef5e95789e3ead43806bfeff97872ed6567e3810f2f661bc","sha512":"9f04160df8696cf984cd77604dddaea73969479e4f1c5050e53351df7f11e85d8ecccb14ecb87dcd58bea0ba04d9ba5ea3f99c69a179ba88ad38d5416b7a94d3","ssdeep":"1536:jTjrlfQBxhFWiXt2lnJE9mARbSK0k2C8ve1HfarCtt:jH1QjwWUC9mA10jC8WZfaQt","tlshash":"dd53124a2ecc3a1f7bf21e5e06f286814d36a186d0f9ba5bc6e70ef1218521de0e4535","first_seen":"2023-11-10T19:12:00Z","last_seen":"2026-07-02T13:50:16.789758Z","times_seen":1678,"resource_available":false,"data":null}},"time_used":1450,"timings":{"blocked":1118,"dns":0,"connect":0,"send":0,"wait":314,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/img/heying.d446c85d.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:34.986Z","timestamp":1783000174986,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /img/heying.d446c85d.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:38 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-591\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000178=rgsd0pWZBr0l5Ng5mIi2GDeTGvudQ6H9sjIO8r6cNqkJRHp69lh1vPgi97tRhC6q7YvYpiLtI+fH13Ni7zoR1wtp1uvO4un5Wk5MtbZcN/OkYbkYx5eCAUgVTLDmmsTiOjckzdOzxKOTE+4dIP9SNQ3fl1UZ1aLhtGBIiZPtL7LBzFPaQsoRNzEsnw6Yx03t\r\nAge: 0\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282b19f23179fdeccaf\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1425,"size_decoded":2152,"mime_type":"image/png","magic":"PNG image data, 22 x 22, 8-bit/color RGBA, non-interlaced","md5":"c0d0c516850381dd1ca39dd94b08f21b","sha1":"54522affec52debd9c0bd3784f0ce9bf692f5d6d","sha256":"301cbb9a8c3fae88d732c8b8fdfe40113e3257831d37150e95564cc0f9b8fbe7","sha512":"6d6b1263f2de2b35237c784fd0aa127c469f8b6ebf347ff1987d791611d5b36f0909f3a81f9db6b1571756ecae60454d854e776e5ed782acbdfcce4fda2b9c86","ssdeep":"","tlshash":"dd213b5023742cd0e8ae3457ef12e5fdb823417994f8dd0c99b9bc3e84908b1057a48e","first_seen":"2025-09-04T00:49:32.953523Z","last_seen":"2026-07-02T19:51:45.208835Z","times_seen":1735,"resource_available":false,"data":null}},"time_used":3808,"timings":{"blocked":3517,"dns":0,"connect":0,"send":0,"wait":291,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/css/chunk-common.1781011881923.90261a1c.css","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:31.509Z","timestamp":1783000171509,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /css/chunk-common.1781011881923.90261a1c.css HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:32 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-34c8\"\r\nCache-Control: public, max-age=31536000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000172=HjX/wKANgSgk7bf4ruTlq+LWjZ5tlyE8jm2EEJGuE4mheqVYNrZ//oApmuDjLa5keWF0IBTGmCbND7j+yf4a4ICt6FJFD26xI/UFMj6uUnqti0kaCFRix+Q3KWwNu23VovzGZBKgfgLL89YMXfilGqREPmpygQxY5P+q0KHtzcZEl6CjmvhH/Y6eByFT6wyv\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282e19f231786d7cff9\r\nX-Cache-Status: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13512,"size_decoded":4720,"mime_type":"text/css","magic":"ASCII text, with very long lines (13512), with no line terminators","md5":"18db28ed82e6a8aa84b4ca311e8effc9","sha1":"19d1c3f13ce483b564653631f2bd6a340017a84b","sha256":"8d0fd3816e0960390ac6c9757e98a97c96597871468e74a8dcb81f170ad98303","sha512":"dbee6bb335fe964df137f44bbd9752844d5baeeec889ffb5c21c9979a8ce51018f81dadd4a66b2016a30874962c6e4fd2243325fa60958d45d06f34bdee72b87","ssdeep":"192:4dQK/X4cBY4mZGX1lsUTLA7gYER7/i//LN4hHSQZA2VxM2XwKjv0:M8oTGER7/i//LihHBrxP0","tlshash":"c952a631d634b53ce57be226f9d09adc6024d417e2730baeea643b3ac5ca4d215332c8","first_seen":"2026-06-12T19:29:57.231975Z","last_seen":"2026-07-02T13:50:16.792826Z","times_seen":160,"resource_available":false,"data":null}},"time_used":919,"timings":{"blocked":-1,"dns":0,"connect":293,"send":0,"wait":322,"receive":0,"ssl":302},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/theme.config.ef94991b.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:31.514Z","timestamp":1783000171514,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /theme.config.ef94991b.js HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:31 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:10 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281706-1a62f\"\r\nCache-Control: public, max-age=31536000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000171=3ij61lhseI31F3UnQVuXjzGQjzqdbei8CD0HyPDczYO/7PQxr6Ye7P/lIYM5GRJnMN18ipj/a0byiPMay64a2xCJ4utz7wnubM1R1mmpLOAtbLVuN0TWZQDyjWJTj08i/CA2jW11n20J9eJbw3qYOWWe6fVWYUYpujUIZW42djiEj0PPGQ1BXIn4xMvlNqfM\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283019f231785b6c75a\r\nX-Cache-Status: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":108079,"size_decoded":16737,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (38260)","md5":"90d279a2980268d2835cec593c23d286","sha1":"4374bf6da5cbdf8f025434137487bda68077cddf","sha256":"1679f19badc24dea0edab376edfb8583714645e18f705fb849037af6cf0b3ff8","sha512":"362ec1b73cebe1ad224a5b745c9ceebf2b86301deab27e35d6517d499499328b34c24d76a72e5b348d623e64a4d17bfa0ab08d2aa012f02af23c6a72df51817f","ssdeep":"1536:D2JREobVmtlIRM4Sb2mcTa2mnzyJog9CcHWHA:qEtlGu1Jnz45HT","tlshash":"c0b3bb7ae20c963a6177a8bfb46ce111d12f9c0c9b1d5fdef03e60a25710669c831de9","first_seen":"2026-06-12T19:29:57.324936Z","last_seen":"2026-07-02T13:50:16.794515Z","times_seen":160,"resource_available":true,"data":null}},"time_used":707,"timings":{"blocked":281,"dns":0,"connect":0,"send":0,"wait":416,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/js/chunk-svg.1781011881923.7ca9cdc1.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:31.515Z","timestamp":1783000171515,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /js/chunk-svg.1781011881923.7ca9cdc1.js HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:32 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-72eeb\"\r\nCache-Control: public, max-age=31536000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000172=HjX/wKANgSgk7bf4ruTlq+LWjZ5tlyE8jm2EEJGuE4mheqVYNrZ//oApmuDjLa5keWF0IBTGmCbND7j+yf4a4ICt6FJFD26xI/UFMj6uUnqti0kaCFRix+Q3KWwNu23VovzGZBKgfgLL89YMXfilGqREPmpygQxY5P+q0KHtzcZEl6CjmvhH/Y6eByFT6wyv\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283719f231785c0ccfc\r\nX-Cache-Status: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":470763,"size_decoded":90048,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65532), with no line terminators","md5":"2e885a50d7dc711be337a96fe33f0c2e","sha1":"8c767dd1bdcbf35f2577bd215ff6fe495cbd0f43","sha256":"603d14d58a247671742688b96c517d62e9c636443b960bc421af5352df4c01f7","sha512":"09289e06b0db84915693f0b78ab40149972b29693d0d6b1e66e4fbe9bddf00380f5f4e8e78961512d91a132226494572994ceade62d3d8a878126fdcdeb8fd95","ssdeep":"3072:/8nz2uaLZSZvx6Q/sIPrekK+mB6Ua94sRZI7gbpF/:/8nz2uasNxpXPrekK+mB6UHsE4pF/","tlshash":"c0a4fcb4c190f4edf704ce196e7c9e1c50321688e0a9e9e52da9fe0d9e85d6b241cdec","first_seen":"2026-06-12T19:29:57.244213Z","last_seen":"2026-07-02T13:50:16.795389Z","times_seen":159,"resource_available":true,"data":null}},"time_used":1326,"timings":{"blocked":291,"dns":0,"connect":0,"send":0,"wait":449,"receive":586,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/assets/logo/favicon.ico","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:34.473Z","timestamp":1783000174473,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /assets/logo/favicon.ico HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:34 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 585615\r\nConnection: keep-alive\r\nLast-Modified: Wed, 01 Apr 2026 05:40:09 GMT\r\nETag: \"69ccafb9-8ef8f\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nServer: Nginx\r\nL-Safe: 1783000174=wWdLAvL7giG3ugqAOzp8kD+MaGSfg3qXUEZVe6MYGcqorkzZ3o9ReiRy6Cb1aZuYSDRP2kPvmsecI7BI38u3mC0q811EYMXtu2qoUkxaoIUn84jsxRwtAF9sNX/UFg9xm/UZO5wqqXb10AsOnTF+oOlEgTc8qRgKJOKkqHymC+fWJj+cqNyXb80wn4A1mksQ\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282e19f23179053cffc\r\nX-Cache-Status: BYPASS\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":585615,"size_decoded":586282,"mime_type":"image/x-icon","magic":"PNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced","md5":"abd1eb812e495d993fb310ca906ea605","sha1":"77a61cd2ad4a89c22f4a979571d3c259870732f5","sha256":"ccd41d39ff7fbed7a9200f685d9b0198736d1a2f737e9d32f83ddaeef39a4180","sha512":"e8221a9acda08a0a0bc5410cd14bc72d30e6fa66cc6e7a4bc07b53f5c94b5ec670f19571246ab2f55ec2924f679543780e9f55e0ecf8a169ce3b91e38da07d25","ssdeep":"12288:zObp4IC0/qFNYge/0z5g2c+UTxVi1+4g+/F5:ibpa2qFNNe8zy+si1+4V/F5","tlshash":"e8c4230df5a39834d5dc996741db54e0c790e4183db25e323ba3448ea3d05b8ea267f7","first_seen":"2026-03-20T12:57:26.707036Z","last_seen":"2026-07-02T13:50:16.78571Z","times_seen":606,"resource_available":false,"data":null}},"time_used":1337,"timings":{"blocked":59,"dns":0,"connect":0,"send":0,"wait":328,"receive":950,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/kc523-1/noData/cms_moren.png?1781011825626","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:34.994Z","timestamp":1783000174994,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /kc523-1/noData/cms_moren.png?1781011825626 HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/api/sport/match/list?sportId=1\u0026client=web","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:35.945Z","timestamp":1783000175945,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /api/sport/match/list?sportId=1\u0026client=web HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nx-request-source: https://j106y.vip\r\nXign: bV6qZoLO9otxakEhCppcyRW0fVxEcjlnhNQI6HzzIXUYN88gCE99HuS8ZvT2RKLl5BsDZoL1jU5HrtaMN0s5GDNRHHZ007/Rh1UO6tkDbYjCk5ARwG1gGgBm4F2SKC/Gff5FKrggrjL1/92pgDYRWLLL0XbGxw9zt8qxvFY6Fkc=\r\ntimestamp: 1783000175929\r\nsign: 5u292s6f6d333b6t\r\nversion: 5.6.12.0\r\nclient-type: web\r\ndevice-id: HMci68DKmkFyKhmhEB7naY235ta57TYN\r\nlang: zh-CN\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:36 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCache-Control: no-cache, no-store, max-age=0\r\ncontent-encoding: gzip\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nServer: Nginx\r\nL-Safe: 1783000176=NdFBkxXc2aBuloZavKUBNjKtLnFCMcJ7RWx+tgtmSmceEy/OZPV6RefCdc30KPcfeVDI36FETqNEwf5TswFffXfgYhDudGSbB7xHa4WI15N4GY5d4tS34h8zc+0+b2VX7WRkQOSrwF8QRMiWISfiBhc1iArFZfopyF5UhnQetX8GyWkheDnQDv+qB1PtbJmJ\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283019f23179766c760\r\nX-Cache-Status: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20844,"size_decoded":4579,"mime_type":"application/json","magic":"JSON text data","md5":"338285f2c96eb12939fe140622374ac3","sha1":"63be2c7a6bda7a3d2bb49ab139711de1e6336031","sha256":"d26cb5e65a5ea9373133c75d16a9b715eeb7d53e134b6d78b28755a9f2b347ff","sha512":"0d0efb37831a1433f55979d01c65e844631bdc8043e05a7c6d11fbb6890a755805aa9d36a255a574637995983434e02f82b88782f24c4c22c5a1f0412e585b66","ssdeep":"384:eh5+3+SwxBHLqUDGT6n8EnqfM/NVdKVCDbJJXrrhVFAlTc5LG+5CHGic55KsWzU8:eh5+3fwxBrqUDGT68EnqU/NVdKVCDbJ2","tlshash":"a9920e9681dd18a52bac21e56e0e3e4d947ef95b0adef5c5ee0ecf0860b43f79204d21","first_seen":"2026-07-02T13:49:02.336199Z","last_seen":"2026-07-02T13:50:16.796176Z","times_seen":3,"resource_available":false,"data":null}},"time_used":705,"timings":{"blocked":392,"dns":0,"connect":0,"send":0,"wait":313,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/ecb/8f8306425cb6740e78b2802ff5047afa96a8ae096bee393c421cac4924db741c4a080b3f3ed2f2822673f3118bd3bae081df46a59bfce8","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:35.951Z","timestamp":1783000175951,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /ecb/8f8306425cb6740e78b2802ff5047afa96a8ae096bee393c421cac4924db741c4a080b3f3ed2f2822673f3118bd3bae081df46a59bfce8 HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nContent-Type: application/x-www-form-urlencoded\r\nx-request-source: https://j106y.vip\r\nXign: uZuNEcHa01V7MMK8MHKGJih8ZIQUMque0ex6Pa5f5vnEdALfiGlN+HEAKktTwdNjCUmjiYT94awHP/jRCe1zFYd29SlKclBtIqLBkXJxh+P2RxKm2m1PahE+5eVouQha9osmcNICbFpVsvWJleuo/d8j+6+vUelZoNFS3v7lWTY=\r\ntimestamp: 1783000175932\r\nsign: 547394g4j6a4p36c\r\nversion: 5.6.12.0\r\nclient-type: web\r\ndevice-id: wtZjiNmmYm4mYBwpzNKrht4ssYykCjyC\r\nlang: zh-CN\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:36 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nExpires: Thu, 02 Jul 2026 13:59:36 GMT\r\nCache-Control: public, max-age=600, s-maxage=600, must-revalidate, stale-while-revalidate=30\r\nX-XSS-Protection: 1; mode=block\r\nX-Request-ID: 3832765110754027b8374d605b75f56c\r\nPragma: public\r\nX-Content-Type-Options: nosniff\r\nStrict-Transport-Security: max-age=63072000; includeSubdomains; preload\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true, true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000176=NdFBkxXc2aBuloZavKUBNjKtLnFCMcJ7RWx+tgtmSmceEy/OZPV6RefCdc30KPcfeVDI36FETqNEwf5TswFffXfgYhDudGSbB7xHa4WI15N4GY5d4tS34h8zc+0+b2VX7WRkQOSrwF8QRMiWISfiBhc1iArFZfopyF5UhnQetX8GyWkheDnQDv+qB1PtbJmJ\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282b19f231797becc9e\r\nX-Cache-Status: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13941,"size_decoded":14974,"mime_type":"application/json","magic":"data","md5":"6575426ca96cbc269d5de2bcd862d835","sha1":"8e84dde30beca265d9a9c785ca8e2e7157b48fc8","sha256":"ffb9926d992ffca1f5c8b212b9fbdcb230743a58103b8b313613133e0c504896","sha512":"5a734fb9e179f65e77392bea930204cdbeff2052c75d40543857587c313ac09bce64056278bf4fb693236dd72df9b9c210192e920414789bef3c4ab1a39cca22","ssdeep":"384:H3dkiSUkd2to06UJ3rrRtCs0fvDZugTIPvTyEiug+1EuF3m2G:HtFSUk+607rziXwg675iujGuFhG","tlshash":"f192c0010551e3d452a72eee6b3b68c475282f24f1a3ef83d424cad23e1522ea6ddce5","first_seen":"2026-07-02T13:50:16.796877Z","last_seen":"2026-07-02T13:50:16.796877Z","times_seen":1,"resource_available":false,"data":null}},"time_used":865,"timings":{"blocked":478,"dns":0,"connect":0,"send":0,"wait":387,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/js/13575.1781011881923.cda1d494.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:31.523Z","timestamp":1783000171523,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /js/13575.1781011881923.cda1d494.js HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:33 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-2f964\"\r\nCache-Control: public, max-age=31536000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000173=OxtiLSZypOd/3GpkdMh/Qlj7mb5uQpI+QPVV7J9PzMA8uZWhKnqgc7XKieUFl/zPGxZ/I8r59A54jtOqCQQLj0R67lm5E4v/ebaILwucuF/gykM2PWcBtSd8syW86mNexB+fUW/cNUUve94aIRMs8mwuw5spbkf4YYv1dDc+69iqnBZ17WtpsoSLm/w7vno+\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283619f23178a69c5f4\r\nX-Cache-Status: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":194916,"size_decoded":60169,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65535), with no line terminators","md5":"65e5fffbcacf52710ad963a4aeede3be","sha1":"f9c16a3c86649aeacf18e736faacff0cf78192e7","sha256":"36f42498ee253b0d1d5e7ec8bdf406f05c4c91e72f64169b1ff67435d2069099","sha512":"96e8263c115ca75ff63f6ce70ba8ad5af370662f86c2f95a8960a5aa5a30ce4134fa01d7fbd1694ce37f111b69e3e418f0542a7ab1bae4cec570c8c3d8d08986","ssdeep":"1536:917BBHFeKRKp+3ELSPtj6x2DgJoG7PIDmj9VA+s69JAFdE6WIzl+Ik1+eXMa7a4H:7jHoKRKphCnDgJoec+IDWIzls+7Xr0X7","tlshash":"23141a84764170b8c396a165322f601ae22f789650dd9c24f3789ba47f7470df26fabc","first_seen":"2026-06-12T19:29:57.266361Z","last_seen":"2026-07-02T13:50:16.799032Z","times_seen":156,"resource_available":true,"data":null}},"time_used":2168,"timings":{"blocked":1419,"dns":0,"connect":0,"send":0,"wait":483,"receive":266,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/css/60024.1781011881923.0ab0fca2.css","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:34.642Z","timestamp":1783000174642,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /css/60024.1781011881923.0ab0fca2.css HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:35 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-1439\"\r\nCache-Control: public, max-age=31536000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000175=ou+1S2ys1bA+xDtGhRhEUsQUTlT6EfDUgxJlzi8nHWtVGx673ZMWeXxY+kUixE3mpGtiyAwglSJwaVzfevidH/0RRvYZj9t/HShIGZs1YJLGAfjXokQt4XscbFj/gGjtz1M9z68Ad+uekUFXcT8ChCxW2B8SbrGDBiFEOHfN/3V1oEWZi9/dc5qNyNbdYO4f\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282b19f23179123cc94\r\nX-Cache-Status: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5177,"size_decoded":1961,"mime_type":"text/css","magic":"ASCII text, with very long lines (5177), with no line terminators","md5":"a0ef4268641ef0b005737ce8cc0c4b44","sha1":"9bb50b9000a419e7a701392b0d7d6c992cf585bb","sha256":"f64c7a7e6ecd620d1c7f8cc67e1eda83a0a115a8d86f3954efdaba3c09d62e66","sha512":"07605ebd7e16aef28f0ad5ed406f29ea9b77e8ba6b2079c810aacf8faf0b4a8d18d4f7775c62860cbf6d4379729a60076103a4daa833c860ddebeee3793ccbe2","ssdeep":"48:ZSPkOO2s2L5Pukasq+nArLkrL4QuQKhUjUkM5P6CdRDRWURcWaTHR/:iOvyP2r4rEDFP61LR/","tlshash":"d1b1412f01703349641bad6807dc67098325d8b399eb37da259d2a0dcbc3f861eb718b","first_seen":"2025-06-26T16:31:28.933081Z","last_seen":"2026-07-02T19:32:29.556565Z","times_seen":2765,"resource_available":false,"data":null}},"time_used":511,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":508,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/kc523-1/sponsor/sponsor_nav_web_3.png?1781011825626","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:34.904Z","timestamp":1783000174904,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /kc523-1/sponsor/sponsor_nav_web_3.png?1781011825626 HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/1277a8683ce942bfb3b0dd13c68abb6a?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.709Z","timestamp":1783000176709,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/1277a8683ce942bfb3b0dd13c68abb6a?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:37 GMT\r\nContent-Type: image/png\r\nContent-Length: 15109\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 67757\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"1277a8683ce942bfb3b0dd13c68abb6a\"; filename*=utf-8''1277a8683ce942bfb3b0dd13c68abb6a\r\nContent-Md5: TSM8l9AhFm8M0oySzn3z1g==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"FsVuoqvhBepKI3FjWA_Q22rP9ltY\"\r\nLast-Modified: Sat, 27 Jun 2026 03:32:26 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg119;QNM3\r\nX-M-Reqid: CuVlx7OOU\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: HCYAAACDzPeWP74Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15109,"size_decoded":15865,"mime_type":"image/png","magic":"PNG image data, 250 x 167, 8-bit/color RGBA, non-interlaced","md5":"4d233c97d021166f0cd28c92ce7df3d6","sha1":"c56ea2abe105ea4a237163580fd0db6acff65b58","sha256":"aaa43a5a40ba18015a9b3847b83f115ef80a7a9a7a9165c2941fb3b7c96eabea","sha512":"b42c0067129af6ba33f591b8138a17161906d301037df0a931ad4861f0e496d3950a3d58ad9da7d3cad786bfda5725fbbb6a784c15352e06ea5312c0675b81b7","ssdeep":"384:suQSxaIcjgtblzBPepAemAcJHC0UlV8H8HAz:suQJNjslelmDlUlQz","tlshash":"c662d0818029747d19d4f6e5b2db21307e707e5acaa72da6e5f3e4243926e35f423170","first_seen":"2026-06-05T08:53:37.867445Z","last_seen":"2026-07-02T19:45:35.960849Z","times_seen":39,"resource_available":false,"data":null}},"time_used":982,"timings":{"blocked":-1,"dns":3,"connect":241,"send":0,"wait":481,"receive":0,"ssl":257},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/079d0702d8594ca28d3953cd34747907?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.788Z","timestamp":1783000176788,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/079d0702d8594ca28d3953cd34747907?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:38 GMT\r\nContent-Type: image/png\r\nContent-Length: 3192\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 89361\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"079d0702d8594ca28d3953cd34747907\"; filename*=utf-8''079d0702d8594ca28d3953cd34747907\r\nContent-Md5: ocNHzmOvLicJMQbguvfQlg==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"FhZC4DSIRN_cPZ1fVhvZ6xGP5dz-\"\r\nLast-Modified: Tue, 19 May 2026 13:57:59 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg121;QNM3\r\nX-M-Reqid: 8vlwIbIka\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: vbsAAAAtXEPxK74Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3192,"size_decoded":3947,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit colormap, non-interlaced","md5":"a1c347ce63af2e27093106e0baf7d096","sha1":"1642e0348844dfdc3d9d5f561bd9eb118fe5dcfe","sha256":"f694346b346970fb4394baad04d49384102ea8c03fa7ce91f79167d61d982748","sha512":"7ad56d0f7415c59f827ccb791041de29f4b58dd9d137556813321c0c5c6b9375a8e56d24a35cb87afdbdd7cc0c6c4f5bda0c956722271dd473e3c99430e60ff6","ssdeep":"","tlshash":"ea617d96ebda0ccdac797e0237f50eb175321e60cf3fd1a0320a487dc1641620599988","first_seen":"2026-06-18T04:01:23.105502Z","last_seen":"2026-07-02T13:50:16.801298Z","times_seen":28,"resource_available":false,"data":null}},"time_used":1692,"timings":{"blocked":1446,"dns":0,"connect":0,"send":0,"wait":246,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/935bc389abbb425da59b77dac9349611?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.815Z","timestamp":1783000176815,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /img/fb/team/935bc389abbb425da59b77dac9349611?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/css/index-399e2569.1781011881923.a7b0b4f4.css","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:31.512Z","timestamp":1783000171512,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /css/index-399e2569.1781011881923.a7b0b4f4.css HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:32 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-faee\"\r\nCache-Control: public, max-age=31536000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000172=HjX/wKANgSgk7bf4ruTlq+LWjZ5tlyE8jm2EEJGuE4mheqVYNrZ//oApmuDjLa5keWF0IBTGmCbND7j+yf4a4ICt6FJFD26xI/UFMj6uUnqti0kaCFRix+Q3KWwNu23VovzGZBKgfgLL89YMXfilGqREPmpygQxY5P+q0KHtzcZEl6CjmvhH/Y6eByFT6wyv\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283619f231786e9c5f0\r\nX-Cache-Status: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":64238,"size_decoded":34291,"mime_type":"text/css","magic":"ASCII text, with very long lines (64238), with no line terminators","md5":"1f30d2cd291b70a1848607e3460d9278","sha1":"e91e48518ec94fcaacf418789927f34d7527dc99","sha256":"8ce1851c7bd6e7db80ee5ee8da7a0c808f29756dda3c941bb3811dc3bd3e5afd","sha512":"3cf09b1afc740c4a219a45a233489d76587ec8bd80a57c52ab133f33fdffa8a3fe35a0a27e386270ebeaa9e86d156897e44733b8eb83ee6935fe67749c30cd0f","ssdeep":"768:E0ouVbMisnf7X8vtr9UL5srs7hAqpLe20TCKiNkZICSA2ohGyHukQ9aaV+TJtU+G:HoGws9isrQAqVe6KekWRlkQ9hf+Pe","tlshash":"c6538d3123e0286ee27b6b16ec51e659352b8602f127625af703362fc1d72f5c67b742","first_seen":"2026-03-20T12:57:26.768432Z","last_seen":"2026-07-02T13:50:16.802029Z","times_seen":709,"resource_available":false,"data":null}},"time_used":1442,"timings":{"blocked":-1,"dns":0,"connect":301,"send":0,"wait":564,"receive":267,"ssl":310},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/9a387db268c04062a790c42724d2e274?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.847Z","timestamp":1783000176847,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/9a387db268c04062a790c42724d2e274?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:39 GMT\r\nContent-Type: image/png\r\nContent-Length: 21265\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 74968\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"9a387db268c04062a790c42724d2e274\"; filename*=utf-8''9a387db268c04062a790c42724d2e274\r\nContent-Md5: 0tN344RS5yd/RF5V1033og==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"Fhlt1xEy9DU0hsSnr3yQrDLOp1Sb\"\r\nLast-Modified: Wed, 01 Jul 2026 03:01:56 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg121;QNM3\r\nX-M-Reqid: rjftvGrEY\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: 66oAAAAFoHcIOb4Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21265,"size_decoded":22021,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced","md5":"d2d377e38452e7277f445e55d74df7a2","sha1":"196dd71132f4353486c4a7af7c90ac32cea7549b","sha256":"bffb20a6317952c36e854f104c61cd06bc4c07d37e9b7c28cda80ee75a266c87","sha512":"706812c8c5c8eb16c577294cf8718e156e8e2e3c779e71ebb94d3cc4fc1d8bb2d1912b98bd3f317016356355e99644d1933a09d3fb5786cb4ed042fd6f3133d8","ssdeep":"384:gW2fNCz60mw5d9AFiNWcdlGH2Z39JB5nETf4XgRueyIap/qOzVELIxq:gtfQz60t5d9PNd39Jrnuf4QLHaR9zVEl","tlshash":"92a2e1a5e2af37d4b9cc0266453da6e111b1e6040801adccab5795a120c4df89be2ffb","first_seen":"2026-03-15T23:18:54.948285Z","last_seen":"2026-07-02T13:50:16.802693Z","times_seen":32,"resource_available":false,"data":null}},"time_used":3139,"timings":{"blocked":2851,"dns":0,"connect":0,"send":0,"wait":272,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/fea260da674141bb9fe61fa418b2b580?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.861Z","timestamp":1783000176861,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/fea260da674141bb9fe61fa418b2b580?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:40 GMT\r\nContent-Type: image/png\r\nContent-Length: 12576\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 49766\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"fea260da674141bb9fe61fa418b2b580\"; filename*=utf-8''fea260da674141bb9fe61fa418b2b580\r\nContent-Md5: 1tsC2rmxd3Ok+MEd690+bg==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"Fi46jW_Pj2_qdOXUtEspn3acd6w3\"\r\nLast-Modified: Tue, 19 May 2026 13:57:50 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg121;QNM3\r\nX-M-Reqid: 9EL6yXcUl\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: lrwAAADAQZv0T74Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12576,"size_decoded":13332,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"d6db02dab9b17773a4f8c11debdd3e6e","sha1":"2e3a8d6fcf8f6fea74e5d4b44b299f769c77ac37","sha256":"f9ac4c05f4ccf832bccee88956f6efab6199e90ca2d844de3b6129137e1faa5f","sha512":"92a887f9685858c66921354aafcca19d0e1e19803fd2b600565f32a74b8b6d583b7b31a5fbef066811e35387a54f219a7cb48c4f21db845c8e168dd8b1b9380e","ssdeep":"384:2GmrPSXKvBnMnc6nIeoq4xMmedCCXT9JzMZrObHy:2GkBMc6IFxkdCCRRMp","tlshash":"9f42c0adb63874a67f41903e7b88811cecb9f4e155690dcff1a24ad73dd1db5420881e","first_seen":"2025-08-23T16:32:36.840957Z","last_seen":"2026-07-02T19:51:45.222711Z","times_seen":46,"resource_available":false,"data":null}},"time_used":3363,"timings":{"blocked":3076,"dns":0,"connect":0,"send":0,"wait":287,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/51121e591b1d4b4ba17ec583c39feb8f?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.876Z","timestamp":1783000176876,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/51121e591b1d4b4ba17ec583c39feb8f?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:40 GMT\r\nContent-Type: image/png\r\nContent-Length: 18727\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 15551\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"51121e591b1d4b4ba17ec583c39feb8f\"; filename*=utf-8''51121e591b1d4b4ba17ec583c39feb8f\r\nContent-Md5: ggp5J/zTvyaLb2ptLGmVEg==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"FrpjtXso4P5mWQX7MplWaihTbz6X\"\r\nLast-Modified: Tue, 19 May 2026 13:57:56 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg121;QNM3\r\nX-M-Reqid: p3EAa0Sds\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: yp0AAABpmfUSb74Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":18727,"size_decoded":19483,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced","md5":"820a7927fcd3bf268b6f6a6d2c699512","sha1":"ba63b57b28e0fe665905fb3299566a28536f3e97","sha256":"e7ccf49eed7fb9ef9cbe49b26afdaf631fb12d7a933b89e5b27796fa12c69d17","sha512":"5b3ce5f3d5b32aa227e0ae1a130ddb14619628f13ae3acba861ab076f5deaf6c1bc745442ed78a437f5e063e408eecdf965312abb0d403f38e960c29b155e59a","ssdeep":"384:lJR92pHJ3z8RfayQQ9iVAq8vI2YP16s5in5nNwES7MN2Q7d94mj82sKhdgj:PWpwRfGQIVb8Qx35Ow/G2lmj82Hhdgj","tlshash":"cd82d059148251f8ea672159d368feb24ccb4794218a139a6a0180def3ff610a272b39","first_seen":"2025-04-01T11:41:17.946317Z","last_seen":"2026-07-02T19:51:45.136415Z","times_seen":24,"resource_available":false,"data":null}},"time_used":3671,"timings":{"blocked":3390,"dns":0,"connect":0,"send":0,"wait":269,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/5c9a14f2c44b4e4aa5223851ada2f6a4?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.897Z","timestamp":1783000176897,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/5c9a14f2c44b4e4aa5223851ada2f6a4?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:41 GMT\r\nContent-Type: image/png\r\nContent-Length: 123401\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 6571\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"5c9a14f2c44b4e4aa5223851ada2f6a4\"; filename*=utf-8''5c9a14f2c44b4e4aa5223851ada2f6a4\r\nContent-Md5: HZaME871loYK6auHVwb7AQ==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"Fu9Y4IcBF8n_E4Jy-tVWp8FKK8ic\"\r\nLast-Modified: Tue, 19 May 2026 13:58:01 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg119;QNM3\r\nX-M-Reqid: NAeBBAj2V\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: pVoAAABEzhQ-d74Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":123401,"size_decoded":124157,"mime_type":"image/png","magic":"PNG image data, 225 x 225, 8-bit/color RGBA, non-interlaced","md5":"1d968c13cef596860ae9ab875706fb01","sha1":"ef58e0870117c9ff138272fad556a7c14a2bc89c","sha256":"98b714e2a5fc09d8548132185393ed3bc46db872887e474ef984d50edf81b8aa","sha512":"8e5ffe03beb9b9ec9055fce8d77da3d1194637567b0b26e8ea7e1d0409b592c8f2897c63df61160c99370f836064716696a00d3d5cb8cd2322d678f9bbb1f76e","ssdeep":"3072:wHPdzNSbGatj3rrlrW4e65kQ3IGHS5mg/rqoId8+Wdx:wHPdL4DlVesIGHO0dix","tlshash":"52c31269cc82da4274b48a1389d8f36f48f86f16fe5b3be590d82f1e6152d843536cc6","first_seen":"2024-08-19T15:01:26.136076Z","last_seen":"2026-07-02T19:51:45.223367Z","times_seen":6,"resource_available":false,"data":null}},"time_used":4713,"timings":{"blocked":4201,"dns":0,"connect":0,"send":0,"wait":270,"receive":242,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/img/EGAME.d289cd48.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.957Z","timestamp":1783000176957,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /img/EGAME.d289cd48.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:38 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-e89a\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000178=rgsd0pWZBr0l5Ng5mIi2GDeTGvudQ6H9sjIO8r6cNqkJRHp69lh1vPgi97tRhC6q7YvYpiLtI+fH13Ni7zoR1wtp1uvO4un5Wk5MtbZcN/OkYbkYx5eCAUgVTLDmmsTiOjckzdOzxKOTE+4dIP9SNQ3fl1UZ1aLhtGBIiZPtL7LBzFPaQsoRNzEsnw6Yx03t\r\nAge: 0\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283719f23179fcecd08\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":59546,"size_decoded":60284,"mime_type":"image/png","magic":"PNG image data, 582 x 307, 8-bit colormap, non-interlaced","md5":"eb8991eb9e0db175522c914343f0a10a","sha1":"ce2d41b154df64421d46bceaeb9878da455592dd","sha256":"b837b4e9fc693e5c65eb049c56547caefe1cf73ea31ae59f95ae46d052fd36b2","sha512":"7d2a886e3ac412f6ea1b1ba290064373e1d07a0751bdd7f546af3116ad057d1f17bbe4847179cdf87297a967c0290280ec0c51ab9bfdeb1da0b881e366eb19a8","ssdeep":"1536:hvA9R/SReJczzaRBd6s3DhCDnQcvyFVWGDnmhKYNa67:hIPVczevUIhCDnQc21C7Na67","tlshash":"dd430276882a8fcd499304944bf9afe164eaf19097b3cf91f24c5fe0423d184d881b6b","first_seen":"2023-11-10T19:12:00Z","last_seen":"2026-07-02T13:50:16.805438Z","times_seen":1675,"resource_available":false,"data":null}},"time_used":1942,"timings":{"blocked":1539,"dns":0,"connect":0,"send":0,"wait":321,"receive":82,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202502/_webp_size328x442_27f7b303-88a3-4b2c-aaf9-2bc0106b5d62.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.060Z","timestamp":1783000177060,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202502/_webp_size328x442_27f7b303-88a3-4b2c-aaf9-2bc0106b5d62.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:40 GMT\r\nContent-Type: image/webp\r\nContent-Length: 22168\r\nConnection: keep-alive\r\nEtag: \"04f8fffa2b2bc694cfc7174078dc54f1\"\r\nLast-Modified: Tue, 02 Dec 2025 14:17:04 GMT\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IJLaZgYQNb2uDTVn8Qlb097ou5MZtQcoSNPBGALGBjR9rDM95YRucVyhP9CtwJhTxPJ8Tfc1y3WyVmyMmq1zsnAWsS3YRlhFhoiFa2VjAX4PJL3crE6IwQ%2B23rqFmYWCd3NULeOsmyoyAObx6ZW3k6w%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nAge: 0\r\nCf-Cache-Status: HIT\r\nCF-RAY: a14e1d77f85685e0-HKG\r\nalt-svc: h3=\":443\"; ma=86400\r\nCache-Control: public, max-age=2592000, immutable, public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nServer: Nginx\r\nL-Safe: 1783000180=/HKbVSD/7vRre6xAbJ/Z8ubw9TW1k6ODWXaxTL+J+WkSwcoNzoRwe6DSIb4eclOBywGI/tjcPogehrmEOo67xkbsDokiBoI2bOwHFRdZVp30oXkqS61CSJE40xu0XKdMeLCB2NbXxnp9SpTDW52q7OAsisMFf4omgDBMFUU6Zxii2+nY5c479iFlDvqAV4EH\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283619f2317a6d5c60a\r\nX-Cache-Status: MISS\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22168,"size_decoded":23313,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"04f8fffa2b2bc694cfc7174078dc54f1","sha1":"ebfaea4761ce72105a95c0241ca87bf998a81338","sha256":"9900ec116e5fa903d64f9cfc38a6855fbc19c42bbad46c2690e2a50920abf030","sha512":"599c14c0dd6eabf0aacdf250e366075584c9086dfe71ab9f4cab55301c2a16efecba29d8dd9b14be7472766ebe2618de9559ca7a20fe3550e9ae564fe12aed05","ssdeep":"384:+Jq0Vf96zLIvbNpNUU2tDeOouLf5GslLXGdB3Rk1SV14Hdyd/2U3lMezZD:+Jq9ENuyOp5G0WdlRkQB12k","tlshash":"d1a2d14f988244a9ddeca9d6e2cf7a5c44f39cc012bea4668eb455c8b04f5163ef1059","first_seen":"2026-04-24T23:10:16.784958Z","last_seen":"2026-07-02T13:50:16.806138Z","times_seen":424,"resource_available":false,"data":null}},"time_used":3550,"timings":{"blocked":3180,"dns":0,"connect":0,"send":0,"wait":365,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202508/_webp_size1298x1156_1d28b817-0c00-4339-b666-213943a7b1d3.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.081Z","timestamp":1783000177081,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202508/_webp_size1298x1156_1d28b817-0c00-4339-b666-213943a7b1d3.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:41 GMT\r\nContent-Type: image/webp\r\nContent-Length: 91938\r\nConnection: keep-alive\r\nEtag: \"d4f654e067ee701e55c386cad6b53574\"\r\nLast-Modified: Wed, 10 Dec 2025 11:50:44 GMT\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2B5Ghebf2pjUjpaCPhi6HQ%2BOQ2iSo6AvF42ggWdu%2BsAsxG0%2B6T0vDL8htESYFc6x0exq%2B%2BtGMxTrsu74P0Fx%2FzLQTay8G%2BfwMav765%2FSHrYaIHqSPo33nbtZ9%2FaOf7bHu%2F3IDIKdLvK7atjWUsw%2FpQiI%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nAge: 0\r\nCf-Cache-Status: HIT\r\nCF-RAY: a14e1d7bae87dd4e-HKG\r\nalt-svc: h3=\":443\"; ma=86400\r\nCache-Control: public, max-age=2592000, immutable, public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nServer: Nginx\r\nL-Safe: 1783000181=eGH6nTlY7PZVQWH/VL0+MFCf/2GNtpPgiS6qRKxbTGMNmnC7AwCfL7k00AKVcehImAAwzPCvLsSo/uLtLuwvTQPthrtKzxpQU1edstunNlqcynPw2GJXIWNhIogAaF31BUObeFlr0QzRmiyqXj4oBd9fAXFvx5HfcebP7FUBxYyP71+x0CBGfYeWR8y8tgdh\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283019f2317a93dc776\r\nX-Cache-Status: MISS\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":91938,"size_decoded":93105,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d4f654e067ee701e55c386cad6b53574","sha1":"a0f6315ed37b1a5d5da601adfbcb44cad2d9f5cb","sha256":"cd9f33e85a633a73214e9e94255ec27a3d272cadf2389345b6d240d4e36c53ab","sha512":"701a8be639fbb3dbc5670d9789cf01c3175d632a7902e3cfbb769e80fff9f420c10befecfa030adcced409dd26c2ae2afa1fcf617c7371bc6984b378685d184a","ssdeep":"1536:XsUxLKKnLpw8UtfepacmJUm70Cweits6VTpJz39R9s8dBmdEbi/pS4l8KjVIVAMo:PBLpw8UtfqyJUeueitTVbFs8dpbQSvK5","tlshash":"df930205f84d4f1dd86a31e6e142309c9472e0a83213cefb25b3f53997935d52ea6f48","first_seen":"2026-04-24T23:10:16.740253Z","last_seen":"2026-07-02T13:50:16.806839Z","times_seen":411,"resource_available":false,"data":null}},"time_used":4179,"timings":{"blocked":3795,"dns":0,"connect":0,"send":0,"wait":359,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/807642c0ecb6400aa6746245046351bd?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.768Z","timestamp":1783000176768,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/807642c0ecb6400aa6746245046351bd?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:38 GMT\r\nContent-Type: image/png\r\nContent-Length: 12480\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 7288\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"807642c0ecb6400aa6746245046351bd\"; filename*=utf-8''807642c0ecb6400aa6746245046351bd\r\nContent-Md5: 2qKYn4ZKXQibXp+HVnw2tg==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"FoCi5JS4hG0UdRc3qeNH7EVwSjZu\"\r\nLast-Modified: Sun, 14 Jun 2026 20:28:08 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg121;QNM3\r\nX-M-Reqid: yaZ5ny6l8\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: MQMAAABrWUiWdr4Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12480,"size_decoded":13235,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"daa2989f864a5d089b5e9f87567c36b6","sha1":"80a2e494b8846d14751737a9e347ec45704a366e","sha256":"51919b5a270b6012893f6f5b3ef69d45e8cd61a1dd7ee08ba91dca6d0744d232","sha512":"81d073de33495cbd12fe8aa8af283b870b31c6daf8a6b85069ad5b6f25e939b6d7aff885c5554f00cdc985b530339b7d35262afa3ceb2b56c4f35d5bc52f5036","ssdeep":"192:8LbZPusXbjvaf6WOSUkAYRbQOftuGL54ZAm2UZH+697vOZ7agxCUBF+QoHGZSBbj:8L9GaJHMZftuM54Fh9mugnFIGZMK2","tlshash":"bd42c05c5afb5ea94cd85d42267d301a3e8e02890de820a46891f63185eb0ff1efbc45","first_seen":"2025-02-04T17:13:01.140931Z","last_seen":"2026-07-02T13:50:16.80753Z","times_seen":20,"resource_available":false,"data":null}},"time_used":1505,"timings":{"blocked":1212,"dns":0,"connect":0,"send":0,"wait":293,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/0728de5e40374cad8292da16ae3fec1c?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.789Z","timestamp":1783000176789,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/0728de5e40374cad8292da16ae3fec1c?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:38 GMT\r\nContent-Type: image/png\r\nContent-Length: 37865\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 91162\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"0728de5e40374cad8292da16ae3fec1c\"; filename*=utf-8''0728de5e40374cad8292da16ae3fec1c\r\nContent-Md5: quf6t44OXioadpPVfQNcWg==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"FpJKYOhSvilMACHJeHr9xW_tHJjj\"\r\nLast-Modified: Fri, 10 Apr 2026 19:33:08 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg121;QNM3\r\nX-M-Reqid: JQEEKbjb8\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: ei4AAABHp9lNKr4Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":37865,"size_decoded":38621,"mime_type":"image/png","magic":"PNG image data, 174 x 174, 8-bit/color RGBA, non-interlaced","md5":"aae7fab78e0e5e2a1a7693d57d035c5a","sha1":"924a60e852be294c0021c9787afdc56fed1c98e3","sha256":"85b71679c975f7c7815c64785771054074516d283606658d80b142632559b979","sha512":"2a0ce1369fc35838e9d74eec707f6023d1bbdac5c546b4d697ceba0567a9d0598408239e08ed1312803d8b72c6310fab4903caa65636853e718251d83c9b0b94","ssdeep":"768:qi6J6Tl0cX/8S7BoAvyhvW8OLFeVjFL5+unvgJGY25EjR:ZS6Tl1UUOAv2SB+95vyGY25El","tlshash":"940302a9d9275bfa25c772c4a2c3fb8dc3c39ad46d816312c257d1cf4a450a251cdb2e","first_seen":"2025-09-19T15:23:16.64252Z","last_seen":"2026-07-02T13:50:16.808204Z","times_seen":28,"resource_available":false,"data":null}},"time_used":1884,"timings":{"blocked":1457,"dns":0,"connect":0,"send":0,"wait":307,"receive":120,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/559242b53a04410fbe0661fd39653e79?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.810Z","timestamp":1783000176810,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /img/fb/team/559242b53a04410fbe0661fd39653e79?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/8c9a74adf7684f1eb0281c283ec1982e?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.889Z","timestamp":1783000176889,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/8c9a74adf7684f1eb0281c283ec1982e?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:41 GMT\r\nContent-Type: image/png\r\nContent-Length: 17478\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 11977\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"8c9a74adf7684f1eb0281c283ec1982e\"; filename*=utf-8''8c9a74adf7684f1eb0281c283ec1982e\r\nContent-Md5: SX+QURx9jr2iTeL1aVy10w==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"FtO_G3MPfZxV7596Z8_aOzgEgsx6\"\r\nLast-Modified: Fri, 13 Mar 2026 20:31:48 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg119;QNM3\r\nX-M-Reqid: gMkdcz7HN\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: cWgAAADYKkZTcr4Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17478,"size_decoded":18234,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"497f90511c7d8ebda24de2f5695cb5d3","sha1":"d3bf1b730f7d9c55ef9f7a67cfda3b380482cc7a","sha256":"0205f3deead2f935cbe972d55912712f6d1bfce09819d41935fdafc95e5aea86","sha512":"28ee363b4a7bf59e189ef18b871cd2a7d42111cf3db1574a4f1122cd54495565f9e872f7cd2058bf2bc72f7e68859e6b1da870e6db883668b7012f179f473cf1","ssdeep":"384:iTpDQQw5yPxgDa7Gr/AW4lLhGWAamX5vjJwyEGHueYbXPcR:ip7w58x4aLZRwjwy/Hu/bfm","tlshash":"e072c02f8da32629888ee3f81151d9ac34050531f907b0ba75f9987b3997d8c77a831b","first_seen":"2025-03-28T02:30:49.093253Z","last_seen":"2026-07-02T19:51:45.116927Z","times_seen":11,"resource_available":false,"data":null}},"time_used":4282,"timings":{"blocked":3990,"dns":0,"connect":0,"send":0,"wait":285,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/900c44c91cc74651a2fe53a907c39656?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.899Z","timestamp":1783000176899,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/900c44c91cc74651a2fe53a907c39656?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:41 GMT\r\nContent-Type: image/png\r\nContent-Length: 3771\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 6570\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"900c44c91cc74651a2fe53a907c39656\"; filename*=utf-8''900c44c91cc74651a2fe53a907c39656\r\nContent-Md5: aP/zzdSzeKpXa880EcYL7Q==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"FhAse0V4cRtDNe1Y2Nk7Lvn51qFY\"\r\nLast-Modified: Tue, 19 May 2026 13:58:01 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg121;QNM3\r\nX-M-Reqid: 45rnOf2sM\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: gjIAAAAT6kA-d74Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3771,"size_decoded":4525,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit colormap, non-interlaced","md5":"68fff3cdd4b378aa576bcf3411c60bed","sha1":"102c7b4578711b4335ed58d8d93b2ef9f9d6a158","sha256":"54f213cec0c2d400afa4b5550ffd6a70dda8bfaa78bf71e113be9b30689c562e","sha512":"86a6cc26287f50deaf044e3f7211ab5a5f5017b54c888b6534a47ac8410b88eea960c1e4532b80c07f282123b74413aac6042aa16653ee4f108160b828916524","ssdeep":"","tlshash":"b1717de50da9800dc981b2dc408cd13ce0721aa908d3c9e71cbede6454eca686e1cb1a","first_seen":"2026-04-30T10:48:57.574736Z","last_seen":"2026-07-02T19:51:45.224037Z","times_seen":8,"resource_available":false,"data":null}},"time_used":4547,"timings":{"blocked":4281,"dns":0,"connect":0,"send":0,"wait":266,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202503/_webp_size649x578_3340babe-d86d-4379-84e5-92efe2221568.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.995Z","timestamp":1783000176995,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202503/_webp_size649x578_3340babe-d86d-4379-84e5-92efe2221568.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:37 GMT\r\nContent-Type: image/webp\r\nContent-Length: 69604\r\nConnection: keep-alive\r\nEtag: \"bf4ab4dd29a7e850bb98cc23f8aa469b\"\r\nLast-Modified: Sat, 06 Dec 2025 06:31:49 GMT\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=m6KMpj3Q0tozCRveiaSgL3eeYQrxoz5OuVNH6rZZRUOklGQWInI4SddpHIzHk55bMFZFZzP8aEU0QEz%2B1%2FwZxvihvUI22NwpW%2BdGOD59OB5MaeTsyo8pR7A5QUaNO8DuXbvPVhpnWnx6mrbIGUSC6Ws%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nAge: 0\r\nCf-Cache-Status: HIT\r\nCF-RAY: a14e1d634dea094e-HKG\r\nalt-svc: h3=\":443\"; ma=86400\r\nCache-Control: public, max-age=2592000, immutable, public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nServer: Nginx\r\nL-Safe: 1783000177=EqBF+Bh0dVrEWopR4QSbe3gLv530Txf9gxNuWcqAwwJyFQmzoSIFPuT6Qs0RexA5gv1Yl/y9jvDjY+CtiBAxSJv82bFPDJJgMPhlRJp2cKfy77f4EN8iv+KjcXxTN6eOFQTquVNLWTDDnl+3v+CPUuvJ9zVFdpEes6xII4+OwztLzfFpjUCaTlEamp1i27kN\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283719f231799f2cd04\r\nX-Cache-Status: MISS\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":69604,"size_decoded":70753,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"bf4ab4dd29a7e850bb98cc23f8aa469b","sha1":"bf8a5db8a24980c822ff470dfd5c400c3a7c9318","sha256":"2755467e92e31efad621b2e575f92ee22de6de608fa8f2fddb67db94b677b946","sha512":"21ee32c3081cdce13a032da5e97d59e0a8abd54778a0be5efadea03e95f5a9876414faeb43046ddeeeb580bc384b67ef786ac80243a9b7d10b4695ed25a5fb03","ssdeep":"1536:kzZ24Ia5yjsOfOLgsOtyLr/i7deYSzcwqzpf1btvhp61:kzZDIa5yjDMkyLr/z/cwqzpdxpp61","tlshash":"f76302aa4a11d1c8af767507133a99aa77ec93ea60d612f04077944f162bddba1f0c0f","first_seen":"2026-04-24T23:10:16.876074Z","last_seen":"2026-07-02T13:50:16.81024Z","times_seen":437,"resource_available":false,"data":null}},"time_used":469,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":370,"receive":99,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/gpmaster/_webp_size328x442_fc0e1468-bc71-4d42-9849-b6735b50978a.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.096Z","timestamp":1783000177096,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/gpmaster/_webp_size328x442_fc0e1468-bc71-4d42-9849-b6735b50978a.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:37 GMT\r\nContent-Type: image/webp\r\nContent-Length: 11120\r\nConnection: keep-alive\r\nEtag: \"c2103cd78445d5d98b8a8a38dee95854\"\r\nLast-Modified: Tue, 02 Dec 2025 14:12:18 GMT\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iON6zjoMVyJPpi6874oyEFMMNdQoC3TEzYyNCcql1D5wFO0PQ5TPY4LnfPC4SJks3HdC%2FNklY0JnV%2B2op5azuG%2Bq8kza0RHv%2FBfNrdTroAvd%2FNUW4TbuVetMI5KAGZm6nbD1pDIUGrHtoFGhaPqEUdw%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nAge: 0\r\nCf-Cache-Status: HIT\r\nCF-RAY: a14e1d640f2a9b7f-HKG\r\nalt-svc: h3=\":443\"; ma=86400\r\nCache-Control: public, max-age=2592000, immutable, public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nServer: Nginx\r\nL-Safe: 1783000177=EqBF+Bh0dVrEWopR4QSbe3gLv530Txf9gxNuWcqAwwJyFQmzoSIFPuT6Qs0RexA5gv1Yl/y9jvDjY+CtiBAxSJv82bFPDJJgMPhlRJp2cKfy77f4EN8iv+KjcXxTN6eOFQTquVNLWTDDnl+3v+CPUuvJ9zVFdpEes6xII4+OwztLzfFpjUCaTlEamp1i27kN\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282d19f23179a59be9c\r\nX-Cache-Status: MISS\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11120,"size_decoded":12273,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"c2103cd78445d5d98b8a8a38dee95854","sha1":"77e8b55343bf4092e6a298d564b828b7167d73a7","sha256":"23f7d437c49f455c0bbe3d040982bd6cf8d25411106c3eaa156cc3e4760c3c1b","sha512":"c1f7b1f8f0187dd22795297f21febc867932be6f47b9d033e4df6dbe5f456cf4f7b97d88fff1320945d581b13e4e23cd66330b4432f6f506e504b9dcc01776fa","ssdeep":"192:UFGWMz7rqmua13y84zY36YC0JwSCH2XOc1wK3/RZ/dHGKFdVr5suOWQgcSQBO4mZ:Qmus3ytKC236rKJr53IW4mZ","tlshash":"1f32afcec9dc3b159c35837d36252988ea4909130b3762d2752a64c646eee8a3196bb3","first_seen":"2026-04-24T23:10:16.81812Z","last_seen":"2026-07-02T19:51:45.175356Z","times_seen":413,"resource_available":false,"data":null}},"time_used":405,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":405,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/img/bj1.17ef2db8.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:34.905Z","timestamp":1783000174905,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /img/bj1.17ef2db8.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://j106y.vip/css/home.1781011881923.38488e2a.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:35 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-e5eb\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000175=ou+1S2ys1bA+xDtGhRhEUsQUTlT6EfDUgxJlzi8nHWtVGx673ZMWeXxY+kUixE3mpGtiyAwglSJwaVzfevidH/0RRvYZj9t/HShIGZs1YJLGAfjXokQt4XscbFj/gGjtz1M9z68Ad+uekUFXcT8ChCxW2B8SbrGDBiFEOHfN/3V1oEWZi9/dc5qNyNbdYO4f\r\nAge: 0\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283619f231793c2c601\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":58859,"size_decoded":59597,"mime_type":"image/png","magic":"PNG image data, 1920 x 1299, 1-bit colormap, non-interlaced","md5":"59f1176bd542d042d8ddecbe4ab2cbdf","sha1":"7251e6f8bc0bf8bf3e62e892b34540f8259dcf9d","sha256":"b3bc2f14721d5f84900af66179eb6ad69a9c8d5a89eae36f877cf09fc9872603","sha512":"c4e7f1491686b72482ba26e34fd94496fc71bec2a35ba1d7cf67391e1f47f859465ad9f0c7d286bd35f9a26132fd80012a2cd2f8133cf1c6013db4f4d27a85d7","ssdeep":"1536:jlJ0Z4kwI3cG0YXIPf/OWcFOtk2bnIlfyMcw68vTbD8:gxbsGvYXd8OtTbIsgTbD8","tlshash":"004302d3b5e9f610dd38c157a3d1c9da504483be3e938d0bebbe402629fd56840a6f16","first_seen":"2023-08-17T12:39:32Z","last_seen":"2026-07-02T13:50:16.811647Z","times_seen":1790,"resource_available":false,"data":null}},"time_used":996,"timings":{"blocked":487,"dns":0,"connect":0,"send":0,"wait":429,"receive":80,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202508/_webp_size1884x434_f0f83841-a720-4f18-8acd-c726f4c1e685.jpg","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.496Z","timestamp":1783000176496,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202508/_webp_size1884x434_f0f83841-a720-4f18-8acd-c726f4c1e685.jpg HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:36 GMT\r\nContent-Type: image/webp\r\nContent-Length: 36728\r\nConnection: keep-alive\r\nEtag: \"52398a59ef91dae075d096fc4ff3afd5\"\r\nLast-Modified: Wed, 10 Dec 2025 10:48:28 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nAge: 10235\r\nCf-Cache-Status: HIT\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wEEBXQ14VP8D9fdKNale0SXOIjEXSMzPAG3E%2F05sJgy5QDz5mTjND1t5%2Fv2Lpon5szhXCI%2F%2BDx3gBNpN8h2hiyp%2BGTdgrQif4sV%2BTfeuvYJmXo%2BVRMQ02d3s46ZZKN8v4nNxGTO5BUKklb%2FXM3qP2Wg%3D\"}]}\r\nCF-RAY: a14e1d61aad20703-HKG\r\nalt-svc: h3=\":443\"; ma=86400\r\nCache-Control: public, max-age=2592000, immutable, public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nServer: Nginx\r\nL-Safe: 1783000176=NdFBkxXc2aBuloZavKUBNjKtLnFCMcJ7RWx+tgtmSmceEy/OZPV6RefCdc30KPcfeVDI36FETqNEwf5TswFffXfgYhDudGSbB7xHa4WI15N4GY5d4tS34h8zc+0+b2VX7WRkQOSrwF8QRMiWISfiBhc1iArFZfopyF5UhnQetX8GyWkheDnQDv+qB1PtbJmJ\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283919f231797fecb17\r\nX-Cache-Status: BYPASS\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":36728,"size_decoded":37893,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1884x434, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"52398a59ef91dae075d096fc4ff3afd5","sha1":"715ca96c95f7b75bd6343de6602afcc7e7ccf18f","sha256":"2e8e6e9cbe50fbf5f51840e5623faf0f36db820671ff2be4b6b081cb1291e12e","sha512":"c07a7de6ef0d1d3354bcadee066770459b970a5055407f504cfdabf079769658313aa63c703e8368197fd058aa17ef6dcb3370f91b189afa43ca1d9fdb4d348e","ssdeep":"768:sBvs73CSqIdqVjockR0g1C89hQMFd0gAgojNSB5uZE259v14vG:sBvs7vDacRR0g1C89hV0gA9SBgn59NSG","tlshash":"7cf2f173d312052e65293ba2aa1c6b7b2cff7e34c77d82d150a278570d01adb07ac764","first_seen":"2026-04-24T23:10:16.817294Z","last_seen":"2026-07-02T13:50:16.812302Z","times_seen":435,"resource_available":false,"data":null}},"time_used":970,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":709,"receive":261,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/3045f915f22b45c4a39849bb5f3fcc8e?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.741Z","timestamp":1783000176741,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/3045f915f22b45c4a39849bb5f3fcc8e?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:37 GMT\r\nContent-Type: image/png\r\nContent-Length: 4897\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 38947\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"3045f915f22b45c4a39849bb5f3fcc8e\"; filename*=utf-8''3045f915f22b45c4a39849bb5f3fcc8e\r\nContent-Md5: pf2ah8LYwc2VM3WNarzLoA==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"FvyqCaSUfAsyA3rOhnqZBtkQvIGW\"\r\nLast-Modified: Fri, 26 Jun 2026 21:22:22 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg121;QNM3\r\nX-M-Reqid: D8wnHhXVt\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: Vy8AAACpRt3KWb4Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4897,"size_decoded":5652,"mime_type":"image/png","magic":"PNG image data, 250 x 167, 8-bit/color RGBA, non-interlaced","md5":"a5fd9a87c2d8c1cd9533758d6abccba0","sha1":"fcaa09a4947c0b32037ace867a9906d910bc8196","sha256":"d4a5f911e9f6a77f58aa87349787ad2101516898fc33d5718c639547e5f3b14a","sha512":"96b924b839d9ea1e690c2340bbc55b59f84fb28abbc45fb41f124f329867c48e6016116ce4f04f619bc9f9921ab3c015689a2f13e29c67ca944ef7dc231de14c","ssdeep":"96:2Wr0NAvBN01/0gpi+0W61ewDi4FREcIrZr/CJJP:2WgMBNKsgpv0l1e/IREtZ/CJJP","tlshash":"caa11c7ba9b9b46f9f7a0b2407de2705d835d66e0793842e0129901f4173d2276be7c2","first_seen":"2026-06-06T20:30:41.796313Z","last_seen":"2026-07-02T19:51:45.205979Z","times_seen":17,"resource_available":false,"data":null}},"time_used":779,"timings":{"blocked":-1,"dns":0,"connect":254,"send":0,"wait":262,"receive":0,"ssl":263},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/62208bc88b1f4c48bd84155dfdb0cae4?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.746Z","timestamp":1783000176746,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/62208bc88b1f4c48bd84155dfdb0cae4?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:37 GMT\r\nContent-Type: image/png\r\nContent-Length: 9740\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 6716\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"62208bc88b1f4c48bd84155dfdb0cae4\"; filename*=utf-8''62208bc88b1f4c48bd84155dfdb0cae4\r\nContent-Md5: WuqMj6Fc7OL9tN5PHBb3oA==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"FixOz0qBoiWg71MGCXg3NVP9Yxkk\"\r\nLast-Modified: Thu, 25 Jun 2026 21:21:37 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg121;QNM3\r\nX-M-Reqid: 2VCJGXzUj\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: zs8AAACkGUwbd74Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9740,"size_decoded":10494,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced","md5":"5aea8c8fa15cece2fdb4de4f1c16f7a0","sha1":"2c4ecf4a81a225a0ef53060978373553fd631924","sha256":"8a6c78c6ebf34c56d3171dc65a65c807323bb28d250ad41073dee383ba0ec4f9","sha512":"3a0421b6ae10235d5ae06225d4c91384ea821800e59efe251443a8fe337611d23012ccb762540b0cd953770e1b5759b485a5720366f0e71d8287bd38c6066e95","ssdeep":"192:nRAsKl4MYzfIbnGmkx2cB4qXrnvZwnJbmkEk/ydSWIdm4GIkKgGF2BN:nRATiMYbIbnPkx2WRrnv2J5/yd+dm4f+","tlshash":"5912ae4d21cae42fef4446c55a3a00233dbf53da3109e93ce0562fb1325edb9c5a806c","first_seen":"2025-03-18T20:23:42.31275Z","last_seen":"2026-07-02T13:50:16.813698Z","times_seen":43,"resource_available":false,"data":null}},"time_used":982,"timings":{"blocked":702,"dns":0,"connect":0,"send":0,"wait":280,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/2a882bed35bf4957b4d356879916fed1?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.895Z","timestamp":1783000176895,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/2a882bed35bf4957b4d356879916fed1?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:41 GMT\r\nContent-Type: image/png\r\nContent-Length: 99369\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 6571\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"2a882bed35bf4957b4d356879916fed1\"; filename*=utf-8''2a882bed35bf4957b4d356879916fed1\r\nContent-Md5: iS23IRQtBD8eRf5nex2sCw==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"FtMd_GjcfNhDGgxWbJvjISdSpH0A\"\r\nLast-Modified: Tue, 19 May 2026 13:58:11 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg119;QNM3\r\nX-M-Reqid: FfwN8V3TD\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: kewAAAAumRM-d74Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":99369,"size_decoded":100124,"mime_type":"image/png","magic":"PNG image data, 300 x 390, 8-bit/color RGBA, non-interlaced","md5":"892db721142d043f1e45fe677b1dac0b","sha1":"d31dfc68dc7cd8431a0c566c9be3212752a47d00","sha256":"4f4a751d49d688c15687dfe96fa593ed66371e4e587f5f7eeae44fd00fba7486","sha512":"0d7a2446322414a31f7da70644adccb8e4e1e5d01d98333d4ed027d0b08ca5d91c89d3f5f008a45de1fd6c955aae638c39eb7e0ce79a09491bdca54df14c9b96","ssdeep":"3072:MIlIsPv4e3xREI00iwX1Ctf5mI+Ayn7ORS6/:MJkRE0iaL+Z","tlshash":"0ca312c7021dc4c0e3dc5e327384f729ea6b66d994c1a7c53cbe14fb61e7899132258a","first_seen":"2025-03-31T13:06:08.244232Z","last_seen":"2026-07-02T19:51:45.182317Z","times_seen":71,"resource_available":false,"data":null}},"time_used":4619,"timings":{"blocked":4191,"dns":0,"connect":0,"send":0,"wait":271,"receive":157,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/img/LOTTERY.4e81790a.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.955Z","timestamp":1783000176955,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /img/LOTTERY.4e81790a.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:38 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-e929\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000178=rgsd0pWZBr0l5Ng5mIi2GDeTGvudQ6H9sjIO8r6cNqkJRHp69lh1vPgi97tRhC6q7YvYpiLtI+fH13Ni7zoR1wtp1uvO4un5Wk5MtbZcN/OkYbkYx5eCAUgVTLDmmsTiOjckzdOzxKOTE+4dIP9SNQ3fl1UZ1aLhtGBIiZPtL7LBzFPaQsoRNzEsnw6Yx03t\r\nAge: 0\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283019f23179f75c76a\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":59689,"size_decoded":60427,"mime_type":"image/png","magic":"PNG image data, 582 x 307, 8-bit colormap, non-interlaced","md5":"f86c9671c7aed55212fe0eb5219a664d","sha1":"6e765dfb0ce3c646d8c808940071554e78e7d409","sha256":"4ba3fff550a17eff9585d6acbc4a96bd515149510f6a8bb7638985fb4b41a181","sha512":"706aa66f138a3459eaf34f5b7a8ffed3dfacecec6adf14a2e83f1149143cfbb059f97aaaac2032587a80c0e30c62e5b46b07b4dc6f3cf5925e6e1db2a8ed45d6","ssdeep":"1536:Cyp1EBaRnsFt9ZXZj0wEYsRvqm1waPbZsY:CLB+sFtzXN0w2ym1fFsY","tlshash":"914302f36beb0bc5b07adbcf4ed354f0067a71496b42dcd44f4120e61ea6199bac420a","first_seen":"2023-11-10T19:12:00Z","last_seen":"2026-07-02T13:50:16.815173Z","times_seen":1674,"resource_available":false,"data":null}},"time_used":1809,"timings":{"blocked":1450,"dns":0,"connect":0,"send":0,"wait":336,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202503/_webp_size649x578_d991353f-39ff-4552-be18-848fc3fabfb2.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.037Z","timestamp":1783000177037,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202503/_webp_size649x578_d991353f-39ff-4552-be18-848fc3fabfb2.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:39 GMT\r\nContent-Type: image/webp\r\nContent-Length: 47886\r\nConnection: keep-alive\r\nEtag: \"ba0be3142a5adac8fdffb8c21b319dbb\"\r\nLast-Modified: Sat, 06 Dec 2025 06:30:09 GMT\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VgXXIoby4hyDP9%2BCs5QMkx1yUooGGf9nEdHTOkumAngVa%2Baho%2BHIalB1f%2Fxwv%2FDF5k9De%2Fua9NjrnhCMKh7eodBfsNJMOtSHlgnRtUJ21G%2FcqYdJ8jNecHQnv5hJCOuy81xitMKMPcjuxL6iWz%2BCyOY%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nAge: 0\r\nCf-Cache-Status: HIT\r\nCF-RAY: a14e1d740e0a6682-HKG\r\nalt-svc: h3=\":443\"; ma=86400\r\nCache-Control: public, max-age=2592000, immutable, public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nServer: Nginx\r\nL-Safe: 1783000179=3wO66BVSV5R6/mgkpnnrprcbt1xV9ECfXJZrLFZ7c74ted537YpWSkHEyyYMH6WWkFPX7l3e0fZBtJhYxt4jkZpIedH78HDhXuz36KSqnISOfnjBuvLGf4G64mQwIQUkqyHtP+htEtyFDSzt9wHsPubKoADySk/KIXwi+qaU0LLlw5aS+J0d3MDZBzmFtg4f\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282e19f2317a47ad007\r\nX-Cache-Status: MISS\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":47886,"size_decoded":49045,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"ba0be3142a5adac8fdffb8c21b319dbb","sha1":"86a3734ad3716c5ecf67412f804a881fc9eaf4ca","sha256":"c3d9e9184bc542699b269037e068dd63803352fc1feaf06695ec888185f77bd0","sha512":"da43e90eef8c8f0aa5daf006910fe64bb579b9a0083df3c06b0f21c8f175d5dacc0b31009365ec391f0482e62f0b8449b98407b5a2423c20fc021aeead097296","ssdeep":"768:zpFTQF6ySs7gk0G8b/lE4qxGPlMt63JKVB/JmKjmz+0N2pqQg6yQV:fpyt7y/y4qoet63UbJRa+Fqwy4","tlshash":"ec2301147718d91012a1a6dbebcc1b6d6cae4947a4457a338d8770ccc7bdc9ee53ce82","first_seen":"2026-04-24T23:10:16.87696Z","last_seen":"2026-07-02T13:50:16.815897Z","times_seen":434,"resource_available":false,"data":null}},"time_used":2952,"timings":{"blocked":2599,"dns":0,"connect":0,"send":0,"wait":341,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202606/_webp_size1298x1156_317f68a9-d367-4c78-837b-bba9a02cccbd.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.040Z","timestamp":1783000177040,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202606/_webp_size1298x1156_317f68a9-d367-4c78-837b-bba9a02cccbd.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:39 GMT\r\nContent-Type: image/webp\r\nContent-Length: 104872\r\nConnection: keep-alive\r\nEtag: \"7225fe319e0063733dc28dc3cc064ba5\"\r\nLast-Modified: Tue, 09 Jun 2026 11:46:19 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nAge: 0\r\nCf-Cache-Status: HIT\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2Bf3t%2Bsbof2%2FLn%2Fz9fxF%2BgmJUwNMEdVxRxaf9sfutZUWL4KxuD7Sa6fH6CDCtkH6atROremMeoFNt07V7YYUzMcp3nKQwOAVdvu9U2s0f7YPIfOgyf2i7Zyc7e8k%2BDzCbyb9kBmdKZffDC4jsvtkK7Tg%3D\"}]}\r\nCF-RAY: a14e1d7468b3bcca-HKG\r\nalt-svc: h3=\":443\"; ma=86400\r\nCache-Control: public, max-age=2592000, immutable, public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nServer: Nginx\r\nL-Safe: 1783000179=3wO66BVSV5R6/mgkpnnrprcbt1xV9ECfXJZrLFZ7c74ted537YpWSkHEyyYMH6WWkFPX7l3e0fZBtJhYxt4jkZpIedH78HDhXuz36KSqnISOfnjBuvLGf4G64mQwIQUkqyHtP+htEtyFDSzt9wHsPubKoADySk/KIXwi+qaU0LLlw5aS+J0d3MDZBzmFtg4f\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282b19f2317a4a0ccb8\r\nX-Cache-Status: MISS\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":104872,"size_decoded":106028,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"7225fe319e0063733dc28dc3cc064ba5","sha1":"3ace9d566c5ba5d7547e966b52a7718aba214871","sha256":"8512dfacfdccfbee2dcd4b545bfcf151229cf83d6f5ea6d4762d9fa1dbb52724","sha512":"6fc35795ed02e0af6d9e8593948460d2d159871ef64d68fcdb6c3849e1d04e095df2f083e371ad185dec337852c56fe8772e51ba5c23127db88ca78d2b887c20","ssdeep":"1536:Lbtnypjj4aiFU6CcwUrT7oxzAjzIVbxV6FscOAlMIUZdH6/8JEfuI1Q/QY:J8jpAU6iUn7oxzAjzIVbOVlhUZdH2T1","tlshash":"47a312041207b12ef9eecc769e4f92c16d190c357cde1a676abb74c8e206e174d4e8ac","first_seen":"2026-06-12T19:29:57.257753Z","last_seen":"2026-07-02T13:50:16.81658Z","times_seen":93,"resource_available":false,"data":null}},"time_used":3023,"timings":{"blocked":2637,"dns":0,"connect":0,"send":0,"wait":350,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/css/home.1781011881923.38488e2a.css","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:34.168Z","timestamp":1783000174168,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /css/home.1781011881923.38488e2a.css HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:34 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-163b3\"\r\nCache-Control: public, max-age=31536000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000174=wWdLAvL7giG3ugqAOzp8kD+MaGSfg3qXUEZVe6MYGcqorkzZ3o9ReiRy6Cb1aZuYSDRP2kPvmsecI7BI38u3mC0q811EYMXtu2qoUkxaoIUn84jsxRwtAF9sNX/UFg9xm/UZO5wqqXb10AsOnTF+oOlEgTc8qRgKJOKkqHymC+fWJj+cqNyXb80wn4A1mksQ\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283719f23178ee5ccff\r\nX-Cache-Status: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":91059,"size_decoded":33286,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65528), with no line terminators","md5":"e74f15d7fec8fd844f3f07595fad8d36","sha1":"6b072e1cd8db98eabc09e33e5aaecec0fa1f385a","sha256":"e0a518c123b57bf6db4c12b779cb9414056760733b9d1d59ccd160d4ce0f08d2","sha512":"74d96ef5f45097c02d494946f446bb8a1d5fb7b89389543f9c278b5b93678e4b50e75ae534fa8ded5c2b377381acd47403d8baadcf01676bed44d997eae44d1b","ssdeep":"1536:fwRzO3RM7jufawS2d3a8WiLKbzGhbG9jpXdNdp9khN+sJ/:fBiuSJwLUK09j7p9khN+C/","tlshash":"20933b76a610253db427ca72baf05bd8b524c846d7634a3df2537e25cbc72f21236394","first_seen":"2026-06-12T19:29:57.241174Z","last_seen":"2026-07-02T13:50:16.817236Z","times_seen":137,"resource_available":false,"data":null}},"time_used":366,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":326,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/71a7e153592a4b769eb2a97c5407e70b?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.865Z","timestamp":1783000176865,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/71a7e153592a4b769eb2a97c5407e70b?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:40 GMT\r\nContent-Type: image/png\r\nContent-Length: 187474\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 49765\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"71a7e153592a4b769eb2a97c5407e70b\"; filename*=utf-8''71a7e153592a4b769eb2a97c5407e70b\r\nContent-Md5: cx4vHEJNcpDw+hUiZgLYlw==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"FrPe8b0DYXjFpPHJvFrcecJR61Bf\"\r\nLast-Modified: Tue, 19 May 2026 13:58:01 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg119;QNM3\r\nX-M-Reqid: 1Gv9EvUq6\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: 7ukAAAAXPcr0T74Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":187474,"size_decoded":188231,"mime_type":"image/png","magic":"PNG image data, 1600 x 1836, 8-bit/color RGBA, non-interlaced","md5":"731e2f1c424d7290f0fa15226602d897","sha1":"b3def1bd036178c5a4f1c9bc5adc79c251eb505f","sha256":"05107a429a5659a40797760839004adc6dafe7e352359d148e3155fba0674614","sha512":"7cc3b955c034b6dbfcd3d5968103e1948fee56ee520313a8dfca4e35e0a9d74d48533fe49a9d8cee13f2b6a107f6a3f70e71388b1e82bc815c272f0352be1ef0","ssdeep":"3072:Y82Dj5Q0cDI/Lpf9q3/+otdlUewSmmH/J+ROt8/n2k6ze2P:r2DF6U595otO4JftE2HbP","tlshash":"cb04e1a6f2b68fa3d437a03915512326e80e418cd05ece795fbe23605f4a38677b8d45","first_seen":"2025-01-20T00:48:57.824574Z","last_seen":"2026-07-02T19:51:45.21666Z","times_seen":23,"resource_available":false,"data":null}},"time_used":3818,"timings":{"blocked":3205,"dns":0,"connect":0,"send":0,"wait":285,"receive":328,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/080d69e108d6494a8a6a0e5979a3d9ee?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.883Z","timestamp":1783000176883,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/080d69e108d6494a8a6a0e5979a3d9ee?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:40 GMT\r\nContent-Type: image/png\r\nContent-Length: 18625\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 13778\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"080d69e108d6494a8a6a0e5979a3d9ee\"; filename*=utf-8''080d69e108d6494a8a6a0e5979a3d9ee\r\nContent-Md5: RseaIbU+Roni9murH7jZRw==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"FuFJQoBS9W1mY1A2qujUELEinPvU\"\r\nLast-Modified: Sat, 23 May 2026 16:13:46 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg121;QNM3\r\nX-M-Reqid: DZkKWpkBg\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: XgkAAADkq6CvcL4Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":18625,"size_decoded":19381,"mime_type":"image/png","magic":"PNG image data, 99 x 99, 8-bit/color RGBA, non-interlaced","md5":"46c79a21b53e4689e2f66bab1fb8d947","sha1":"e149428052f56d66635036aae8d410b1229cfbd4","sha256":"68b6793fa3c3a1aa164e94bf58613797a812e8fdf056d1cdf61089b0aaf134f6","sha512":"af4d27a530e1722d94b94f480c4751ce7e4c8d82162b6acf70bd8fbc8711fb7d480bb03e8fa10322130ec20f2c34eb5a14aa2d17b4c6095d053899941f36f645","ssdeep":"384:UMKbXAWTKJShYZCjMZosWc9DTWF7bfuFOv0TOWTHcFe4uyouRq//o8As:nAwWTKckyMZRSFHBjJwVQVs","tlshash":"f882e1a92f3187fc3d281e4f176937a16ffa78ff1a28084d85466204fd884dbca09964","first_seen":"2026-03-28T09:09:21.036889Z","last_seen":"2026-07-02T19:51:45.163864Z","times_seen":9,"resource_available":false,"data":null}},"time_used":4019,"timings":{"blocked":3742,"dns":0,"connect":0,"send":0,"wait":265,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/gpmaster/_webp_size328x442_9986c108-3fd7-4f35-9443-f78ce32e1660.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.104Z","timestamp":1783000177104,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/gpmaster/_webp_size328x442_9986c108-3fd7-4f35-9443-f78ce32e1660.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/js/index-399e2569.1781011881923.9d909473.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:31.528Z","timestamp":1783000171528,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /js/index-399e2569.1781011881923.9d909473.js HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:33 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-5cdf\"\r\nCache-Control: public, max-age=31536000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000173=OxtiLSZypOd/3GpkdMh/Qlj7mb5uQpI+QPVV7J9PzMA8uZWhKnqgc7XKieUFl/zPGxZ/I8r59A54jtOqCQQLj0R67lm5E4v/ebaILwucuF/gykM2PWcBtSd8syW86mNexB+fUW/cNUUve94aIRMs8mwuw5spbkf4YYv1dDc+69iqnBZ17WtpsoSLm/w7vno+\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282b19f23178b8ccc91\r\nX-Cache-Status: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23775,"size_decoded":11338,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (23775), with no line terminators","md5":"a89a32dae8cc80557b581a69e02f0d02","sha1":"00f9cfeca127af0a139c0670ed8d2e2e7ccf673b","sha256":"6f97c8ce9605a8e9e80a699696c70ec26a4b9bce20badaa6947bf4e5ac52e9d2","sha512":"2ca5bc054575932085e6cd6529613a94f145aa9a3b7731fb85b97b27286a882043110ab45b7eb4673228185ce1560b47968d3aa7b77492f17abf82e778076a9b","ssdeep":"384:pZTANHmDGIaVPkrTBTcK8K+Ehn6A3zgJ9Ks/fT5qZsxbt85F3oWf0Af/nwtU8Zci:znDGIYPkPVf8K5hn33UnKofy5FYxAfPY","tlshash":"e2b2b6e63392bdb8c24f9676f23a58ecc43f9141c30fc4f8d265bd947d98644aa92784","first_seen":"2026-06-12T19:29:57.227313Z","last_seen":"2026-07-02T13:50:16.819311Z","times_seen":153,"resource_available":true,"data":null}},"time_used":2105,"timings":{"blocked":1774,"dns":0,"connect":0,"send":0,"wait":331,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/ecb/8f83064248a6651521ab9b26970d60fa83f0bf5f79fe68600101b67707c272184849423924c3e9832923a30acedcbfec8ac50fef89fb","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:35.939Z","timestamp":1783000175939,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /ecb/8f83064248a6651521ab9b26970d60fa83f0bf5f79fe68600101b67707c272184849423924c3e9832923a30acedcbfec8ac50fef89fb HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nContent-Type: application/x-www-form-urlencoded\r\nx-request-source: https://j106y.vip\r\nXign: RsvD49CZg2VIDYUMpHIuORNqrcVXUwMEHM9xkdABBLt7TL0B9KbLs4C191fM31TJApqZJBIG/X9CU/84LrQRa2gneQducN5FrSM9KE/v7wltNWPoRZGsND5XxKmQ/2TS8yMmxGxeuQv4Pry6F1gPkShM6A1P/y//+i6bZRN4YAM=\r\ntimestamp: 1783000175931\r\nsign: d3m1g60e7o4k2n7h\r\nversion: 5.6.12.0\r\nclient-type: web\r\ndevice-id: wtZjiNmmYm4mYBwpzNKrht4ssYykCjyC\r\nlang: zh-CN\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:36 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nExpires: Thu, 02 Jul 2026 13:59:36 GMT\r\nCache-Control: public, max-age=600, s-maxage=600, must-revalidate, stale-while-revalidate=30\r\nX-XSS-Protection: 1; mode=block\r\nX-Request-ID: 723ff78e5f0746beb5f143f780400bbf\r\nPragma: public\r\nX-Content-Type-Options: nosniff\r\nStrict-Transport-Security: max-age=63072000; includeSubdomains; preload\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true, true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000176=NdFBkxXc2aBuloZavKUBNjKtLnFCMcJ7RWx+tgtmSmceEy/OZPV6RefCdc30KPcfeVDI36FETqNEwf5TswFffXfgYhDudGSbB7xHa4WI15N4GY5d4tS34h8zc+0+b2VX7WRkQOSrwF8QRMiWISfiBhc1iArFZfopyF5UhnQetX8GyWkheDnQDv+qB1PtbJmJ\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282b19f231795fecc9c\r\nX-Cache-Status: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6698,"size_decoded":7731,"mime_type":"application/json","magic":"data","md5":"9b12746c2b5339c383b2a86475c1399e","sha1":"5ddaedde38e6e169a61911b974d827e8c4398a26","sha256":"6f78b32e362421e259a83fbeb9af7421170514195f5f0e3771bf2775e08182a2","sha512":"88ad1f89b1de600581219f3cf0960fe554643aaa558aca751b0ff05d13bedce4535f02bc05b1d4caf9c9cd15113cedd0e379d3ffa2a6e60ea5c7ac8e71d6bab6","ssdeep":"192:VYj3/Gi/7YtYtezNE53FwineFcGcId4AaWFV86qTLkZLL/ql6zs2cB+XcBJu0uwu:i/dn8zcFLlyaWFV8LTLk1Dv42cB+XcrC","tlshash":"dc22af080615e3c0dad98cf6745f2df06f1463a085b47efceb58d67b1a8831c229e95a","first_seen":"2026-07-02T13:50:16.63338Z","last_seen":"2026-07-02T13:50:16.63338Z","times_seen":1,"resource_available":false,"data":null}},"time_used":493,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":493,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/d4daa73bc147408eb2a3ec7fe5129f0e?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.807Z","timestamp":1783000176807,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/d4daa73bc147408eb2a3ec7fe5129f0e?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:38 GMT\r\nContent-Type: image/png\r\nContent-Length: 39147\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 89361\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"d4daa73bc147408eb2a3ec7fe5129f0e\"; filename*=utf-8''d4daa73bc147408eb2a3ec7fe5129f0e\r\nContent-Md5: 6yFHYXFwVyzch1Re+ZrcUg==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"FnoIwEf22viJ0YmYrOS8OvhkZn6Z\"\r\nLast-Modified: Tue, 19 May 2026 13:58:01 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg121;QNM3\r\nX-M-Reqid: jOVZPkzWO\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: AX0AAACUQ0PxK74Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/1b24deca8d664b29a5262fdb444193e8?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.854Z","timestamp":1783000176854,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/1b24deca8d664b29a5262fdb444193e8?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:39 GMT\r\nContent-Type: image/png\r\nContent-Length: 51107\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 53370\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"1b24deca8d664b29a5262fdb444193e8\"; filename*=utf-8''1b24deca8d664b29a5262fdb444193e8\r\nContent-Md5: dD6MKELvcSj4XPuJKdTWuA==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"FsatTEUlq6AQdU-9V5XyMju6vi2Z\"\r\nLast-Modified: Tue, 19 May 2026 13:58:00 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg121;QNM3\r\nX-M-Reqid: VqxTw5blR\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: -rIAAACcm06tTL4Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":51107,"size_decoded":51863,"mime_type":"image/png","magic":"PNG image data, 286 x 286, 8-bit/color RGBA, non-interlaced","md5":"743e8c2842ef7128f85cfb8929d4d6b8","sha1":"c6ad4c4525aba010754fbd5795f2323bbabe2d99","sha256":"d92d32d74d6e2397eb060ea4d150cd48fedad2e3983834682b3b13120d0fee96","sha512":"22f064bc6e86701a3fb42e7bc8ce413e9062610a029916623c701b5d3cf100e7edfbec7be81bffa4d561aea9865e6f8c0959699d7ca9a2a8efc3a653bf1fd4fa","ssdeep":"1536:R9Fy/lJWPCgLvSxBwtWPb93Pv9f0IANZnBeL:RC+PCgDEG0fcTNjeL","tlshash":"1533023cfad8448c96186157b0d45e6d5e1ba49cf05a5780b313cfaebfbadc4136c062","first_seen":"2025-01-29T13:39:14.63162Z","last_seen":"2026-07-02T19:51:45.213616Z","times_seen":24,"resource_available":false,"data":null}},"time_used":3301,"timings":{"blocked":2871,"dns":0,"connect":0,"send":0,"wait":288,"receive":142,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"photo.365live88.com/img/fb/team/cb474629448046a6b508dc85f154d204?win007=sell","fqdn":"photo.365live88.com","domain":"365live88.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.884Z","timestamp":1783000176884,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"photo.365live88.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Sat, 01 Nov 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"45:76:43:9C:31:C5:89:A6:99:FD:9B:D8:6C:A9:3A:E6:2F:D6:E9:80","sha256":"73:27:CF:D8:8D:AC:95:46:00:5D:67:05:1E:70:22:3E:17:F0:94:78:CD:6F:A6:9C:C8:5F:B5:3B:75:60:3D:C8"}}},"request":{"raw":"GET /img/fb/team/cb474629448046a6b508dc85f154d204?win007=sell HTTP/1.1\r\nHost: photo.365live88.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 02 Jul 2026 13:49:40 GMT\r\nContent-Type: image/png\r\nContent-Length: 17954\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-Log, X-Reqid\r\nAccess-Control-Max-Age: 2592000\r\nAge: 13778\r\nCache-Control: public, max-age=31536000\r\nContent-Disposition: inline; filename=\"cb474629448046a6b508dc85f154d204\"; filename*=utf-8''cb474629448046a6b508dc85f154d204\r\nContent-Md5: 1P1ep6JWaeDXxV49d2QY1A==\r\nContent-Transfer-Encoding: binary\r\nEtag: \"Fl7qnLtnaHjmCIcAdYkz_UiZRkNW\"\r\nLast-Modified: Sat, 23 May 2026 16:13:45 GMT\r\nX-Log: X-Log\r\nX-M-Log: QNM:wldsg119;QNM3\r\nX-M-Reqid: xYXs7Pf7x\r\nX-Qiniu-Zone: as0\r\nX-Qnm-Cache: Hit\r\nX-Reqid: _9oAAABwf6uvcL4Y\r\nX-Svr: IO\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17954,"size_decoded":18710,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"d4fd5ea7a25669e0d7c55e3d776418d4","sha1":"5eea9cbb676878e6088700758933fd4899464356","sha256":"7b83747a531b8c85dfddd756d11dfa11259e7857f411b9acb115f8d199c23f24","sha512":"926e5b144e71e2b49a6a1671a3677c179ea99b848f66537c450a3a8d31248ea2c910c44300bbbafea06e127c1621a94bdaebbe1f904e1661095bdf8e03b16c71","ssdeep":"384:uBmMJKObzPuNF00rIaEQ/Gf5CgGO8y9CRwpNMmgA8hLXH:uBmMYObzOOOp/GhCgGO8y9SwYm7Y3","tlshash":"0a82d140a5fe60fe4fd3647881a6d4961339b9ecd213b45b342bba4013f752271b1bb5","first_seen":"2025-03-28T02:30:49.065493Z","last_seen":"2026-07-02T19:51:45.178391Z","times_seen":11,"resource_available":false,"data":null}},"time_used":4084,"timings":{"blocked":3814,"dns":0,"connect":0,"send":0,"wait":268,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/gpmaster/_webp_size328x442_b1b5acd8-3851-4b06-8e10-d549f7f09d1b.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.106Z","timestamp":1783000177106,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/gpmaster/_webp_size328x442_b1b5acd8-3851-4b06-8e10-d549f7f09d1b.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/gpmaster/_webp_size750x590_1103f977-5f3c-414d-8305-ab6884e8769c.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.113Z","timestamp":1783000177113,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/gpmaster/_webp_size750x590_1103f977-5f3c-414d-8305-ab6884e8769c.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/config/initGeetest4.js","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:31.506Z","timestamp":1783000171506,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /config/initGeetest4.js HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:31 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-3a7f\"\r\nCache-Control: public, max-age=31536000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000171=3ij61lhseI31F3UnQVuXjzGQjzqdbei8CD0HyPDczYO/7PQxr6Ye7P/lIYM5GRJnMN18ipj/a0byiPMay64a2xCJ4utz7wnubM1R1mmpLOAtbLVuN0TWZQDyjWJTj08i/CA2jW11n20J9eJbw3qYOWWe6fVWYUYpujUIZW42djiEj0PPGQ1BXIn4xMvlNqfM\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 283719f2317847fccfb\r\nX-Cache-Status: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14975,"size_decoded":5043,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"87855e19802d75b55afa7bcf3af515c1","sha1":"4af373375728a98d623f2299a68a91e150f2672e","sha256":"9ec8a5ef8c8ffe369dd1a5c4730dce6570c0d90955798c0be4ac04ef1c8f4baa","sha512":"3baa6d9e916abfb3d38b7ebb9372c5987e8f10534bb978383751c0094f8f5a3e764f9b8e44a73d9d4871cbaeca7e1939f0ffaf9499af5c4a71f64c3588167d85","ssdeep":"192:23aP8Ha0D+Nu5dq+EvNiqc4K25MB5VYaiQwSL4SScQVy8QRHIsGiz0iX9rES6Myy:2fe61w1iXKb2sMGUI+KQTwwHlB","tlshash":"00621d0d68f764534553b4388b9fb014b5388a53042cde41be9ce354afa843d9bbabdc","first_seen":"2026-02-16T20:32:40.162764Z","last_seen":"2026-07-02T19:32:29.486752Z","times_seen":1025,"resource_available":true,"data":null}},"time_used":320,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":320,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/ecb/8f8306425eba6e0167bcdb25a31b67ec8f","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:35.936Z","timestamp":1783000175936,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /ecb/8f8306425eba6e0167bcdb25a31b67ec8f HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nContent-Type: application/x-www-form-urlencoded\r\nx-request-source: https://j106y.vip\r\nXign: SSJOw/8z9ZzIuGydC4rhKBo6eMR4gMvoTiT4oO6c9ddfRgpjwKso1cG1BzR8IwEdNMLOHigonZtTviD1gNEfAVxUsAF+gSj2rsDl+KSUt4OXPedDSxhDMlCGJBpSK5dk+al4yH4r0DL+DF1xn3fL5302XaBf4GHA7F9amVStucQ=\r\ntimestamp: 1783000175931\r\nsign: 2k35234f7m7f7t45\r\nversion: 5.6.12.0\r\nclient-type: web\r\ndevice-id: wtZjiNmmYm4mYBwpzNKrht4ssYykCjyC\r\nlang: zh-CN\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:36 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nExpires: Thu, 02 Jul 2026 13:52:36 GMT\r\nCache-Control: public, max-age=180, s-maxage=180, must-revalidate, stale-while-revalidate=30\r\nX-XSS-Protection: 1; mode=block\r\nX-Request-ID: 975640d1223c4b49b9f35e624374488a\r\nPragma: public\r\nX-Content-Type-Options: nosniff\r\nStrict-Transport-Security: max-age=63072000; includeSubdomains; preload\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true, true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000176=NdFBkxXc2aBuloZavKUBNjKtLnFCMcJ7RWx+tgtmSmceEy/OZPV6RefCdc30KPcfeVDI36FETqNEwf5TswFffXfgYhDudGSbB7xHa4WI15N4GY5d4tS34h8zc+0+b2VX7WRkQOSrwF8QRMiWISfiBhc1iArFZfopyF5UhnQetX8GyWkheDnQDv+qB1PtbJmJ\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282f19f231795e7cbf2\r\nX-Cache-Status: BYPASS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4073,"size_decoded":5106,"mime_type":"application/json","magic":"data","md5":"ce86fbd44da207ab937e318befe3a7f7","sha1":"1f9d390802a0faf8d50f4aa554031fe741384a85","sha256":"9beb612b0a6c90b9798eb386b2050512512614ac4ff408a1fbbbcf8fc078be07","sha512":"70ed42ad1f99f985fffe5035eec2c3b3f6f2d0110c386b118492a0953eed3b2fba386ea4e66d1d16827fa2261a45867923aa24757b847cb6852f751abc21c73d","ssdeep":"96:eOGS7hTEAzTZf7EcsXxUCQA7Gx4jJ1onRw6THKH8r68yKmJINFfHtBD/Rj/FcpZu:VP7SalfgcUDQqGqjJIjGZKmJIxHXNbFD","tlshash":"0dd19ea91242b334a13363fa584c4ec54d8513eaf8e3ee12c205357aa9f214ff65fc11","first_seen":"2026-07-01T12:22:34.282555Z","last_seen":"2026-07-02T13:50:16.822156Z","times_seen":39,"resource_available":false,"data":null}},"time_used":439,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":439,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/img/bg.a361eb32.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.914Z","timestamp":1783000176914,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /img/bg.a361eb32.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://j106y.vip/css/home.1781011881923.38488e2a.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:38 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:10 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281706-25bd9\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000178=rgsd0pWZBr0l5Ng5mIi2GDeTGvudQ6H9sjIO8r6cNqkJRHp69lh1vPgi97tRhC6q7YvYpiLtI+fH13Ni7zoR1wtp1uvO4un5Wk5MtbZcN/OkYbkYx5eCAUgVTLDmmsTiOjckzdOzxKOTE+4dIP9SNQ3fl1UZ1aLhtGBIiZPtL7LBzFPaQsoRNzEsnw6Yx03t\r\nAge: 0\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282f19f23179dc8cbf6\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":154585,"size_decoded":155354,"mime_type":"image/png","magic":"PNG image data, 1440 x 806, 4-bit colormap, non-interlaced","md5":"99b1c0992c5c7fcbeb3e6ce75735becf","sha1":"e1e2dcc54eb34548302d9208923bab6d4da105ea","sha256":"8c6cd08cd8723790e6437d3611731207afec106dfc0ef380e1d17b912ba987e7","sha512":"8f1c1d8db6b95a1c1f778f9b39a68992f6fc72563d55cd9ae1f0f813e271a0ce6b02af6e1a79e9f3300f4452b18184f4398d69784fd744e639c0eb71e9992648","ssdeep":"3072:oyf+LTZ3U3ouh50C1GhZWRITJnV+Y1yhJSErL3zHYjNvP2G/mNA:oyf+h3U33xGS4JV+lJSE/TSuGONA","tlshash":"6be312c43f60657471f1c11e0a84e9c304f37d05bba72ca36ab5a5d4d688f2af2a3766","first_seen":"2024-12-10T05:06:38.814606Z","last_seen":"2026-07-02T13:50:16.822917Z","times_seen":152,"resource_available":false,"data":null}},"time_used":1590,"timings":{"blocked":1044,"dns":0,"connect":0,"send":0,"wait":348,"receive":198,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/img/ESPORT.4f4b51d4.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:36.951Z","timestamp":1783000176951,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /img/ESPORT.4f4b51d4.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:38 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jun 2026 13:37:11 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"6a281707-101b0\"\r\nCache-Control: public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nL-Safe: 1783000178=rgsd0pWZBr0l5Ng5mIi2GDeTGvudQ6H9sjIO8r6cNqkJRHp69lh1vPgi97tRhC6q7YvYpiLtI+fH13Ni7zoR1wtp1uvO4un5Wk5MtbZcN/OkYbkYx5eCAUgVTLDmmsTiOjckzdOzxKOTE+4dIP9SNQ3fl1UZ1aLhtGBIiZPtL7LBzFPaQsoRNzEsnw6Yx03t\r\nAge: 0\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282b19f23179e56ccad\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":65968,"size_decoded":66687,"mime_type":"image/png","magic":"PNG image data, 582 x 307, 8-bit colormap, non-interlaced","md5":"29610094acb703084f79c42c17547a7c","sha1":"3c824ba387e36bcce1a5f1d0d14b513fb278db9d","sha256":"8c3dc9ee49224eff4a37ec488ff0a413f3150ec7a62640a466a802750a573146","sha512":"db986acc62bb0d35583a1c298b468e1fa7869269c738eadc82b944b1a8f9b2c0723087db8a065d60495938e834337e72e3c438089d1d02ff90f4983e0d6461fb","ssdeep":"1536:ObUUUNbT8bJcHe4DyC8KLT/KKeRfm4AH7XAlzS7M2Z:rbgNcHwE/eshbE/2Z","tlshash":"b25302e1df60cb022efe65ca89acf12ae204a0a61476453f7a231d6f3744016af973c4","first_seen":"2023-11-10T19:12:00Z","last_seen":"2026-07-02T13:50:16.823629Z","times_seen":1678,"resource_available":false,"data":null}},"time_used":1554,"timings":{"blocked":1154,"dns":0,"connect":0,"send":0,"wait":376,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/gpmaster/_webp_size328x442_2cf32c0e-cd2d-4274-8e00-d67d14e5086e.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"154.39.104.136","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.095Z","timestamp":1783000177095,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"j106k.vip","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 09:08:39 GMT","end":"Sat, 26 Sep 2026 09:08:38 GMT"},"fingerprint":{"sha1":"70:B9:DC:71:F3:12:CA:D1:4D:BC:55:32:5D:10:FB:BB:ED:37:70:24","sha256":"3F:15:6D:08:1B:44:FC:A6:EE:D8:9A:D0:CC:C6:38:53:7C:05:1F:93:C1:CD:91:FD:C4:72:11:62:DB:D1:2A:A4"}}},"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/gpmaster/_webp_size328x442_2cf32c0e-cd2d-4274-8e00-d67d14e5086e.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 02 Jul 2026 13:49:41 GMT\r\nContent-Type: image/webp\r\nContent-Length: 7390\r\nConnection: keep-alive\r\nEtag: \"f111a1ab6243183e54c8c152a111da67\"\r\nLast-Modified: Sun, 09 Nov 2025 14:10:40 GMT\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=v4taIiUeb3dURvZJM5zRnxMLeJBuPQZyCPThJusaBSk0y6NJ2j1N7RSDpgTa4mD%2FVlynSYBC9N9EruepvOOUVD9590gcgYeEUH3tJAr3a5bxYgN8NS7rmEKpjMI5ytP9YGS7GNqtEyf8hbQIpuS%2Bjzg%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nAge: 0\r\nCf-Cache-Status: HIT\r\nCF-RAY: a14e1d80292704c2-HKG\r\nalt-svc: h3=\":443\"; ma=86400\r\nCache-Control: public, max-age=2592000, immutable, public, max-age=2592000, immutable\r\nAccess-Control-Allow-Origin: *\r\nX-Custom-Check: true\r\nServer: Nginx\r\nL-Safe: 1783000181=eGH6nTlY7PZVQWH/VL0+MFCf/2GNtpPgiS6qRKxbTGMNmnC7AwCfL7k00AKVcehImAAwzPCvLsSo/uLtLuwvTQPthrtKzxpQU1edstunNlqcynPw2GJXIWNhIogAaF31BUObeFlr0QzRmiyqXj4oBd9fAXFvx5HfcebP7FUBxYyP71+x0CBGfYeWR8y8tgdh\r\nL-VIA: l1=TqoDVanjjr6wMExF\r\nL-VERSION: 1782641232\r\nL-Request-Id: 282e19f2317ac06d00e\r\nX-Cache-Status: MISS\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7390,"size_decoded":8536,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"f111a1ab6243183e54c8c152a111da67","sha1":"64384e28a720752201bdef5fb2d779e3b9c85f09","sha256":"5cc2cf8571b6a9483514b5a6a4624cf867c12addfcffa3ed0ca5b24a2354dda1","sha512":"38c484611e089f275c9cad39c3978fde5cc040959db3de91ae8744ce33f66b4ecf40b01f464e2081395aa408bbbc6a6c7bd845799ae892a8611b04c24c2198f6","ssdeep":"96:0UX6jHvysggvfrPtYvuy3/9Ic5G1SB2P80d2QWAqhs0ufLIbqvfgJ965FkBYUU:vmqsggvf5Uuy3lQ1Yues0uDlngJY","tlshash":"4ae1bf2cec9e39805c1c3cb8a451111c6f08688cadcc8cd55915be29f277beab5d6e41","first_seen":"2026-04-24T23:10:16.706864Z","last_seen":"2026-07-02T13:50:16.82434Z","times_seen":413,"resource_available":false,"data":null}},"time_used":4847,"timings":{"blocked":4506,"dns":0,"connect":0,"send":0,"wait":341,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j106y.vip/jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202503/_webp_size649x578_d4d2b521-861c-48d3-89a5-438931453851.png","fqdn":"j106y.vip","domain":"j106y.vip","tld":"vip"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j106y.vip/","date":"2026-07-02T13:49:37.108Z","timestamp":1783000177108,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /jumpto/img/https://rcf-img-hk.gasdg646fs224cn.com/202503/_webp_size649x578_d4d2b521-861c-48d3-89a5-438931453851.png HTTP/1.1\r\nHost: j106y.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://j106y.vip/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-02T20:08:22.483338Z","times_seen":16921891,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"j106y.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-02","alert":"Phishing Block","trigger":"j106y.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}
