{"report_id":"d4603042-e63f-44ca-b9e4-a153ea6861e1","version":6,"status":"done","tags":[],"date":"2026-03-03T08:54:01Z","url":{"schema":"http","addr":"m.hngjyyj.com/","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":0,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"m.hngjyyj.com/","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"title":"首页| J9国际集团中国官方网站","dom":{"size":41515,"mime_type":"text/html; charset=utf-8","magic":"data","md5":"3bf3b978b007c7f0342c35fe7d22a607","sha1":"304952559fc115018e22cfc52934569c8ad95b72","sha256":"60c0c51f19296f92bb1af62cb174e5c798c7dbe0d1cf849254989adffcd5962f","sha512":"6292beec5b5486db94581b2832148d13975124b73541ae70e7c2afdd99f114c79fa3bb1061c343d7fc467ba89c34554985e7af118dc34882bd7f0ea01ed42511","ssdeep":"768:T2GJsnA/KZzCypRICdQ6LDra8ceRz85sWMI89GQF9kLjSklcMGQ7Lg:T2nnA/KZ5kCdhDlJmXSdo7Lg","tlshash":"ec132f6115f9693352a285e93ee42f2fbec1e60bda461d0173bc16c64f83f86cc4b129","dom_hash":"domhash1536e9b42acda94b5b68ceb6b1b598bc","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"m.hngjyyj.com/","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":0,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-07T08:54:01Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"m.hngjyyj.com","ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":42,"request_count":42,"received_data":3164490,"sent_data":24590,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}]},{"fqdn":"34.92.76.235","ip":{"addr":"34.92.76.235","port":4451,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":335,"sent_data":517,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty:1.25.3.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"collect-v6.51.la","ip":{"addr":"43.159.107.113","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"domain_registered":"2005-01-17","domain_rank":348646,"first_seen":"2021-03-08T16:03:54Z","last_seen":"2026-03-02T03:22:44.787708Z","alert_count":0,"request_count":1,"received_data":358,"sent_data":467,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"m.hngjyyj.com/","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"8a4a6660d1cadfea91a6eeee531dddfa","sha1":"7008a8ae3e27596a8a8e54ff2f4074f47d152af6","sha256":"1907e53ae99070cf8a3d4f94b7cb65fcc47589d3587e4369c136aad04e3b1d73","sha512":"e5ddd7c478f7cd2039df38f159f54bb61480834095520027f7fe099724c614af761aad64ad75871b933cf7823ca541434bfad17c73e89289298eae9dee5edadf","ssdeep":"","tlshash":"f390022286ca240e5ff4004a01f69341185508e00016440c448cd2630362ca06287302","size":54,"data":"","first_seen":"2025-03-03T03:31:31.255224Z","last_seen":"2026-04-04T11:06:26.515472Z","times_seen":953,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/cy.js","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"a154c3ed6700a03d0e2c7827764d8d97","sha1":"1084126055f9a40cfa1d62364a525d059537144e","sha256":"ec2a6b680b24f1abb5ec334e754fb8463c31b8fd6ac57fa572d149792b0b61bf","sha512":"177213a04204223b35f908fda232d9afa50fb5d568735607f1019fd118b9e874cf4a956c4792b37ae6bf7f3e42dc152363e669fe32a5109a1cb8a879fa6f2322","ssdeep":"","tlshash":"1001907f1e719118e316b00f30298d4a35b0c4167b20d759f0fcfd66a894f12546f699","size":737,"data":"","first_seen":"2025-11-13T08:50:58.515602Z","last_seen":"2026-04-04T11:06:26.493019Z","times_seen":456,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"4da7f49148c3663e1fd6ec16fa97633a","sha1":"22700032fe7484438f792033d685781c32f04a44","sha256":"22bf3d3c8ccec77752213a3ff8aa2b23bd0fd3723a86cf29d7066f7fd1135d8d","sha512":"9d6ca7a21dcb87fd8f1fcedad4320d561836459853f9cd059bdd4c82ccb58bb8776598fedaf70157bd25066732961c4160888d4d9ddfaea0b404ab3745914325","ssdeep":"","tlshash":"88f027931461682d62208b21a9e6f1048ee6b461e6394c41f89d206e0fe5ec584eb36c","size":469,"data":"","first_seen":"2026-03-03T08:54:07.86895Z","last_seen":"2026-03-03T08:54:07.86895Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sdk.51.la/js-sdk-pro.min.js","fqdn":"sdk.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8a41c9449b73e8ba0224c6be1f0b7e8","sha1":"33d79319d4110bcf5c44c36f7dd4a291972ac546","sha256":"52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565","sha512":"472d0395a65a3ade2d215559b196a88ffcdacde3ac0f573eb8663b524f201d72c9339bcacbc198d82452a0ac367c0efd407b12795943cdd2755d95a8cf71b977","ssdeep":"768:swetbD3SkE+a/l1jaKUiQU5eqEh9GMXBOXAA/EXBeJMlbJfuPT:BetbD3SVT/3+KUc5eqEh9GMXBYEXBeJ7","tlshash":"dbf23d9577c0317cc3c783ea362b501ae1a69e910059a8bcf345f6907d34e56a37fba8","size":36114,"data":"","first_seen":"2025-03-10T03:40:31.536734Z","last_seen":"2026-04-04T12:50:08.942387Z","times_seen":81371,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"563864e9251aaf8d438f4e2d708ded70","sha1":"2fd6a1016b9fb19aa07a27ba55ee241ccf434b9f","sha256":"01d3ae5140349f135271f5db01ef8c18ee19e7e4fc96e322d2c8c518bffbadab","sha512":"9fee58ab7b50d7d14a2a2e9bb91eb8bc39f5a1013efa2aa99726387ddccba3c1f4ffd44c0beb0d3e7c4ae96d5e3433b2d644337f9a8b4d88c9cacbd9d00ef417","ssdeep":"","tlshash":"6021afc0f70c76f923666e1e1e0eb3109a289491fcff99b5f1448aacd998036114ee95","size":1372,"data":"","first_seen":"2025-05-29T08:30:06.309127Z","last_seen":"2026-03-03T08:54:07.870228Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"e6d38baa3c1219bc7d9ff675a69e467c","sha1":"107caada569ac6fca4c679efc15097f79a83e6fe","sha256":"1e31eb73133ea4d36b5de65bac1d9baad6e867e32f140fb4258eddc4dc908d73","sha512":"e6c55ca902dea0cc3ccfc8e55c20f224888530aaefc48f9a122bfbcdc3cda8aa5d6d0ddba41b3dd5848b278d74cb3cdc922adbdf1e15427305d3afaf5b25b7df","ssdeep":"","tlshash":"a2d0cde19d8a58588069f0e07070066d7a67424697540a3460f23961a64e2911456ce9","size":280,"data":"","first_seen":"2025-11-13T08:50:58.589264Z","last_seen":"2026-04-04T11:06:26.516504Z","times_seen":437,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"https","addr":"m.hngjyyj.com/static/upload/image/20250919/1758264541309853.png","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:39.715Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET /static/upload/image/20250919/1758264541309853.png HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:45 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":617343,"size_decoded":0,"mime_type":"image/png","magic":"data","md5":"7888902ed92925c9b08000065c4d5b9c","sha1":"c3712a97017e2c293f79e5c9edb05cccaf1d8abb","sha256":"5bd0d53f7e81af1bfe16dcc402c18f62a58ed7c575983129a439062e84fc456a","sha512":"7ce14681ff44192a7581ddeb2bcaa14ab72ec035b7dc84d46152dabfcadc104fae2e57d5fa64a0511e000d4e604f9f4c39fb436fb3c90cb14bac01cb1df34a0c","ssdeep":"12288:OCC5sBU4En+77LyDpQwR7jrUZWCu7wt12DpBNvjU3AE/jJhlGvL9/KH:1C5/4oCujrUZQMtA9k3A8lGvL9/KH","tlshash":"89d423d3fdd4ed90150b87b91a772ee9e04c399079c3219be4a2f4f820466376bd1b86","first_seen":"2026-03-03T08:54:07.838759Z","last_seen":"2026-03-03T08:54:07.838759Z","times_seen":1,"resource_available":false,"data":null}},"time_used":9450,"timings":{"blocked":5261,"dns":0,"connect":0,"send":0,"wait":768,"receive":3421,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/static/upload/image/20200721/1595292000191191.jpg","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:45.314Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET /static/upload/image/20200721/1595292000191191.jpg HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3; __vtins__3GBtrHhfmQqekTj1=%7B%22sid%22%3A%20%229513a971-8b5f-5986-ad73-92a3f12c5c49%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201772529825180%2C%20%22ct%22%3A%201772528025180%7D; __51uvsct__3GBtrHhfmQqekTj1=1; __51vcke__3GBtrHhfmQqekTj1=03ef07f2-b846-5ae8-80e6-23d9cfce54bc; __51vuft__3GBtrHhfmQqekTj1=1772528025187\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:47 GMT\r\nContent-Type: image/jpg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":262780,"size_decoded":0,"mime_type":"image/jpg","magic":"data","md5":"a3b80b0a9769bef86fa61adea3de9b06","sha1":"df16b68ccdfacbd4e3600e2ce1e66af24fb2be07","sha256":"fc3eb176c3c80018bb06b3a9ffa80013867c1ccff02bf3d64c3b076f58a7e931","sha512":"7a31f1ee2a37eee282330ab1e732c7cd9b89c9ab2efa44851097bdfe4a041abdb20ef4a058c004f79b4f5122af70a80f473d8ac327e3675c46c453f3d8af46a0","ssdeep":"6144:geWw5u26K+uYX3j9sA/Wbuz+9oSw4Ik3+SpO45y:6ww2l+Z3j9ouWzwDWy","tlshash":"b044bd43ec45cb87a12983f9be435e691b0b6b49e88637eb04720e8f3e615124dcf12d","first_seen":"2026-03-03T08:54:07.839688Z","last_seen":"2026-03-03T08:54:07.839688Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5037,"timings":{"blocked":2406,"dns":0,"connect":0,"send":0,"wait":374,"receive":2257,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/template/HJ/images/container02_bg.jpg","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:45.318Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET /template/HJ/images/container02_bg.jpg HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/template/HJ/css/style.css\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3; __vtins__3GBtrHhfmQqekTj1=%7B%22sid%22%3A%20%229513a971-8b5f-5986-ad73-92a3f12c5c49%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201772529825180%2C%20%22ct%22%3A%201772528025180%7D; __51uvsct__3GBtrHhfmQqekTj1=1; __51vcke__3GBtrHhfmQqekTj1=03ef07f2-b846-5ae8-80e6-23d9cfce54bc; __51vuft__3GBtrHhfmQqekTj1=1772528025187\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:45 GMT\r\nContent-Type: image/jpg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":164618,"size_decoded":0,"mime_type":"image/jpg","magic":"data","md5":"4b20331571226b4f15b7b01af6cc84c9","sha1":"78b2f9b33df0060128561f68dd6ac72cbe6b488b","sha256":"15a4c9942359b2c28f9b91b13523eab36af78ea64b9b43666d9fa3a415c4a5c6","sha512":"d46429a22a3daf6f3bf5ee3e15776a2406b48924429dbb0106ad2281d37172ba891cebc1ee8c78b6da8a1d253fff54e4ddc1c757cb8b5a5def02800e7c32bd7d","ssdeep":"3072:wuygygQmm1DdLBBRpNN9HO87VPvm6Sac0L9v3brcBLk8l5+SrXbnj7cR5l:jy7FmoDdLBBRpNN9u8BmI9vUhk8frnwl","tlshash":"8cf3126baf872840039847c8ddf562ee07590a1cae5e9db30f5fde3664d54442b04ebb","first_seen":"2026-03-03T08:54:07.840625Z","last_seen":"2026-03-03T08:54:07.840625Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2561,"timings":{"blocked":212,"dns":0,"connect":0,"send":0,"wait":305,"receive":2044,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/template/HJ/js/jquery.min.js","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:39.680Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET /template/HJ/js/jquery.min.js HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:40 GMT\r\nContent-Type: text/javascript;charset=utf-8\r\nContent-Length: 227\r\nConnection: keep-alive\r\nSet-Cookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3; path=/\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":227,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"3b88706f95e0129841dbd41ea6b3709c","sha1":"0977ee5453a89a2ea29720a17b5943eb5a0ba4c1","sha256":"a26e8ab33a52b1c56280845300aa31e332b1dfc93b4f34de9860f71ba586c9df","sha512":"df7c4fd862c4d0afca556901b1e7ec0a22d81fa168f1806e26989e3a53666520c55ae9d97a3eea468b986899c6c66b2311e8262e7b2cc56460f25b4991556a00","ssdeep":"","tlshash":"71d0221bac8acc0c89b08d8a50fad24e840cc464c252cc4aa5ead5a32b26be40c57bc0","first_seen":"2025-10-10T10:22:52.559041Z","last_seen":"2026-04-04T08:23:46.958469Z","times_seen":213,"resource_available":true,"data":null}},"time_used":573,"timings":{"blocked":243,"dns":0,"connect":0,"send":0,"wait":330,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/static/upload/image/20200720/1595212904490574.jpg","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:39.687Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET /static/upload/image/20200720/1595212904490574.jpg HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:45 GMT\r\nContent-Type: image/jpg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17900,"size_decoded":0,"mime_type":"image/jpg","magic":"data","md5":"987f5251d38332dfbbf784e0bb9fcbda","sha1":"6f453ea4a80958508f10330abf631fc8d4d013a0","sha256":"882f18d72c55c198673a7b38dad758ed9319de5a1b32794e820722b2ac7a0b99","sha512":"9d66e57a4a3cf31a9826c4ab18cf2b0f4541a82ccbe04153972f6dc47818fec65ed235558545063d911ea9e9e4a869f65e149b2ec466768c0fbec188a7c157ba","ssdeep":"384:wj4YNg7qtqC1eWADy1DPYJ/J/2tOlAIfsnBqrh3eXg:wj4YyMqgRYxJ/2t2AMsnMrhuXg","tlshash":"9182d006eb57e6b3e5f58bb850f08f65fa921741cff2f083546ca609c6452936e170e8","first_seen":"2026-03-03T08:54:07.842095Z","last_seen":"2026-03-03T08:54:07.842095Z","times_seen":1,"resource_available":false,"data":null}},"time_used":6107,"timings":{"blocked":5289,"dns":0,"connect":0,"send":0,"wait":817,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/template/HJ/images/01ban1.png","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:39.695Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET /template/HJ/images/01ban1.png HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:46 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16013,"size_decoded":0,"mime_type":"image/png","magic":"data","md5":"8fbfcbc519ada10bc2162edb2fdab76c","sha1":"371f26d807024a68676260375ba9eb0ef9a78a5a","sha256":"c59427e894c45e06dcde5a65dad53203d23f26b46459c041dbdb37aa386d24cc","sha512":"2611e5216fc2c9df399cdf272d76014a4097112cf75fc371d166b158fda59f92f32703fc638eafbdaf71453f17cb21d4ee795bfbcbf6d41e08f51c4b8222f9fb","ssdeep":"384:wE50w0H7deUsH1GAPI/9DvnZjhu8OtBGGLqtq/5eGNNQMyeZ:wi+H7de1LPMDvnZkBrLt/5D/t","tlshash":"9572c0cb5a138959051449e69effe507cf864284a33b7c588d88e1e627466132ebc2bd","first_seen":"2026-03-03T08:54:07.843257Z","last_seen":"2026-03-03T08:54:07.843257Z","times_seen":1,"resource_available":false,"data":null}},"time_used":6622,"timings":{"blocked":6313,"dns":0,"connect":0,"send":0,"wait":308,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/template/HJ/images/02ban1.png","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:39.699Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET /template/HJ/images/02ban1.png HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:46 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5125,"size_decoded":0,"mime_type":"image/png","magic":"data","md5":"bbaf3f06a7618ec9d319b593ddf8c86a","sha1":"7659ae3c7d80a68afdc1d91db6cf59090671e396","sha256":"3303434e7980362a392e33d30d6d6e513c1981ef82184a94855524d1f224eac1","sha512":"f93e732f4ca971cc6f69e26f2a0ffdfb5f8ae9c5bc0b076e536e175cf897dedb0c72b53cd0f8cb6d096f3687d42423e0ac29a0b3a4c9a34276d7adb54c566a37","ssdeep":"96:w+7SMllcHitlIxv9vk7C1+I4wWHLihk/xToVSPUh8liLnD/C6ufOaap3:w+7SHIIHUCD4wa1oVSPApn7/umaQ3","tlshash":"bab18d8f9cc6849e5025ca962ceac6450669aa91d38acf3cd6fe014f9530ba22d31763","first_seen":"2026-03-03T08:54:07.844179Z","last_seen":"2026-03-03T08:54:07.844179Z","times_seen":1,"resource_available":false,"data":null}},"time_used":6751,"timings":{"blocked":6425,"dns":0,"connect":0,"send":0,"wait":326,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/favicon.ico","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:48.682Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3; __vtins__3GBtrHhfmQqekTj1=%7B%22sid%22%3A%20%229513a971-8b5f-5986-ad73-92a3f12c5c49%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201772529825180%2C%20%22ct%22%3A%201772528025180%7D; __51uvsct__3GBtrHhfmQqekTj1=1; __51vcke__3GBtrHhfmQqekTj1=03ef07f2-b846-5ae8-80e6-23d9cfce54bc; __51vuft__3GBtrHhfmQqekTj1=1772528025187\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:48 GMT\r\nContent-Type: image/ico\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nSet-Cookie: lg=cn; path=/; HttpOnly\r\nLocation: /\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":41632,"size_decoded":0,"mime_type":"image/avif; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T12:49:17.462299Z","times_seen":13332134,"resource_available":true,"data":null}},"time_used":408,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":406,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-03T08:53:38.542Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:39 GMT\r\nContent-Type: text/html;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nSet-Cookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3; path=/\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}],"data":{"size":41556,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"data","md5":"feec31480b287fa8def79847dfcb63a6","sha1":"c8c7b44cc698d244e7b12ede7a4eddd9fe9d98cc","sha256":"6fdef543ad483e1ac0df8a245cdc9e5f50c099b6850ddd6ec2fe49320ada2af4","sha512":"e02aee9a8e3710799a939d263156aa23d57f3eab847da4f1fdff8a78e2e8bd0567aa71bcfd3002f1c71e780b23d804962386a8b5e43d619cbb07cd11b03dcbf1","ssdeep":"768:wtAXnGoXGwKUJH+MdOcLTra8ctSz8ysZMIR9GpFU1LpSkl2gG2:wonGoXGE0Md/TaSwtSDy","tlshash":"6a130f2115f96927527686e93ae02f2afe81e607db071d0173bc26c74fb3e85cd4b129","first_seen":"2026-03-03T08:54:07.845623Z","last_seen":"2026-03-03T08:54:07.845623Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1513,"timings":{"blocked":586,"dns":38,"connect":270,"send":0,"wait":340,"receive":0,"ssl":275},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/template/HJ/js/animate.js","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:39.683Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET /template/HJ/js/animate.js HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:40 GMT\r\nContent-Type: application/javascript;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nSet-Cookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3; path=/\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":22990,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2002), with CRLF line terminators","md5":"8813085e78844ba2b3b0475f9054a1db","sha1":"8ab58a378c5df23e245aaf61c34fcd483d3e0f90","sha256":"8a6a3fbde7514be6140e6ab87a475bf02e165cfb96588d3f935222a19d2f06f9","sha512":"a4e506da0352844539f3c49c5da08078c532acf127ddce5f79f7a088b188d825395609be5aaa5e6baf576e721f086a110c0941ab6a5b738ccd4be6580105c9d3","ssdeep":"384:wDvtQ9LMsaz9aQ+uQcFNSZ4aT+uEZ2+0c:wqLM9aQ+jcFNSmuEZ2+0c","tlshash":"03a270d4738cb66e82c6b311917fe409e9fde8b4518e9469b28ce0d56cb0539c332dad","first_seen":"2026-03-03T08:54:07.846475Z","last_seen":"2026-03-03T08:54:07.846475Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1127,"timings":{"blocked":758,"dns":0,"connect":0,"send":0,"wait":369,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/static/upload/image/20240528/1716878618776402.png","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:39.719Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET /static/upload/image/20240528/1716878618776402.png HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:47 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":117617,"size_decoded":0,"mime_type":"image/png","magic":"data","md5":"d7cb51a3aa27e54734729883d6413071","sha1":"931ea17668567f401605f30d46759e09f2df5a08","sha256":"4c70eb29a463e5d37eea8489b0e0d0eec0b1953a98aa7a7524082c33a8f04f65","sha512":"51b63da5939a826de7a4e4809156514c1c8af96f1e84c3bfa1e5199d80eee50b08e31a0db72bbb6ea8008134047300e74946bed0e8d86c45ea50a49d1fe14717","ssdeep":"3072:w4k9ugnmWVUzUvj1o0k//Mh4psLx0iS9ZG8qtYQ4yVGaiuzp4:hAPnUgjK0YEh4ad0ns8qtYoV0uO","tlshash":"04b312bf8667e3d7e3910b3c426c1e50affbe75c7618758488750c6389b0918e488dda","first_seen":"2026-03-03T08:54:07.847506Z","last_seen":"2026-03-03T08:54:07.847506Z","times_seen":1,"resource_available":false,"data":null}},"time_used":8964,"timings":{"blocked":7439,"dns":0,"connect":0,"send":0,"wait":378,"receive":1147,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"34.92.76.235:4451/","fqdn":"34.92.76.235","domain":"34.92.76.235","tld":""},"ip":{"addr":"34.92.76.235","port":4451,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:45.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"34.92.211.7","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 24 Dec 2025 00:00:00 GMT","end":"Thu, 24 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"12:37:3F:6B:42:4B:5D:3A:6F:2F:AE:96:F7:01:24:15:B4:DE:7A:60","sha256":"AD:8D:22:20:74:95:5D:AF:C9:81:DB:25:1D:95:E2:5A:28:95:27:38:25:78:43:2F:2B:C6:E2:74:FA:7A:9C:6E"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 34.92.76.235:4451\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nServer: openresty/1.25.3.2\r\nDate: Tue, 03 Mar 2026 08:53:46 GMT\r\nContent-Type: text/html; charset=utf-8\r\nContent-Length: 159\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"OpenResty:1.25.3.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":159,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"07f36d44d48e2d2cf2d780aa6495f804","sha1":"3e90020ec732a1bbb0cd23e949266f81c98f7624","sha256":"8caff164cd30f36a8f13fcc423a5500a8fce33ce603883090d91f3c085700f8a","sha512":"e7c713b2eeac20e9178f8ee66245de1deff5de391e764e19823351be4911aeb44207b85c336925518f78e5ae78ba6bc93eaf556571e1d79f2ce89c4ae1ddbd57","ssdeep":"","tlshash":"a2c08c26381e2c0c97a321ba16c36ea0d182c330895e19008780025730cb0168ac3729","first_seen":"2024-08-21T12:55:46.175776Z","last_seen":"2026-04-04T12:09:01.228822Z","times_seen":8130,"resource_available":true,"data":null}},"time_used":1668,"timings":{"blocked":714,"dns":0,"connect":233,"send":0,"wait":238,"receive":1,"ssl":474},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/template/HJ/images/container03_bg.png","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:45.320Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET /template/HJ/images/container03_bg.png HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/template/HJ/css/style.css\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3; __vtins__3GBtrHhfmQqekTj1=%7B%22sid%22%3A%20%229513a971-8b5f-5986-ad73-92a3f12c5c49%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201772529825180%2C%20%22ct%22%3A%201772528025180%7D; __51uvsct__3GBtrHhfmQqekTj1=1; __51vcke__3GBtrHhfmQqekTj1=03ef07f2-b846-5ae8-80e6-23d9cfce54bc; __51vuft__3GBtrHhfmQqekTj1=1772528025187\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:45 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22228,"size_decoded":0,"mime_type":"image/png","magic":"data","md5":"f867009575fa33ba0c7bf098d3900c03","sha1":"e2d21f3d4d7a323f70ec189ebe0cf119daf34a36","sha256":"f15ddd820925629c97351655b874756b8f72bdd4f796f4511f2fc7a595b79524","sha512":"8fba65ee04237d6abb4a5e0f909f9bb351cdce8bf4e97a89cdc2886637735be97c602588af05115710a08799e1c20514609fd60a817e4994494d8b7d32ba2031","ssdeep":"384:w850wkiC0qZ5RTcTyQDy8Bn1mT90hVl5IRXPbmwC540/Y0KpA5aSOlSEe79Or:wqCB0cTwyQDy8BnfINqLR/KKanAG","tlshash":"aba2e197ef4b344c4a8f8e9800f7a640d025e08863d1efd6e981468f1712f45ac76f89","first_seen":"2026-03-03T08:54:07.848884Z","last_seen":"2026-03-03T08:54:07.848884Z","times_seen":1,"resource_available":false,"data":null}},"time_used":825,"timings":{"blocked":228,"dns":0,"connect":0,"send":0,"wait":596,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/template/HJ/images/icon_up.png","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:45.322Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET /template/HJ/images/icon_up.png HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/template/HJ/css/style.css\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3; __vtins__3GBtrHhfmQqekTj1=%7B%22sid%22%3A%20%229513a971-8b5f-5986-ad73-92a3f12c5c49%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201772529825180%2C%20%22ct%22%3A%201772528025180%7D; __51uvsct__3GBtrHhfmQqekTj1=1; __51vcke__3GBtrHhfmQqekTj1=03ef07f2-b846-5ae8-80e6-23d9cfce54bc; __51vuft__3GBtrHhfmQqekTj1=1772528025187\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:49 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1175,"size_decoded":0,"mime_type":"image/png","magic":"data","md5":"e8225714b1c9b01f3da9824a5f190a16","sha1":"adfdcc483c9f379e9cfa7bdbea322d4ad2839dd9","sha256":"8f5dfcb63733c5bbae9161de3fae6b1cd61290e0e93d89f488e73949e43b282f","sha512":"51ad5e02d6a4c932a014895d0a7fa38988d17b90f5d0161700dca4b24e85afb39ca2252435192b9c5827ae781b3b0693f8802d19c00c1019a06844d515d29bce","ssdeep":"","tlshash":"93216306fe404c0096a4d99744fbd11ba91788c0daa1da9779cfd8532b293f40e1e7cb","first_seen":"2026-03-03T08:54:07.84972Z","last_seen":"2026-03-03T08:54:07.84972Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4133,"timings":{"blocked":3768,"dns":0,"connect":0,"send":0,"wait":365,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/template/HJ/js/bootstrap.min.js","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:39.682Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET /template/HJ/js/bootstrap.min.js HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:40 GMT\r\nContent-Type: application/javascript;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nSet-Cookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3; path=/\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":51266,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (50758), with CRLF, LF line terminators","md5":"8c99d713ae3c48bc454e2f34e2695b02","sha1":"b978616a6290fab44bb79b148fb41f52b59caf84","sha256":"320e58b5e16ce002da5a821b8413d4561a972e2cafbccf13ab6542e202f21b9b","sha512":"7bc62db92df47ab8a38e32329d4c3f9734794594981e7c240a8277fa5cd07c4f731849067304244b3a431e37bd63ec1247667ebc09f345dcdc4e88c6955234ae","ssdeep":"768:wM9Yw7GuJM+HV0cen/7Kh5rM7V4RxCKg8FW/xsXQUd+FiID65r48Hgp5HRl+:wM9X7PMIM7V4R5LFAxTWyuHHgp5HRl+","tlshash":"af33b749725078b201df9176913f460bb736788ea907816cb95d98ed2e7cd89322bf3c","first_seen":"2026-03-03T08:54:07.850523Z","last_seen":"2026-03-03T08:54:07.850523Z","times_seen":1,"resource_available":false,"data":null}},"time_used":992,"timings":{"blocked":363,"dns":0,"connect":0,"send":0,"wait":627,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/static/upload/image/20250421/1745199354712993.png","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:39.711Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET /static/upload/image/20250421/1745199354712993.png HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:46 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1906,"size_decoded":0,"mime_type":"image/png","magic":"data","md5":"690d2ade36efe6e988a1860ab1bb2cb4","sha1":"d5c9657d258a251e61d8a51b54494939da8cd550","sha256":"3298c8c82773aa14621ce14832cf9d5a6e4038ce83745ebe986432aaa9c54765","sha512":"907a8b22a3096f9b93e93ebe951d71619797528447b001e65a575edf5e31319f53229ed1812b5cd9b827976aea594e88dbe679dc73ac767440fbc277cf9bce78","ssdeep":"","tlshash":"c641f9c2feb5c98d4c8bcdb115a2cf4b983f8014b861f840da94214b3a1ce1edd57751","first_seen":"2026-03-03T08:54:07.851343Z","last_seen":"2026-03-03T08:54:07.851343Z","times_seen":1,"resource_available":false,"data":null}},"time_used":7445,"timings":{"blocked":7122,"dns":0,"connect":0,"send":0,"wait":323,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/static/upload/image/20200819/1597827548416229.jpg","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:39.691Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET /static/upload/image/20200819/1597827548416229.jpg HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:45 GMT\r\nContent-Type: image/jpg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":21642,"size_decoded":0,"mime_type":"image/jpg","magic":"data","md5":"a3aba7c58a9e8cd64aec4c0bcf9615e5","sha1":"28f16ebed795986106ac5497dc761efb96a6879e","sha256":"a7445ffd7b6de7cf800eb8a3612856e796c8bc64a8806412d90dae9d05852b46","sha512":"edd53c697e31c45555a439d2302dcaccd5b672e67b720c72363db2eeedbc0328584eabac41c993917bfd2bbde9d6c738359f5880ec064d4512c7c780da487e72","ssdeep":"384:wf8UYS2HbjDiq2X5CTCyIfJfpnC2SNuAv8lFvuJ1Nw1yMRUuQAep:wf8vF7XO5CTrIdpnC2S7ElFvuJHzNuQJ","tlshash":"dda2bf07b600a895ff1ddbf3f0142f41d20d3e129a89a02e17654ed7bef66a819c05fa","first_seen":"2026-03-03T08:54:07.852161Z","last_seen":"2026-03-03T08:54:07.852161Z","times_seen":1,"resource_available":false,"data":null}},"time_used":6433,"timings":{"blocked":6102,"dns":0,"connect":0,"send":0,"wait":330,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/template/HJ/images/01ban2.png","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:39.702Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET /template/HJ/images/01ban2.png HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:45 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":20083,"size_decoded":0,"mime_type":"image/png","magic":"data","md5":"5b41078edef3554a3200503caffe34ff","sha1":"0e7d723616ed69e9e8bda6ae2310f77c262f51d8","sha256":"f161aa78951b3f13bc43bc231d665e3525faaee3acad1a3599bd14e96b72f19d","sha512":"7b0348ea143e6047d5b91f99ebe748d6e2eb14afcee89e0bac7064d1b2dbd8bcd442500f15b2bb38bbfda660d1370864b57651eb9772f978ca205f47aafe04d2","ssdeep":"384:wG50wIgaRlqI61t9OORKDtaAZnpoNJYFgbkdL:wca6I+tUnQAnoY2bkdL","tlshash":"bf92d0a47ce3c09c01568d2267dee98e1c72c9e5c2ee1015eedfb359023880a7d3ea57","first_seen":"2026-03-03T08:54:07.8529Z","last_seen":"2026-03-03T08:54:07.8529Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5827,"timings":{"blocked":5273,"dns":0,"connect":0,"send":0,"wait":553,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/static/upload/image/20240920/1726812188775122.png","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:39.716Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET /static/upload/image/20240920/1726812188775122.png HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:47 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":188509,"size_decoded":0,"mime_type":"image/png","magic":"data","md5":"840363ad1a716fa9ed192f8d54484fa8","sha1":"4e860c01fb41415f13bafcb330af921d1e1f47d3","sha256":"282ef9caa1e9f3f3e534280bbf76c2c15b2bfa87dd395ba9f49a2b9ec7ca506b","sha512":"d3b579dbbef788d9f74eb653dac3da701de03c67b060d17af055d642ba1ad5530dbac7de31d60c5ca340a3a0dbf2632d510292a21547dd83ed427207a58d42c0","ssdeep":"3072:wOcMV3d6q8pJgY/MaIZVLzbOrvR7GjzXuUmIDeVqqBQdx9kX7AOv9XrXswyeDl:Rt6XgY/vCLzqzR7G/udQqB8xIUw97cO","tlshash":"de0412e5b6d826fdcf2249e35283e2995653c2e189c1ea80906f4fb5f845a717233e84","first_seen":"2026-03-03T08:54:07.853728Z","last_seen":"2026-03-03T08:54:07.853728Z","times_seen":1,"resource_available":false,"data":null}},"time_used":8004,"timings":{"blocked":7172,"dns":0,"connect":0,"send":0,"wait":322,"receive":510,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/(%E5%9B%BD%E9%99%85)j9%E9%9B%86%E5%9B%A2/tuis1.js","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:39.725Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET /(%E5%9B%BD%E9%99%85)j9%E9%9B%86%E5%9B%A2/tuis1.js HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:41 GMT\r\nContent-Type: text/javascript;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nLocation: /\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":41645,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T12:49:17.462299Z","times_seen":13332134,"resource_available":true,"data":null}},"time_used":1902,"timings":{"blocked":956,"dns":0,"connect":0,"send":0,"wait":946,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/static/upload/image/20200724/1595581955706015.jpg","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:45.316Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET /static/upload/image/20200724/1595581955706015.jpg HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3; __vtins__3GBtrHhfmQqekTj1=%7B%22sid%22%3A%20%229513a971-8b5f-5986-ad73-92a3f12c5c49%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201772529825180%2C%20%22ct%22%3A%201772528025180%7D; __51uvsct__3GBtrHhfmQqekTj1=1; __51vcke__3GBtrHhfmQqekTj1=03ef07f2-b846-5ae8-80e6-23d9cfce54bc; __51vuft__3GBtrHhfmQqekTj1=1772528025187\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:48 GMT\r\nContent-Type: image/jpg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":197733,"size_decoded":0,"mime_type":"image/jpg","magic":"data","md5":"9d73d5fcb577979bcdc11105fd1804e9","sha1":"3292950a616f621342063fb5b92a677ec5f0005d","sha256":"c350b5756ea341d937125104ef1d0166e598d43de09e1aeeb612a3dc51ae1ff2","sha512":"683a31b353060581c63b47a324833656cb0fac81cdc26a3627301890ab446adde0f62940bde2fd10179f0be04f1ca645747a6725cff9a7cb9d873be599f85d87","ssdeep":"3072:wzyPC2NmR7MoggvRq8ya8V29wvFzxq1csffStc0nWSNldEHgqxSA:567Mjg5VO2qv1rqCtnVLA","tlshash":"e614134a7d4b5e05d98036b442730fcfbbabee89c19b5902f1f6eb14c433c991e25a85","first_seen":"2026-03-03T08:54:07.854565Z","last_seen":"2026-03-03T08:54:07.854565Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5098,"timings":{"blocked":2568,"dns":0,"connect":0,"send":0,"wait":553,"receive":1977,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/template/HJ/images/icon_fot_contact.png","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:45.323Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET /template/HJ/images/icon_fot_contact.png HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/template/HJ/css/style.css\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3; __vtins__3GBtrHhfmQqekTj1=%7B%22sid%22%3A%20%229513a971-8b5f-5986-ad73-92a3f12c5c49%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201772529825180%2C%20%22ct%22%3A%201772528025180%7D; __51uvsct__3GBtrHhfmQqekTj1=1; __51vcke__3GBtrHhfmQqekTj1=03ef07f2-b846-5ae8-80e6-23d9cfce54bc; __51vuft__3GBtrHhfmQqekTj1=1772528025187\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:49 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nSet-Cookie: lg=cn; path=/; HttpOnly\r\nLocation: /\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":41548,"size_decoded":0,"mime_type":"image/avif; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T12:49:17.462299Z","times_seen":13332134,"resource_available":true,"data":null}},"time_used":4256,"timings":{"blocked":3842,"dns":0,"connect":0,"send":0,"wait":414,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/template/HJ/css/swiper.min.css","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:39.674Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET /template/HJ/css/swiper.min.css HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:40 GMT\r\nContent-Type: text/css;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nSet-Cookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3; path=/\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":20035,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (19546), with CRLF, LF line terminators","md5":"2b5f9378fca20cc3decd75fdada95ba1","sha1":"6fd5f4af7e27d828a4ca1df46367ed15ac32f4f2","sha256":"545b0c9a88d93cd04f1993978a8ddd7260b8f4e5ab0ebe55b301d98e0b7ff388","sha512":"bfd2d86e8e4247d217071273be9252e18f5234910537af6dd7bfe1edbe2d19a4dd5112cf9852d9f9d63f672a55774a69fc9c311149ec1c261790cf5f6c174c05","ssdeep":"192:wPnaNv/lSSyJWCh8zfi5o/mXDN3eBxwBJ5c:wPna1/lS0Cifi5o/mXOeJ5c","tlshash":"6692512c17003057e6334f1a87d99778c724c9939e8358ef6250ee48c7bb96932af766","first_seen":"2026-03-03T08:54:07.855667Z","last_seen":"2026-03-03T08:54:07.855667Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1524,"timings":{"blocked":519,"dns":0,"connect":251,"send":0,"wait":471,"receive":0,"ssl":281},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/template/HJ/css/style.css","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:39.676Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET /template/HJ/css/style.css HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:40 GMT\r\nContent-Type: text/css;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nSet-Cookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3; path=/\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":48004,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (437), with CRLF, LF line terminators","md5":"c4809dce3956b879ddb2ba9bf9142810","sha1":"0ce899d5de3949a832eca051d63bc8ecde7a49bc","sha256":"b8b65fb5a97db16f81452ae52825c9e3e1e8e9227fb07bba7824c9d2152c5566","sha512":"ab4764a359292921aefba38c413e4e76d3a1b9673a10cd4b6e00182b1097791ed7b04b171c64e3bb7ccab920b8f741788a15391f5640488080368f47f8b70b6b","ssdeep":"768:wKMsZPQ0o/2SWcT6wVnUgWaeOCZkarwVBKb:wKM70Q2SWGeOCG6","tlshash":"8623e92883412158f237d66af6c6efe92228c013e1970abeb65b355bc1cf1b91673f45","first_seen":"2026-03-03T08:54:07.856511Z","last_seen":"2026-03-03T08:54:07.856511Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1528,"timings":{"blocked":515,"dns":1,"connect":251,"send":0,"wait":478,"receive":1,"ssl":277},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/static/upload/image/20240417/1713324321258742.png","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:39.710Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET /static/upload/image/20240417/1713324321258742.png HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:46 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1906,"size_decoded":0,"mime_type":"image/png","magic":"data","md5":"690d2ade36efe6e988a1860ab1bb2cb4","sha1":"d5c9657d258a251e61d8a51b54494939da8cd550","sha256":"3298c8c82773aa14621ce14832cf9d5a6e4038ce83745ebe986432aaa9c54765","sha512":"907a8b22a3096f9b93e93ebe951d71619797528447b001e65a575edf5e31319f53229ed1812b5cd9b827976aea594e88dbe679dc73ac767440fbc277cf9bce78","ssdeep":"","tlshash":"c641f9c2feb5c98d4c8bcdb115a2cf4b983f8014b861f840da94214b3a1ce1edd57751","first_seen":"2026-03-03T08:54:07.851343Z","last_seen":"2026-03-03T08:54:07.851343Z","times_seen":1,"resource_available":false,"data":null}},"time_used":7123,"timings":{"blocked":6799,"dns":0,"connect":0,"send":0,"wait":324,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/template/HJ/js/web.js","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:39.724Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET /template/HJ/js/web.js HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:40 GMT\r\nContent-Type: application/javascript;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nSet-Cookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3; path=/\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1845,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"b7fc20bf0d8f6471890249919e9916af","sha1":"d09bbfb1ae41e3146e985f5a97c876d72899ea31","sha256":"dc3263dcd27d2ad70c9db668c276113686f75c8b04b6e20ca17acf9614696469","sha512":"45fa7a67de8c30dc3089df5206ec6cbee545ed37e2f229f5c2cbfc279aa644e013cde9c20b7c8cbf3d1ad0c0715012d97d2e862fc10d445c131e89c3a22abe0b","ssdeep":"","tlshash":"3231ec07fa8c92dd91b37729523db2049d7dccb29992c458fcb540b30da8fa46692e94","first_seen":"2026-03-03T08:54:07.857315Z","last_seen":"2026-03-03T08:54:07.857315Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1411,"timings":{"blocked":951,"dns":0,"connect":0,"send":0,"wait":460,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"collect-v6.51.la/v6/collect?dt=4","fqdn":"collect-v6.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"43.159.107.113","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:45.197Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.51.la","organization":"广州有啦网络科技有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 18 Mar 2025 04:08:22 GMT","end":"Sun, 19 Apr 2026 04:08:21 GMT"},"fingerprint":{"sha1":"AE:CB:32:71:EE:EE:E6:72:A4:88:B2:9F:4F:C4:E5:B5:A8:C2:73:6C","sha256":"7C:F1:09:2F:6A:8C:5B:F8:63:DF:D3:32:B0:F3:F8:E7:01:29:0E:F2:55:8B:4F:6C:58:55:8E:44:E9:EC:15:F4"}}},"request":{"raw":"POST /v6/collect?dt=4 HTTP/1.1\r\nHost: collect-v6.51.la\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Length: 253\r\nOrigin: https://m.hngjyyj.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 210 No Reason Phrase\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://m.hngjyyj.com\r\naccess-control-allow-credentials: true\r\nserver: TencentEdgeOne\r\ncontent-length: 0\r\ndate: Tue, 03 Mar 2026 08:53:45 GMT\r\neo-log-uuid: 10372463541505010428\r\neo-cache-status: MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"210","status_text":"No Reason Phrase","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T12:49:17.462299Z","times_seen":13332134,"resource_available":true,"data":null}},"time_used":239,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":239,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/static/upload/image/20240417/1713324759630517.png","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:39.714Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET /static/upload/image/20240417/1713324759630517.png HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:45 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1906,"size_decoded":0,"mime_type":"image/png","magic":"data","md5":"690d2ade36efe6e988a1860ab1bb2cb4","sha1":"d5c9657d258a251e61d8a51b54494939da8cd550","sha256":"3298c8c82773aa14621ce14832cf9d5a6e4038ce83745ebe986432aaa9c54765","sha512":"907a8b22a3096f9b93e93ebe951d71619797528447b001e65a575edf5e31319f53229ed1812b5cd9b827976aea594e88dbe679dc73ac767440fbc277cf9bce78","ssdeep":"","tlshash":"c641f9c2feb5c98d4c8bcdb115a2cf4b983f8014b861f840da94214b3a1ce1edd57751","first_seen":"2026-03-03T08:54:07.851343Z","last_seen":"2026-03-03T08:54:07.851343Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5833,"timings":{"blocked":5262,"dns":0,"connect":0,"send":0,"wait":571,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/static/upload/other/20240430/1714449998458259.jpeg","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:39.720Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET /static/upload/other/20240430/1714449998458259.jpeg HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:47 GMT\r\nContent-Type: image/jpeg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":339036,"size_decoded":0,"mime_type":"image/jpeg","magic":"data","md5":"8b0912ff711bacb0e2012943d4f0870f","sha1":"8abf51ef61376c38b720822a5a5bed36f7cf371e","sha256":"a50303f864979db6be75892c228282ac52f2756f98b42264b82ce895495b75db","sha512":"dcb41be1a7713ffd644587d7051b98dcfa2faf4e20c012fb249fb01bd21ddb3dcc781628b35677f71106a83ddac9953fa42e71b4029c587febd8920c5de3728f","ssdeep":"6144:HsioyMrWrtT2Gn0Kt9taE5rTum+RBUqFBOuo8FSgcyu2Ez:HvFB2G0itaE5rC7aqp6z","tlshash":"1b74234a366295bdc25b7cb54f1a62cefc160c712e2982fe5175784bcbba11c1223dcb","first_seen":"2026-03-03T08:54:07.858042Z","last_seen":"2026-03-03T08:54:07.858042Z","times_seen":1,"resource_available":false,"data":null}},"time_used":11216,"timings":{"blocked":7681,"dns":0,"connect":0,"send":0,"wait":340,"receive":3195,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/template/HJ/js/swiper.min.js","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:39.721Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET /template/HJ/js/swiper.min.js HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:40 GMT\r\nContent-Type: application/javascript;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nSet-Cookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3; path=/\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120971,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65047), with CRLF, LF line terminators","md5":"0981594a599367ca98f446bbd2f50a87","sha1":"ca54e844b463c77d576edb9f046018ab06305f2a","sha256":"7476ea6f2d814821abfec16d187a6c3ceac49989f2d96ba163572754627e1de7","sha512":"11d56ddaeab40ce957416fa257b3b1f227b06c13da1c359e517d44c95a1719b0943aec43a39c9f52e42ad730e55d53ea1cb70a96dc5db827a1e5dde1b057024d","ssdeep":"1536:wqorVciYAwdCXrlnLtN+K8ExalQgYySj25RtYNluvpIXvH7WcWUwcPqYbaE8EtOt:wyCXrDNFLxvOeluSfH7WcWUwcPquDHC","tlshash":"26c31949b35071d555e32256539ed201a3b62845b90ac1a831b2dcdbacbde8c03bfefd","first_seen":"2026-03-03T08:54:07.858918Z","last_seen":"2026-03-03T08:54:07.858918Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1655,"timings":{"blocked":943,"dns":0,"connect":0,"send":0,"wait":711,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/template/HJ/js/bootstrap.min.js","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:45.309Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET /template/HJ/js/bootstrap.min.js HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3; __vtins__3GBtrHhfmQqekTj1=%7B%22sid%22%3A%20%229513a971-8b5f-5986-ad73-92a3f12c5c49%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201772529825180%2C%20%22ct%22%3A%201772528025180%7D; __51uvsct__3GBtrHhfmQqekTj1=1; __51vcke__3GBtrHhfmQqekTj1=03ef07f2-b846-5ae8-80e6-23d9cfce54bc; __51vuft__3GBtrHhfmQqekTj1=1772528025187\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:45 GMT\r\nContent-Type: application/javascript;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nSet-Cookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3; path=/\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":51266,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (50758), with CRLF, LF line terminators","md5":"8c99d713ae3c48bc454e2f34e2695b02","sha1":"b978616a6290fab44bb79b148fb41f52b59caf84","sha256":"320e58b5e16ce002da5a821b8413d4561a972e2cafbccf13ab6542e202f21b9b","sha512":"7bc62db92df47ab8a38e32329d4c3f9734794594981e7c240a8277fa5cd07c4f731849067304244b3a431e37bd63ec1247667ebc09f345dcdc4e88c6955234ae","ssdeep":"768:wM9Yw7GuJM+HV0cen/7Kh5rM7V4RxCKg8FW/xsXQUd+FiID65r48Hgp5HRl+:wM9X7PMIM7V4R5LFAxTWyuHHgp5HRl+","tlshash":"af33b749725078b201df9176913f460bb736788ea907816cb95d98ed2e7cd89322bf3c","first_seen":"2026-03-03T08:54:07.850523Z","last_seen":"2026-03-03T08:54:07.850523Z","times_seen":1,"resource_available":false,"data":null}},"time_used":699,"timings":{"blocked":127,"dns":0,"connect":0,"send":0,"wait":571,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:49.586Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.hngjyyj.com/template/HJ/css/style.css\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3; __vtins__3GBtrHhfmQqekTj1=%7B%22sid%22%3A%20%229513a971-8b5f-5986-ad73-92a3f12c5c49%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201772529825180%2C%20%22ct%22%3A%201772528025180%7D; __51uvsct__3GBtrHhfmQqekTj1=1; __51vcke__3GBtrHhfmQqekTj1=03ef07f2-b846-5ae8-80e6-23d9cfce54bc; __51vuft__3GBtrHhfmQqekTj1=1772528025187; lg=cn\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:49 GMT\r\nContent-Type: image/avif;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3; path=/\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":41548,"size_decoded":0,"mime_type":"image/avif; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T12:49:17.462299Z","times_seen":13332134,"resource_available":true,"data":null}},"time_used":2231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1462,"receive":769,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/cy.js","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:39.666Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET /cy.js HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:39 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 737\r\nLast-Modified: Thu, 13 Nov 2025 02:15:29 GMT\r\nConnection: keep-alive\r\nETag: \"69153f41-2e1\"\r\nStrict-Transport-Security: max-age=31536000\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":737,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"a154c3ed6700a03d0e2c7827764d8d97","sha1":"1084126055f9a40cfa1d62364a525d059537144e","sha256":"ec2a6b680b24f1abb5ec334e754fb8463c31b8fd6ac57fa572d149792b0b61bf","sha512":"177213a04204223b35f908fda232d9afa50fb5d568735607f1019fd118b9e874cf4a956c4792b37ae6bf7f3e42dc152363e669fe32a5109a1cb8a879fa6f2322","ssdeep":"","tlshash":"1001907f1e719118e316b00f30298d4a35b0c4167b20d759f0fcfd66a894f12546f699","first_seen":"2025-11-13T08:50:58.515602Z","last_seen":"2026-04-04T11:06:26.493019Z","times_seen":456,"resource_available":true,"data":null}},"time_used":269,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":268,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/template/HJ/css/media.css","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:39.679Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET /template/HJ/css/media.css HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:40 GMT\r\nContent-Type: text/css;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nSet-Cookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3; path=/\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6755,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"9afbc30ca268c9ea97658173a1ab2706","sha1":"a879f8323339235c9c04b3099795683f7c396599","sha256":"e900d8ccfcfd863f65374f926c7692639ddf94d522595687795501ebf631f993","sha512":"0c1d17dd2cb0a1a6e868e90eff8f9707400778c8226ee5f65734c2afe5e2555366836e33c01751774ae8b16555c3e2448f6493ef1b7676bc412a6890709a8cb2","ssdeep":"192:wupSfonY0vWxoUCUiVqMs3W6n3AyQClQvHA1Clj:wSRIgvHp","tlshash":"10d1740f1740019c6e3b8817d6f7929caf259023d34ad6de76c1b12bcf9929b6670f0a","first_seen":"2026-03-03T08:54:07.860159Z","last_seen":"2026-03-03T08:54:07.860159Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1541,"timings":{"blocked":517,"dns":2,"connect":257,"send":0,"wait":484,"receive":0,"ssl":279},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/template/HJ/images/02ban2.png","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:39.704Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET /template/HJ/images/02ban2.png HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:46 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12015,"size_decoded":0,"mime_type":"image/png","magic":"data","md5":"e82252018c1e12d363de2db81de83200","sha1":"96e2c4f4f83616c7ba631e94cb8cdba2ae596941","sha256":"7494a711483c86b13c74daa1c5132a4464377834c55e811cce6b93e29a431a42","sha512":"28a0dbe44d5469e26301a6eedbb1585199a6bdc570d4d3eda2ae98fed705aef11ee1821370b78365911b9e25718d415131aeb18ab3ba7d1d2382137e01b942de","ssdeep":"192:w5SHIIHUCD4wafrVYrMsLxNSDDqwkoU4f5H28TLiLyfdGHbHH6MMq2FQG4+v1:wg50wqKMs9wZkSc8TeLyf0HbHH69FQ8t","tlshash":"e842a043cc8a481b055b09ae7ccfe9072676d409dd27aa05e5fb16cf4a24fd429b37b1","first_seen":"2026-03-03T08:54:07.860961Z","last_seen":"2026-03-03T08:54:07.860961Z","times_seen":1,"resource_available":false,"data":null}},"time_used":6805,"timings":{"blocked":6440,"dns":0,"connect":0,"send":0,"wait":364,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/static/upload/image/20200722/1595405992751860.jpg","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:39.706Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET /static/upload/image/20200722/1595405992751860.jpg HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:46 GMT\r\nContent-Type: image/jpg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":113584,"size_decoded":0,"mime_type":"image/jpg","magic":"data","md5":"46826b96ea8417646062f58af49dc83b","sha1":"dd126c2fa554863ba9a6f3331a2fb8894a42e341","sha256":"c1d49de87bb704f774df4be1b959e1818dd92a6c2319e395cf80b4e3f7a4064d","sha512":"188b0bebef6be77276972e5514ad1c6fa0cbbdca8f7c8dfb9ac356da5fe72abc435712a9b5efd1a102ab06ad5a105f9a5d0d2cfc7a5d143b7ea3fc19d08049a5","ssdeep":"3072:wdjNNwZV7LZgMD3zj9Tjcv1mcWON8caH1JBQk4QTb:vZRye9vcv1mcWqe1hl","tlshash":"ecb312160be2df16dab9d430bd7e3beb3251d15e12221b6dae50793248b04b0e9450fe","first_seen":"2026-03-03T08:54:07.861834Z","last_seen":"2026-03-03T08:54:07.861834Z","times_seen":1,"resource_available":false,"data":null}},"time_used":7182,"timings":{"blocked":6611,"dns":0,"connect":0,"send":0,"wait":316,"receive":255,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/template/HJ/js/jquery.particleground.min.js","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:39.722Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET /template/HJ/js/jquery.particleground.min.js HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:40 GMT\r\nContent-Type: application/javascript;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nSet-Cookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3; path=/\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":21552,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (5385), with CRLF line terminators","md5":"3f36b9eae3a0dbe049b23a37f022ce21","sha1":"a905295e90a6f5263633b73eeba762b21a9ef481","sha256":"3c0fcc2933cb0bc838d33b699dc94cd2885e78c85cec89722f79a97f7a9d6f08","sha512":"5f708baff7f3d8fca1a1d8d76bb00c4c05edfc904259518fb50fff24b6aa2f0facc15339a4764c192e52b71661b147882bf167310e030fb3025dfffe0dd5d27d","ssdeep":"384:wsfblsOQsivbolK5AyqyaEJy7AyqyL+wCEfWIOMm1akmcZbThKOy3KS:wexshpslKyVETVoBCEfWEm1afc6v3T","tlshash":"e8a282067563101658b3b36a2cc7050dc331a45b7a06d4af3e7ce2ac9fb641591abfbe","first_seen":"2026-03-03T08:54:07.862712Z","last_seen":"2026-03-03T08:54:07.862712Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1399,"timings":{"blocked":948,"dns":0,"connect":0,"send":0,"wait":450,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:41.632Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.hngjyyj.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:41 GMT\r\nContent-Type: */*;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3; path=/\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":41645,"size_decoded":0,"mime_type":"text/html","magic":"data","md5":"0aa2293632343e6610faa31439b4c81c","sha1":"a3237321f9c6f984a0bce767bba3b8d190e75c3f","sha256":"2f92be2b015b616358f2377248aca6c547941565ebb4605e25eaa61c49ff05d9","sha512":"aeaf23c8756c1e52638f75d702bf4e36ec58647a7679cc450f582390c36dfb8c1a79b536a3a835657275ca99a168927e76ff92829cdfdb6eb46e63a7abdf1460","ssdeep":"768:wtAXnGoXGwKUJH+MdOcLTra8ctSz8ysZMIR9GpFU1LpSkl2gGW3:wonGoXGE0Md/TaSwtSDQ","tlshash":"52130f2115f96927527286e93ae46f2afe81e607db071d0173bc26c74fb3e85cc4b128","first_seen":"2026-03-03T08:54:07.863592Z","last_seen":"2026-03-03T08:54:07.863592Z","times_seen":1,"resource_available":false,"data":null}},"time_used":613,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":361,"receive":252,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:50.086Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.hngjyyj.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3; __vtins__3GBtrHhfmQqekTj1=%7B%22sid%22%3A%20%229513a971-8b5f-5986-ad73-92a3f12c5c49%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201772529825180%2C%20%22ct%22%3A%201772528025180%7D; __51uvsct__3GBtrHhfmQqekTj1=1; __51vcke__3GBtrHhfmQqekTj1=03ef07f2-b846-5ae8-80e6-23d9cfce54bc; __51vuft__3GBtrHhfmQqekTj1=1772528025187; lg=cn\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:50 GMT\r\nContent-Type: image/avif;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3; path=/\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":41632,"size_decoded":0,"mime_type":"image/avif; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T12:49:17.462299Z","times_seen":13332134,"resource_available":true,"data":null}},"time_used":651,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":384,"receive":267,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/template/HJ/css/animate.css","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:39.668Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET /template/HJ/css/animate.css HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:39 GMT\r\nContent-Type: text/css;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nSet-Cookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3; path=/\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":29713,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"59685682260a0e041318cecb678da41e","sha1":"467c6444a9b2bb4949f56de01c8e7dccfc17d71b","sha256":"b54df755126c29aca91798b1388d08cac5027cf8e4f009e47f0d3f9f84870051","sha512":"3abb12b7075ec715a67d93d16e4ed9340e1431a4eb533606ff0b506263b6cc94ebd95723bbfb55142a1ca72c2f96b0c13c0334026cadc6bd5140c889ee44deed","ssdeep":"768:wqdmi1jkEHjgdWjoV6j0C1jssDjYn0jkTwj8ULjIY7YcjgpijgxujMexj84PjYj0:wgjkEHjgdWjoV6j0C1jssDjYn0jkTwjz","tlshash":"4ed20a95ab4da24883b7471253cf1858ce3eea4a6611cd49f33c380a5a06e397737b67","first_seen":"2026-03-03T08:54:07.864387Z","last_seen":"2026-03-03T08:54:07.864387Z","times_seen":1,"resource_available":false,"data":null}},"time_used":389,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":389,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/template/HJ/css/bootstrap.min.css","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:39.671Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET /template/HJ/css/bootstrap.min.css HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:40 GMT\r\nContent-Type: text/css;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nSet-Cookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3; path=/\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":141195,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (65097), with CRLF, LF line terminators","md5":"cb69b8c8f39b9bb248aa8f56e022219d","sha1":"d20ab58b50db6d17aedc1e26accc48d66f5be1ec","sha256":"06bbe46c31c62e965fc88c25addac2487a587061dd7615f249cd561800e29ac1","sha512":"6655f43706073ffba80e07be7f5116e8065aca2b596f3d65aa09a37dd89c9f7a77b155e363ba4c90830095f7ab24c26041f66dfd03cf8a8409945ceab5ea5d96","ssdeep":"1536:wmn1QWSUPBT+QYYDnDEBi8iNcuSEj/NvT/gIENM6HN26e:wC1L7PnxYIENM6HN26e","tlshash":"bdd373a7f5a0312da467c61864d0bafe156f8285d7221ffaf42737644b895cb0a73e0c","first_seen":"2026-03-03T08:54:07.865591Z","last_seen":"2026-03-03T08:54:07.865591Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1783,"timings":{"blocked":521,"dns":1,"connect":246,"send":0,"wait":491,"receive":238,"ssl":283},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/static/upload/image/20200722/1595406016681503.jpg","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:39.708Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET /static/upload/image/20200722/1595406016681503.jpg HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:45 GMT\r\nContent-Type: image/jpg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":76535,"size_decoded":0,"mime_type":"image/jpg","magic":"data","md5":"72726bf05c9586cece0bc1feb2934cbb","sha1":"75fe8fff08ea4bf7a7abf007bcec1bd8b1e225e6","sha256":"82222cbf70bcd86d3787b0836489a9c07d7375edd5207a92b87775eeaf5309ec","sha512":"098db9c4d9ac5d4bf8a9eeee65c5b6f68aa4fbd812bfe58f56fcf0de4f77804c3fd72f26501a8a371cb25d4cb2c5f383d5906a6f1f9e2cda2bd57b2ea1ceae2d","ssdeep":"1536:wt1YKPUt5607Zh9T28L655LUtfJldtffyUf6unrIDwcoptRTQfTy3TkhwDGyx3cw:w3bPUt560thEp55LUtftlyUfmwcohQbI","tlshash":"84730218db44db53f66e7974343493a54dabc99d4000fe88abb1cbb3ad426c842774dc","first_seen":"2026-03-03T08:54:07.866454Z","last_seen":"2026-03-03T08:54:07.866454Z","times_seen":1,"resource_available":false,"data":null}},"time_used":7693,"timings":{"blocked":5267,"dns":0,"connect":0,"send":0,"wait":624,"receive":1802,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/template/HJ/images/about.jpg","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:39.709Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET /template/HJ/images/about.jpg HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:46 GMT\r\nContent-Type: image/jpg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":139871,"size_decoded":0,"mime_type":"image/jpg","magic":"data","md5":"3c7c1fb8471dd98807020f3bfdf749b3","sha1":"496e46a7b1bfc6b052d9a385218e86e28b3ea669","sha256":"ecf3d3ed33c191e4dd90b8b2fe3a9aefd14f23c117f4b6dc53356c2d905ce8c4","sha512":"0bda94bb525b33ec0cf98bcf5cc031191b5e386c8a75de85075dd82d21333c56feb412886276d6afaf7c810ffca5d71175dc9b1ab2a6f383b45ebd900674a962","ssdeep":"3072:wRPc2PAkN/pAJpw2rkNNWj1uEaqDLRzYTiRw7i+A9qSSA:OLIkNarw2rUNcuaDGiREi+A7","tlshash":"04d312d89bd3cba0cf62c03341c49d9afa9428f9d9736d5ef1e4c8133462580ea966d7","first_seen":"2026-03-03T08:54:07.867248Z","last_seen":"2026-03-03T08:54:07.867248Z","times_seen":1,"resource_available":false,"data":null}},"time_used":10567,"timings":{"blocked":6742,"dns":0,"connect":0,"send":0,"wait":356,"receive":3469,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.hngjyyj.com/static/upload/image/20240514/1715651385884999.png","fqdn":"m.hngjyyj.com","domain":"hngjyyj.com","tld":"com"},"ip":{"addr":"154.210.19.103","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.hngjyyj.com/","date":"2026-03-03T08:53:39.712Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hngjyyj.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 06:49:39 GMT","end":"Mon, 27 Apr 2026 06:49:38 GMT"},"fingerprint":{"sha1":"9E:35:3A:96:BB:24:A8:40:57:B2:18:38:0A:4C:B5:DA:F4:38:65:82","sha256":"B1:70:67:F9:B4:8A:12:14:88:58:80:52:AF:63:3C:88:E6:91:F6:10:60:58:7E:8E:A5:B4:C1:F5:DF:3D:1E:10"}}},"request":{"raw":"GET /static/upload/image/20240514/1715651385884999.png HTTP/1.1\r\nHost: m.hngjyyj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.hngjyyj.com/\r\nCookie: PHPSESSID=5o40otsg6bo97c73ec6oc5rip3\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 03 Mar 2026 08:53:45 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1906,"size_decoded":0,"mime_type":"image/png","magic":"data","md5":"690d2ade36efe6e988a1860ab1bb2cb4","sha1":"d5c9657d258a251e61d8a51b54494939da8cd550","sha256":"3298c8c82773aa14621ce14832cf9d5a6e4038ce83745ebe986432aaa9c54765","sha512":"907a8b22a3096f9b93e93ebe951d71619797528447b001e65a575edf5e31319f53229ed1812b5cd9b827976aea594e88dbe679dc73ac767440fbc277cf9bce78","ssdeep":"","tlshash":"c641f9c2feb5c98d4c8bcdb115a2cf4b983f8014b861f840da94214b3a1ce1edd57751","first_seen":"2026-03-03T08:54:07.851343Z","last_seen":"2026-03-03T08:54:07.851343Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5723,"timings":{"blocked":5263,"dns":0,"connect":0,"send":0,"wait":459,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"m.hngjyyj.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}