{"report_id":"c83fd080-d5a9-402b-b3f6-10b76a1ea67e","version":6,"status":"done","tags":[],"date":"2026-03-22T12:27:33Z","url":{"schema":"http","addr":"jy.vip.zuhaowan.net/","fqdn":"jy.vip.zuhaowan.net","domain":"zuhaowan.net","tld":"net"},"ip":{"addr":"39.105.138.72","port":0,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"final":{"url":{"schema":"https","addr":"jy.vip.zuhaowan.net/","fqdn":"jy.vip.zuhaowan.net","domain":"zuhaowan.net","tld":"net"},"title":"租号玩低价玩_cf租号_LOL租号_DNF租号_王者荣耀租号_租号推广加盟_专业租号_安全租号_租号平台","dom":{"size":89711,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (3839)","md5":"74656baf596f0fc61d6f56a1cae81ab7","sha1":"74686043e7edd3cc4ba7f6a5cbcd7e8ed7293717","sha256":"ead354d923b468cd3fadaeaceacc66d277382c4770aaf69234309a9511fa2b98","sha512":"1d1b4af7f65801de6d5f80108f91b698d5e4c4bd151fe3ed0825ab4617ab660dcc29eca8bbd624246d88d381743e9d9121f5531ec250a9fd3fe7fb7f473fd4a6","ssdeep":"768:hBNklFaEtXKE1xfGmrIqxa/9S5OY/XfYwjDYJYtLKLY8zEyi/MSY6VKX4GTS8JKm:hsfikJ/XwwjMuNVdMtfT5TA3CboI7","tlshash":"1693e0508bf1e933007381d723759f25ede39027d692294433ec0b66dfcae51b61baa9","dom_hash":"domhash5eaafabcafe9b98a3d96b88f3c9da586","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"jy.vip.zuhaowan.net/","fqdn":"jy.vip.zuhaowan.net","domain":"zuhaowan.net","tld":"net"},"ip":{"addr":"39.105.138.72","port":0,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-26T12:27:33Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zhwpic.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"bd-track.zuhaowan.cn","ip":{"addr":"47.114.113.108","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"domain_registered":"2014-12-02","domain_rank":0,"first_seen":"2023-02-06T05:31:24Z","last_seen":"2026-01-02T22:03:55.40166Z","alert_count":0,"request_count":3,"received_data":483,"sent_data":1575,"comment":"","tags":null,"fingerprints":null},{"fqdn":"zuhaowan.zuhaowan.com","ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"domain_registered":"2014-11-25","domain_rank":0,"first_seen":"2017-02-13T19:57:02Z","last_seen":"2026-03-01T22:51:24.526635Z","alert_count":55,"request_count":55,"received_data":2949922,"sent_data":25843,"comment":"","tags":null,"fingerprints":null},{"fqdn":"jy.vip.zuhaowan.net","ip":{"addr":"39.105.138.72","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"domain_registered":"2014-12-02","domain_rank":0,"first_seen":"2026-03-22T12:27:34.816946Z","last_seen":"2026-03-22T12:27:34.816946Z","alert_count":0,"request_count":3,"received_data":81459,"sent_data":1722,"comment":"","tags":null,"fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]},{"fqdn":"zhwpic.zuhaowan.com","ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"domain_registered":"2014-11-25","domain_rank":0,"first_seen":"2016-07-31T16:00:44Z","last_seen":"2026-03-01T22:51:24.457778Z","alert_count":2,"request_count":2,"received_data":117155,"sent_data":952,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/static/lib/jsencrypt/jsencrypt.min.js","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"7b3696b65ccb2b20c4b36da2ba6477bf","sha1":"733d4d1a1e066610a8f236582236d32deca91e2b","sha256":"0442096d116963a886f96eb1016038d01a79879b287075b670cf2de3eb548f5e","sha512":"848f2310e40bb72ce4222595ca02c070a3eb69d22181741497c237964d8552667cb1935b4927471eb5a8e66ae6b16d407b1fa8159f9450aec4253570ca38852c","ssdeep":"1536:AoM9qr5y3piGcSEOYHFbx5PpasUvPcqJyuXa+yRe4yY:hM9qrxf5PpasUvPHJyx+y84yY","tlshash":"3e43e88576e6b0640392a0f0061f054ae23e765da45f54fcfa59c8e2acb4c8d663ff74","size":55390,"data":"","first_seen":"2023-03-08T16:48:47Z","last_seen":"2026-04-03T05:14:39.959339Z","times_seen":111,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jy.vip.zuhaowan.net/","fqdn":"jy.vip.zuhaowan.net","domain":"zuhaowan.net","tld":"net"},"ip":{"addr":"39.105.138.72","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":true,"md5":"6c2eec4af042cc6301a3891ba672628e","sha1":"16e817dce2c3e61ee6d5e1ca537aece77fe51072","sha256":"a03406736fe98c47045b91f199b002447088f2e3b381baed2721d765eb41edcc","sha512":"5d308a4f16a892172a03509221a07f01b3856c9efb409efe1685061493f0b0c758dc95c0b3de5067cf60c1af8ea4b7bbf8e1bfb900165534d2885023e2954b57","ssdeep":"","tlshash":"9da0016610d1a16e94a58625722a5611626688aae924bad193c80202761a087e399bed","size":82,"data":"","first_seen":"2025-12-11T13:42:54.27763Z","last_seen":"2026-03-22T12:27:43.096407Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jy.vip.zuhaowan.net/","fqdn":"jy.vip.zuhaowan.net","domain":"zuhaowan.net","tld":"net"},"ip":{"addr":"39.105.138.72","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":true,"md5":"cd2158ddaffe11774131b65b7eeb19e2","sha1":"cc48fbb50069a491d90190e0ddf70f7cecafe3ca","sha256":"8a2f3eb48afc5077ad44c84cc91fda73fb94da2332138ed99b5debb5213e7c6d","sha512":"32ba7e5ee7bfe65815e733839d0db3935fa6141d57b2538dd7321fa7e66715ebabc4ce7eae740d247f52943af2ae8ac49bf7028e8f60120c402085e076d4d797","ssdeep":"","tlshash":"a5e05b5b44f24026c1d3717a255f64043016c19b8cd93c453f5c5a544fe8a5d2555798","size":338,"data":"","first_seen":"2026-03-22T12:27:43.097398Z","last_seen":"2026-03-22T12:27:43.097398Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/static/www/da.js/da-web-fxIndexPvUv.js","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"4e4b4a93389f454677536dac76baef4c","sha1":"142e312a54a6c22eef6e83d383e300e68e8dc75e","sha256":"b2ebd38b0cdce9dc2ae2f6a9c0d8494c2a34a31de7ac6bded685a9f51a3bddc5","sha512":"32f0d749ae42ec1d925ab11add686b396e8673dca7808a240b8496e1b0387fb0a7eb0f672ba58f64f1692c780fc7e9463efff3e9ce0e3b93f2bae42295c075ef","ssdeep":"","tlshash":"2f21148a39d4f8d5139b2095032f844bf6354c7614bee4d0e3a9cdf9bc6844f6152fa6","size":1396,"data":"","first_seen":"2025-12-11T13:42:54.211629Z","last_seen":"2026-03-22T12:27:43.047763Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shanghu/www3.0/common/js/common.js","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"9309d22fa3f503f541dae021fd575925","sha1":"fbc9b206c9f03e9674a48fde855e6ece0fdfc825","sha256":"4150b47762067ee6d184b7876cb6974675cd2aa4644de0d65b8d6741c65824b7","sha512":"5c1da8a2a565901e44ac6b9dd2365b084b3d7bd630ec3f8af09277330c57eba5f0350eac6532a24c6d22d3b320aca31c34a83fd36439b12b52c178e893634559","ssdeep":"","tlshash":"2571514872d5f9e747d75164083fa30bf2325d213825f080d366e9f1ac58aeb51aaf2b","size":3784,"data":"","first_seen":"2025-12-11T13:42:54.20294Z","last_seen":"2026-03-22T12:27:43.030893Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/static/www/da.js/da.js","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"46c485ba0d6b147e71a5248e41d4d371","sha1":"59367bcf0ea99c5ec9f3ec7c5ebafc0e458643e6","sha256":"aaa6dd1bbee68654dcfd6150da7035837ca3688789a4abaddc9eaf816495c794","sha512":"2a97f71019caaf5d97941fc02e7fe666b60f7ef8a1f3cebb87ebc67926075ddf20c282f44b06aa4529062a01361c54bd803eeace1799af5d8327451ccc2d3db1","ssdeep":"384:Hn5y5tW8GvMJPmL97lvjxDlUu8JifjyHOhhzxGkN:H45tW8YiPkvUuuMhp","tlshash":"70a2eebe055cdc8db7c34cd2a2abaa1df438100a3afc595d2d74bff0869ce246e91456","size":21573,"data":"","first_seen":"2025-12-11T13:42:54.200787Z","last_seen":"2026-03-22T12:27:43.041926Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jy.vip.zuhaowan.net/","fqdn":"jy.vip.zuhaowan.net","domain":"zuhaowan.net","tld":"net"},"ip":{"addr":"39.105.138.72","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":true,"md5":"771cc9fd1c20b532729b5f7903796d85","sha1":"ece1ca5de31e540469c1ff56eedf41a907831ca5","sha256":"b708c12e02e529fea702e7acdf53ba4d0bfba61d7e0ff946ddce83cd7de27cdb","sha512":"239fb23ada56ed721b82688aa0ae4a0725525c1c06c1775e659fb26b6ac0ede8bce8755e0c79cbca62bb18eb8dddd728c6d59e8e435f5bfd2c62f4eaf50350b1","ssdeep":"","tlshash":"51d05e50acfd822637b7307ccd4ed0c0e5244157cbaa0913bcdc1698cf803a492aa332","size":246,"data":"","first_seen":"2026-01-27T22:12:07.312437Z","last_seen":"2026-03-22T12:27:43.099465Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shanghu/www3.0/pages/hehuoren/download/default/js/core.js","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"2e0b58eadee5ba2c361928b8d809ecb3","sha1":"c6faa1b04c3f8b51e9c117b55d5aa6a287a45349","sha256":"bf139cbb806a527c8d0a06a113a6d5fc280d8fc7c38be4d90ca2fddb62c8c0dd","sha512":"ede50b70eb8ba90a505b4898a4ca8491d801780d9c0f438d93c695425a665fddbf84ea07115794cde45cb9636f1fe0912f6d64b8b6e06a763382dfded38da3c2","ssdeep":"384:4XmyNgZjD1IIpNAAdTRLwvkS5VHHHsglH4JsnIIDW:4XAI4i5VPy","tlshash":"4e62bae1f39141b6628d6cd52c1f245d94f468636c1a9098ffb8c0e2ea78fd1a479f30","size":15005,"data":"","first_seen":"2025-12-11T13:42:54.27402Z","last_seen":"2026-03-22T12:27:43.007889Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shanghu/www3.0/pages/hehuoren/index/default/js/index.js","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"b7abecd8b0cc7a6cfacb3d16256c5f60","sha1":"ceb3df910e02461529f463705f5eb17167b8f2e9","sha256":"658a3a92eaf28fdaf6e8b5ed7a2fec510585d0bc86dbd00d9a07b0d02d1f5aa6","sha512":"3c2ed84bbf3dedc9095a45db10fbb306b9daba2fdfbc2a0a8fa5a17999506fdfc16c0bda737d7b4c08f98f5e69a4cfa575d9a63a1cf680cdda39d9bb59373310","ssdeep":"96:/snIQANCUplqudhGV47mgsnCmoK1op1O0OSQPCfCkzOuOkY0QP:sINX7qZPnCmo8op1O0OmKsOuO/L","tlshash":"29a1838d70e6b9e703d776a9113f5502e131292648b7f9418221cde0e8bd44f22b7b2a","size":4865,"data":"","first_seen":"2026-03-22T12:27:43.087319Z","last_seen":"2026-03-22T12:27:43.087319Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shanghu/www3.0/common/js/core.js","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"e1504fd58900b3a4d89e941ac1792429","sha1":"c6dde36ae9864f3ef7c1c2ab9dd46d570af75d15","sha256":"417b0fc019d31baf0716923f4a39efb10fe77656eec8c4a078b5d39142c51aec","sha512":"f8800045d60629ad73a0742ea539c24203a2675bec1b01b4bc106269b61d629d585371b2e7849e08ba9a63149c769300164753ffcb8c17b583b08f4153197433","ssdeep":"3072:qqqUyLypOSmVAfm2WTucFJqKRDcKfwtuTIP7qVbnx6k6Qh:hRgA+2rchlBbnckLh","tlshash":"3724c4ccb6c2b0a153e770a8402fa60bf1776999744e8481e265e4e5fc78a4e9037f7d","size":212372,"data":"","first_seen":"2025-12-11T13:42:54.225733Z","last_seen":"2026-03-22T12:27:43.050774Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jy.vip.zuhaowan.net/","fqdn":"jy.vip.zuhaowan.net","domain":"zuhaowan.net","tld":"net"},"ip":{"addr":"39.105.138.72","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":true,"md5":"8b78d343b66b095cf6bd24eb6a0b4c93","sha1":"c721a892cb39b89e5208ab0f42a622b307ae1977","sha256":"2c461c94d7d7d1d3d21c3e3a60236efcb46a699f595d30aafd566cd587622318","sha512":"38a1cca9562ac724d814bebc273b4837bb7009ae6cde5917cbbdeef4e03def795f4ab7fae3900d6eb5dc68c09266ba8264d461c667548327bbc60b5b72c30854","ssdeep":"","tlshash":"d2f046191184cc230b6aeae913fc76c8692cd607c708f530a44b8eab5b0c61096763fb","size":652,"data":"","first_seen":"2026-01-27T22:12:07.313424Z","last_seen":"2026-03-22T12:27:43.10213Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shanghu/www3.0/common/hehuoren/js/public.js","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"269155e88b473f6e1fa1ca7f9248b7f0","sha1":"c044253268d1175097ac488cb76cb8e3cfee0334","sha256":"3c5b284eeab6e04f143b0125ab672422485dad1f6916e91f7493aef6bbd53dff","sha512":"3c5cf2bc219e7d7c2fcdf1a0fa5130f1d64e5d062722e9a660aab1d9e6d4f233c1771b2ca3565eae55fda03d0ac4b53adfad2fc40295880267b35b9584f3f112","ssdeep":"96:vk+AvAUNCiY3Z1IYq+XbCbcGz/WyP5cmP95aJ1T5jRI54bknys6GLxDtQyY5QR:v6B4ZLGz/+aA5jRwVLT52e","tlshash":"e2d1a41d7054f4e2216364610c3fb208b37b566b4d19d944e923e6e23dbceca22b7e2d","size":6735,"data":"","first_seen":"2026-03-07T22:52:02.091727Z","last_seen":"2026-03-22T12:27:43.093348Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/static/www/ta/ta.js","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"31f1cadff2ea5c7a4c789cf7465cbfee","sha1":"41fc50ac0409d7171d02cf506849bc9d54efa6c5","sha256":"6cb78b92791c1ffff9e671ee090ed0f8edd7f24924719a7e22c11d6531158238","sha512":"61eaf87fdd71826d43144365eb0afa776e0a4f0b89de97a562d6fd28b4c12b04cddcacaca87a69ca876f301c7d76e5f4161087266485e5a02a366523a74d8045","ssdeep":"768:5iwqMvZA/Uwera0sLmnHUgpKtqz+r5VzwBJcgT8Swh7VREWethr69yLgye3gf9Vq:AVMvyorGah5yr5Uu7lS9VlgpfQC","tlshash":"9b53098972a5b43106e36151103f4207e77a1b6d686c80b8f399ede96e7cc4e112bf7e","size":60874,"data":"","first_seen":"2025-06-18T12:39:25.544494Z","last_seen":"2026-03-22T12:27:43.012124Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shanghu/www3.0/pages/hehuoren/index/default/js/core.js","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"312c8f75263ab01d78b2c79cb206add7","sha1":"bc3690ba9bc111d6256a71b4a9fc97aaab5d6b9e","sha256":"645def9b733afc75f83e02ce896564dababcb69e3c9e8a87448f134368a506eb","sha512":"49863988a1af92c9237ef6ce8618495d3d2647738447b9bb89c9c262e506ecd9a393fd7b65075d7ab9e739d7e0e427632ca5cff20e0ad12c3d6882fe39aa2722","ssdeep":"1536:KOfWntm2WJw83F+6SIr2A5GB6FztFDCT8XoGBTK:etAYgFz8","tlshash":"9893084de214b3e295e32249e75ed54126b51451b805eab8b0e54c8ea8bcc5c03effbb","size":96720,"data":"","first_seen":"2026-03-22T12:27:43.018749Z","last_seen":"2026-03-22T12:27:43.018749Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jy.vip.zuhaowan.net/","fqdn":"jy.vip.zuhaowan.net","domain":"zuhaowan.net","tld":"net"},"ip":{"addr":"39.105.138.72","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":true,"md5":"17e6a2589d4900d1a7c5ff177ada29e0","sha1":"bc463e25a12c866d7e8d284f86937f72e9c19268","sha256":"fab6fad6e494f07bdc16b7751f2d9ae6a231a7e036920df28c0266639ec0bc88","sha512":"38f03d2fa8af329260446ade9d62c1de3436b8c008afdfe7d87b64fb5417e681e6f10959d6aac12b20b69a23154d0df33446b600368d8089087654d2d9bb72df","ssdeep":"","tlshash":"322181c4f76d588ec865717e057e14cc931e0c7a481644a6fc3da63874b811b3271827","size":1201,"data":"","first_seen":"2026-03-07T22:52:02.168937Z","last_seen":"2026-03-22T12:27:43.104798Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/static/lib/cryptoJs/crypto-js.min.js","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"2ca03ad87885ab983541092b87adb299","sha1":"1a17f60bf776a8c468a185c1e8e985c41a50dc27","sha256":"8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762","sha512":"13c412bd66747822c6938926de1c52b0d98659b2ed48249471ec0340f416645ea9114f06953f1ae5f177db03a5d62f1fb5d321b2c4eb17f3a1c865b0a274dc5c","ssdeep":"768:J1Z4iiyfiD78x6l42SWRV4HC0o10LEnM9OT81agZnEpnS:vZYDc6lXJd1mZpZEdS","tlshash":"19231ac5a19c605152a774c40d7f704b7463352a070d8aacf668e9eeecfcaea9039d7c","size":48316,"data":"","first_seen":"2023-03-07T01:31:53Z","last_seen":"2026-04-05T02:33:17.58594Z","times_seen":149743,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/static/lib/jsencrypt/jsencrypt.min.js","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"7b3696b65ccb2b20c4b36da2ba6477bf","sha1":"733d4d1a1e066610a8f236582236d32deca91e2b","sha256":"0442096d116963a886f96eb1016038d01a79879b287075b670cf2de3eb548f5e","sha512":"848f2310e40bb72ce4222595ca02c070a3eb69d22181741497c237964d8552667cb1935b4927471eb5a8e66ae6b16d407b1fa8159f9450aec4253570ca38852c","ssdeep":"1536:AoM9qr5y3piGcSEOYHFbx5PpasUvPcqJyuXa+yRe4yY:hM9qrxf5PpasUvPHJyx+y84yY","tlshash":"3e43e88576e6b0640392a0f0061f054ae23e765da45f54fcfa59c8e2acb4c8d663ff74","size":55390,"data":"","first_seen":"2023-03-08T16:48:47Z","last_seen":"2026-04-03T05:14:39.959339Z","times_seen":111,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/static/lib/cryptoJs/crypto-js.min.js","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"2ca03ad87885ab983541092b87adb299","sha1":"1a17f60bf776a8c468a185c1e8e985c41a50dc27","sha256":"8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762","sha512":"13c412bd66747822c6938926de1c52b0d98659b2ed48249471ec0340f416645ea9114f06953f1ae5f177db03a5d62f1fb5d321b2c4eb17f3a1c865b0a274dc5c","ssdeep":"768:J1Z4iiyfiD78x6l42SWRV4HC0o10LEnM9OT81agZnEpnS:vZYDc6lXJd1mZpZEdS","tlshash":"19231ac5a19c605152a774c40d7f704b7463352a070d8aacf668e9eeecfcaea9039d7c","size":48316,"data":"","first_seen":"2023-03-07T01:31:53Z","last_seen":"2026-04-05T02:33:17.58594Z","times_seen":149743,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shangv1/default_v2/image/icon10.png","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.383Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shangv1/default_v2/image/icon10.png HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: image/png\r\ncontent-length: 592\r\nx-request-id: ee309692684ae1072c22f57a3991d4f0; 91aa053f280f1d39018f8fb4d4fe071c\r\nx-source: U/200\r\nx-upyun-content-length: 592\r\netag: \"98061d1d6ab8db1a14489b27a08d4804\"\r\nlast-modified: Sun, 31 Mar 2019 03:45:24 GMT\r\nx-upyun-content-type: image/png\r\nexpires: Mon, 30 Mar 2026 01:45:31 GMT\r\ncache-control: max-age=691200\r\naccept-ranges: bytes\r\nage: 38146\r\nvia: T.167.H, V.pcw-cn-hkg-165, T.132.H, M.gtt-de-fra2-132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":592,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 8 x 13, 8-bit/color RGBA, non-interlaced","md5":"98061d1d6ab8db1a14489b27a08d4804","sha1":"0fe755cf103636ca13638554bd7139ebe16b90da","sha256":"384fd670e4c4131d849f1fced80d025bea874826e06a7be8be024cb8ad9ca8f4","sha512":"d1b7dac45cda70c5fcad52b89afa1f862bff71b01b7ed750e717e4bd4a06f3feb8e5f9dbc130bfd0859be506f740c32e00dfba3a3f6bec1767c4c7032b1504d6","ssdeep":"","tlshash":"4ff0414f4c10a9a3cb4ddf2314fd4459ee168200863a6d2cbb48dc362b00d0a2729ace","first_seen":"2025-12-11T13:42:54.244304Z","last_seen":"2026-03-22T12:27:42.997046Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1555,"timings":{"blocked":1440,"dns":0,"connect":0,"send":0,"wait":115,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shangv1/default_v2/image/icon6.png","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.384Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shangv1/default_v2/image/icon6.png HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: image/png\r\ncontent-length: 536\r\nx-request-id: c4cae730c861dd56f053088cc521f40c; 22aa8390b961faa538eb9cf15a032050\r\nx-source: U/200\r\nx-upyun-content-length: 536\r\netag: \"e29cb790e11b84c4feb4ea8c7eb6ffe6\"\r\nlast-modified: Sun, 31 Mar 2019 03:45:25 GMT\r\nx-upyun-content-type: image/png\r\nexpires: Tue, 24 Mar 2026 10:10:41 GMT\r\ncache-control: max-age=691200\r\naccept-ranges: bytes\r\nage: 526225\r\nvia: T.166.N, V.pcw-cn-hkg-166, T.132.H, M.gtt-de-fra2-132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":536,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 20, 8-bit/color RGBA, non-interlaced","md5":"e29cb790e11b84c4feb4ea8c7eb6ffe6","sha1":"6ad01c93a2c70bd5544851664478844bb4d5d890","sha256":"054461cb414b1b4414cc335625d003e4892bb4fd3d6d12f0a240f53b3d989822","sha512":"60bb0e79a2f2fdcec84ad8946f679feef2ee538916083cbaf6db26abe71c0e13801ef61dec43a7d7c6ff7be18ab8887a535ee857e362164efbbdbad4b7018494","ssdeep":"","tlshash":"a5f0754d0e146263838dce3704ec41199e378708fba46c1c7387d86b6a400c996c5fcb","first_seen":"2025-12-11T13:42:54.215143Z","last_seen":"2026-03-22T12:27:42.999114Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1554,"timings":{"blocked":1439,"dns":0,"connect":0,"send":0,"wait":115,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shangv1/default_v2/image/index_game/581.jpg","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.391Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shangv1/default_v2/image/index_game/581.jpg HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 48954\r\nx-request-id: 0348533ba76ea3a84f3bb22a334ac050; 98bff4f2efb6aa5132afb387f0491e86; 87a0bd96c7011ccae3a633ff385a0b97\r\nx-source: U/200\r\nx-upyun-content-length: 48954\r\netag: \"9d7a1f79711e0522db26932ccc50c851\"\r\nlast-modified: Sun, 31 Mar 2019 03:50:30 GMT\r\nx-upyun-content-type: image/jpeg\r\nexpires: Tue, 24 Mar 2026 09:50:31 GMT\r\ncache-control: max-age=691200\r\naccept-ranges: bytes\r\nage: 527548\r\nvia: T.202.H, V.403-zj-fud-207, S.pcw-cn-hkg-164, T.164.H, V.pcw-cn-hkg-165, T.132.H, M.gtt-de-fra2-132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48954,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 282x215, components 3","md5":"9d7a1f79711e0522db26932ccc50c851","sha1":"6c6bafc2a5676f73974e21fe92649ba4cdc2f3af","sha256":"b872b658e83e6053b98d6ec595da68e7beb316e2e8b9a944ef904610891fc38b","sha512":"3f315000143ee7a0597f373bf3e388d4e2c491d181332da669cbe0e5ed52277619d4f6c08c587316021564b90021340dcda933312602893fced965a042aeb78f","ssdeep":"768:g0QB2eYCauGEfr5EH5TdL5EcxlTcLTCdVfDgPxpL0jGnAgBE9OWmndgsOcc7/a5P:g53YCaANEHBDxsUV8N03c6OWR37/wjJd","tlshash":"13230215b446bda2ccbefb29654e0033eb8a6df49477439b9387e5be60994713c903c0","first_seen":"2025-12-11T13:42:54.271523Z","last_seen":"2026-03-22T12:27:43.000757Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1567,"timings":{"blocked":1432,"dns":0,"connect":0,"send":0,"wait":123,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shanghu/www3.0/pages/fenxiao/index/default/img/tu.2d169f6.png","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:13.445Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shanghu/www3.0/pages/fenxiao/index/default/img/tu.2d169f6.png HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zuhaowan.zuhaowan.com/shanghu/www3.0/pages/hehuoren/index/default/css/index.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 7479\r\nx-request-id: 8dde4fe6a1363b85ba257e616f17d3af; 33fcda3aecd04fb347020eb57362083c; b777fc6b90b4d87d83777c17906e156f; 30ffc92597cd6480806e106614fb1414\r\nx-source: U/200\r\nx-upyun-content-length: 7479\r\netag: \"2d169f6abe488f4f6f5bbfda0f3c5994\"\r\nlast-modified: Thu, 21 Apr 2022 07:31:01 GMT\r\nx-upyun-content-type: image/png\r\nexpires: Mon, 30 Mar 2026 06:47:33 GMT\r\ncache-control: max-age=691200\r\naccept-ranges: bytes\r\nage: 20009\r\nvia: T.206.H, V.403-zj-fud-204, S.pcw-cn-hkg-167, T.167.H, V.pcw-cn-hkg-163, T.132.H, M.gtt-de-fra2-132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7479,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 466, 8-bit/color RGBA, non-interlaced","md5":"2d169f6abe488f4f6f5bbfda0f3c5994","sha1":"b59e966b00e40508155db6de13d5553f38c8f9ae","sha256":"9893ad6f3f125fdcc1d71fc04c3319ae10357fd5d4ce9a18ce7de1cf9e13112c","sha512":"ffbf0b55cad83ea32396a12aec43ff6b654a03eb97428aa4c76bfe59c6cb158ab8c0eeec8e29e6efc4f3f579f66db4fde815071a2de7dd9319836bb54ecb5c83","ssdeep":"192:gcCHgCF2AiAY6Js666666666666666666666666666666666666666666666666U:cgCFViKi666666666666666666666663","tlshash":"4cf1f855c73225f4d81c413149ef7b6063242b15c67667e3f3b1a9a25f4b7fd9c59080","first_seen":"2025-12-11T13:42:54.23462Z","last_seen":"2026-03-22T12:27:43.004647Z","times_seen":8,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shangv1/default_v2/image/tx1.png","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.385Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shangv1/default_v2/image/tx1.png HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: image/png\r\ncontent-length: 4270\r\nx-request-id: 6de4e10f7a891976448a82b15fcfade7; 14ffa48585a6edbe810fa36352f7b64c; 5386fdbd72ec7bb0004265803db18791; a05e63b9fbf3190a28dee19faae63864\r\nx-source: U/304\r\nx-upyun-content-length: 4270\r\netag: \"19d2ec9c1c74a1b26ab3c5a4922284d1\"\r\nlast-modified: Sun, 31 Mar 2019 03:45:32 GMT\r\nx-upyun-content-type: image/png\r\nexpires: Sun, 22 Mar 2026 13:11:54 GMT\r\ncache-control: max-age=691200\r\naccept-ranges: bytes\r\nage: 688165\r\nvia: T.206.H, V.403-zj-fud-202, S.pcw-cn-hkg-165, T.165.H, V.pcw-cn-hkg-163, T.132.H, M.gtt-de-fra2-132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4270,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 62 x 62, 8-bit/color RGBA, non-interlaced","md5":"19d2ec9c1c74a1b26ab3c5a4922284d1","sha1":"dab97a37a272b0549b8654f123008d8f4a2af4cc","sha256":"76201d48a7baaa7cae6520dee1daf57cf393d7426ad7a3dae13eadb5eed356e9","sha512":"2fc580f693e7f36517d392b25672d6ede0e3d3efcb3c95aab554b4a7d06ba30dfb830db90a5b51cb206eaeb4b801cd87444c263afc5a05de2a995662b4c6d58e","ssdeep":"96:84hyQo4NNkfMQObWu1/3zEAJhGopAk/TVJF6QwrX2Gp/N/jnuV:88voGNkflObWu1/jrMoCkLVv6QSp/Nbq","tlshash":"d4916e452751578b89a4aed54cdd0fe0a9f0e4bca88d02c1fd25fd163d0c040608f2e9","first_seen":"2025-12-11T13:42:54.245753Z","last_seen":"2026-03-22T12:27:43.006204Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1553,"timings":{"blocked":1438,"dns":0,"connect":0,"send":0,"wait":115,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shanghu/www3.0/pages/hehuoren/download/default/js/core.js","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.403Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shanghu/www3.0/pages/hehuoren/download/default/js/core.js HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\nx-request-id: eccd37b48174c7c9ed133286bdb488d6; 67d7f3891a8c87024da905ba9e392cb3; 2ffa24bb133723a61cad4b3991cf3ad2; 47f8dcb498bc5aac07d3f792730da601\r\nx-source: U/200\r\nx-upyun-content-length: 15005\r\netag: W/\"2e0b58eadee5ba2c361928b8d809ecb3\"\r\nlast-modified: Sat, 24 Aug 2024 06:14:48 GMT\r\nx-upyun-content-type: application/javascript\r\nexpires: Wed, 25 Mar 2026 03:43:06 GMT\r\ncache-control: max-age=691200\r\nage: 463112\r\nvia: T.209.H, V.403-zj-fud-205, S.pcw-cn-hkg-166, T.166.H, V.pcw-cn-hkg-164, T.132.H, M.gtt-de-fra2-132\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15005,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (15005), with no line terminators","md5":"2e0b58eadee5ba2c361928b8d809ecb3","sha1":"c6faa1b04c3f8b51e9c117b55d5aa6a287a45349","sha256":"bf139cbb806a527c8d0a06a113a6d5fc280d8fc7c38be4d90ca2fddb62c8c0dd","sha512":"ede50b70eb8ba90a505b4898a4ca8491d801780d9c0f438d93c695425a665fddbf84ea07115794cde45cb9636f1fe0912f6d64b8b6e06a763382dfded38da3c2","ssdeep":"384:4XmyNgZjD1IIpNAAdTRLwvkS5VHHHsglH4JsnIIDW:4XAI4i5VPy","tlshash":"4e62bae1f39141b6628d6cd52c1f245d94f468636c1a9098ffb8c0e2ea78fd1a479f30","first_seen":"2025-12-11T13:42:54.27402Z","last_seen":"2026-03-22T12:27:43.007889Z","times_seen":11,"resource_available":true,"data":null}},"time_used":1450,"timings":{"blocked":1419,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shangv1/default_v2/image/banner1.jpg","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:13.543Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shangv1/default_v2/image/banner1.jpg HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:13 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 201888\r\nx-request-id: b93b63e4ee49376789c011b322c12105; 9283c62154a6f5bf19d4cae5d529de19\r\nx-source: U/304\r\nx-upyun-content-length: 201888\r\netag: \"3a99d08ebf3ca4ca2b39fbfd37446a7d\"\r\nlast-modified: Wed, 19 Jun 2019 09:40:19 GMT\r\nx-upyun-content-type: image/jpeg\r\nexpires: Sun, 22 Mar 2026 15:40:32 GMT\r\ncache-control: max-age=691200\r\naccept-ranges: bytes\r\nage: 679377\r\nvia: T.167.N, V.pcw-cn-hkg-165, T.132.H, M.gtt-de-fra2-132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":201888,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 720x378, components 3","md5":"3a99d08ebf3ca4ca2b39fbfd37446a7d","sha1":"5c4332fea4a90bc6d0f2645afa29eca704d84d22","sha256":"80b5b9f85b998656af05ecdfeacf693a29f2acad64141e037116339596d53844","sha512":"37116bc84bd9c7007bdbd4192f989b46e5349a57123da50ef366828aea70375e32e1b011bbc395ef8c8599a4f5f13fb55c37a217f76e98829e2a1fe3d99b3864","ssdeep":"6144:vFb514E5rQR+HNRlFM2gPGB4pG6UMkyVEcPq/:vFt+wzMS8zk3","tlshash":"cc141225cd4b343cbc2a3676e82a39fc471d276e8a4ca5a9a43d041db2e6439c777c35","first_seen":"2026-01-23T09:38:07.020586Z","last_seen":"2026-03-22T12:27:43.009304Z","times_seen":2,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":29,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/static/www/ta/ta.js","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.358Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /static/www/ta/ta.js HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\nx-request-id: bbd410b8a7648879060bfd539df720d8; 1c3a4d439c2ea03b34ea3bd8ba326905; 7c3ba7a075a504b0e4274c6b6137b370; b679f3501340e97842e30492f7f4c89f\r\nx-source: U/200\r\nx-upyun-content-length: 60874\r\netag: W/\"31f1cadff2ea5c7a4c789cf7465cbfee\"\r\nlast-modified: Thu, 13 Jul 2023 07:17:45 GMT\r\nx-upyun-content-type: application/javascript\r\nexpires: Thu, 26 Mar 2026 05:56:37 GMT\r\ncache-control: max-age=691200\r\nage: 368694\r\nvia: T.207.H, V.403-zj-fud-206, S.pcw-cn-hkg-166, T.166.H, V.pcw-cn-hkg-165, T.132.H, M.gtt-de-fra2-132\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":60874,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (60848), with no line terminators","md5":"31f1cadff2ea5c7a4c789cf7465cbfee","sha1":"41fc50ac0409d7171d02cf506849bc9d54efa6c5","sha256":"6cb78b92791c1ffff9e671ee090ed0f8edd7f24924719a7e22c11d6531158238","sha512":"61eaf87fdd71826d43144365eb0afa776e0a4f0b89de97a562d6fd28b4c12b04cddcacaca87a69ca876f301c7d76e5f4161087266485e5a02a366523a74d8045","ssdeep":"768:5iwqMvZA/Uwera0sLmnHUgpKtqz+r5VzwBJcgT8Swh7VREWethr69yLgye3gf9Vq:AVMvyorGah5yr5Uu7lS9VlgpfQC","tlshash":"9b53098972a5b43106e36151103f4207e77a1b6d686c80b8f399ede96e7cc4e112bf7e","first_seen":"2025-06-18T12:39:25.544494Z","last_seen":"2026-03-22T12:27:43.012124Z","times_seen":6,"resource_available":true,"data":null}},"time_used":3152,"timings":{"blocked":1471,"dns":1440,"connect":21,"send":0,"wait":159,"receive":0,"ssl":56},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shangv1/default_v2/image/iocn2.png","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.401Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shangv1/default_v2/image/iocn2.png HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: image/png\r\ncontent-length: 1663\r\nx-request-id: 32d3a4e82b41ef79bda7aa5f106e74d6; d1fb6e169ed71e666e5c82b3cc222dfc; ac9a17e4ffc059bea9b03bc8e805e0e9; f35af9ea817fd42225e9cb3027693659\r\nx-source: U/200\r\nx-upyun-content-length: 1663\r\netag: \"48a2fd0d344a395954e2b2789862b9f8\"\r\nlast-modified: Sun, 31 Mar 2019 03:45:27 GMT\r\nx-upyun-content-type: image/png\r\nexpires: Mon, 23 Mar 2026 22:39:46 GMT\r\ncache-control: max-age=691200\r\naccept-ranges: bytes\r\nage: 567710\r\nvia: T.207.H, V.403-zj-fud-208, S.pcw-cn-hkg-167, T.167.H, V.pcw-cn-hkg-167, T.132.H, M.gtt-de-fra2-132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1663,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 39 x 39, 8-bit/color RGBA, non-interlaced","md5":"48a2fd0d344a395954e2b2789862b9f8","sha1":"e0e961f00a7a074ae62d255fc48e263f5affe2f3","sha256":"b03c587ecbaa8f3ed49903d971feccb9b131424315991ab13d5f7d0c651b72cd","sha512":"34d8b36f240c8bad08731f22937f72a7e47e899c661f886dbd062d461c53f8d178b27eef41f6387ac4559a0aebaacb18341bb0b705167bfeec491c473de738fa","ssdeep":"","tlshash":"2e31f6547e44522ffb6d870208e84b1a8b4b81493e1af06bb2812a756b930f512926ee","first_seen":"2025-12-11T13:42:54.247165Z","last_seen":"2026-03-22T12:27:43.016248Z","times_seen":9,"resource_available":false,"data":null}},"time_used":1588,"timings":{"blocked":1425,"dns":0,"connect":0,"send":0,"wait":160,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shangv1/images/hint.png","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:13.608Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shangv1/images/hint.png HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 1072\r\nx-request-id: c2bc08af017da28af8c8078e1f038254; 22dfa13ec9e88255ca22914b9d3d766a; 1733d3b938af13900033fb0db9967721; 4ebb83b117b4511fb639812d921344ed\r\nx-source: U/200\r\nx-upyun-content-length: 1072\r\netag: \"b1d2a49c867755e3965072ec55a04c8f\"\r\nlast-modified: Mon, 23 Dec 2024 11:35:29 GMT\r\nx-upyun-content-type: image/png\r\nexpires: Sat, 28 Mar 2026 10:04:57 GMT\r\ncache-control: max-age=691200\r\naccept-ranges: bytes\r\nage: 180991\r\nvia: T.207.H, V.403-zj-fud-201, S.pcw-cn-hkg-166, T.166.H, V.pcw-cn-hkg-163, T.132.H, M.gtt-de-fra2-132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1072,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 30 x 32, 8-bit/color RGBA, non-interlaced","md5":"b1d2a49c867755e3965072ec55a04c8f","sha1":"5f7f9e80814d608772a5af5f17daa396e720713c","sha256":"4238c2a7b188b6097f84f2278c629428a020f8bdc9df3482f1187cd3eadc497f","sha512":"431d2f792cc21216f59f5a9cfa52341933c9e3004af0c9581747c09ca34d152050a116aeb9c360365f01cd7371d53bcd1e69c4f881436b16395f6eb7b269cc40","ssdeep":"","tlshash":"61118662d5423a74a577a12114a6e030d3b5a40078dec97f1e007c1e1af58b896d5722","first_seen":"2025-12-11T13:42:54.230168Z","last_seen":"2026-03-22T12:27:43.017633Z","times_seen":10,"resource_available":false,"data":null}},"time_used":43,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":42,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shanghu/www3.0/pages/hehuoren/index/default/js/core.js","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.378Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shanghu/www3.0/pages/hehuoren/index/default/js/core.js HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\nx-request-id: c8ed3465be6334b50c1fee3e027794b9; 1c4c268d7d52c6bbffd6e9e6588b39ff\r\nx-source: U/200\r\nx-upyun-content-length: 96720\r\netag: W/\"312c8f75263ab01d78b2c79cb206add7\"\r\nlast-modified: Thu, 10 Dec 2020 01:43:24 GMT\r\nx-upyun-content-type: application/javascript\r\nexpires: Sun, 29 Mar 2026 03:17:54 GMT\r\ncache-control: max-age=691200\r\nage: 118989\r\nvia: T.164.N, V.pcw-cn-hkg-163, T.132.H, M.gtt-de-fra2-132\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":96720,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"312c8f75263ab01d78b2c79cb206add7","sha1":"bc3690ba9bc111d6256a71b4a9fc97aaab5d6b9e","sha256":"645def9b733afc75f83e02ce896564dababcb69e3c9e8a87448f134368a506eb","sha512":"49863988a1af92c9237ef6ce8618495d3d2647738447b9bb89c9c262e506ecd9a393fd7b65075d7ab9e739d7e0e427632ca5cff20e0ad12c3d6882fe39aa2722","ssdeep":"1536:KOfWntm2WJw83F+6SIr2A5GB6FztFDCT8XoGBTK:etAYgFz8","tlshash":"9893084de214b3e295e32249e75ed54126b51451b805eab8b0e54c8ea8bcc5c03effbb","first_seen":"2026-03-22T12:27:43.018749Z","last_seen":"2026-03-22T12:27:43.018749Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1521,"timings":{"blocked":1445,"dns":0,"connect":0,"send":0,"wait":76,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/static/lib/cryptoJs/crypto-js.min.js","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:13.403Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /static/lib/cryptoJs/crypto-js.min.js HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:13 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\nx-request-id: f3c82aeb8d35b2ae7bd959fbc43e78ae; 75a7cfdaadfaa2d28a19be8f61676789; 32770af55ce1f0d0865d8b3577f698a6; 0ed89266e53470abe69b9dc6c31defa1\r\nx-source: U/200\r\nx-upyun-content-length: 48316\r\netag: W/\"2ca03ad87885ab983541092b87adb299\"\r\nlast-modified: Wed, 03 Aug 2022 01:57:38 GMT\r\nx-upyun-content-type: application/javascript\r\nexpires: Thu, 26 Mar 2026 11:35:26 GMT\r\ncache-control: max-age=691200\r\nage: 348366\r\nvia: T.207.H, V.403-zj-fud-209, S.pcw-cn-hkg-165, T.165.H, V.pcw-cn-hkg-165, T.132.H, M.gtt-de-fra2-132\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48316,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (48316), with no line terminators","md5":"2ca03ad87885ab983541092b87adb299","sha1":"1a17f60bf776a8c468a185c1e8e985c41a50dc27","sha256":"8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762","sha512":"13c412bd66747822c6938926de1c52b0d98659b2ed48249471ec0340f416645ea9114f06953f1ae5f177db03a5d62f1fb5d321b2c4eb17f3a1c865b0a274dc5c","ssdeep":"768:J1Z4iiyfiD78x6l42SWRV4HC0o10LEnM9OT81agZnEpnS:vZYDc6lXJd1mZpZEdS","tlshash":"19231ac5a19c605152a774c40d7f704b7463352a070d8aacf668e9eeecfcaea9039d7c","first_seen":"2023-03-07T01:31:53Z","last_seen":"2026-04-05T02:33:17.58594Z","times_seen":149743,"resource_available":true,"data":null}},"time_used":64,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":64,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/static/lib/jsencrypt/jsencrypt.min.js","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:13.403Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /static/lib/jsencrypt/jsencrypt.min.js HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:13 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\nx-request-id: 28e6a51f70f901aa3efc285ff3e02714; 2fdd4b0d69c4dfcd9bd1dad6ba2f31b9; 99f0fd13732a5f905352d9b1d841f72a; 6e8c3e9dd3e2933c11cad1e730bc5e4a\r\nx-source: U/200\r\nx-upyun-content-length: 55390\r\netag: W/\"7b3696b65ccb2b20c4b36da2ba6477bf\"\r\nlast-modified: Wed, 03 Aug 2022 01:57:40 GMT\r\nx-upyun-content-type: application/javascript\r\nexpires: Sat, 28 Mar 2026 14:51:12 GMT\r\ncache-control: max-age=691200\r\nage: 163815\r\nvia: T.207.H, V.403-zj-fud-204, S.pcw-cn-hkg-165, T.165.H, V.pcw-cn-hkg-165, T.132.H, M.gtt-de-fra2-132\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":55390,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (55313)","md5":"7b3696b65ccb2b20c4b36da2ba6477bf","sha1":"733d4d1a1e066610a8f236582236d32deca91e2b","sha256":"0442096d116963a886f96eb1016038d01a79879b287075b670cf2de3eb548f5e","sha512":"848f2310e40bb72ce4222595ca02c070a3eb69d22181741497c237964d8552667cb1935b4927471eb5a8e66ae6b16d407b1fa8159f9450aec4253570ca38852c","ssdeep":"1536:AoM9qr5y3piGcSEOYHFbx5PpasUvPcqJyuXa+yRe4yY:hM9qrxf5PpasUvPHJyx+y84yY","tlshash":"3e43e88576e6b0640392a0f0061f054ae23e765da45f54fcfa59c8e2acb4c8d663ff74","first_seen":"2023-03-08T16:48:47Z","last_seen":"2026-04-03T05:14:39.959339Z","times_seen":111,"resource_available":true,"data":null}},"time_used":60,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shanghu/www3.0/pages/fenxiao/index/default/img/HOTGAMES.5270839.png","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:13.443Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shanghu/www3.0/pages/fenxiao/index/default/img/HOTGAMES.5270839.png HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zuhaowan.zuhaowan.com/shanghu/www3.0/pages/hehuoren/index/default/css/index.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 14311\r\nx-request-id: 423ade22a0e35ac3b4eb5d6f43fc15f5; 45f2050fbfe15ae63ea26232a458c574\r\nx-source: U/200\r\nx-upyun-content-length: 14311\r\netag: \"52708390c43ee0413088825ac2f01216\"\r\nlast-modified: Thu, 21 Apr 2022 07:31:02 GMT\r\nx-upyun-content-type: image/png\r\nexpires: Mon, 30 Mar 2026 04:31:10 GMT\r\ncache-control: max-age=691200\r\naccept-ranges: bytes\r\nage: 28192\r\nvia: T.167.N, V.pcw-cn-hkg-164, T.132.H, M.gtt-de-fra2-132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14311,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 464 x 65, 8-bit/color RGBA, interlaced","md5":"52708390c43ee0413088825ac2f01216","sha1":"742c84f0d17d487e39f40fd45308519a6861bfbe","sha256":"624de1ff6d2acac56d08fd46b6ed864d246fbd84f70b765dbacbdfcf304af16b","sha512":"7dd3e9537c23e9a416e8c20ad3b8bfbf62d3d4881556405d79720cefa5bc229cd6f4d370fe3db8afba4b3955768e05698fb1b8bb4732df82f48ed42cbdc63771","ssdeep":"384:rNNn5i311zQyFwC7PP3xFa1g8K3wuw6CYjNDC5K2RNa6:pN031tQyFTPP3xFAnewdYjclRX","tlshash":"d352ceab2243908ed75dd11478ec37a3ef269d107166c80119e5881e8a281dafa1fdc3","first_seen":"2025-12-11T13:42:54.233151Z","last_seen":"2026-03-22T12:27:43.025521Z","times_seen":8,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":27,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jy.vip.zuhaowan.net/Index/appDownInfo","fqdn":"jy.vip.zuhaowan.net","domain":"zuhaowan.net","tld":"net"},"ip":{"addr":"39.105.138.72","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:13.573Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.vip.zuhaowan.net","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 28 Jul 2025 00:00:00 GMT","end":"Mon, 24 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"DF:FC:C1:A8:EE:F8:4B:ED:63:C4:AA:27:51:F1:91:D9:DA:57:30:1C","sha256":"42:AB:52:02:E6:67:A8:B2:4C:99:CB:B2:B4:B0:72:1B:1F:EA:8A:1E:88:15:4A:C9:2F:E8:69:22:15:DD:9B:76"}}},"request":{"raw":"POST /Index/appDownInfo HTTP/1.1\r\nHost: jy.vip.zuhaowan.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nOrigin: https://jy.vip.zuhaowan.net\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 22 Mar 2026 12:27:13 GMT\r\nContent-Type: application/json; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nset-cookie: nouid=69bfe021a2ee63079; expires=Wed, 01-Apr-2026 12:27:13 GMT; Max-Age=864000; path=/\npvStime=D806D6F8AEED9A47525E; path=/\npvTimes=D8; path=/\nfxpartner_uv=1; expires=Sun, 22-Mar-2026 15:59:59 GMT; Max-Age=12766; path=/\n__pid__=16973EFD86AD47; path=/\n__puno__=54C164A2D5FC11F450EDA0B91FEDE0F4; expires=Mon, 22-Mar-2027 12:27:13 GMT; Max-Age=31536000; path=/\nacw_tc=180ac14217741824336565972e2000be3c54260bbb9b637d8f2a49862b1fb8;path=/;HttpOnly;Max-Age=1800\r\nreq-cost-time: 58\r\nreq-arrive-time: 1774182433656\r\nresp-start-time: 1774182433715\r\nx-envoy-upstream-service-time: 54\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":107,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"94c7956b4c266daf67f54504d130157e","sha1":"7fe1652593d28932f6add84d8b25419c30c7c3eb","sha256":"395a46d8c051862b4d6ed25f881e87f44fd9f5f2ffe8e2d2faa81ef011481aee","sha512":"32031425f13c2097d4ecb309b0095f6baecd6168c501d8f9297e78337d6c52d2d7ac621d3bc2c7818348a8045496d634ae5792417e205dc30d8e1e10883da724","ssdeep":"","tlshash":"bab01242829f1d98abc57a8d69b90458da9b2481cc9238f9418cd94c1f5a8f0352d27c","first_seen":"2026-03-22T12:27:43.026759Z","last_seen":"2026-03-22T12:27:43.026759Z","times_seen":1,"resource_available":false,"data":null}},"time_used":323,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":323,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shangv1/default_v2/image/index_game/11.jpg","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.390Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shangv1/default_v2/image/index_game/11.jpg HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 39226\r\nx-request-id: 96e704f1071c83c88bc6a608315d9e5a; 0a89a6bb9698fdcdffe3861d76a903a6\r\nx-source: U/200\r\nx-upyun-content-length: 39226\r\netag: \"f5adfb583c58f393edb764b49446af58\"\r\nlast-modified: Sun, 31 Mar 2019 03:50:29 GMT\r\nx-upyun-content-type: image/jpeg\r\nexpires: Thu, 26 Mar 2026 07:53:09 GMT\r\ncache-control: max-age=691200\r\naccept-ranges: bytes\r\nage: 361673\r\nvia: T.166.N, V.pcw-cn-hkg-167, T.132.H, M.gtt-de-fra2-132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":39226,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 282x215, components 3","md5":"f5adfb583c58f393edb764b49446af58","sha1":"0a6926d65ecfc8bcb254fd96f6efd2e7723f7b37","sha256":"54195dd5dd0ca37ad545b6d30a361faf7ac7e38e04768b22bcb229fadc323f07","sha512":"70f3a63341e144f653a630233f9586da7e4a1d627220fa8e7c36ab003b98fbafe43e845b2e213d931d65269b7ca01d38c8633ee32660906e0a662a72961ab09c","ssdeep":"768:H/vUvYEkZAeT60B30PGfL1DOAXEo8NToNJs0GGsV7MZ/2:HCjO3oQL1KyxOoNhGGg3","tlshash":"ad03f1f8ba577cdbbf2ab407d849d729963386f0c908ed91d2987343273413395081e4","first_seen":"2025-12-11T13:42:54.227047Z","last_seen":"2026-03-22T12:27:43.02932Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1553,"timings":{"blocked":1433,"dns":0,"connect":0,"send":0,"wait":118,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shanghu/www3.0/common/js/common.js","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.376Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shanghu/www3.0/common/js/common.js HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\nx-request-id: 3f0fae5c893f84e030c4a9f3715e84e1; 61fb033a81b114b68de131dd1e457302; e23c20b38743402f4a4bb1f8f69478df; 509d7eb59aefaf492e9d0abf0c6292d4\r\nx-source: U/200\r\nx-upyun-content-length: 3784\r\netag: W/\"9309d22fa3f503f541dae021fd575925\"\r\nlast-modified: Fri, 22 Nov 2024 02:52:58 GMT\r\nx-upyun-content-type: application/javascript\r\nexpires: Sun, 22 Mar 2026 18:58:57 GMT\r\ncache-control: max-age=691200\r\nage: 667341\r\nvia: T.206.H, V.403-zj-fud-206, S.pcw-cn-hkg-167, T.167.H, V.pcw-cn-hkg-163, T.132.H, M.gtt-de-fra2-132\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3784,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3784), with no line terminators","md5":"9309d22fa3f503f541dae021fd575925","sha1":"fbc9b206c9f03e9674a48fde855e6ece0fdfc825","sha256":"4150b47762067ee6d184b7876cb6974675cd2aa4644de0d65b8d6741c65824b7","sha512":"5c1da8a2a565901e44ac6b9dd2365b084b3d7bd630ec3f8af09277330c57eba5f0350eac6532a24c6d22d3b320aca31c34a83fd36439b12b52c178e893634559","ssdeep":"","tlshash":"2571514872d5f9e747d75164083fa30bf2325d213825f080d366e9f1ac58aeb51aaf2b","first_seen":"2025-12-11T13:42:54.20294Z","last_seen":"2026-03-22T12:27:43.030893Z","times_seen":11,"resource_available":true,"data":null}},"time_used":1522,"timings":{"blocked":1446,"dns":0,"connect":0,"send":0,"wait":76,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shangv1/default_v2/image/index_game/25.jpg","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.398Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shangv1/default_v2/image/index_game/25.jpg HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 57086\r\nx-request-id: 11e4184d3d130e8d9f7caa7eb276c1db; bec9fec378f7e3ad29205ed8690316ec\r\nx-source: U/200\r\nx-upyun-content-length: 57086\r\netag: \"f45824c64c6066d54b5270e692da6203\"\r\nlast-modified: Sun, 31 Mar 2019 03:50:30 GMT\r\nx-upyun-content-type: image/jpeg\r\nexpires: Fri, 27 Mar 2026 05:19:39 GMT\r\ncache-control: max-age=691200\r\naccept-ranges: bytes\r\nage: 284481\r\nvia: T.167.N, V.pcw-cn-hkg-167, T.132.H, M.gtt-de-fra2-132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":57086,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 282x215, components 3","md5":"f45824c64c6066d54b5270e692da6203","sha1":"9ce4c22e098e858116ad0dca6dd94f516b49d8a2","sha256":"790c239ff38da073bbaec592eb9a08be7eaf4b2417731468db071ca90f99b42b","sha512":"87fda7e7b6daa7e30e1f890376716a9cc367f0ec0f08e36923b05bc5d8ba13f3209c5b7ec41ac6219b5e69ec0bda3f28252c05a5ee7ee4314497f4e31939ee4a","ssdeep":"1536:asQEc+I1MNVu+FgJRdum7EMg+iOb2JHSZY7432wj:3138+gdREMjhOy2wj","tlshash":"c043f175fc1b2e8ab925cd5b8484b2d7ad0d66f8a9b571b5750f900fc1fe4312b960c0","first_seen":"2025-12-11T13:42:54.196065Z","last_seen":"2026-03-22T12:27:43.032124Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1570,"timings":{"blocked":1427,"dns":0,"connect":0,"send":0,"wait":142,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shangv1/default_v2/image/index_game/707.jpg","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.401Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shangv1/default_v2/image/index_game/707.jpg HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 52353\r\nx-request-id: 0aca5faad9fa1a51093b688a2b8ea99f; 9521960f0e9393971d3136580972e0be\r\nx-source: U/200\r\nx-upyun-content-length: 52353\r\netag: \"6cf7c558876c15bd8084b1d5dcee5797\"\r\nlast-modified: Sun, 31 Mar 2019 03:50:30 GMT\r\nx-upyun-content-type: image/jpeg\r\nexpires: Sat, 28 Mar 2026 08:01:04 GMT\r\ncache-control: max-age=691200\r\naccept-ranges: bytes\r\nage: 188417\r\nvia: T.164.N, V.pcw-cn-hkg-164, T.132.H, M.gtt-de-fra2-132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":52353,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 282x215, components 3","md5":"6cf7c558876c15bd8084b1d5dcee5797","sha1":"d62626f6c3c47586fbfc6301cd84bb79da0df81d","sha256":"6c5743dcbd29132c4eb1a629b78672df9a7d9d5d8b75bd3e551c35650e2e4e04","sha512":"36e7271071d6fa0b6e4f2c79bcb692bdf60ef9207f8468b2ddff87b8140580a226da965a35e5fbe0ef44377a4af16b0e0c0592c48c512ee8479a5bf1618bb2aa","ssdeep":"1536:Y7WMIWQth/P2pm8VAM35pgaOnD+Pw0CFJRwg/UTGqY2:kW7tH67JGBDcw0cR/2","tlshash":"5c33f1933e904cd192bd9ca2b143a11a560e31d1bbfde91719d8df83963e2e8f0019ac","first_seen":"2025-12-11T13:42:54.209722Z","last_seen":"2026-03-22T12:27:43.034984Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1588,"timings":{"blocked":1425,"dns":0,"connect":0,"send":0,"wait":158,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shangv1/default_v2/image/service.png","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.405Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shangv1/default_v2/image/service.png HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: image/png\r\ncontent-length: 1356\r\nx-request-id: 9bf50f77668258b4f8c7132293357b62; 5762506286dfbe0df2c25fa1394b5adb\r\nx-source: U/200\r\nx-upyun-content-length: 1356\r\netag: \"43d2d64d7c4ced1c4db9b97c872b3aff\"\r\nlast-modified: Sun, 31 Mar 2019 03:45:31 GMT\r\nx-upyun-content-type: image/png\r\nexpires: Wed, 25 Mar 2026 03:40:10 GMT\r\ncache-control: max-age=691200\r\naccept-ranges: bytes\r\nage: 463278\r\nvia: T.164.H, V.pcw-cn-hkg-167, T.132.H, M.gtt-de-fra2-132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1356,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 26 x 24, 8-bit/color RGBA, non-interlaced","md5":"43d2d64d7c4ced1c4db9b97c872b3aff","sha1":"a10aba997e6f4945fc0557fe0dc95b82118dae83","sha256":"4bb2c691266e3dfd9364fbdc50cfc0b72f5236bc74dc561a468c3416902370a9","sha512":"0ab304f3cf0c1f7656c987a2243339ebcb1d8f867c78ed096163c39ad2e82763b2e69294ff2904c495b5fe2f1bf06e96722f30f240b06b7d21cc644b9cba12eb","ssdeep":"","tlshash":"f3215649e6d03643a8826a4228e680275b574dc0eed0f09a68cbc81719711fd792e3c7","first_seen":"2025-12-11T13:42:54.262699Z","last_seen":"2026-03-22T12:27:43.03643Z","times_seen":9,"resource_available":false,"data":null}},"time_used":1584,"timings":{"blocked":1421,"dns":0,"connect":0,"send":0,"wait":160,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shanghu/www3.0/pages/hehuoren/index/default/css/core.css","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.373Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shanghu/www3.0/pages/hehuoren/index/default/css/core.css HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nx-request-id: 56f1fbd4e7f7c781300104f7a26ffabf; e2cc4c6e69fbb26a4fbd6408fb62acde\r\nx-source: U/200\r\nx-upyun-content-length: 16941\r\netag: W/\"47d7cf7564e67a48cd090f66a66f4a2d\"\r\nlast-modified: Thu, 10 Dec 2020 01:43:24 GMT\r\nx-upyun-content-type: text/css\r\nexpires: Tue, 24 Mar 2026 01:11:18 GMT\r\ncache-control: max-age=691200\r\nage: 558612\r\nvia: T.165.N, V.pcw-cn-hkg-165, T.132.H, M.gtt-de-fra2-132\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16941,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (16937), with no line terminators","md5":"47d7cf7564e67a48cd090f66a66f4a2d","sha1":"c20122fa515fb73b9d4bea5ac393e77beab17ac1","sha256":"33df8431b03592c96e2eb79b4005e10a9605e2190594fba1ac4489b93fd10b66","sha512":"302255f0a257ba38df2efc0eddc435c61d68d8ae90db8254727a4a713f7c247426ef59a1628c671566917701bb9636c779a0e6afc296ec501075863f2628de91","ssdeep":"192:50kp4CO8jrfg6WHXgyXysRlF68DJB0957R0Ez:5reCXftWHwyXysR768PA0Ez","tlshash":"527263251b40302bf2374f6d86d5eabc5724cd93855349efb350de58c7fa4b8122e2aa","first_seen":"2025-12-11T13:42:54.237583Z","last_seen":"2026-03-22T12:27:43.037545Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1483,"timings":{"blocked":1448,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shangv1/default_v2/image/iocn3.png","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.402Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shangv1/default_v2/image/iocn3.png HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: image/png\r\ncontent-length: 1514\r\nx-request-id: 21150428eeb1ca5f2960b63ce605d5c4; 5cc10ac55c6612aa4c3bf224260c9cf6; 000c9941d2c73c882d30c40d689bf21e; ed1ae38416e75d56e9f203966232a5d8\r\nx-source: U/200\r\nx-upyun-content-length: 1514\r\netag: \"93ac828d6f44c6b55fbeefe0f0ea10b3\"\r\nlast-modified: Sun, 31 Mar 2019 03:45:27 GMT\r\nx-upyun-content-type: image/png\r\nexpires: Sat, 28 Mar 2026 03:38:33 GMT\r\ncache-control: max-age=691200\r\naccept-ranges: bytes\r\nage: 204178\r\nvia: T.209.H, V.403-zj-fud-205, S.pcw-cn-hkg-165, T.165.H, V.pcw-cn-hkg-166, T.132.H, M.gtt-de-fra2-132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1514,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 39 x 39, 8-bit/color RGBA, non-interlaced","md5":"93ac828d6f44c6b55fbeefe0f0ea10b3","sha1":"e45e3f3c924413b1ae5774b5597bf798a286f666","sha256":"baafe212201f055cd968cd3d92394b420e10bce8d09466e8d9dacbe44b7e5597","sha512":"c5249af67c899a10c76e95d815bc2fdec01e0cd0461f91dde0f1025f892f51bd6a99660c15ee5c97ab73687e3371c791d1759aff38d97ddf3a95dde25e9ee5a4","ssdeep":"","tlshash":"1a31f9362c850e07ca1d3e299cccd062bffc064d98ac8959ba4eecce09858f5146c9ed","first_seen":"2025-12-11T13:42:54.218485Z","last_seen":"2026-03-22T12:27:43.039055Z","times_seen":9,"resource_available":false,"data":null}},"time_used":1587,"timings":{"blocked":1424,"dns":0,"connect":0,"send":0,"wait":160,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shangv1/default_v2/image/slide_wh.png","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.406Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shangv1/default_v2/image/slide_wh.png HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: image/png\r\ncontent-length: 293\r\nx-request-id: eb1b521373d571ed4eeefd80ff7f87ad; 094249d7027b79557fb98eaf1e670d43\r\nx-source: U/200\r\nx-upyun-content-length: 293\r\netag: \"c9c37500575fc6ee1e84c0bf3e6be9ec\"\r\nlast-modified: Sun, 31 Mar 2019 03:45:31 GMT\r\nx-upyun-content-type: image/png\r\nexpires: Thu, 26 Mar 2026 07:53:09 GMT\r\ncache-control: max-age=691200\r\naccept-ranges: bytes\r\nage: 361673\r\nvia: T.166.N, V.pcw-cn-hkg-165, T.132.H, M.gtt-de-fra2-132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":293,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 18 x 26, 8-bit/color RGBA, non-interlaced","md5":"c9c37500575fc6ee1e84c0bf3e6be9ec","sha1":"80e89b0d0abba80d43c5bc98a878cef726553553","sha256":"83d9c3f22944b6ab73c37c0652d4c3db5dd5b18ba8b20c13a78e2d430545a54e","sha512":"0736b501a8d541a27544ed6a62d3db95a88f3355ce9b1d844ffbd493afc1337983bd064a8e71e631d9916f30446183012d9c6f09b56cceb8c87f770190dfaf34","ssdeep":"","tlshash":"c7e0e7455de47cbce38b3273c3657b05cd7143467100400334c7c56b0003f844115143","first_seen":"2025-12-11T13:42:54.198833Z","last_seen":"2026-03-22T12:27:43.040599Z","times_seen":9,"resource_available":false,"data":null}},"time_used":1584,"timings":{"blocked":1421,"dns":0,"connect":0,"send":0,"wait":160,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/static/www/da.js/da.js","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.355Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /static/www/da.js/da.js HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\nx-request-id: 045cffcda50f08bdcc999a813c6ab5ae; 88e0ca133aa7cc50cfe1880ff5138eee; 824cfbf8bc356762fcfb30a1165ae239; 4f3c48b3007a798cf7b9bb160cb2d46d\r\nx-source: U/200\r\nx-upyun-content-length: 21573\r\netag: W/\"46c485ba0d6b147e71a5248e41d4d371\"\r\nlast-modified: Wed, 02 Aug 2023 06:35:46 GMT\r\nx-upyun-content-type: application/javascript\r\nexpires: Mon, 30 Mar 2026 11:19:33 GMT\r\ncache-control: max-age=691200\r\nage: 3797\r\nvia: T.202.H, V.403-zj-fud-204, S.pcw-cn-hkg-164, T.164.H, V.pcw-cn-hkg-164, T.132.H, M.gtt-de-fra2-132\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21573,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (16677), with no line terminators","md5":"46c485ba0d6b147e71a5248e41d4d371","sha1":"59367bcf0ea99c5ec9f3ec7c5ebafc0e458643e6","sha256":"aaa6dd1bbee68654dcfd6150da7035837ca3688789a4abaddc9eaf816495c794","sha512":"2a97f71019caaf5d97941fc02e7fe666b60f7ef8a1f3cebb87ebc67926075ddf20c282f44b06aa4529062a01361c54bd803eeace1799af5d8327451ccc2d3db1","ssdeep":"384:Hn5y5tW8GvMJPmL97lvjxDlUu8JifjyHOhhzxGkN:H45tW8YiPkvUuuMhp","tlshash":"70a2eebe055cdc8db7c34cd2a2abaa1df438100a3afc595d2d74bff0869ce246e91456","first_seen":"2025-12-11T13:42:54.200787Z","last_seen":"2026-03-22T12:27:43.041926Z","times_seen":11,"resource_available":true,"data":null}},"time_used":3014,"timings":{"blocked":1467,"dns":1441,"connect":21,"send":0,"wait":30,"receive":0,"ssl":52},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zhwpic.zuhaowan.com/images/fx_logo/2021-01-15/60018c269e020.jpg","fqdn":"zhwpic.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.379Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /images/fx_logo/2021-01-15/60018c269e020.jpg HTTP/1.1\r\nHost: zhwpic.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 89110\r\nx-request-id: 903326ac6a9692b6ee648810fa322105; 21a7d99b68c5531cd3894c5a5ebdbc26\r\nx-source: U/304\r\nx-upyun-content-length: 89110\r\netag: \"77197de1c6a4d82d2c8bbfb5f3f4260b\"\r\nlast-modified: Fri, 15 Jan 2021 12:35:50 GMT\r\nx-upyun-content-type: image/jpeg\r\nexpires: Mon, 30 Mar 2026 06:02:00 GMT\r\ncache-control: max-age=691200\r\naccept-ranges: bytes\r\nage: 22756\r\nvia: T.164.N, V.pcw-cn-hkg-167, T.132.H, M.gtt-de-fra2-132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":89110,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, baseline, precision 8, 885x881, components 3","md5":"77197de1c6a4d82d2c8bbfb5f3f4260b","sha1":"ac40c90f033c469304803635e4ad532ce48376a9","sha256":"8a9a6b66d28a24ec1285fbee26b2a01d8392a7056c0c21a147ec7c8c41102a12","sha512":"511bcb906c4828c47d2a1300a174394fd7a4185e506ab0e146d4cb6cb34779cc282e8c2a064c2ea17febf173f2fabd5da7e1338e00412ecb6b5c719b01d6b82a","ssdeep":"1536:/oWUczYSy2HIZLm1Ujs5qdp7LBloIZYp7IAEnWeOsE0JYHMp:FYuHIZS55GR/Ip7IA7uYo","tlshash":"3593d067fc1a45c2641c03e0fc198e3d7a288bacf9e4525d49564ccb3bd25a6ec9e05f","first_seen":"2026-03-22T12:27:43.043082Z","last_seen":"2026-03-22T12:27:43.043082Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1622,"timings":{"blocked":1522,"dns":1,"connect":21,"send":0,"wait":84,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zhwpic.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shangv1/default_v2/image/la2.png","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:13.571Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shangv1/default_v2/image/la2.png HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 188488\r\nx-request-id: 8acf476215b4cf962ffb586981e33b5f; 8de0888f303d15edb83635cc9e452f81\r\nx-source: U/200\r\nx-upyun-content-length: 188488\r\netag: \"28399a4cdb723d9305779039add9a28e\"\r\nlast-modified: Sun, 31 Mar 2019 03:45:28 GMT\r\nx-upyun-content-type: image/png\r\nexpires: Fri, 27 Mar 2026 10:35:45 GMT\r\ncache-control: max-age=691200\r\naccept-ranges: bytes\r\nage: 265523\r\nvia: T.166.N, V.pcw-cn-hkg-166, T.132.H, M.gtt-de-fra2-132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":188488,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 820 x 380, 8-bit colormap, non-interlaced","md5":"28399a4cdb723d9305779039add9a28e","sha1":"0363b7825dd9e17eee1811798e5e9d4e81443026","sha256":"beb69a283694888349e30904c584736c4555609a35073e0a18edcaa4d80c6a46","sha512":"0fee4885c54bb7100b20549661b67c9cc245f224b7ca1f0676d02dde254b586c426a7e35b8edf48ccbfc48bc193331249e7693f24807ae4331820a2563cfebd3","ssdeep":"3072:ipwTUFuwXmqt7oVtXMsVYi16lIEF/kaPLvSkdzu4U4JncMDqZgv1uQWbII:iWT2rR0VtX16igyEVkazaME4ZcMWZS8T","tlshash":"490423f1f52f7bd6b1e24c8d854b25c1259e69a327ccbe38b359a0e8fd11c748193621","first_seen":"2025-12-11T13:42:54.240095Z","last_seen":"2026-03-22T12:27:43.045455Z","times_seen":8,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jy.vip.zuhaowan.net/favicon.ico","fqdn":"jy.vip.zuhaowan.net","domain":"zuhaowan.net","tld":"net"},"ip":{"addr":"39.105.138.72","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:14.197Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.vip.zuhaowan.net","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 28 Jul 2025 00:00:00 GMT","end":"Mon, 24 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"DF:FC:C1:A8:EE:F8:4B:ED:63:C4:AA:27:51:F1:91:D9:DA:57:30:1C","sha256":"42:AB:52:02:E6:67:A8:B2:4C:99:CB:B2:B4:B0:72:1B:1F:EA:8A:1E:88:15:4A:C9:2F:E8:69:22:15:DD:9B:76"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: jy.vip.zuhaowan.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nCookie: nouid=69bfe021a2ee63079; pvStime=D806D6F8AEED9A47525E; pvTimes=D8; fxpartner_uv=1; __pid__=16973EFD86AD47; __puno__=54C164A2D5FC11F450EDA0B91FEDE0F4; acw_tc=180ac14217741824336565972e2000be3c54260bbb9b637d8f2a49862b1fb8\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 22 Mar 2026 12:27:14 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 719\r\nConnection: keep-alive\r\nlast-modified: Wed, 13 Mar 2024 06:05:21 GMT\r\netag: \"65f14221-2cf\"\r\naccept-ranges: bytes\r\nreq-cost-time: 4\r\nreq-arrive-time: 1774182434934\r\nresp-start-time: 1774182434939\r\nx-envoy-upstream-service-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":719,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"57fd016852be692b7b2155a7bbee6b47","sha1":"5619da6f291f1e4cf8a01e64514ce7be07c2d268","sha256":"1b6af8a04d9fa668969a9028a792a138c33d58b293f60fbe5b3f0cdbac3d6019","sha512":"337a6febffd34ba6f0f31adbfae1557f5f4e489b073dde3ebc119bd097c9a85399fdb13b1bd155cf0e444582e0b633430ec1509dcf230887c83616b2d0ff4179","ssdeep":"","tlshash":"14014e56a6b83d20c781af747d87eb107c80f9ac0ca18c1d8c41e8b58d4a2c62eb1e46","first_seen":"2025-12-19T11:33:03.85586Z","last_seen":"2026-03-22T12:27:43.046485Z","times_seen":7,"resource_available":false,"data":null}},"time_used":919,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":919,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/static/www/da.js/da-web-fxIndexPvUv.js","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.360Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /static/www/da.js/da-web-fxIndexPvUv.js HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\nx-request-id: ff30305517fa931f5c7ed8da9ea8f490; e791853db872fcba86e0d1ca82c87880; 65352e46af93e0f822c30cd7d7dc171f; c62edd5f3bc3e61daef1a54dbd3b3996\r\nx-source: U/200\r\nx-upyun-content-length: 1396\r\netag: W/\"4e4b4a93389f454677536dac76baef4c\"\r\nlast-modified: Wed, 07 Apr 2021 03:58:28 GMT\r\nx-upyun-content-type: application/javascript\r\nexpires: Sat, 28 Mar 2026 22:42:31 GMT\r\ncache-control: max-age=691200\r\nage: 135534\r\nvia: T.207.H, V.403-zj-fud-208, S.pcw-cn-hkg-167, T.167.H, V.pcw-cn-hkg-164, T.132.H, M.gtt-de-fra2-132\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1396,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1388), with no line terminators","md5":"4e4b4a93389f454677536dac76baef4c","sha1":"142e312a54a6c22eef6e83d383e300e68e8dc75e","sha256":"b2ebd38b0cdce9dc2ae2f6a9c0d8494c2a34a31de7ac6bded685a9f51a3bddc5","sha512":"32f0d749ae42ec1d925ab11add686b396e8673dca7808a240b8496e1b0387fb0a7eb0f672ba58f64f1692c780fc7e9463efff3e9ce0e3b93f2bae42295c075ef","ssdeep":"","tlshash":"2f21148a39d4f8d5139b2095032f844bf6354c7614bee4d0e3a9cdf9bc6844f6152fa6","first_seen":"2025-12-11T13:42:54.211629Z","last_seen":"2026-03-22T12:27:43.047763Z","times_seen":11,"resource_available":true,"data":null}},"time_used":3147,"timings":{"blocked":1467,"dns":1439,"connect":21,"send":0,"wait":160,"receive":0,"ssl":53},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shanghu/www3.0/common/css/core.css","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.362Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shanghu/www3.0/common/css/core.css HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nx-request-id: b260a7e3c9bbaae5f931a8cb700879e4; 756d10d071f0b5ef9ac1f1b3a6e00be8; fa0fef9fe154a4dbd4adaf7eb49e9144; 975c6f0ef2339ecf960050abe3ee2180\r\nx-source: U/200\r\nx-upyun-content-length: 110801\r\netag: W/\"10afaeacb4d70097940d52ee37e6404e\"\r\nlast-modified: Fri, 11 Dec 2020 03:21:01 GMT\r\nx-upyun-content-type: text/css\r\nexpires: Thu, 26 Mar 2026 18:14:10 GMT\r\ncache-control: max-age=691200\r\nage: 324419\r\nvia: T.206.H, V.403-zj-fud-207, S.pcw-cn-hkg-165, T.165.H, V.pcw-cn-hkg-164, T.132.H, M.gtt-de-fra2-132\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":110801,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"10afaeacb4d70097940d52ee37e6404e","sha1":"61e2386ca7077ad6c246ed425f387d6001df8690","sha256":"52727f6c1292cc86f5521a419486b92c99a9d35ffeb8100b9b8c2fe8a8b0f822","sha512":"2f02926048d4d5e2395ba80504ca3ee6673b0cee17f2dc6754fd49c1112ee0abd238fd5a42ef1a295ea034b093360b14cdf624a8c893cc9227674511fbfc8cd0","ssdeep":"1536:DWYcf/AIoJQFkuO9X6/2oa5qjGuYKpPnLJTFJ:nJyO9X6OolXYKtJ","tlshash":"c1b31932a5512c95752bc211e1dcbebd74b85903ea230daef2823b1bc74589710b7f6b","first_seen":"2025-12-11T13:42:54.190823Z","last_seen":"2026-03-22T12:27:43.049149Z","times_seen":11,"resource_available":false,"data":null}},"time_used":3160,"timings":{"blocked":1484,"dns":1436,"connect":23,"send":0,"wait":140,"receive":0,"ssl":70},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shanghu/www3.0/common/js/core.js","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.375Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shanghu/www3.0/common/js/core.js HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\nx-request-id: e542349369c1e19d01f1bd8a771368f9; 16dacc38a60b0437a578d3f2bc83a6a2; e0999c3c482d89e03b10f1e9fe717e20; 89c9da4555954267ada710579cf409f9\r\nx-source: U/200\r\nx-upyun-content-length: 212372\r\netag: W/\"e1504fd58900b3a4d89e941ac1792429\"\r\nlast-modified: Fri, 11 Dec 2020 03:21:02 GMT\r\nx-upyun-content-type: application/javascript\r\nexpires: Thu, 26 Mar 2026 03:50:37 GMT\r\ncache-control: max-age=691200\r\nage: 376249\r\nvia: T.205.H, V.403-zj-fud-204, S.pcw-cn-hkg-167, T.167.H, V.pcw-cn-hkg-164, T.132.H, M.gtt-de-fra2-132\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":212372,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (42799)","md5":"e1504fd58900b3a4d89e941ac1792429","sha1":"c6dde36ae9864f3ef7c1c2ab9dd46d570af75d15","sha256":"417b0fc019d31baf0716923f4a39efb10fe77656eec8c4a078b5d39142c51aec","sha512":"f8800045d60629ad73a0742ea539c24203a2675bec1b01b4bc106269b61d629d585371b2e7849e08ba9a63149c769300164753ffcb8c17b583b08f4153197433","ssdeep":"3072:qqqUyLypOSmVAfm2WTucFJqKRDcKfwtuTIP7qVbnx6k6Qh:hRgA+2rchlBbnckLh","tlshash":"3724c4ccb6c2b0a153e770a8402fa60bf1776999744e8481e265e4e5fc78a4e9037f7d","first_seen":"2025-12-11T13:42:54.225733Z","last_seen":"2026-03-22T12:27:43.050774Z","times_seen":11,"resource_available":true,"data":null}},"time_used":1500,"timings":{"blocked":1447,"dns":0,"connect":0,"send":0,"wait":53,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shangv1/default_v2/image/iconl.png","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.385Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shangv1/default_v2/image/iconl.png HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: image/png\r\ncontent-length: 5463\r\nx-request-id: 71431e22a573a8dc43b948df28b18741; 872a904b19c4b10bb894c1077373f27a\r\nx-source: U/200\r\nx-upyun-content-length: 5463\r\netag: \"fb64714babd7632356a4feb3d741915c\"\r\nlast-modified: Sun, 31 Mar 2019 03:45:26 GMT\r\nx-upyun-content-type: image/png\r\nexpires: Sun, 29 Mar 2026 00:18:09 GMT\r\ncache-control: max-age=691200\r\naccept-ranges: bytes\r\nage: 129767\r\nvia: T.166.H, V.pcw-cn-hkg-167, T.132.H, M.gtt-de-fra2-132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5463,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 97 x 97, 8-bit/color RGBA, non-interlaced","md5":"fb64714babd7632356a4feb3d741915c","sha1":"fb1262084712b766ef2c4c50a35775389d6505a4","sha256":"6f5b8bbaa968c23b8701c42af0fb82e3af98fc9a060d0dc90b60e96ac8944566","sha512":"edddba4eadde88b35f8d6bb8d0b86855a39b398bdfd92b7fab2aa77eedb4d7857dfa50f352aab1664d3772cb89278fbd30d10345576a8342ed3951d9a9608d29","ssdeep":"96:So7FlS01+lkCQn7mhjwB4TNzwEoDR3xoVMgakYsrcTJDLAGrbE:j7F0LWMoDMzaZsAlD5rY","tlshash":"64b19e6509069c5dc01cfeaf14e84d618a02c9bc6794127876c9d6f38de48932dcdee7","first_seen":"2025-12-11T13:42:54.269142Z","last_seen":"2026-03-22T12:27:43.051978Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1553,"timings":{"blocked":1437,"dns":0,"connect":0,"send":0,"wait":116,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shangv1/default_v2/image/index_game/443.jpg","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.392Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shangv1/default_v2/image/index_game/443.jpg HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 66667\r\nx-request-id: d458ddedee0faf7d33366c728e2cef08; ea06bac460be5974720d4775c10608dd\r\nx-source: U/200\r\nx-upyun-content-length: 66667\r\netag: \"1ed9de3fcf74a4f24589585479be8df2\"\r\nlast-modified: Sun, 31 Mar 2019 03:50:30 GMT\r\nx-upyun-content-type: image/jpeg\r\nexpires: Fri, 27 Mar 2026 10:15:19 GMT\r\ncache-control: max-age=691200\r\naccept-ranges: bytes\r\nage: 266773\r\nvia: T.166.N, V.pcw-cn-hkg-165, T.132.H, M.gtt-de-fra2-132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":66667,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 282x215, components 3","md5":"1ed9de3fcf74a4f24589585479be8df2","sha1":"c69a3223afb2219c1af929312e85dd116a78e3cb","sha256":"34abed65859a2fc142664ef6c6a722b4787d545c8dd00d5d3ce6ed8b090c1aba","sha512":"6cf1720876e124cfac632b2cc6953169e31542fb5fa20418414f13519717fd2450e040b5cc6fcc73d67a6034c2f4dff382d5160672331758ce7eed23981f75ea","ssdeep":"1536:O0N0To7529/b6SmL1K3BlHvtY0lQipv/9xuFImW:iT8m/VLlFYCQ8KFM","tlshash":"5b53026836a86f06275cd8607ae5ca8a2f462cf0b1f29d34bd5ff5a2b45510d4b40ef1","first_seen":"2025-12-11T13:42:54.259902Z","last_seen":"2026-03-22T12:27:43.053004Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1572,"timings":{"blocked":1431,"dns":0,"connect":0,"send":0,"wait":137,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shangv1/default_v2/image/index_game/22.jpg","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.399Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shangv1/default_v2/image/index_game/22.jpg HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 44144\r\nx-request-id: 7265bcaac2eeff76b3e62710b6d4adf5; b93994c7ac6a541c18b297b122861521\r\nx-source: U/304\r\nx-upyun-content-length: 44144\r\netag: \"55d431adff55e6d3a50f665353f94632\"\r\nlast-modified: Sun, 31 Mar 2019 03:50:29 GMT\r\nx-upyun-content-type: image/jpeg\r\nexpires: Tue, 24 Mar 2026 09:48:46 GMT\r\ncache-control: max-age=691200\r\naccept-ranges: bytes\r\nage: 527549\r\nvia: T.167.N, V.pcw-cn-hkg-164, T.132.H, M.gtt-de-fra2-132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":44144,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 282x215, components 3","md5":"55d431adff55e6d3a50f665353f94632","sha1":"e3f50eed498c07a5857ddbcd1dbf6f008451dc1e","sha256":"fe2d2155dd547d2ee339e88ea217e7f41ce7309a2a0e8241ea0493e1a77f86a2","sha512":"4bd36357f415c388e3e8f008967c88ae61e344ef0c8078db2b0b959c0044359e3118e42f8e79894c4f9379458c004337076c1f6253dc665bea7833e6c24ea148","ssdeep":"768:QyAfel1jCZWvRpSxIITtQv+H7CmQqjmGnTLVSujKRSyI+TgSZsRJh:rAGlNCZqSxIOW63Qqj5fVHwXN0Ieh","tlshash":"e313f26cf5c20ee2f0fe4f71292f08174615ccf3a9c61abc482afa41c16555c58abe6e","first_seen":"2025-12-11T13:42:54.272856Z","last_seen":"2026-03-22T12:27:43.054263Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1582,"timings":{"blocked":1426,"dns":0,"connect":0,"send":0,"wait":155,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/static/lib/jsencrypt/jsencrypt.min.js","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:13.538Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /static/lib/jsencrypt/jsencrypt.min.js HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:13 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\nx-request-id: 28e6a51f70f901aa3efc285ff3e02714; 2fdd4b0d69c4dfcd9bd1dad6ba2f31b9; 99f0fd13732a5f905352d9b1d841f72a; 1199d00dcd24052fd310617b5e7f59b5\r\nx-source: U/200\r\nx-upyun-content-length: 55390\r\netag: W/\"7b3696b65ccb2b20c4b36da2ba6477bf\"\r\nlast-modified: Wed, 03 Aug 2022 01:57:40 GMT\r\nx-upyun-content-type: application/javascript\r\nexpires: Sat, 28 Mar 2026 14:51:12 GMT\r\ncache-control: max-age=691200\r\nage: 163815\r\nvia: T.207.H, V.403-zj-fud-204, S.pcw-cn-hkg-165, T.165.H, V.pcw-cn-hkg-165, T.132.H, M.gtt-de-fra2-132\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":55390,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (55313)","md5":"7b3696b65ccb2b20c4b36da2ba6477bf","sha1":"733d4d1a1e066610a8f236582236d32deca91e2b","sha256":"0442096d116963a886f96eb1016038d01a79879b287075b670cf2de3eb548f5e","sha512":"848f2310e40bb72ce4222595ca02c070a3eb69d22181741497c237964d8552667cb1935b4927471eb5a8e66ae6b16d407b1fa8159f9450aec4253570ca38852c","ssdeep":"1536:AoM9qr5y3piGcSEOYHFbx5PpasUvPcqJyuXa+yRe4yY:hM9qrxf5PpasUvPHJyx+y84yY","tlshash":"3e43e88576e6b0640392a0f0061f054ae23e765da45f54fcfa59c8e2acb4c8d663ff74","first_seen":"2023-03-08T16:48:47Z","last_seen":"2026-04-03T05:14:39.959339Z","times_seen":111,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/static/lib/cryptoJs/crypto-js.min.js","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:13.539Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /static/lib/cryptoJs/crypto-js.min.js HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:13 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\nx-request-id: f3c82aeb8d35b2ae7bd959fbc43e78ae; 75a7cfdaadfaa2d28a19be8f61676789; 32770af55ce1f0d0865d8b3577f698a6; 1aeecb44dfddb8fc6b09326cfa1765e4\r\nx-source: U/200\r\nx-upyun-content-length: 48316\r\netag: W/\"2ca03ad87885ab983541092b87adb299\"\r\nlast-modified: Wed, 03 Aug 2022 01:57:38 GMT\r\nx-upyun-content-type: application/javascript\r\nexpires: Thu, 26 Mar 2026 11:35:26 GMT\r\ncache-control: max-age=691200\r\nage: 348366\r\nvia: T.207.H, V.403-zj-fud-209, S.pcw-cn-hkg-165, T.165.H, V.pcw-cn-hkg-165, T.132.H, M.gtt-de-fra2-132\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48316,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (48316), with no line terminators","md5":"2ca03ad87885ab983541092b87adb299","sha1":"1a17f60bf776a8c468a185c1e8e985c41a50dc27","sha256":"8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762","sha512":"13c412bd66747822c6938926de1c52b0d98659b2ed48249471ec0340f416645ea9114f06953f1ae5f177db03a5d62f1fb5d321b2c4eb17f3a1c865b0a274dc5c","ssdeep":"768:J1Z4iiyfiD78x6l42SWRV4HC0o10LEnM9OT81agZnEpnS:vZYDc6lXJd1mZpZEdS","tlshash":"19231ac5a19c605152a774c40d7f704b7463352a070d8aacf668e9eeecfcaea9039d7c","first_seen":"2023-03-07T01:31:53Z","last_seen":"2026-04-05T02:33:17.58594Z","times_seen":149743,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zhwpic.zuhaowan.com/images/fx_logo/2024-04-28/662e0c0470164.png","fqdn":"zhwpic.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.380Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /images/fx_logo/2024-04-28/662e0c0470164.png HTTP/1.1\r\nHost: zhwpic.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: image/png\r\ncontent-length: 26929\r\nx-request-id: ffc1c844f8968d17e5b7a518eb9d0963; 86efeecb05bab1dc6cdc027b87bc7bb2\r\nx-source: U/304\r\nx-upyun-content-length: 26929\r\netag: \"0e794cbcdb83fcfd92141314435d4580\"\r\nlast-modified: Sun, 28 Apr 2024 08:42:47 GMT\r\nx-upyun-content-type: image/png\r\nexpires: Mon, 30 Mar 2026 06:02:01 GMT\r\ncache-control: max-age=691200\r\naccept-ranges: bytes\r\nage: 22756\r\nvia: T.166.N, V.pcw-cn-hkg-163, T.132.H, M.gtt-de-fra2-132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":26929,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 242 x 166, 8-bit/color RGB, non-interlaced","md5":"0e794cbcdb83fcfd92141314435d4580","sha1":"70772bf01b13299cd6958ae3f4aabcfd43e27c33","sha256":"df531bc2a246b23250bbc0ef63e06692144769d4ab6b160457755effdf14ffe1","sha512":"2c55dca87866371d35aa3fd5862c00e628677df0814cff1fd24894ad3ded1cea976a118d0966613b4dd215c3285ad3960aadd29a137c0add709b7651ce401271","ssdeep":"384:MDaoZ7eVYsKbIgomtgHAwASxTmWomx2iCgNXHlTPiVIppPBr9EZNGzWE61QwUNXJ:MwwgHAj0mWomMYHlTzpPBBEZ3YZpH","tlshash":"9ec2e1fb2351d8509d82cb22bc62444e8ae4e16e64fac3c561f8b5d54b96cc277f4c70","first_seen":"2026-03-22T12:27:43.055441Z","last_seen":"2026-03-22T12:27:43.055441Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1609,"timings":{"blocked":1521,"dns":1,"connect":23,"send":0,"wait":84,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zhwpic.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shangv1/default_v2/image/icon5.png","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.383Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shangv1/default_v2/image/icon5.png HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: image/png\r\ncontent-length: 546\r\nx-request-id: 454ab240a6467075f536bcd2f561eaf9; a0614082d62eb2028a4f7917299ab4d8\r\nx-source: U/304\r\nx-upyun-content-length: 546\r\netag: \"b38a2002186deee6d59eeb449225a18c\"\r\nlast-modified: Sun, 31 Mar 2019 03:45:24 GMT\r\nx-upyun-content-type: image/png\r\nexpires: Tue, 24 Mar 2026 23:59:09 GMT\r\ncache-control: max-age=691200\r\naccept-ranges: bytes\r\nage: 476515\r\nvia: T.163.N, V.pcw-cn-hkg-166, T.132.H, M.gtt-de-fra2-132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":546,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 20 x 17, 8-bit/color RGBA, non-interlaced","md5":"b38a2002186deee6d59eeb449225a18c","sha1":"6d1bdb4612bab7725aff561b47ff426e1c546b87","sha256":"c26ff4eabb44145e62339eafa8ca2c384050fdcf2061c1459754d860f36c3a9d","sha512":"1e2310367c0ccf374b7dae051e1d6407ee63bb7181615a8cd9f827a5d44b6f6fdf859f77ce29eeb6a97d91f12393f04d420c429048e572da92ad33ea2fa6e776","ssdeep":"","tlshash":"2bf0eb1b491092a383cbab2310ec0252fa2a5a006608643db78ecca41e00483468faeb","first_seen":"2025-12-11T13:42:54.26776Z","last_seen":"2026-03-22T12:27:43.058139Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1554,"timings":{"blocked":1439,"dns":0,"connect":0,"send":0,"wait":115,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shangv1/default_v2/image/iconh.png","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.388Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shangv1/default_v2/image/iconh.png HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: image/png\r\ncontent-length: 4744\r\nx-request-id: 3d6222d8af39c93c7aaf36b702bd55fe; 3c0a3ca86845415c8ad16659a0f5d442; f1e787d4b4cf67ba8790d193e7b477ee; dbed55538aa31fc410f4844a444129fb\r\nx-source: U/200\r\nx-upyun-content-length: 4744\r\netag: \"a5ce17cb5cc9604186cafd350f7be3b6\"\r\nlast-modified: Sun, 31 Mar 2019 03:45:26 GMT\r\nx-upyun-content-type: image/png\r\nexpires: Sun, 29 Mar 2026 01:41:54 GMT\r\ncache-control: max-age=691200\r\naccept-ranges: bytes\r\nage: 124885\r\nvia: T.201.H, V.403-zj-fud-209, S.pcw-cn-hkg-167, T.167.H, V.pcw-cn-hkg-167, T.132.H, M.gtt-de-fra2-132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4744,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 93 x 93, 8-bit/color RGBA, non-interlaced","md5":"a5ce17cb5cc9604186cafd350f7be3b6","sha1":"87296bfc9abf1a70998f67e784e41cc467d032b2","sha256":"0f199f2ef33a6e90eefc78b729748079af9e7c505af6c2497c3868cf6003ecfe","sha512":"20996934aaf5cfd30af3a6d9892bcf630f30c8f55f70f9e876f09819c7aac83afbcd11ffe35d418076c9f34cc0bfe03ea7f75ce1d7547172c53985962ad9f760","ssdeep":"96:To7F3eNfTSXsS22gWMu/0xS+BibkSnIn4tEQ7Wi+nngITKU6uMc0HiY:U7FuN7SXfWWMhxSXfB4ngIGUYZHJ","tlshash":"11a17c0d92671b10a0efbd4c647cc122b8ef681c627d4936fbcb8bc968905dd7201cca","first_seen":"2025-12-11T13:42:54.216676Z","last_seen":"2026-03-22T12:27:43.059332Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1552,"timings":{"blocked":1435,"dns":0,"connect":0,"send":0,"wait":117,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shangv1/default_v2/image/index_game/24.jpg","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.394Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shangv1/default_v2/image/index_game/24.jpg HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 47405\r\nx-request-id: f1088972e54155b942130650b304e349; 2d863cf22a46f0aae7e8a8b2fd6861c6\r\nx-source: U/200\r\nx-upyun-content-length: 47405\r\netag: \"de366f4539042adeeb889157bdaa9ee1\"\r\nlast-modified: Sun, 31 Mar 2019 03:50:29 GMT\r\nx-upyun-content-type: image/jpeg\r\nexpires: Fri, 27 Mar 2026 00:41:23 GMT\r\ncache-control: max-age=691200\r\naccept-ranges: bytes\r\nage: 301211\r\nvia: T.167.N, V.pcw-cn-hkg-164, T.132.H, M.gtt-de-fra2-132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":47405,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 282x215, components 3","md5":"de366f4539042adeeb889157bdaa9ee1","sha1":"4d982c28cc3b60ea778a3613cecf7291ca1a3c34","sha256":"18cfc772cffadb0dd2e1dbdc4a4db48552f124f045c3ae8e21dd237d9c06dab0","sha512":"f0a8cde19d611c30b8b6f01d3bc8dc1a287a126b218e253f8dc4b210d07dae248609a9ee4a7d3d5b67a0b9788c4561b61f1db9df972fd36eb2a69ed59ad527ef","ssdeep":"768:8L9ucsvwMhtRciPuYy1R0qj6eDKDGV+nTxpTAu7Vu8D+0hvmjhHnCwj22kHdrd3/:2LALPuYaR00rV+8u7Vu8yQOhiwjfudpv","tlshash":"f223f1133401a997bbc1f73be41d72da8a0488f15e506ca6ccd464bfa5860c59b3dbbe","first_seen":"2025-12-11T13:42:54.25243Z","last_seen":"2026-03-22T12:27:43.062072Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1572,"timings":{"blocked":1430,"dns":0,"connect":0,"send":0,"wait":141,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shanghu/www3.0/common/css/common.css","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.365Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shanghu/www3.0/common/css/common.css HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nx-request-id: 7212464eccc9ecf52ee6fcfd52e72cd4; da97b1deab3ec1d9eaf61d6fc7da3387; f2566391bdf03624bada52564785d008; 2629ed8648c098323fe9c9af9fcd57a8\r\nx-source: U/200\r\nx-upyun-content-length: 11053\r\netag: W/\"8f47714abedc04dc5a7cf35b15882f92\"\r\nlast-modified: Wed, 07 Dec 2022 12:02:11 GMT\r\nx-upyun-content-type: text/css\r\nexpires: Sat, 28 Mar 2026 07:11:51 GMT\r\ncache-control: max-age=691200\r\nage: 191375\r\nvia: T.207.H, V.403-zj-fud-200, S.pcw-cn-hkg-167, T.167.H, V.pcw-cn-hkg-167, T.132.H, M.gtt-de-fra2-132\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11053,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (11053), with no line terminators","md5":"8f47714abedc04dc5a7cf35b15882f92","sha1":"9396cc4916bfbacfe4bb9da89df41f1942f1c8a3","sha256":"889653432f1976044423b59a070f28e734061b893b8409d228fdbf111f808d61","sha512":"9fc8ca5b497c8364d9eac73c26d7a0d01222d32066c92c34a7c7fff7cb514d5b3251cb7ab86a9d3afb865abc0f928b6a024b9749a95d30d351047c40d049b491","ssdeep":"192:qt2BsK9TuiscsPrL1km+OO+jjQsrHRPOdRCvvhj34IDzRazGF03qTzlBDoz+BznO:iLhjjQsrHRPOdRCvvh74IDzRazGF03qY","tlshash":"753245f3c9d6340eb077893ce1d4fa55351a462366524bbadac23035c6862fd3325bda","first_seen":"2025-12-11T13:42:54.248539Z","last_seen":"2026-03-22T12:27:43.063228Z","times_seen":11,"resource_available":false,"data":null}},"time_used":3209,"timings":{"blocked":1536,"dns":1436,"connect":23,"send":0,"wait":82,"receive":0,"ssl":123},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shanghu/www3.0/pages/hehuoren/index/default/css/index.css","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.374Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shanghu/www3.0/pages/hehuoren/index/default/css/index.css HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nx-request-id: 40c84a1301da9f318b1c1cd3bfa74209; a5f0273eb4b9477d1a2f8fc35ed715e8\r\nx-source: U/200\r\nx-upyun-content-length: 12967\r\netag: W/\"e33fb8e822b692f5a23225eba6dc5fb9\"\r\nlast-modified: Mon, 21 Oct 2024 02:19:47 GMT\r\nx-upyun-content-type: text/css\r\nexpires: Wed, 25 Mar 2026 16:46:23 GMT\r\ncache-control: max-age=691200\r\nage: 416080\r\nvia: T.166.N, V.pcw-cn-hkg-165, T.132.H, M.gtt-de-fra2-132\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12967,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (12955), with no line terminators","md5":"e33fb8e822b692f5a23225eba6dc5fb9","sha1":"5642dc900be48f4a819e3fc4033dfb0668e800f2","sha256":"b67fb8f941c2bf5019ff69b9c1659349a14b82cefb54c691e70e3f8bd1f5bfde","sha512":"05ef1a5064bb03d2e8d372ad1f8c65806e73e4b2f17986cc6ccb156488525a82b147274da74157f836644d90c6edca54ec6385c40b9b787a4db39856a316f1e8","ssdeep":"192:+nFL6qvMxy3Af7UbOqJbOJOcOkOHOUOpIOiOQOKOOPFOFOJOJ16TvWDnnnnPWgmI:+nDvMx6AwXAzEvWDnnjIb8CrGZ","tlshash":"8942c733c711a73bf027ea6c6790935a3026c417b263577aea417e70c7932d20ab734a","first_seen":"2025-12-11T13:42:54.249962Z","last_seen":"2026-03-22T12:27:43.064772Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1485,"timings":{"blocked":1448,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shangv1/default_v2/image/arrow-right.png","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.379Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shangv1/default_v2/image/arrow-right.png HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: image/png\r\ncontent-length: 149\r\nx-request-id: d14e028c6c3005c5eb207647d0b7fabe; 7d82f302f4f210f380144cc6337fb30e; 10664f3573db34147eae0bbf3ae239e4; 4c5d85ed27cfe8e0ca0ddad4e58d8330\r\nx-source: U/200\r\nx-upyun-content-length: 149\r\netag: \"e23201656ac68a42b5b03fb9d04e4554\"\r\nlast-modified: Sun, 31 Mar 2019 03:45:16 GMT\r\nx-upyun-content-type: image/png\r\nexpires: Sun, 29 Mar 2026 19:13:06 GMT\r\ncache-control: max-age=691200\r\naccept-ranges: bytes\r\nage: 61697\r\nvia: T.207.H, V.403-zj-fud-202, S.pcw-cn-hkg-165, T.165.H, V.pcw-cn-hkg-164, T.132.H, M.gtt-de-fra2-132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":149,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 8 x 4, 8-bit/color RGBA, non-interlaced","md5":"e23201656ac68a42b5b03fb9d04e4554","sha1":"3c0de56e6520c5c398a1b429eecf21a39e3a7bfa","sha256":"bea0e7fc840e589f9fb5b081dc6064297120eb1d01dd1cedd58cedfad8566a27","sha512":"c8c4f98b289a4b6d1a919b2a41b629e9e86041fc822f7c6f9a861ce07172cf3f4d875cfc053ade0a5a5f26083447fb6f51463afa8a3b12f0cad7b315b26c2959","ssdeep":"","tlshash":"acc02beff7683c5dc3e04126e50f001588228130102144284091f7723701708805c2c7","first_seen":"2025-12-11T13:42:54.213403Z","last_seen":"2026-03-22T12:27:43.069027Z","times_seen":9,"resource_available":false,"data":null}},"time_used":1557,"timings":{"blocked":1444,"dns":0,"connect":0,"send":0,"wait":113,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shangv1/default_v2/image/icon8.png","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.381Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shangv1/default_v2/image/icon8.png HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: image/png\r\ncontent-length: 732\r\nx-request-id: 3da69f0f3b5c1c6560d89603411214de; 2fd6b04c964d1b34dd4a8e4e4bb3f565\r\nx-source: U/200\r\nx-upyun-content-length: 732\r\netag: \"55c6f188505d80453cf1bc48d3103b25\"\r\nlast-modified: Sun, 31 Mar 2019 03:45:25 GMT\r\nx-upyun-content-type: image/png\r\nexpires: Mon, 30 Mar 2026 04:24:08 GMT\r\ncache-control: max-age=691200\r\naccept-ranges: bytes\r\nage: 28191\r\nvia: T.167.H, V.pcw-cn-hkg-164, T.132.H, M.gtt-de-fra2-132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":732,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 15 x 18, 8-bit/color RGBA, non-interlaced","md5":"55c6f188505d80453cf1bc48d3103b25","sha1":"86133ac6d84e24a67a088b476337e3cffd3f50d2","sha256":"7b67d147c5f271e9d4c7933c143432613dc0194102489c3cb42dc2fd079f491e","sha512":"fd56de8c1e2c8e52563c81856e5f8be45528380646779b8809a8d3d3878c3023adcc3b7865e9909d99ed7734be35df7df2722a149b60011154137369827c612d","ssdeep":"","tlshash":"d501609b68165641d30ae7a640e94505ae3b850cab904938bb8e9cae6b1018b5dcb7cb","first_seen":"2025-12-11T13:42:54.241591Z","last_seen":"2026-03-22T12:27:43.070381Z","times_seen":9,"resource_available":false,"data":null}},"time_used":1554,"timings":{"blocked":1441,"dns":0,"connect":0,"send":0,"wait":113,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shangv1/default_v2/image/iconw.png","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.387Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shangv1/default_v2/image/iconw.png HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: image/png\r\ncontent-length: 5567\r\nx-request-id: 4c9cc77b2ef8b606e6827d41af0c6003; be8dd2e61ce1e324871d98453de7ff95\r\nx-source: U/200\r\nx-upyun-content-length: 5567\r\netag: \"adb2b40a837e664f0c3dd9101588c2cf\"\r\nlast-modified: Sun, 31 Mar 2019 03:45:26 GMT\r\nx-upyun-content-type: image/png\r\nexpires: Fri, 27 Mar 2026 00:42:06 GMT\r\ncache-control: max-age=691200\r\naccept-ranges: bytes\r\nage: 301167\r\nvia: T.167.N, V.pcw-cn-hkg-165, T.132.H, M.gtt-de-fra2-132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5567,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 95 x 95, 8-bit/color RGBA, non-interlaced","md5":"adb2b40a837e664f0c3dd9101588c2cf","sha1":"6e43155af49ca98f97fecba08b5f6bfd9fb790aa","sha256":"0f3e9dcee059c674cf116cd54f5e4ee6a27db2fad52e259e7096ceec26574ce0","sha512":"4ec138a2723eba5a2cec9901066f1687a52c6ee7038d850767da90bbefaa8b93a02d427bdce20a07283b0314a5d915683bc22b683d75b612a43e96b9495dbc95","ssdeep":"96:Oo7FgyfTiM54GXXJcOCqeC2oaOjqRV89ujGbNtUWpVNInovOJTE:f7F3bn5LH3eKx2Y9ujGxppVNIocI","tlshash":"9eb1b0d2982de556a335849f17943e02b4330a0414affabdb3125d470653777894f3bd","first_seen":"2025-12-11T13:42:54.257974Z","last_seen":"2026-03-22T12:27:43.071445Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1553,"timings":{"blocked":1436,"dns":0,"connect":0,"send":0,"wait":117,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shangv1/default_v2/image/index_game/446.jpg","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.393Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shangv1/default_v2/image/index_game/446.jpg HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 56387\r\nx-request-id: 34a6a86c4468e2e971525c7790698cf2; e74857ca623b83ce2bdb57b9051e0a13; 64358924ad4c895e696b67a6e4d9dc7c; c479e7d93ac2ec4a472a6a791eaac92d\r\nx-source: U/200\r\nx-upyun-content-length: 56387\r\netag: \"f60f3cc3b47d27350aa61c9de94262fd\"\r\nlast-modified: Sun, 31 Mar 2019 03:50:30 GMT\r\nx-upyun-content-type: image/jpeg\r\nexpires: Mon, 23 Mar 2026 09:57:55 GMT\r\ncache-control: max-age=691200\r\naccept-ranges: bytes\r\nage: 613416\r\nvia: T.205.H, V.403-zj-fud-209, S.pcw-cn-hkg-163, T.163.H, V.pcw-cn-hkg-164, T.132.H, M.gtt-de-fra2-132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":56387,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 282x215, components 3","md5":"f60f3cc3b47d27350aa61c9de94262fd","sha1":"e28a5fbce7de52002d9436f38d079ae39043d427","sha256":"90d0b6c633a9a909737318e7af4ba3971bcd4055d63fdfeb4b1528d1bb4edbf4","sha512":"4c479c229d9cc2e5b4dbd3b1a2423495548c24ea0415f619889e6c987575f30c06be1e992b366b5d642b97a36fbda74f375f82a7978183caf56be7d3944fdfa8","ssdeep":"1536:sRjKGtsZqY8EW6M2Ozyb4r76IDAEteIuvZOPC26pb:mGh8EWxU4f6Uve5Z7269","tlshash":"3543f1afb5d469e16d813c9973b135518f0b1de8f012c4d87a96288ab0c6cf5834fb4c","first_seen":"2025-12-11T13:42:54.261379Z","last_seen":"2026-03-22T12:27:43.072533Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1572,"timings":{"blocked":1431,"dns":0,"connect":0,"send":0,"wait":140,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shangv1/default_v2/image/iocn1.png","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.402Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shangv1/default_v2/image/iocn1.png HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: image/png\r\ncontent-length: 1420\r\nx-request-id: 2655e7f9897e6bf84d98fc649125fdc7; 1f471960ba6ff18ffa1ecd8704aa7cae\r\nx-source: U/200\r\nx-upyun-content-length: 1420\r\netag: \"6b93d900d0d5032a7e731f9a6a979fd6\"\r\nlast-modified: Sun, 31 Mar 2019 03:45:27 GMT\r\nx-upyun-content-type: image/png\r\nexpires: Thu, 26 Mar 2026 07:53:38 GMT\r\ncache-control: max-age=691200\r\naccept-ranges: bytes\r\nage: 361673\r\nvia: T.163.N, V.pcw-cn-hkg-165, T.132.H, M.gtt-de-fra2-132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1420,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 39 x 39, 8-bit/color RGBA, non-interlaced","md5":"6b93d900d0d5032a7e731f9a6a979fd6","sha1":"035cd23a3fcbfe54b9ce6607b0fa1d6646fa09e6","sha256":"f00858fbeeac6b5b17b022cf56223507f15e4de8051eb09ffebbe39f5789ec18","sha512":"b101c5a724448f6eb524adbe29ed2079fb6933eed2c10c361f87c41e025e246319e916169b41901df8efbb47ad59d2d21e66cca6bfbc0d29c5cb7a9288a23e0e","ssdeep":"","tlshash":"7621e926db09b091e1142c6470dec3018bb64a046914b624f555d89d33c4d81d68a9d7","first_seen":"2025-12-11T13:42:54.242745Z","last_seen":"2026-03-22T12:27:43.073485Z","times_seen":9,"resource_available":false,"data":null}},"time_used":1587,"timings":{"blocked":1424,"dns":0,"connect":0,"send":0,"wait":160,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shangv1/default_v2/image/index_game/636.jpg","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.399Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shangv1/default_v2/image/index_game/636.jpg HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 68877\r\nx-request-id: 450d508f54e9eb15b49e288404d51892; a917d3f49874bb0e8bc3f1437207c449\r\nx-source: U/200\r\nx-upyun-content-length: 68877\r\netag: \"da44862663a3b8c3fe548530dca53aa9\"\r\nlast-modified: Sun, 31 Mar 2019 03:50:30 GMT\r\nx-upyun-content-type: image/jpeg\r\nexpires: Fri, 27 Mar 2026 02:08:27 GMT\r\ncache-control: max-age=691200\r\naccept-ranges: bytes\r\nage: 295976\r\nvia: T.167.N, V.pcw-cn-hkg-165, T.132.H, M.gtt-de-fra2-132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":68877,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 282x215, components 3","md5":"da44862663a3b8c3fe548530dca53aa9","sha1":"6841918bdd9d4515fd9499599d68f1c7c3183213","sha256":"f7e6339be066ef81e05da747a4ccc55d93f826fcfcffbfbe9d3ffa57891a9f15","sha512":"fa6f6b7508c9fc392f30f4c024cb07c68193d00f0da9ef356934680ec4d27358c2e5ca05c9a04018f8cdf2f9d903276989453fd89d28aa8255f42d161eebbdc0","ssdeep":"1536:jc487JuZVrtB9sPndttPdEWAo5e+FynxtFMsYARvgb:jc48tuZ99sPNGW3DQxt+sVE","tlshash":"da6302af77426971c48f94a16aa309b943c496f0497569c6a0cf13aff4b82dbc41d3ec","first_seen":"2025-12-11T13:42:54.228505Z","last_seen":"2026-03-22T12:27:43.074457Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1581,"timings":{"blocked":1426,"dns":0,"connect":0,"send":0,"wait":144,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shangv1/images/download_app_icon_2.png","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.404Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shangv1/images/download_app_icon_2.png HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: image/png\r\ncontent-length: 345\r\nx-request-id: 8c18f3b24a52212967998ef0eda69559; a4c6e8bb9e768c99faef03f937592da0\r\nx-source: U/200\r\nx-upyun-content-length: 345\r\netag: \"b7369b864ae384a7b81eb037e4080cdd\"\r\nlast-modified: Wed, 09 Apr 2025 06:34:59 GMT\r\nx-upyun-content-type: image/png\r\nexpires: Thu, 26 Mar 2026 07:53:38 GMT\r\ncache-control: max-age=691200\r\naccept-ranges: bytes\r\nage: 361673\r\nvia: T.167.N, V.pcw-cn-hkg-163, T.132.H, M.gtt-de-fra2-132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":345,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 18 x 24, 8-bit/color RGBA, non-interlaced","md5":"b7369b864ae384a7b81eb037e4080cdd","sha1":"2a26f54d65976762c879815cf49571a50caaa237","sha256":"e1d0cbcf089aa7c26d645aac2db3656d5bf82096c1b105f4ad063a401f7f3b99","sha512":"c688c6677831f5f56c388d54f8cf8e0535b480a2ab4a792c621d87372701f9136669808102188add912c18b048fff10dbb71b8757b64dddf2be6a0880c82cc8c","ssdeep":"","tlshash":"c1e0c0ac65a17931c6e37e79034e6180d816718d5700010d8615ac95d40a48a6dcd65e","first_seen":"2025-12-11T13:42:54.275231Z","last_seen":"2026-03-22T12:27:43.075462Z","times_seen":9,"resource_available":false,"data":null}},"time_used":1585,"timings":{"blocked":1422,"dns":0,"connect":0,"send":0,"wait":160,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shangv1/default_v2/image/top.png","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.407Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shangv1/default_v2/image/top.png HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: image/png\r\ncontent-length: 1081\r\nx-request-id: d8b9da2ab2006e1b86125aaf01336adf; 9524c813509d0d93bf2ea8710f9830df; e7edea926ad7a5277242198792550246; fa134927c14704490a4e5f3b786e4f6f\r\nx-source: U/200\r\nx-upyun-content-length: 1081\r\netag: \"9f6c0d1301389f250174d1506c6cbb48\"\r\nlast-modified: Sun, 31 Mar 2019 03:45:32 GMT\r\nx-upyun-content-type: image/png\r\nexpires: Sat, 28 Mar 2026 11:19:01 GMT\r\ncache-control: max-age=691200\r\naccept-ranges: bytes\r\nage: 176584\r\nvia: T.200.H, V.403-zj-fud-207, S.pcw-cn-hkg-164, T.164.H, V.pcw-cn-hkg-163, T.132.H, M.gtt-de-fra2-132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1081,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 18 x 21, 8-bit/color RGBA, non-interlaced","md5":"9f6c0d1301389f250174d1506c6cbb48","sha1":"4989f3a37127c80833c9ef2cf7b084d3bfd2fa7c","sha256":"cf01894ae12f6ba0c0e67751ac1e47963e2727ab5ec3ed74b266f95cb420e2fe","sha512":"30891506a8a3a0ca5b32401a514d1a6d6bcb020e6f24e41146010d4378e29ad37cd41002b4eefd6babf9bef9be8689c202a022bc6825192aa14f7f717399e906","ssdeep":"","tlshash":"2411460cfb852b428b8ba44205f7412757364680eed6f16a98dfc9161cb11b92958bcf","first_seen":"2025-12-11T13:42:54.26388Z","last_seen":"2026-03-22T12:27:43.076731Z","times_seen":9,"resource_available":false,"data":null}},"time_used":1583,"timings":{"blocked":1420,"dns":0,"connect":0,"send":0,"wait":160,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shangv1/default_v2/image/la1.png","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:13.566Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shangv1/default_v2/image/la1.png HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 458394\r\nx-request-id: f05259ed1bfc13106b0bdff298e4866b; 1fe83d3308e0fe57c88bfca24044d035\r\nx-source: U/200\r\nx-upyun-content-length: 458394\r\netag: \"c7e0072dc6929a5cb357bc83ed1a5c83\"\r\nlast-modified: Sun, 31 Mar 2019 03:45:28 GMT\r\nx-upyun-content-type: image/png\r\nexpires: Sun, 29 Mar 2026 06:37:28 GMT\r\ncache-control: max-age=691200\r\naccept-ranges: bytes\r\nage: 107031\r\nvia: T.166.H, V.pcw-cn-hkg-167, T.132.H, M.gtt-de-fra2-132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":458394,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 820 x 380, 8-bit/color RGBA, non-interlaced","md5":"c7e0072dc6929a5cb357bc83ed1a5c83","sha1":"ed41b6a03a2c49a6ce80fc922ab47d011a5234b3","sha256":"cdc82e7dddd0e7bb5a78d412c7d66ba7f2460284077dbc0c45cb4da8ec53a25a","sha512":"3e3756a2289cd15a48ea26a14ee1bb3701f9afe281d9cca5423d04682645445488365d67a005a340eae98cbd602df13827a693fa3943bf33cd4a79c786e051d3","ssdeep":"6144:gW1kwBiS3By7QWYz6O65DXLLl5X/y9kR1SXh3HcAjU/N7HLYoVrkiMQqtFLRWd8n:YKy7LYOtfvmkR1SxMTnJIFLCfuiPF6vB","tlshash":"08a4233bfec86060cce25db2aa5a943f70f46b20f537909d051875d422294abc7ee776","first_seen":"2025-12-11T13:42:54.204995Z","last_seen":"2026-03-22T12:27:43.077785Z","times_seen":8,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shangv1/default_v2/image/la3.png","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:13.572Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shangv1/default_v2/image/la3.png HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 312108\r\nx-request-id: 39e24bb4ce437a47b10c2beb9fcbf821; 1b7ecbbcd4596f1111c7cb6c91778072\r\nx-source: U/304\r\nx-upyun-content-length: 312108\r\netag: \"215f291b56ab55999f5669239d4e7951\"\r\nlast-modified: Wed, 22 May 2019 07:54:15 GMT\r\nx-upyun-content-type: image/png\r\nexpires: Wed, 25 Mar 2026 06:57:22 GMT\r\ncache-control: max-age=691200\r\naccept-ranges: bytes\r\nage: 451564\r\nvia: T.165.N, V.pcw-cn-hkg-167, T.132.H, M.gtt-de-fra2-132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":312108,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 820 x 380, 8-bit/color RGBA, non-interlaced","md5":"215f291b56ab55999f5669239d4e7951","sha1":"2b8a8030af83c7d978c19e20c9bc318398e093e6","sha256":"94013acae5eb1810dd50e81f269b7bc8cebcc267d230e6a7ac2d6bc98e7399b2","sha512":"f5f1227138cdf70aa05866e590154d79543e277901e7757ff2abace635f22293099515148424ee75aa24c7e46a6aa9c6d429feb23dda582ac2f1de9b8e5562c8","ssdeep":"6144:4hue2+s/gt950qBMnnde4jTX9SxCD8E9OqC+0GzuvPE6m7CqyLwiKfV6bd2F:4hue2+a3nLD8E7CUuvPpm71YwiKfVp","tlshash":"686423bfe4aeaaf8d871e3df6036290f31cc5de43970115ee25325ae8b506272557d80","first_seen":"2025-12-11T13:42:54.220324Z","last_seen":"2026-03-22T12:27:43.07873Z","times_seen":8,"resource_available":false,"data":null}},"time_used":67,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":57,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bd-track.zuhaowan.cn/sync_js","fqdn":"bd-track.zuhaowan.cn","domain":"zuhaowan.cn","tld":"cn"},"ip":{"addr":"47.114.113.108","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:13.623Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.cn","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 17 Mar 2025 00:00:00 GMT","end":"Mon, 13 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BC:A5:26:62:F2:84:00:7F:28:B8:8A:D1:8B:E7:A5:A3:4A:05:D0:F1","sha256":"88:64:49:67:FE:2C:B2:8A:25:9B:B4:AE:39:88:69:E1:69:18:8D:07:2E:57:74:1F:AC:FC:BD:4D:34:F1:4F:7B"}}},"request":{"raw":"POST /sync_js HTTP/1.1\r\nHost: bd-track.zuhaowan.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-type: application/x-www-form-urlencoded\r\nContent-Length: 1992\r\nOrigin: https://jy.vip.zuhaowan.net\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1992,"data":"\u0026data=eyJkYXRhIjpbeyJwa3YiOjAsImVrZXkiOiJXdmRhbzBrcGZwa2NuZkZIWW5qUVY0aW1WVUhReU1xM2NudmJCTUpKY2FuR0cxVGhzYnEveWphR2dRUmx4VDBTTEQyYWNHL1JVRzkyZFo1clJ0L3VXUllwbVBoTzVqb1FuWVlRN3BvTWNIMHJ3U1Y0RFBxOVZOSUd1Q01adlJ2RnlKZUNaeU9UeVdEYm5nclFZT1hEYThlVmNTWFliNmVUU1BjR2pWd1BldmRzelZNcUl6bE16Q1J4dkhITDE3WmRQcCtHZnZiYUszY3VxNlcvT28zSUlTNFk4UjVzWXJoTnZISUVCajZhdlVuL2x0ZmN2L1hveHFrOUhMN1lZK29BcWU1T25lVnVNa2doV243N0l0RTVuK09MY2RvcmxFWWw5cTQ4S2c5clhkWWZHS0ZsKzdsSFlJRDJSU2JYZmkyWDNVaXdUR1pjOFpVZ1dGQVplOVhvSmc9PSIsInBheWxvYWQiOiJqQ2JWcGxJWWxxdDNDVmNtMnFDVUhjTUxlUjFQeUZnaWVJUTlXQURXbkJET2lFWmZnaXFiakJJQzVqQ3RTN3dJZ1hPbDdLclQyVENtdjNyZGcwclBDZGE1ajJ5TVhBSHgrWG9JV1BzYXF2cXc2MmxXU3BUZ2oxMHYremlWaGpSQUJDeWNDTmpuak9NUy9VSXRnUGVaVER1KzlUdElEdXgrNmowUzlqNnlSNkhLd0ljdUNlN2NXbm5Ca0QvRWZPNFBrbllzNyt1RGFQaktVTWYrRTlEdVhBbndWRnBwUVkvYVhTVWEyY3RnMm92WC9QRDVWMDRzdlo1bUFBTmJibDZ0VzJJODRUaGwxM3FLWGlMci9qQlAxTEl6b3FvZ0tsTUlBb1BrUjlJNTVNSTM2UmtZeExLMXd6d0lxM3BXMzZveEhFNk1LTUtFaVo4Y0o3TCtYcWxpaWdzTitsQ3dUYWp0MDlCdWRpWTVFb1A3OFcvVkxnTUY0MnByalpsQWU3MHEwbis5dzBuT2xJbkFja0tabEc4ZEZCdC93L3lnYk9GNUQzYkdudEdPL0lJWkNvOElFWmJDTyt1RHhaM3llbFJzdjVyclU1a1JkYlJOclV3Y1J6a0NOcDY2dkhlRVdRSzVTYytRREh3REg5Z1paVHRRMnExZTc2YzR2anJ6bWtJc21NSXhBUDkrTHBGb21adkx0R2pTZTBFeGdxV20rdnQrTVdEMGxzV0VQM1lDei9aWkp5SWR3UmlWaHp0ZzdLQ0l2Zmp2aVlQMmxoUkQ4THJuWWV0bjRzYmNPYzh1M1k3OWhEdUFxTHg0MDBEWXlpSHZ1R2tPbkdGV3NJcWVVMGJXcUVRU0tCMVJtSUJxWGRjSUFzV0lmbEVmRy9xU1JXUm5aRjRjVndtaTRBZkh6b2xoRVlaNCtlZDI1dUZCL20wVmFIekNLRmhsOEF3TGVGaWN2VW5EL2RHZ2J2TVcrYlowNVFOaU1UYmZjbFpNalVYT1Vzbnp2Y0RlbHVjNllZOUtWSnhmNzQzREgrTSs2NkFoemwwSkNLeTRQZmVyVlloaGlXUHRtb0pkL01kaHhoWU51Nlp1WVNiRGZ2Q2RmeHoyclNvZGczQ3JyTGhmY0ppZHJKREpodWhXVEJULzBJM1R6R3k3c2pqWWJhQ2Nxbk9DZGFTbmlsemhaWFoySEFDTjJJdzZTdWUveE95NHc0S1htN00yOXBXMkNvN3k4VldmK244ZkJSVzBvNWd1N3BmZi9TM1NxRzRrTGRCZlNQMTR0Q3pQT2EzSnAwQ3ZJQ1R1WnUyWEo3Mnc4SmsvTW1DWjFSaU5qeDFJeVVJPSJ9XSwiI2FwcF9pZCI6IjBmMGQzNTMzMmMyNDRkMThiN2Q3ZTIwMGE2ZDIwZTYxIiwiI2ZsdXNoX3RpbWUiOjE3NzQxODI0MzM2MTd9\u0026ext=crc%3D586026162\u0026version=1.6.2"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 22 Mar 2026 12:27:16 GMT\r\ncontent-type: image/gif\r\ncontent-length: 10\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10,"size_decoded":0,"mime_type":"image/gif","magic":"JSON text data","md5":"b9e754add75d51d888ce7585dc9dfe41","sha1":"0fd53114199a1a46e887032b7efa05f1fd74c807","sha256":"7a97b9b4d758a3929b8a2be53fbe189c9ba9378d6fbb8190d37f7cc14f5cf5d3","sha512":"6ea97d926607e77cda3275af2c3ba966fd45c1d4b4aa97b53d63a718f0941d93c1d4e67939885740dc6bfd59a0021ed049073ddfc61cfd0e8a5553efb449b539","ssdeep":"","tlshash":"2f500000003c000300030000000c0000c33f00000c0000000c0c033000000000000030","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-04-05T00:35:13.549424Z","times_seen":1559,"resource_available":false,"data":null}},"time_used":4204,"timings":{"blocked":1632,"dns":0,"connect":0,"send":0,"wait":1205,"receive":0,"ssl":1367},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jy.vip.zuhaowan.net/","fqdn":"jy.vip.zuhaowan.net","domain":"zuhaowan.net","tld":"net"},"ip":{"addr":"39.105.138.72","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-22T12:27:10.007Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.vip.zuhaowan.net","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 28 Jul 2025 00:00:00 GMT","end":"Mon, 24 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"DF:FC:C1:A8:EE:F8:4B:ED:63:C4:AA:27:51:F1:91:D9:DA:57:30:1C","sha256":"42:AB:52:02:E6:67:A8:B2:4C:99:CB:B2:B4:B0:72:1B:1F:EA:8A:1E:88:15:4A:C9:2F:E8:69:22:15:DD:9B:76"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: jy.vip.zuhaowan.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 22 Mar 2026 12:27:10 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nreq-cost-time: 195\r\nreq-arrive-time: 1774182422180\r\nresp-start-time: 1774182422375\r\nx-envoy-upstream-service-time: 191\r\ncache-control: private, max-age=600\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":79203,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (3839), with CRLF, LF line terminators","md5":"0c933a15483928290bfb26c0da022d15","sha1":"2560577479d552b87e0d085f055ac7fc737512be","sha256":"9dd5932638d7c8ef4673d99e32cdf3e47d7ca593dff76712f3a1e0f5b0ce2d51","sha512":"1e906d3568922d0119430613d35fe0e7d29bd41d1eec7ca9dcc88362c22007b93c646c342760a19c279092c78411f69f82631f262b6f999cc904c6d713439386","ssdeep":"768:SwCEC+wkCsjD+zvR0HqK3AYOXaYnj2Y1YQLp9YuXYzxeMYHs9gU8khSnbLq6O4a5:S3BIOXPnjTSAghsv9ODbP","tlshash":"4373dd509ad1a9370173c1d713b5af69fda39063c3917a0032ec17679ffae01b60baa5","first_seen":"2026-03-22T12:27:43.080621Z","last_seen":"2026-03-22T12:27:43.080621Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1959,"timings":{"blocked":847,"dns":52,"connect":262,"send":0,"wait":264,"receive":1,"ssl":531},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shangv1/default_v2/image/BG.png","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.382Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shangv1/default_v2/image/BG.png HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: image/png\r\ncontent-length: 21461\r\nx-request-id: 097bc2b25fa745667ca82a666838da94; 9dd4f12a4eb5c45b27477eca2c3e4829\r\nx-source: U/200\r\nx-upyun-content-length: 21461\r\netag: \"b99bab0e44a8ef50c45a4db8429e7361\"\r\nlast-modified: Sun, 31 Mar 2019 03:45:18 GMT\r\nx-upyun-content-type: image/png\r\nexpires: Fri, 27 Mar 2026 11:06:35 GMT\r\ncache-control: max-age=691200\r\naccept-ranges: bytes\r\nage: 263673\r\nvia: T.165.N, V.pcw-cn-hkg-163, T.132.H, M.gtt-de-fra2-132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21461,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 1096, 4-bit colormap, non-interlaced","md5":"b99bab0e44a8ef50c45a4db8429e7361","sha1":"06f8bb442696fde0dfc22a602c90106ea435886f","sha256":"8c636375c7b215afb7d0a53605d5c49d27d5701995b26cc966a2d6db38062902","sha512":"dc9a6f996091214196f632c39c059a7195d54540971a659823d8bff690ba94c7d3c37aeb707123813b49841c9d7bc2cd77560c0bff1c0d30f57377149e9c4b0d","ssdeep":"384:ils6pDZ2lJ4Q+qKs765MhLBdJ6laVEipf3RQellCQNdSrjnQ10gq/ZrdPM+nJAUf:CZ2l7+suiNBd6hellfNdwz7xO+nKU9Eq","tlshash":"89a2e15a26573ee8df44c43d3c349c2322ed5e6eb24cabf2654e3a275cd4811d435897","first_seen":"2025-12-11T13:42:54.193807Z","last_seen":"2026-03-22T12:27:43.082942Z","times_seen":9,"resource_available":false,"data":null}},"time_used":1556,"timings":{"blocked":1441,"dns":0,"connect":0,"send":0,"wait":114,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bd-track.zuhaowan.cn/sync_js","fqdn":"bd-track.zuhaowan.cn","domain":"zuhaowan.cn","tld":"cn"},"ip":{"addr":"47.114.113.108","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:13.400Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.cn","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 17 Mar 2025 00:00:00 GMT","end":"Mon, 13 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BC:A5:26:62:F2:84:00:7F:28:B8:8A:D1:8B:E7:A5:A3:4A:05:D0:F1","sha256":"88:64:49:67:FE:2C:B2:8A:25:9B:B4:AE:39:88:69:E1:69:18:8D:07:2E:57:74:1F:AC:FC:BD:4D:34:F1:4F:7B"}}},"request":{"raw":"POST /sync_js HTTP/1.1\r\nHost: bd-track.zuhaowan.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-type: application/x-www-form-urlencoded\r\nContent-Length: 1501\r\nOrigin: https://jy.vip.zuhaowan.net\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1501,"data":"\u0026data=eyJkYXRhIjpbeyIjdHlwZSI6InRyYWNrIiwiI3RpbWUiOiIyMDI2LTAzLTIyIDEyOjI3OjEzLjM5NCIsIiNkaXN0aW5jdF9pZCI6IjE5ZDE1ODM4MjZkMTNmLTA4ZDY5MWM3ZGFlOTg0LWY1MTU3MjQtMTMxMDcyMC0xOWQxNTgzODI2ZTUyZCIsIiNldmVudF9uYW1lIjoidGFfcGFnZXZpZXciLCJwcm9wZXJ0aWVzIjp7IiNkZXZpY2VfaWQiOiIxOWQxNTgzODI2ZDEzZi0wOGQ2OTFjN2RhZTk4NC1mNTE1NzI0LTEzMTA3MjAtMTlkMTU4MzgyNmU1MmQiLCIjem9uZV9vZmZzZXQiOjAsIiNvcyI6IldpbmRvd3MiLCIjbGliX3ZlcnNpb24iOiIxLjYuMiIsIiNsaWIiOiJqcyIsIiNzY3JlZW5faGVpZ2h0IjoxMDI0LCIjc2NyZWVuX3dpZHRoIjoxMjgwLCIjYnJvd3NlciI6ImZpcmVmb3giLCIjYnJvd3Nlcl92ZXJzaW9uIjoiMTM0LjAiLCIjc3lzdGVtX2xhbmd1YWdlIjoiZW4iLCIjdWEiOiJtb3ppbGxhLzUuMCAod2luZG93cyBudCAxMC4wOyB3aW42NDsgeDY0OyBydjoxMzQuMCkgZ2Vja28vMjAxMDAxMDEgZmlyZWZveC8xMzQuMCIsIiN1dG0iOiJ7fSIsImFwcF92ZXJzaW9uX25hbWUiOiJwY1%2FlrpjnvZEiLCJhcHBfY2hhbm5lbCI6InBjX%2BWumOe9kSIsImFwcF9pZCI6IjEwMDEwMDAwMCIsIndlYl90aXRsZSI6Iuenn%2BWPt%2BeOqeS9juS7t%2BeOqV9jZuenn%2BWPt19MT0znp5%2Flj7dfRE5G56ef5Y%2B3X%2BeOi%2BiAheiNo%2BiAgOenn%2BWPt1%2Fnp5%2Flj7fmjqjlub%2FliqDnm59f5LiT5Lia56ef5Y%2B3X%2BWuieWFqOenn%2BWPt1%2Fnp5%2Flj7flubPlj7AiLCIjdGl0bGUiOiLnp5%2Flj7fnjqnkvY7ku7fnjqlfY2bnp5%2Flj7dfTE9M56ef5Y%2B3X0RORuenn%2BWPt1%2FnjovogIXojaPogIDnp5%2Flj7df56ef5Y%2B35o6o5bm%2F5Yqg55ufX%2BS4k%2BS4muenn%2BWPt1%2Flronlhajnp5%2Flj7df56ef5Y%2B35bmz5Y%2BwIiwidXNlcl9zdGF0dXMiOiIiLCIjdXJsIjoiaHR0cHM6Ly9qeS52aXAuenVoYW93YW4ubmV0LyIsIiN1cmxfcGF0aCI6Ii8ifX1dLCIjYXBwX2lkIjoiMGYwZDM1MzMyYzI0NGQxOGI3ZDdlMjAwYTZkMjBlNjEiLCIjZmx1c2hfdGltZSI6MTc3NDE4MjQzMzM5NH0%3D\u0026ext=crc%3D1560218020\u0026version=1.6.2"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 22 Mar 2026 12:27:14 GMT\r\ncontent-type: image/gif\r\ncontent-length: 10\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10,"size_decoded":0,"mime_type":"image/gif","magic":"JSON text data","md5":"b9e754add75d51d888ce7585dc9dfe41","sha1":"0fd53114199a1a46e887032b7efa05f1fd74c807","sha256":"7a97b9b4d758a3929b8a2be53fbe189c9ba9378d6fbb8190d37f7cc14f5cf5d3","sha512":"6ea97d926607e77cda3275af2c3ba966fd45c1d4b4aa97b53d63a718f0941d93c1d4e67939885740dc6bfd59a0021ed049073ddfc61cfd0e8a5553efb449b539","ssdeep":"","tlshash":"2f500000003c000300030000000c0000c33f00000c0000000c0c033000000000000030","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-04-05T00:35:13.549424Z","times_seen":1559,"resource_available":false,"data":null}},"time_used":2610,"timings":{"blocked":1169,"dns":87,"connect":272,"send":0,"wait":272,"receive":0,"ssl":808},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shangv1/default_v2/image/banner2.jpg","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:13.544Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shangv1/default_v2/image/banner2.jpg HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:13 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 280737\r\nx-request-id: 376ffda9657c64abbdee25e499bee094; 8c7cdd6c0daf997f3a781c9d20eea37e\r\nx-source: U/200\r\nx-upyun-content-length: 280737\r\netag: \"c0b32c0a57e16f7efe07dd82c013da7c\"\r\nlast-modified: Wed, 19 Jun 2019 09:40:41 GMT\r\nx-upyun-content-type: image/jpeg\r\nexpires: Tue, 24 Mar 2026 01:09:38 GMT\r\ncache-control: max-age=691200\r\naccept-ranges: bytes\r\nage: 558713\r\nvia: T.165.N, V.pcw-cn-hkg-167, T.132.H, M.gtt-de-fra2-132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":280737,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 720x378, components 3","md5":"c0b32c0a57e16f7efe07dd82c013da7c","sha1":"e0dbec2e1ef6279fb5869ef16b36c6d835da958f","sha256":"442e98f8b5cfcbd76644455524ab83e476497c6eb6d458921312d627f97dabd0","sha512":"b2574792149bd30e33e52fda7af17244e3a9a3b084adfce1ef096765d6786dcbce67ad5af4967028cd39306268e8d82a3411777032e03c49741b0df7d7ce5d45","ssdeep":"6144:GzhTzDC5wDAEQfQ5akHO/Grs4Qg+YfuxxW+vj+VykiDVoMKP:GRn3Z4ka4Vbf4rjwjiDVXs","tlshash":"f35423273f0f5501b69532b2bb1a3423d971623c51cbba9a999b0a5c51e32cf74b3e60","first_seen":"2026-01-23T09:38:07.068696Z","last_seen":"2026-03-22T12:27:43.083873Z","times_seen":2,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":35,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bd-track.zuhaowan.cn/sync_js","fqdn":"bd-track.zuhaowan.cn","domain":"zuhaowan.cn","tld":"cn"},"ip":{"addr":"47.114.113.108","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:13.605Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.cn","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 17 Mar 2025 00:00:00 GMT","end":"Mon, 13 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BC:A5:26:62:F2:84:00:7F:28:B8:8A:D1:8B:E7:A5:A3:4A:05:D0:F1","sha256":"88:64:49:67:FE:2C:B2:8A:25:9B:B4:AE:39:88:69:E1:69:18:8D:07:2E:57:74:1F:AC:FC:BD:4D:34:F1:4F:7B"}}},"request":{"raw":"POST /sync_js HTTP/1.1\r\nHost: bd-track.zuhaowan.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-type: application/x-www-form-urlencoded\r\nContent-Length: 1848\r\nOrigin: https://jy.vip.zuhaowan.net\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1848,"data":"\u0026data=eyJkYXRhIjpbeyJwa3YiOjAsImVrZXkiOiJhR3owVm13N3QzalRmMlh6RnBkdjRvRk02alQ4SzRGMEx5UENvVTFGWStFZVdYbFhSSks0ZlJJUW1tN0d2Y1NMWUNxd1V2dVR2T1NiYXV2dkxpaklYV1lYc3M0VXQ2dU5SVDJDdVByK3JtNHkzcjNwakhyeWlIMFA3S2NrV1RIV1dLSTdISWhvUGQ4aFhhOS9DbTUydGhCSGhPc3huZVRpNXdCeDlST3IySFNCcUFURnpva1dOdzdHOVRhaWhoWEp4UnUzL2czTkV5d01UbXNPMkhkUGE0cnVhVnJEQlFMNEJkeVdTTnVTamJCQzBCZGZOMHNaSXdlcThidkxVVmhMMTFuckZmQ2tXK3pwZFk3ZzZIdnp1QmJIU2NYdFhENHFPYWU1bGdac0w0UGl3NklKdUVaNjQyVDViV3lRb281azEwOVlRUjUwcVp4djd3bUUrVjNzOFE9PSIsInBheWxvYWQiOiJDL2FrS3N0dE5rM1RIZjVNcEU2Z2dZYjl2OURpN294dE51MHFsSFpFSWtCc3NmQ2FHSWJZTURGOUZQS2NEVlJralZIQTk1Vng4UkRXUlpPOEt0VmRVbXV3MFdxZUVtKzJRRVNOVjg3MGV6ek5TZTEwUG5pbnJTZWtNRG1LM3lFR1lhSG92WmFrVUF3UWh1b0xYbHB6WDlqaG1RdnJJbkRmNXZzd25HcEdVdjd5NGVNRWcvRzVtdHhxK3RtL1R1RDFrVXlma2JPODlkZmpPazFWdzRwKy9nREMrMVVIaDhTOFNNaXFtZkJrUlB3Umg0UEtKdUFHdUZoeXNhM3B0S21YTXQxNU5kcHc2STVzaW1FNVZPN3hRMHdJYW9KYlhYU0RSZ1JERm0xeFFlTXJYQ3B2NnNiMnVKZWNYM29PUEZnZThCMDBZSmI1K2FTTlExZitncVNtUW1uTEdUYzNLTGRYcytGNXVLR00yK0NGSDNmdUJ1UGZpditxUVJXaXMxY0pnNVlEWmRRWjdOTTVOT2pJckVDaTVKMUE2MVB6Rmt3KzRSbStsZTVaWnNrNmdjUFhxMUhDejhMaGJ5YW1ZVzhkSVA2YTVUeG14RGRHQlVBSWVhR2M2bUNlb3l3bTJ1OEw3VUpKQUhrc0hGU2ZTQ2VyWEMrVTNqM3VSWW9KSVVWcG5UckpaenlPc3JKaUhPYml4bUx2MS84NUVIL0RRRlhPOWZiaHJaMHpNN0lZOTJQREh1dENMUWo3UW5LdnJMRzBpdmF2aE5JdnUvR2VoQWd2WGxhcERMaFRoakR0MER2V01yTnpTZ1dFT3B5RnF0UVQrTERhTEY3Y3EzdVhLdmpHTS9xUGdiVVp4WGQ4ZHloZDh5cUxXNFVwZ0FEWUpxOEN2V1JLV01RekhTOTMya2VKTXRLTzAxTTNHdGVEYzR2SGhHVURhKzNlU1Zkd3c1YWNpK1J2MDhwbVM4cWV0YUJTWEEzb3hxMUlqQTU4WmZ1dUYzWllDNzhON29NNzVESkpocVlWUEQzK0NKblpjaFRtWEU1d2NoL0I3Z2hUdGJLZ0tsclBsa0JYY1pibnBSZ25iTFBjRFFoQXRWVHpHRnFpWHZqVnZSQWVEQStEdjRwNWp0WFVMRjU0Zzd1TnlhRTB2aXNTajlXWkgyY2oxOUZ5TEkzTzBEOWhxMERJMzd3aiJ9XSwiI2FwcF9pZCI6IjBmMGQzNTMzMmMyNDRkMThiN2Q3ZTIwMGE2ZDIwZTYxIiwiI2ZsdXNoX3RpbWUiOjE3NzQxODI0MzM1ODN9\u0026ext=crc%3D-41876762\u0026version=1.6.2"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 22 Mar 2026 12:27:14 GMT\r\ncontent-type: image/gif\r\ncontent-length: 10\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10,"size_decoded":0,"mime_type":"image/gif","magic":"JSON text data","md5":"b9e754add75d51d888ce7585dc9dfe41","sha1":"0fd53114199a1a46e887032b7efa05f1fd74c807","sha256":"7a97b9b4d758a3929b8a2be53fbe189c9ba9378d6fbb8190d37f7cc14f5cf5d3","sha512":"6ea97d926607e77cda3275af2c3ba966fd45c1d4b4aa97b53d63a718f0941d93c1d4e67939885740dc6bfd59a0021ed049073ddfc61cfd0e8a5553efb449b539","ssdeep":"","tlshash":"2f500000003c000300030000000c0000c33f00000c0000000c0c033000000000000030","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-04-05T00:35:13.549424Z","times_seen":1559,"resource_available":false,"data":null}},"time_used":2189,"timings":{"blocked":966,"dns":4,"connect":275,"send":0,"wait":272,"receive":0,"ssl":669},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shanghu/www3.0/common/hehuoren/css/default/public.css","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.365Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shanghu/www3.0/common/hehuoren/css/default/public.css HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nx-request-id: 943fe46ebc622dfa0c59c2a5ad11554e; eb087f8cf16f6a4be32080cd0011e1e4\r\nx-source: U/200\r\nx-upyun-content-length: 11021\r\netag: W/\"169e6dbe25a8ed3f62d7100e266e86aa\"\r\nlast-modified: Fri, 29 Mar 2024 06:20:25 GMT\r\nx-upyun-content-type: text/css\r\nexpires: Thu, 26 Mar 2026 22:06:39 GMT\r\ncache-control: max-age=691200\r\nage: 310576\r\nvia: T.165.H, V.pcw-cn-hkg-164, T.132.H, M.gtt-de-fra2-132\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11021,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (11021), with no line terminators","md5":"169e6dbe25a8ed3f62d7100e266e86aa","sha1":"349030ea49cb4aef4a60ce65b5aec2f58c1df0f0","sha256":"b724a481bfb353846125c96f517ba84bc30dc5ae60011eb55f010b7eeed3d6f8","sha512":"e34ec70a5b913bac6ffc5351d254472d31f2a7bb5f15ff64b0a20985dd3c2c6243b4ff6cc0da35b7399b72823589de8574921782ae2e0c24ced1f5cb6da4f097","ssdeep":"192:wt+tMESCWvjbduPEul0eazRkLfweYrI+hgl:wPEsvHQPez+fwXrthM","tlshash":"fc3257324169221df037e6316ba07f8e7154c02bf15727baeeb53b26c3c75891ab6349","first_seen":"2025-12-11T13:42:54.236204Z","last_seen":"2026-03-22T12:27:43.086289Z","times_seen":9,"resource_available":false,"data":null}},"time_used":3137,"timings":{"blocked":1462,"dns":1435,"connect":24,"send":0,"wait":159,"receive":0,"ssl":48},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shanghu/www3.0/pages/hehuoren/index/default/js/index.js","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.378Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shanghu/www3.0/pages/hehuoren/index/default/js/index.js HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\nx-request-id: c8300d0a0e508c37a00e45a20ffb3e29; c13d6efcd17d081bac6d751acb54286e\r\nx-source: U/200\r\nx-upyun-content-length: 4865\r\netag: W/\"b7abecd8b0cc7a6cfacb3d16256c5f60\"\r\nlast-modified: Thu, 22 Jan 2026 07:52:58 GMT\r\nx-upyun-content-type: application/javascript\r\nexpires: Fri, 27 Mar 2026 05:56:10 GMT\r\ncache-control: max-age=691200\r\nage: 282312\r\nvia: T.166.N, V.pcw-cn-hkg-167, T.132.H, M.gtt-de-fra2-132\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4865,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4865), with no line terminators","md5":"b7abecd8b0cc7a6cfacb3d16256c5f60","sha1":"ceb3df910e02461529f463705f5eb17167b8f2e9","sha256":"658a3a92eaf28fdaf6e8b5ed7a2fec510585d0bc86dbd00d9a07b0d02d1f5aa6","sha512":"3c2ed84bbf3dedc9095a45db10fbb306b9daba2fdfbc2a0a8fa5a17999506fdfc16c0bda737d7b4c08f98f5e69a4cfa575d9a63a1cf680cdda39d9bb59373310","ssdeep":"96:/snIQANCUplqudhGV47mgsnCmoK1op1O0OSQPCfCkzOuOkY0QP:sINX7qZPnCmo8op1O0OmKsOuO/L","tlshash":"29a1838d70e6b9e703d776a9113f5502e131292648b7f9418221cde0e8bd44f22b7b2a","first_seen":"2026-03-22T12:27:43.087319Z","last_seen":"2026-03-22T12:27:43.087319Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1521,"timings":{"blocked":1444,"dns":0,"connect":0,"send":0,"wait":77,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shangv1/default_v2/image/iconls.png","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.386Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shangv1/default_v2/image/iconls.png HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: image/png\r\ncontent-length: 5046\r\nx-request-id: a48565afe174ed1fe51a94852c1db9de; bb1adc0efd667159ece67581b8f580d2\r\nx-source: U/200\r\nx-upyun-content-length: 5046\r\netag: \"38a4961fbcff4cbd37b9287275c81613\"\r\nlast-modified: Sun, 31 Mar 2019 03:45:26 GMT\r\nx-upyun-content-type: image/png\r\nexpires: Sat, 28 Mar 2026 21:24:16 GMT\r\ncache-control: max-age=691200\r\naccept-ranges: bytes\r\nage: 140234\r\nvia: T.165.N, V.pcw-cn-hkg-163, T.132.H, M.gtt-de-fra2-132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5046,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 95 x 95, 8-bit/color RGBA, non-interlaced","md5":"38a4961fbcff4cbd37b9287275c81613","sha1":"5a27f29f8c1ed63cacb88de42a975c92806a9cc2","sha256":"f554361b615cefb6c33e4cfc72879ab5bbfa3fa4bbc75329a44593967c0beaf2","sha512":"39e9da501b1251deca504d3ee9cf2d18d5ac4a4903a7d9489c54de3c874557e43a4b17c6b31f8fedd9ed197dcbd7c7bb323898b0f273c84c5260ecaba4751e04","ssdeep":"96:Oo7FxNxuzLGCJdFMo8JUTPP1ai+YHBYHTpS2b+L/u3xuZxcX5:f7FJu+ubMJOPaAh8Yu3mxq","tlshash":"f8a16dfbb0e014e3ade89b05beed4171df0e98d4be422598fa0243b0edc002ea681559","first_seen":"2025-12-11T13:42:54.270427Z","last_seen":"2026-03-22T12:27:43.089787Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1553,"timings":{"blocked":1437,"dns":0,"connect":0,"send":0,"wait":116,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shangv1/default_v2/image/index_game/17.jpg","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.391Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shangv1/default_v2/image/index_game/17.jpg HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 61710\r\nx-request-id: c634f420f9e692af6664f4c3b72286f2; 2038411af1d0efe4594d9a90ed2b9e9e\r\nx-source: U/200\r\nx-upyun-content-length: 61710\r\netag: \"d2868953f399fd92569ab95cf356d50d\"\r\nlast-modified: Sun, 31 Mar 2019 03:50:28 GMT\r\nx-upyun-content-type: image/jpeg\r\nexpires: Sat, 28 Mar 2026 02:44:58 GMT\r\ncache-control: max-age=691200\r\naccept-ranges: bytes\r\nage: 207359\r\nvia: T.165.N, V.pcw-cn-hkg-163, T.132.H, M.gtt-de-fra2-132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":61710,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 282x215, components 3","md5":"d2868953f399fd92569ab95cf356d50d","sha1":"ab73971c2301b5113cc0324926f4a0ce4d27e2e2","sha256":"e7705cad26115cc4eec49a846d6edcb3a8f1c1901bd598a75f1b2d51fcb8144d","sha512":"158168a7fc23c084cf5defa84ca459065a4e875a4a0e78e6fd0e841e6fc40540375f0b55c9504bb6d0052f1ef941f11d6fa32c07fdb496f4b4226e0371095ab0","ssdeep":"1536:eyo1sU65If+E0eHPtH8uSlxlnAwlTr+zIv:X7f8RPlw9r+zIv","tlshash":"1d5302a43b227991d90bc43238f55a2bb2b624f879f0d62c1f473f9af504961524fce6","first_seen":"2025-12-11T13:42:54.251311Z","last_seen":"2026-03-22T12:27:43.090789Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1555,"timings":{"blocked":1432,"dns":0,"connect":0,"send":0,"wait":120,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shangv1/default_v2/image/index_game/441.jpg","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.400Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shangv1/default_v2/image/index_game/441.jpg HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 58745\r\nx-request-id: 63459658dba566062ffb4db162bc1b0b; 825b9b75e2722cfc08dbbfa54762dafb\r\nx-source: U/200\r\nx-upyun-content-length: 58745\r\netag: \"e171f66675e84cd59cad6290683fc734\"\r\nlast-modified: Sun, 31 Mar 2019 03:50:29 GMT\r\nx-upyun-content-type: image/jpeg\r\nexpires: Thu, 26 Mar 2026 07:53:38 GMT\r\ncache-control: max-age=691200\r\naccept-ranges: bytes\r\nage: 361673\r\nvia: T.164.N, V.pcw-cn-hkg-165, T.132.H, M.gtt-de-fra2-132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":58745,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 282x215, components 3","md5":"e171f66675e84cd59cad6290683fc734","sha1":"d5e0b099f774e07519f16d9f65c2481305c6dea0","sha256":"5eccdde08cd60c757ae9b47f80293bdd16c7cbfbaa49168215ff46bda8b607fd","sha512":"58f9d48ab5b4188217f7f71868fe86b34ed3789555772f5bfb2e37af14e9830cdedbc3b493aae00a92aead922c7f650c9b89a486d4231610b274393735dd19ff","ssdeep":"1536:B4wDuZB5T5d8V7FZDmsHBi/yTR7wptoLaLbJis6J:qZT4FZisHBXwPLMJ","tlshash":"4643015df35da94ad56c58c8788a897dce6872f7a5e988098e0058c33ce813f78385f6","first_seen":"2025-12-11T13:42:54.25364Z","last_seen":"2026-03-22T12:27:43.092067Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1583,"timings":{"blocked":1425,"dns":0,"connect":0,"send":0,"wait":156,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zuhaowan.zuhaowan.com/shanghu/www3.0/common/hehuoren/js/public.js","fqdn":"zuhaowan.zuhaowan.com","domain":"zuhaowan.com","tld":"com"},"ip":{"addr":"185.232.59.134","port":443,"asn":135391,"as":"AOFEI DATA INTERNATIONAL COMPANY LIMITED","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jy.vip.zuhaowan.net/","date":"2026-03-22T12:27:11.377Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zuhaowan.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4D:7D:85:8C:FE:F0:1D:5F:1F:F6:D8:F1:39:D0:B2:BC:9F:DB:13:FC","sha256":"E8:FB:3C:61:D7:1D:1F:EF:03:91:C9:E7:F4:6A:31:CE:1D:C3:EE:E1:14:8D:CF:1E:2C:42:D8:7B:68:96:90:94"}}},"request":{"raw":"GET /shanghu/www3.0/common/hehuoren/js/public.js HTTP/1.1\r\nHost: zuhaowan.zuhaowan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jy.vip.zuhaowan.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: marco/3.2\r\ndate: Sun, 22 Mar 2026 12:27:12 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\nx-request-id: fbc0d770d97e946c068d85d26d6d872a; 91d3ccb034a1659768183b1788fbf762; 50cb885b545a2a63055fe571d2000154; 8fbe8b95915c31ffbb517c9d7f7ac8c8\r\nx-source: U/200\r\nx-upyun-content-length: 6735\r\netag: W/\"269155e88b473f6e1fa1ca7f9248b7f0\"\r\nlast-modified: Fri, 27 Feb 2026 01:42:11 GMT\r\nx-upyun-content-type: application/javascript\r\nexpires: Sun, 22 Mar 2026 23:42:25 GMT\r\ncache-control: max-age=691200\r\nage: 650357\r\nvia: T.209.H, V.403-zj-fud-202, S.pcw-cn-hkg-165, T.165.H, V.pcw-cn-hkg-165, T.132.H, M.gtt-de-fra2-132\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6735,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (6525), with no line terminators","md5":"269155e88b473f6e1fa1ca7f9248b7f0","sha1":"c044253268d1175097ac488cb76cb8e3cfee0334","sha256":"3c5b284eeab6e04f143b0125ab672422485dad1f6916e91f7493aef6bbd53dff","sha512":"3c5cf2bc219e7d7c2fcdf1a0fa5130f1d64e5d062722e9a660aab1d9e6d4f233c1771b2ca3565eae55fda03d0ac4b53adfad2fc40295880267b35b9584f3f112","ssdeep":"96:vk+AvAUNCiY3Z1IYq+XbCbcGz/WyP5cmP95aJ1T5jRI54bknys6GLxDtQyY5QR:v6B4ZLGz/+aA5jRwVLT52e","tlshash":"e2d1a41d7054f4e2216364610c3fb208b37b566b4d19d944e923e6e23dbceca22b7e2d","first_seen":"2026-03-07T22:52:02.091727Z","last_seen":"2026-03-22T12:27:43.093348Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1521,"timings":{"blocked":1445,"dns":0,"connect":0,"send":0,"wait":76,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"zuhaowan.zuhaowan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}