{"report_id":"d6932fe2-416e-4690-b0b7-7f3c66529405","version":6,"status":"done","tags":[],"date":"2026-01-03T17:58:41Z","url":{"schema":"http","addr":"ddkid.blog/","fqdn":"ddkid.blog","domain":"ddkid.blog","tld":"blog"},"ip":{"addr":"165.22.154.225","port":0,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"2ijdl7g2.y9dq7o4ree.com/?cid=911400","fqdn":"2ijdl7g2.y9dq7o4ree.com","domain":"y9dq7o4ree.com","tld":"com"},"title":"2ijdl7g2.y9dq7o4ree.com/?cid=911400","dom":{"size":30904,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (18327)","md5":"35434d950594842075bd4c9483d1aef6","sha1":"704bb164019b8f78a55b0cf8a8add59694c0ed3d","sha256":"e2672e672a382e38e6e709b53eee769ddd6d8dccc6342a41149604f91fcc7669","sha512":"6e7caa7be939014f3558b6dbe1b52e553d1091fb617dd67000491e8d76a11f37d0305accc4b0f772a47c92c5691e8c156aa7212fdd3b537a43201a7603a1c2ec","ssdeep":"384:di2PtWIFidG6+e7lIBGZsPjlrmJod8j6ezV5+Ji2Ib:dXPtfFiOQIIIjioG6cl2Ib","tlshash":"c9d20811a7f6299390338a806a546d453ed0c407891b05a474fd3b9eefd7dfa58af38c","dom_hash":"domhash7217290d2d995bce7bf985548646a837","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"ddkid.blog/","fqdn":"ddkid.blog","domain":"ddkid.blog","tld":"blog"},"ip":{"addr":"165.22.154.225","port":0,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-07T17:58:41Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":12,"urlquery":0,"analyzer":5}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-03T17:58:23Z","timestamp":1767463103,"ip_dst":{"addr":"49.51.131.81","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"ip_src":{"addr":"172.18.0.6","port":36262,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Tencent Cloud Storage Domain (myqcloud .com in TLS SNI)","source":"{\"timestamp\":\"2026-01-03T17:58:23.777602+0000\",\"flow_id\":972562473366204,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":36262,\"dest_ip\":\"49.51.131.81\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2050737,\"rev\":1,\"signature\":\"ET INFO Observed Tencent Cloud Storage Domain (myqcloud .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_02_06\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_02_06\"]}},\"tls\":{\"sni\":\"879song-1358886481.cos.accelerate.myqcloud.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"699a80bdb17efe157c861f92c5bf5d1d\",\"string\":\"771,49199,0-65281-11\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":789,\"bytes_toclient\":6387,\"start\":\"2026-01-03T17:58:23.733884+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-03T17:58:23Z","timestamp":1767463103,"ip_dst":{"addr":"49.51.131.81","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"ip_src":{"addr":"172.18.0.6","port":36296,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Tencent Cloud Storage Domain (myqcloud .com in TLS SNI)","source":"{\"timestamp\":\"2026-01-03T17:58:23.781494+0000\",\"flow_id\":1429600680752664,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":36296,\"dest_ip\":\"49.51.131.81\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2050737,\"rev\":1,\"signature\":\"ET INFO Observed Tencent Cloud Storage Domain (myqcloud .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_02_06\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_02_06\"]}},\"tls\":{\"sni\":\"879song-1358886481.cos.accelerate.myqcloud.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"699a80bdb17efe157c861f92c5bf5d1d\",\"string\":\"771,49199,0-65281-11\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":912,\"bytes_toclient\":7550,\"start\":\"2026-01-03T17:58:23.734744+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-03T17:58:23Z","timestamp":1767463103,"ip_dst":{"addr":"49.51.131.81","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"ip_src":{"addr":"172.18.0.6","port":36292,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Tencent Cloud Storage Domain (myqcloud .com in TLS SNI)","source":"{\"timestamp\":\"2026-01-03T17:58:23.785739+0000\",\"flow_id\":1034461542036790,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":36292,\"dest_ip\":\"49.51.131.81\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2050737,\"rev\":1,\"signature\":\"ET INFO Observed Tencent Cloud Storage Domain (myqcloud .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_02_06\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_02_06\"]}},\"tls\":{\"sni\":\"879song-1358886481.cos.accelerate.myqcloud.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"699a80bdb17efe157c861f92c5bf5d1d\",\"string\":\"771,49199,0-65281-11\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":789,\"bytes_toclient\":1626,\"start\":\"2026-01-03T17:58:23.734518+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-03T17:58:23Z","timestamp":1767463103,"ip_dst":{"addr":"49.51.131.81","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"ip_src":{"addr":"172.18.0.6","port":36282,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Tencent Cloud Storage Domain (myqcloud .com in TLS SNI)","source":"{\"timestamp\":\"2026-01-03T17:58:23.789360+0000\",\"flow_id\":1064960104805475,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":36282,\"dest_ip\":\"49.51.131.81\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2050737,\"rev\":1,\"signature\":\"ET INFO Observed Tencent Cloud Storage Domain (myqcloud .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_02_06\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_02_06\"]}},\"tls\":{\"sni\":\"879song-1358886481.cos.accelerate.myqcloud.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"699a80bdb17efe157c861f92c5bf5d1d\",\"string\":\"771,49199,0-65281-11\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":753,\"bytes_toclient\":7550,\"start\":\"2026-01-03T17:58:23.734307+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-03T17:58:23Z","timestamp":1767463103,"ip_dst":{"addr":"49.51.131.81","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"ip_src":{"addr":"172.18.0.6","port":36272,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Tencent Cloud Storage Domain (myqcloud .com in TLS SNI)","source":"{\"timestamp\":\"2026-01-03T17:58:23.793244+0000\",\"flow_id\":362090854298569,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":36272,\"dest_ip\":\"49.51.131.81\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2050737,\"rev\":1,\"signature\":\"ET INFO Observed Tencent Cloud Storage Domain (myqcloud .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_02_06\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_02_06\"]}},\"tls\":{\"sni\":\"879song-1358886481.cos.accelerate.myqcloud.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"699a80bdb17efe157c861f92c5bf5d1d\",\"string\":\"771,49199,0-65281-11\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":948,\"bytes_toclient\":1626,\"start\":\"2026-01-03T17:58:23.734153+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-03T17:58:26Z","timestamp":1767463106,"ip_dst":{"addr":"49.51.131.81","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"ip_src":{"addr":"172.18.0.6","port":36308,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Tencent Cloud Storage Domain (myqcloud .com in TLS SNI)","source":"{\"timestamp\":\"2026-01-03T17:58:26.432676+0000\",\"flow_id\":495554815774312,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":36308,\"dest_ip\":\"49.51.131.81\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2050737,\"rev\":1,\"signature\":\"ET INFO Observed Tencent Cloud Storage Domain (myqcloud .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_02_06\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_02_06\"]}},\"tls\":{\"sni\":\"879song-1358886481.cos.accelerate.myqcloud.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"699a80bdb17efe157c861f92c5bf5d1d\",\"string\":\"771,49199,0-65281-11\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":912,\"bytes_toclient\":7550,\"start\":\"2026-01-03T17:58:26.380520+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-03T17:58:31Z","timestamp":1767463111,"ip_dst":{"addr":"172.18.0.6","port":53060,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"134.122.175.148","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"severity":"medium","alert":"ET DROP Spamhaus DROP Listed Traffic Inbound group 25","source":"{\"timestamp\":\"2026-01-03T17:58:31.122149+0000\",\"flow_id\":847336259865167,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"134.122.175.148\",\"src_port\":443,\"dest_ip\":\"172.18.0.6\",\"dest_port\":53060,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.Evil\",\"ET.DROPIP\"]},\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2400024,\"rev\":4421,\"signature\":\"ET DROP Spamhaus DROP Listed Traffic Inbound group 25\",\"category\":\"Misc Attack\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Any\"],\"created_at\":[\"2010_12_30\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Minor\"],\"tag\":[\"Dshield\"],\"updated_at\":[\"2025_08_01\"]}},\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":1,\"bytes_toserver\":74,\"bytes_toclient\":74,\"start\":\"2026-01-03T17:58:30.805455+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-03T17:58:31Z","timestamp":1767463111,"ip_dst":{"addr":"172.18.0.6","port":60784,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"134.122.133.98","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"severity":"medium","alert":"ET DROP Spamhaus DROP Listed Traffic Inbound group 25","source":"{\"timestamp\":\"2026-01-03T17:58:31.397869+0000\",\"flow_id\":259116866462224,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"134.122.133.98\",\"src_port\":443,\"dest_ip\":\"172.18.0.6\",\"dest_port\":60784,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.Evil\",\"ET.DROPIP\"]},\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2400024,\"rev\":4421,\"signature\":\"ET DROP Spamhaus DROP Listed Traffic Inbound group 25\",\"category\":\"Misc Attack\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Any\"],\"created_at\":[\"2010_12_30\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Minor\"],\"tag\":[\"Dshield\"],\"updated_at\":[\"2025_08_01\"]}},\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":1,\"bytes_toserver\":74,\"bytes_toclient\":74,\"start\":\"2026-01-03T17:58:31.057872+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-03T17:58:32Z","timestamp":1767463112,"ip_dst":{"addr":"172.18.0.6","port":50904,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"134.122.196.115","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"severity":"medium","alert":"ET DROP Spamhaus DROP Listed Traffic Inbound group 25","source":"{\"timestamp\":\"2026-01-03T17:58:32.692574+0000\",\"flow_id\":1749910752378172,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"134.122.196.115\",\"src_port\":443,\"dest_ip\":\"172.18.0.6\",\"dest_port\":50904,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.Evil\",\"ET.DROPIP\"]},\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2400024,\"rev\":4421,\"signature\":\"ET DROP Spamhaus DROP Listed Traffic Inbound group 25\",\"category\":\"Misc Attack\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Any\"],\"created_at\":[\"2010_12_30\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Minor\"],\"tag\":[\"Dshield\"],\"updated_at\":[\"2025_08_01\"]}},\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":1,\"bytes_toserver\":74,\"bytes_toclient\":74,\"start\":\"2026-01-03T17:58:32.376124+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-03T17:58:32Z","timestamp":1767463112,"ip_dst":{"addr":"172.18.0.6","port":56730,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"134.122.176.117","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"severity":"medium","alert":"ET DROP Spamhaus DROP Listed Traffic Inbound group 25","source":"{\"timestamp\":\"2026-01-03T17:58:32.944475+0000\",\"flow_id\":1252811237529242,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"134.122.176.117\",\"src_port\":443,\"dest_ip\":\"172.18.0.6\",\"dest_port\":56730,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.Evil\",\"ET.DROPIP\"]},\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2400024,\"rev\":4421,\"signature\":\"ET DROP Spamhaus DROP Listed Traffic Inbound group 25\",\"category\":\"Misc Attack\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Any\"],\"created_at\":[\"2010_12_30\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Minor\"],\"tag\":[\"Dshield\"],\"updated_at\":[\"2025_08_01\"]}},\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":1,\"bytes_toserver\":74,\"bytes_toclient\":74,\"start\":\"2026-01-03T17:58:32.628378+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-03T17:58:33Z","timestamp":1767463113,"ip_dst":{"addr":"172.18.0.6","port":44812,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"134.122.135.253","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"severity":"medium","alert":"ET DROP Spamhaus DROP Listed Traffic Inbound group 25","source":"{\"timestamp\":\"2026-01-03T17:58:33.022747+0000\",\"flow_id\":1617776083500752,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"134.122.135.253\",\"src_port\":443,\"dest_ip\":\"172.18.0.6\",\"dest_port\":44812,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.Evil\",\"ET.DROPIP\"]},\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2400024,\"rev\":4421,\"signature\":\"ET DROP Spamhaus DROP Listed Traffic Inbound group 25\",\"category\":\"Misc Attack\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Any\"],\"created_at\":[\"2010_12_30\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Minor\"],\"tag\":[\"Dshield\"],\"updated_at\":[\"2025_08_01\"]}},\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":1,\"bytes_toserver\":74,\"bytes_toclient\":74,\"start\":\"2026-01-03T17:58:32.687824+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-03T17:58:33Z","timestamp":1767463113,"ip_dst":{"addr":"172.18.0.6","port":59430,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"134.122.135.105","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"severity":"medium","alert":"ET DROP Spamhaus DROP Listed Traffic Inbound group 25","source":"{\"timestamp\":\"2026-01-03T17:58:33.320333+0000\",\"flow_id\":108943334973569,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"134.122.135.105\",\"src_port\":443,\"dest_ip\":\"172.18.0.6\",\"dest_port\":59430,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.Evil\",\"ET.DROPIP\"]},\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2400024,\"rev\":4421,\"signature\":\"ET DROP Spamhaus DROP Listed Traffic Inbound group 25\",\"category\":\"Misc Attack\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Any\"],\"created_at\":[\"2010_12_30\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Minor\"],\"tag\":[\"Dshield\"],\"updated_at\":[\"2025_08_01\"]}},\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":1,\"bytes_toserver\":74,\"bytes_toclient\":74,\"start\":\"2026-01-03T17:58:32.991361+0000\"}}"}],"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"fsguf.uk","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"ddkid.blog","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"ddkid.blog","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"2ijdl7g2.y9dq7o4ree.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"2ijdl7g2.y9dq7o4ree.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"hghjklhh.879ossdatingss003.com","ip":{"addr":"174.35.102.43","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2025-07-10","domain_rank":0,"first_seen":"2025-11-26T02:40:46.065333Z","last_seen":"2025-12-27T21:50:03.130834Z","alert_count":0,"request_count":5,"received_data":3975,"sent_data":3701,"comment":"","tags":null,"fingerprints":null},{"fqdn":"6ijkwiiwiaxnzijoi56e90yqoiiwagxvkijoihd7wwkeilcj2ijoins6yljqifq.biz","ip":{"addr":"134.122.196.115","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-01-02T21:14:35.772417Z","last_seen":"2026-01-02T21:14:35.772417Z","alert_count":0,"request_count":1,"received_data":764,"sent_data":527,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"bgfds.cz","ip":{"addr":"174.35.120.200","port":443,"asn":54994,"as":"ML-1432-54994","country":"United States","country_code":"US"},"domain_registered":"2026-01-02","domain_rank":0,"first_seen":"2026-01-02T21:14:35.778773Z","last_seen":"2026-01-02T21:14:35.778773Z","alert_count":0,"request_count":1,"received_data":868,"sent_data":468,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}]},{"fqdn":"ptuki.cz","ip":{"addr":"174.35.102.43","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2026-01-02","domain_rank":0,"first_seen":"2026-01-02T21:14:35.771276Z","last_seen":"2026-01-02T21:14:35.771276Z","alert_count":0,"request_count":1,"received_data":867,"sent_data":468,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}]},{"fqdn":"5y6ju-njmu67y-y6ju.amyh879dd0001.com","ip":{"addr":"172.65.191.107","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-09-30","domain_rank":0,"first_seen":"2025-12-25T13:18:32.79727Z","last_seen":"2026-01-01T22:43:38.525469Z","alert_count":0,"request_count":1,"received_data":483,"sent_data":496,"comment":"","tags":null,"fingerprints":[{"name":"GoCache","description":"GoCache is an in-memory key:value store/cache similar to memcached that is suitable for applications running on a single machine.","website":"https://www.gocache.com.br/","common_platform_enumeration":"","icon":"GoCache.png","categories":["CDN"]}]},{"fqdn":"fsguf.uk","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2025-11-10","domain_rank":0,"first_seen":"2025-12-27T21:50:02.627319Z","last_seen":"2025-12-27T21:50:02.627319Z","alert_count":2,"request_count":2,"received_data":0,"sent_data":942,"comment":"","tags":null,"fingerprints":null},{"fqdn":"6ijkwiiwiaxnzijoi56e73yqoiiwagxvkijoihd7wwkeilcj2ijoins6yljqifq.biz","ip":{"addr":"134.122.175.148","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-01-02T21:14:35.774263Z","last_seen":"2026-01-02T21:14:35.774263Z","alert_count":0,"request_count":1,"received_data":764,"sent_data":527,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"6ijkwiiwiaxnzijoi56e70yqoiiwagxvkijoihd7wwkeilcj2ijoins6yljqifq.biz","ip":{"addr":"118.107.9.42","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-01-02T21:14:35.791981Z","last_seen":"2026-01-02T21:14:35.791981Z","alert_count":0,"request_count":1,"received_data":764,"sent_data":527,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"6ijkwiiwiaxnzijoi56e74yqoiiwagxvkijoihd7wwkeilcj2ijoins6yljqifq.biz","ip":{"addr":"14.128.63.157","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-01-02T21:14:35.793952Z","last_seen":"2026-01-02T21:14:35.793952Z","alert_count":0,"request_count":1,"received_data":764,"sent_data":527,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"ddkid.blog","ip":{"addr":"165.22.154.225","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"domain_registered":"2025-04-12","domain_rank":0,"first_seen":"2025-08-10T13:04:06.884998Z","last_seen":"2025-08-10T13:04:06.884998Z","alert_count":2,"request_count":1,"received_data":8275,"sent_data":479,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"146.103.81.165","ip":{"addr":"146.103.81.165","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":4,"received_data":13065,"sent_data":3037,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}]},{"fqdn":"6ijkwiiwiaxnzijoi56e72yqoiiwagxvkijoihd7wwkeilcj2ijoins6yljqifq.biz","ip":{"addr":"134.122.135.253","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-01-02T21:14:35.795641Z","last_seen":"2026-01-02T21:14:35.795641Z","alert_count":0,"request_count":1,"received_data":764,"sent_data":527,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}]},{"fqdn":"fgthjm-ghjthj.jvstays.com","ip":{"addr":"180.163.146.90","port":443,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"domain_registered":"2024-12-25","domain_rank":0,"first_seen":"2025-12-28T12:47:19.418566Z","last_seen":"2025-12-28T12:47:19.418566Z","alert_count":0,"request_count":1,"received_data":764,"sent_data":485,"comment":"","tags":null,"fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"879song-1358886481.cos.accelerate.myqcloud.com","ip":{"addr":"49.51.131.81","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"domain_registered":"2013-04-24","domain_rank":0,"first_seen":"2025-06-14T01:44:46.016116Z","last_seen":"2026-01-02T08:03:57.327757Z","alert_count":0,"request_count":29,"received_data":1203022,"sent_data":14231,"comment":"","tags":null,"fingerprints":null},{"fqdn":"iyhjkilahh.zsydh.com","ip":{"addr":"180.163.146.114","port":443,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"domain_registered":"2025-01-13","domain_rank":0,"first_seen":"2025-11-26T02:40:45.071059Z","last_seen":"2026-01-03T15:41:16.518346Z","alert_count":0,"request_count":1,"received_data":766,"sent_data":480,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}]},{"fqdn":"146.103.90.32","ip":{"addr":"146.103.90.32","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":527,"sent_data":473,"comment":"","tags":null,"fingerprints":null},{"fqdn":"879.bigo.h5.awardg.com","ip":{"addr":"125.94.244.5","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"domain_registered":"2025-12-07","domain_rank":0,"first_seen":"2026-01-01T18:08:10.515551Z","last_seen":"2026-01-01T18:08:10.515551Z","alert_count":0,"request_count":2,"received_data":187013,"sent_data":876,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"153.43.20.52","ip":{"addr":"153.43.20.52","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":837,"sent_data":472,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}]},{"fqdn":"2ijdl7g2.y9dq7o4ree.com","ip":{"addr":"77.83.240.177","port":443,"asn":49870,"as":"Alsycon B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":2,"request_count":1,"received_data":8274,"sent_data":503,"comment":"","tags":null,"fingerprints":[{"name":"jQuery:2.2.4","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"6ijkwiiwiaxnzijoi56e71yqoiiwagxvkijoihd7wwkeilcj2ijoins6yljqifq.biz","ip":{"addr":"14.128.63.157","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-01-02T21:14:35.7946Z","last_seen":"2026-01-02T21:14:35.7946Z","alert_count":0,"request_count":1,"received_data":764,"sent_data":527,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"879song-1358886481.cos.accelerate.myqcloud.com/879-2/js/rem.js","fqdn":"879song-1358886481.cos.accelerate.myqcloud.com","domain":"myqcloud.com","tld":"com"},"ip":{"addr":"49.51.131.81","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"e74e945fcc19cbd1d5276e5d4548d525","sha1":"8236e3f3fc64916f9f7f65e8aa2680c9302f0858","sha256":"33442081f56c808935dba715de506e29ebf99eea4d997a64818edb9081369fa5","sha512":"a31082fa7c4afd5138b6f5048ea64b3fced8635505c69b56b2de5168b699069401b415f26eb42ed6ccdbc8e8c8db6f50618fea5890565ed5404f360176907245","ssdeep":"","tlshash":"8a01f166644125384b2b0009a925726cfeb7811303235283f45cae766fb0e430ab1fdc","size":840,"data":"","first_seen":"2023-03-07T12:23:57Z","last_seen":"2026-04-05T05:33:11.485767Z","times_seen":14239,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"879.bigo.h5.awardg.com/879/index.js","fqdn":"879.bigo.h5.awardg.com","domain":"awardg.com","tld":"com"},"ip":{"addr":"125.94.244.5","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"67406404af615b036889e2df5acbb593","sha1":"6e8a2ca6d266da3610e16bbe77701ca089b018c5","sha256":"321b421a50a5964659a138227ad826bdbcc53342d349f154e52ca8f728d5b035","sha512":"4ee532bfbc9dd45cee2eb8605746e56519e0cc335d6190bc8198c1943e9f67fb2b2e4e6203c254514eb3284774ff8234e66b1d685b7b4a832e023a577d542745","ssdeep":"","tlshash":"5851505d75e5002233d334336a9db858a4d6a41b0008da00fd2ed744af37939b2babe9","size":3131,"data":"","first_seen":"2025-12-25T16:48:06.217837Z","last_seen":"2026-01-07T10:13:00.600391Z","times_seen":116,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"2ijdl7g2.y9dq7o4ree.com/?cid=911400","fqdn":"2ijdl7g2.y9dq7o4ree.com","domain":"y9dq7o4ree.com","tld":"com"},"ip":{"addr":"77.83.240.177","port":443,"asn":49870,"as":"Alsycon B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"e42ad3f46426928422fbb53beda13e72","sha1":"c3729f3f58a803dc46998473438d5315636b53bb","sha256":"2125ab40d55c0ec055a2044617618bee711f765513733256610ec6ea96318e08","sha512":"cc6d8abba064537362a16be290c071236a611c20c4e67bc16341f76c9a42f2dde893c13e4fc2347bf5a8a85fb797a26bf69a3e3efdbf4407abf5dd9d8f966d60","ssdeep":"","tlshash":"2ee0a708525a60359437640beedda211965281076c6bb871b88d034d9f1e32f95a93f0","size":322,"data":"","first_seen":"2025-07-26T12:48:30.156796Z","last_seen":"2026-04-04T22:44:40.642144Z","times_seen":188,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"879.bigo.h5.awardg.com/879/cg-download-lib.umd.js","fqdn":"879.bigo.h5.awardg.com","domain":"awardg.com","tld":"com"},"ip":{"addr":"125.94.244.5","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"2098edecc98713b59fdbbc17908c30e8","sha1":"2b6ddf9d0551ca386e8e7bebd89ae518dfc1e3ea","sha256":"56ee10bd93c1350af346e4e9cdeca03e9d96b1f033ef84537282bea16c93dce1","sha512":"7bf83a46928e081539aeda20941942b17273997676f0523d80f9ef21b7b9c3d0230ea0e71e385d2c500bfd1d83d2350269da078539260ae30b81640f15ac4e61","ssdeep":"3072:0uphfMBqtaIGqLOZR62CWlCqE8rU7b3sy:0yEUtBjL4Ro4ZDrUH3sy","tlshash":"51045ad97282b0a193f718e0003f100bb37a69663849c598f169f9df3da948a51b7f7d","size":183314,"data":"","first_seen":"2025-08-03T01:45:23.616467Z","last_seen":"2026-04-05T00:12:20.185897Z","times_seen":787,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"879song-1358886481.cos.accelerate.myqcloud.com/879-2/js/swiper-4.2.0.min.js","fqdn":"879song-1358886481.cos.accelerate.myqcloud.com","domain":"myqcloud.com","tld":"com"},"ip":{"addr":"49.51.131.81","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"be15b3ba6a71edd608b9af34dfc6130c","sha1":"b11842fbe74778511b86bf899fbd02102b57ac62","sha256":"add18244c3d92cb789bd50456f05f02ca034c908bbf4210fedbd9013b3bf5d96","sha512":"ba9c83238efc0b5f43e2e85b104a2b1b010defa0f12d7c3cbff918fae76a7f3d3753ee18dead132729bdd0ae8a3854a481bcba35655dd37a6b6a03813d295029","ssdeep":"3072:6ShcwIktpnBohgZu7HgZsUOUFBWqJTq+NX:hlIktFBohgZu7HAsUOUFBWqJTq+l","tlshash":"65c3184eb390619510e36256565e9241a3b72809780ad0ac35b6cce7adbde4c13bfffc","size":119506,"data":"","first_seen":"2023-03-07T12:23:57Z","last_seen":"2026-04-05T05:33:11.430931Z","times_seen":13371,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"879song-1358886481.cos.accelerate.myqcloud.com/879-2/js/jquery-2.2.4.min.js","fqdn":"879song-1358886481.cos.accelerate.myqcloud.com","domain":"myqcloud.com","tld":"com"},"ip":{"addr":"49.51.131.81","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"2f6b11a7e914718e0290410e85366fe9","sha1":"69bb69e25ca7d5ef0935317584e6153f3fd9a88c","sha256":"05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e","sha512":"0d40bccaa59fedecf7243d63b33c42592541d0330fefc78ec81a4c6b9689922d5b211011ca4be23ae22621cce4c658f52a1552c92d7ac3615241eb640f8514db","ssdeep":"1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2","tlshash":"1e83c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","size":85578,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-05T06:49:02.501277Z","times_seen":262545,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"5y6ju-njmu67y-y6ju.amyh879dd0001.com/ipacdn.txt?t=1767463110094","fqdn":"5y6ju-njmu67y-y6ju.amyh879dd0001.com","domain":"amyh879dd0001.com","tld":"com"},"ip":{"addr":"172.65.191.107","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:30.114Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"5y6ju-njmu67y-y6ju.amyh879dd0001.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 25 Dec 2025 00:00:00 GMT","end":"Fri, 25 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:75:EE:6F:20:51:9D:A8:62:F5:E0:E4:9F:27:4D:1C:39:54:97:D9","sha256":"2F:F8:8C:30:8B:B3:74:FA:98:23:5E:B4:15:B3:AE:08:B1:D0:C1:05:BB:1E:FC:5F:64:DA:0D:0C:25:7E:77:3C"}}},"request":{"raw":"GET /ipacdn.txt?t=1767463110094 HTTP/1.1\r\nHost: 5y6ju-njmu67y-y6ju.amyh879dd0001.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nOrigin: https://2ijdl7g2.y9dq7o4ree.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 03 Jan 2026 17:58:31 GMT\r\nContent-Type: text/plain\r\nContent-Length: 2\r\nConnection: keep-alive\r\nSet-Cookie: acw_tc=0a094e7017674631111083028e3ea8e80e76b3d7d792bddfb2735e66d27aa6;path=/;HttpOnly;Max-Age=1800\r\nCache-Control: s-maxage=315360000,max-age=0,public\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Max-Age: 3600\r\nAccess-Control-Allow-Credentials: true\r\nServer: gocache\r\nc-Type: pf\r\nrid: 189e228f53cd9f098a78c529dfa37cd1\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"GoCache","description":"GoCache is an in-memory key:value store/cache similar to memcached that is suitable for applications running on a single machine.","website":"https://www.gocache.com.br/","common_platform_enumeration":"","icon":"GoCache.png","categories":["CDN"]}],"data":{"size":2,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"e0aa021e21dddbd6d8cecec71e9cf564","sha1":"9ce3bd4224c8c1780db56b4125ecf3f24bf748b7","sha256":"565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3","sha512":"900110c951560eff857b440e89cc29f529416e0e3b3d7f0ad51651bfdbd8025b91768c5ed7db5352d1a5523354ce06ced2c42047e33a3e958a1bba5f742db874","ssdeep":"","tlshash":"c710000000000000000000030000000030000000000000000c000000c0000000000000","first_seen":"2023-03-09T09:04:49Z","last_seen":"2026-04-05T06:47:06.21703Z","times_seen":257817,"resource_available":true,"data":null}},"time_used":1227,"timings":{"blocked":-1,"dns":323,"connect":6,"send":0,"wait":362,"receive":0,"ssl":535},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"879song-1358886481.cos.accelerate.myqcloud.com/879-2/img/7bf8e0_30x24.js","fqdn":"879song-1358886481.cos.accelerate.myqcloud.com","domain":"myqcloud.com","tld":"com"},"ip":{"addr":"49.51.131.81","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:23.057Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.cos.eu-frankfurt.myqcloud.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 24 Feb 2025 08:16:09 GMT","end":"Sat, 28 Mar 2026 08:16:08 GMT"},"fingerprint":{"sha1":"5D:6B:83:19:D3:CF:26:95:9A:15:AD:12:4C:FA:7A:A2:B5:80:79:D5","sha256":"80:F6:87:FC:21:53:95:FE:44:5C:DF:56:D6:33:73:25:93:79:C4:83:29:8D:22:E5:B2:32:6E:45:A7:7D:8F:CC"}}},"request":{"raw":"GET /879-2/img/7bf8e0_30x24.js HTTP/1.1\r\nHost: 879song-1358886481.cos.accelerate.myqcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nContent-Length: 182\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nContent-Disposition: attachment\r\nDate: Sat, 03 Jan 2026 17:58:28 GMT\r\nETag: \"6f63524cc4b4cc9cae614ad3046d307a\"\r\nLast-Modified: Mon, 30 Jun 2025 03:59:14 GMT\r\nServer: tencent-cos\r\nx-cos-force-download: true\r\nx-cos-hash-crc64ecma: 5965482927038872324\r\nx-cos-request-id: Njk1OTU4YzNfZTA5N2QxZF8yZWRkMl8xMWNmOWNl\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":182,"size_decoded":0,"mime_type":"application/javascript","magic":"data","md5":"230608ea680697f9a41e7abdce329379","sha1":"30d81740038b806714d341c2494fa0121b854407","sha256":"7490e776e76abf098ba0844055b139d1e464fa292202b9c74dd4b0834f6e1b77","sha512":"940f017763dd5a00fd9d173566b1618b87688f9157b7ac3304ae0c70b368f5974f94d6fbb34127cf914f3730a74ffeba1eef6108d954fdd94de0bade1b6c4ca7","ssdeep":"","tlshash":"e0d0a7a9d4487b2dd5552112111b0000e521792162160147cc348b34cdab50c14dd36f","first_seen":"2025-07-26T12:48:30.129092Z","last_seen":"2026-04-04T22:44:40.640554Z","times_seen":193,"resource_available":false,"data":null}},"time_used":5029,"timings":{"blocked":4622,"dns":0,"connect":0,"send":0,"wait":406,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"879song-1358886481.cos.accelerate.myqcloud.com/879-2/img/204867_564x120.js","fqdn":"879song-1358886481.cos.accelerate.myqcloud.com","domain":"myqcloud.com","tld":"com"},"ip":{"addr":"49.51.131.81","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:23.056Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.cos.eu-frankfurt.myqcloud.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 24 Feb 2025 08:16:09 GMT","end":"Sat, 28 Mar 2026 08:16:08 GMT"},"fingerprint":{"sha1":"5D:6B:83:19:D3:CF:26:95:9A:15:AD:12:4C:FA:7A:A2:B5:80:79:D5","sha256":"80:F6:87:FC:21:53:95:FE:44:5C:DF:56:D6:33:73:25:93:79:C4:83:29:8D:22:E5:B2:32:6E:45:A7:7D:8F:CC"}}},"request":{"raw":"GET /879-2/img/204867_564x120.js HTTP/1.1\r\nHost: 879song-1358886481.cos.accelerate.myqcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nContent-Length: 9432\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nContent-Disposition: attachment\r\nDate: Sat, 03 Jan 2026 17:58:28 GMT\r\nETag: \"d3332ad64463cf8cba0dae1bb64e1cce\"\r\nLast-Modified: Mon, 30 Jun 2025 03:59:13 GMT\r\nServer: tencent-cos\r\nx-cos-force-download: true\r\nx-cos-hash-crc64ecma: 5901379545973722713\r\nx-cos-request-id: Njk1OTU4YzNfNmMwODdkMWRfMjczZjZfMTNkNjc1OQ==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9432,"size_decoded":0,"mime_type":"application/javascript","magic":"data","md5":"9c768ad599822dc24b7377094fb1351b","sha1":"e2b49cf58d751c76e90d43fb1dc70b4fa4cd6c3c","sha256":"9d159a2b05d683222a7ae393b36f991e85fde3743d6eee51970e828b45e539d8","sha512":"34b078d603a5dcebd68ebd37be04dd2106582f3a3b84695e7083274731ca8e400a406c6dc0c6a50ce4df2f7b8126f53d0269639430b594eebd705ac8c9fddfb2","ssdeep":"384:RZ9xOP4ykQimD2WYyTcGUNBEOnJN5r5LoHpQA/ok9Do:RTxOP4y19CYTSD5LoHOO9i","tlshash":"7e52ad13c210b364b39747ffec82dcc49b24e1a7e1953ae4c225b2a56a9553e92edcc1","first_seen":"2025-07-26T12:48:30.130014Z","last_seen":"2026-04-04T22:44:40.621572Z","times_seen":194,"resource_available":false,"data":null}},"time_used":5008,"timings":{"blocked":4598,"dns":0,"connect":0,"send":0,"wait":409,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"879song-1358886481.cos.accelerate.myqcloud.com/879-2/img/a7a02b_750x662.js","fqdn":"879song-1358886481.cos.accelerate.myqcloud.com","domain":"myqcloud.com","tld":"com"},"ip":{"addr":"49.51.131.81","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:23.060Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.cos.eu-frankfurt.myqcloud.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 24 Feb 2025 08:16:09 GMT","end":"Sat, 28 Mar 2026 08:16:08 GMT"},"fingerprint":{"sha1":"5D:6B:83:19:D3:CF:26:95:9A:15:AD:12:4C:FA:7A:A2:B5:80:79:D5","sha256":"80:F6:87:FC:21:53:95:FE:44:5C:DF:56:D6:33:73:25:93:79:C4:83:29:8D:22:E5:B2:32:6E:45:A7:7D:8F:CC"}}},"request":{"raw":"GET /879-2/img/a7a02b_750x662.js HTTP/1.1\r\nHost: 879song-1358886481.cos.accelerate.myqcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nContent-Length: 179975\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nContent-Disposition: attachment\r\nDate: Sat, 03 Jan 2026 17:58:26 GMT\r\nETag: \"6a2519109db9854f2ba62bb02ff56f8c\"\r\nLast-Modified: Mon, 30 Jun 2025 03:59:15 GMT\r\nServer: tencent-cos\r\nx-cos-force-download: true\r\nx-cos-hash-crc64ecma: 6773333893655499483\r\nx-cos-request-id: Njk1OTU4YzJfMTViNGYwMDlfMjM4NV8xYWUzMDEx\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":179975,"size_decoded":0,"mime_type":"application/javascript","magic":"data","md5":"3b522718ac88bb0bcaa1697c1e1d05b8","sha1":"715dbf55125f8c5b07291ae4009f4652b4c59ca8","sha256":"ecdfb913f81eb7787de0a7dcde955607026acc485a699fe817b53ed88aecb6f0","sha512":"13821710bd53b8c052b45effa31ae80f1503bfc14f0dd22e83c32b72618eb04b241d27822ab8c980ab89c28ccdd9090849d30ea442a3077b86a193121468fa75","ssdeep":"6144:4ru9I8ucFPjFOs4HlnvKDXCPuEOxogCVs/9nAA3DDaCLoFY:kiI8ucFPjFOs4xKDXCuEOfCVsFnAoeSn","tlshash":"cb44e1445311f370e2e694fbb8020adcb2041f96b6aa6d94cb54c6506c8f62df7de8f6","first_seen":"2025-07-26T12:48:30.147249Z","last_seen":"2026-04-04T22:44:40.625934Z","times_seen":192,"resource_available":false,"data":null}},"time_used":4116,"timings":{"blocked":3320,"dns":0,"connect":0,"send":0,"wait":417,"receive":379,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fsguf.uk/bewcdn.txt?t=1767463110091","fqdn":"fsguf.uk","domain":"fsguf.uk","tld":"uk"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:30.105Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /bewcdn.txt?t=1767463110091 HTTP/1.1\r\nHost: fsguf.uk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nOrigin: https://2ijdl7g2.y9dq7o4ree.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T06:47:06.202855Z","times_seen":13363998,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"fsguf.uk","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"879song-1358886481.cos.accelerate.myqcloud.com/879-2/img/0db037_750x740.js","fqdn":"879song-1358886481.cos.accelerate.myqcloud.com","domain":"myqcloud.com","tld":"com"},"ip":{"addr":"49.51.131.81","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:23.089Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.cos.eu-frankfurt.myqcloud.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 24 Feb 2025 08:16:09 GMT","end":"Sat, 28 Mar 2026 08:16:08 GMT"},"fingerprint":{"sha1":"5D:6B:83:19:D3:CF:26:95:9A:15:AD:12:4C:FA:7A:A2:B5:80:79:D5","sha256":"80:F6:87:FC:21:53:95:FE:44:5C:DF:56:D6:33:73:25:93:79:C4:83:29:8D:22:E5:B2:32:6E:45:A7:7D:8F:CC"}}},"request":{"raw":"GET /879-2/img/0db037_750x740.js HTTP/1.1\r\nHost: 879song-1358886481.cos.accelerate.myqcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nContent-Length: 134119\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nContent-Disposition: attachment\r\nDate: Sat, 03 Jan 2026 17:58:28 GMT\r\nETag: \"5ef13829b74faec7703ad35daf12b98b\"\r\nLast-Modified: Mon, 30 Jun 2025 03:59:12 GMT\r\nServer: tencent-cos\r\nx-cos-force-download: true\r\nx-cos-hash-crc64ecma: 4113663484532660539\r\nx-cos-request-id: Njk1OTU4YzNfZWJiMmYwMDlfOWZjM18xNGJkMWNk\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":134119,"size_decoded":0,"mime_type":"application/javascript","magic":"data","md5":"c9bbfed4268a1451e7c5280d1b761bb3","sha1":"81909de0ffecc5d712ab77d229932fa5b305b8bc","sha256":"e84769fea3e0614fd627e8c3b4907d836ecc1d7402c663cf4489767ad101c10e","sha512":"61ab49f20c94dbb278459d247451aae74bb05d33676b75aefaf7e837480474ded5a0615004b20bbc6d2c82e18f784f1d7ea0fe2fd1b6f2f97e880f1e68f4033c","ssdeep":"6144:boUh6Q2cJ83qOUcRsAZdGRkqHPoDrEnSEKtwJ:boUh6hcW3qOUcRsAZdGRFPerySEKtwJ","tlshash":"ad14e1029251f3b0e2e7a5f9580742d8a1041fd9f79ebad4c230d6b12d5a62e33de497","first_seen":"2025-07-26T12:48:30.151662Z","last_seen":"2026-04-04T22:44:40.634046Z","times_seen":194,"resource_available":false,"data":null}},"time_used":5550,"timings":{"blocked":4740,"dns":0,"connect":0,"send":0,"wait":423,"receive":387,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"879song-1358886481.cos.accelerate.myqcloud.com/879-2/img/8711a6_750x773.js","fqdn":"879song-1358886481.cos.accelerate.myqcloud.com","domain":"myqcloud.com","tld":"com"},"ip":{"addr":"49.51.131.81","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:23.049Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.cos.eu-frankfurt.myqcloud.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 24 Feb 2025 08:16:09 GMT","end":"Sat, 28 Mar 2026 08:16:08 GMT"},"fingerprint":{"sha1":"5D:6B:83:19:D3:CF:26:95:9A:15:AD:12:4C:FA:7A:A2:B5:80:79:D5","sha256":"80:F6:87:FC:21:53:95:FE:44:5C:DF:56:D6:33:73:25:93:79:C4:83:29:8D:22:E5:B2:32:6E:45:A7:7D:8F:CC"}}},"request":{"raw":"GET /879-2/img/8711a6_750x773.js HTTP/1.1\r\nHost: 879song-1358886481.cos.accelerate.myqcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nContent-Length: 184331\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nContent-Disposition: attachment\r\nDate: Sat, 03 Jan 2026 17:58:28 GMT\r\nETag: \"882d486ba914643bb104df5aba6d82fb\"\r\nLast-Modified: Mon, 30 Jun 2025 03:59:15 GMT\r\nServer: tencent-cos\r\nx-cos-force-download: true\r\nx-cos-hash-crc64ecma: 12471381767263294565\r\nx-cos-request-id: Njk1OTU4YzNfMTViNGYwMDlfMjM5MF8xYjAxNWQz\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":184331,"size_decoded":0,"mime_type":"application/javascript","magic":"data","md5":"d60c9658db2f41c55c1aa5ab1a7631b1","sha1":"dd339d514a951c073407a658dc682f5214ec9ddb","sha256":"5aeddadbcd474caeff60ba77509254a0c75b1ef7f88d322181e060e7222f3103","sha512":"2a2d1bf8da533725f7bae8635ce42dac9643437d94ce0f4ed0222688d3ce1810a43667b859105b2ebdd4c293d899d8893c6aae0b78a1a47cb192597ef77fba81","ssdeep":"6144:I6N20Eq8DAR0Fjj2LLUXijLHqfwp/Q5FgrXqvN9WJ6O:I8EPD40Fjyvoi/Ux5FgrG+sO","tlshash":"2b44e1025341f370b6faa4f9990215c8e7144e9df79afe51c234c5a0399b23da7ceda2","first_seen":"2025-07-26T12:48:30.145672Z","last_seen":"2026-04-04T22:44:40.639127Z","times_seen":194,"resource_available":false,"data":null}},"time_used":5349,"timings":{"blocked":4550,"dns":0,"connect":0,"send":0,"wait":415,"receive":384,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"879song-1358886481.cos.accelerate.myqcloud.com/879-2/img/580baf_702x234.js","fqdn":"879song-1358886481.cos.accelerate.myqcloud.com","domain":"myqcloud.com","tld":"com"},"ip":{"addr":"49.51.131.81","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:23.051Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.cos.eu-frankfurt.myqcloud.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 24 Feb 2025 08:16:09 GMT","end":"Sat, 28 Mar 2026 08:16:08 GMT"},"fingerprint":{"sha1":"5D:6B:83:19:D3:CF:26:95:9A:15:AD:12:4C:FA:7A:A2:B5:80:79:D5","sha256":"80:F6:87:FC:21:53:95:FE:44:5C:DF:56:D6:33:73:25:93:79:C4:83:29:8D:22:E5:B2:32:6E:45:A7:7D:8F:CC"}}},"request":{"raw":"GET /879-2/img/580baf_702x234.js HTTP/1.1\r\nHost: 879song-1358886481.cos.accelerate.myqcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nContent-Length: 44674\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nContent-Disposition: attachment\r\nDate: Sat, 03 Jan 2026 17:58:28 GMT\r\nETag: \"faee6b01375e58a5c6aa228ccf961c74\"\r\nLast-Modified: Mon, 30 Jun 2025 03:59:14 GMT\r\nServer: tencent-cos\r\nx-cos-force-download: true\r\nx-cos-hash-crc64ecma: 14055615729449241877\r\nx-cos-request-id: Njk1OTU4YzNfZDg4ODUxMWRfMjNmMmFfMTFhYWM0MA==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":44674,"size_decoded":0,"mime_type":"application/javascript","magic":"data","md5":"73f031500f2049f5366f245bfbfbddde","sha1":"fabe57390ce1d83306a4bdbc79289701308f064d","sha256":"b7a87b7a81def75a808ce469248327553a9c22e2f987bb915b0cc423a3c19545","sha512":"f81fdccc1ae2a6f86be3d5e2a9ec4748a6729464a4589a4d8052d70505cfb4dae43165c5251b3d08daae29daff5b5601048cee12b42eb8f5c312dbcf172fe17b","ssdeep":"1536:bEz7xiWsrrJTQWnVOEuSX3QeQIOTMvYe0u2t:bKsZrJTQWnVOEuSweG6+","tlshash":"ed63d0473303e370e3aae1f8786445c4f5019b69f299ead1d238da70296741e7add8e3","first_seen":"2025-07-26T12:48:30.138656Z","last_seen":"2026-04-04T22:44:40.635538Z","times_seen":195,"resource_available":false,"data":null}},"time_used":4998,"timings":{"blocked":4575,"dns":0,"connect":0,"send":0,"wait":421,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"146.103.81.165/cocos/config_data.json?t=1767463","fqdn":"146.103.81.165","domain":"146.103.81.165","tld":""},"ip":{"addr":"146.103.81.165","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:28.891Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"146.103.81.102","organization":"TXNetworks Beijing Co., Ltd."},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 22 May 2025 09:33:59 GMT","end":"Tue, 23 Jun 2026 09:33:58 GMT"},"fingerprint":{"sha1":"A2:A9:4B:43:6F:D9:56:1B:47:D2:4B:FC:80:BF:DF:30:C2:F6:D2:BA","sha256":"0E:6D:3E:6E:4C:B5:F3:96:13:73:43:88:78:12:08:02:12:46:62:F0:6A:C8:02:4F:D1:83:88:3D:C0:D5:FA:9B"}}},"request":{"raw":"OPTIONS /cocos/config_data.json?t=1767463 HTTP/1.1\r\nHost: 146.103.81.165\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: clienttimezone,device,devicemodel,domain,language,nonce,platformtype,sign,sitecode,timestamp,x-request-id\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nOrigin: https://2ijdl7g2.y9dq7o4ree.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:58:29 GMT\r\ncontent-length: 0\r\nserver: AliyunOSS\r\nx-oss-request-id: 695958C5F4962B3532EC7A99\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, HEAD, PUT\r\naccess-control-allow-headers: clienttimezone, device, devicemodel, domain, language, nonce, platformtype, sign, sitecode, timestamp, x-request-id\r\naccess-control-expose-headers: Etag\r\naccess-control-max-age: 200\r\nx-oss-server-time: 0\r\nvia: 1.1 PS-HKG-040fc30:0 (W), 1.1 jp18:25 (W)\r\nx-px: ms jp18SIN, ms PS-HKG-040fc30HKG(origin)\r\nx-ws-request-id: 695958c5_jp18_35084-17431\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T06:47:06.202855Z","times_seen":13363998,"resource_available":true,"data":null}},"time_used":1631,"timings":{"blocked":668,"dns":0,"connect":181,"send":0,"wait":282,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"iyhjkilahh.zsydh.com/ipacdn.txt?t=1767463110095","fqdn":"iyhjkilahh.zsydh.com","domain":"zsydh.com","tld":"com"},"ip":{"addr":"180.163.146.114","port":443,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:30.118Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zsydh.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Tue, 11 Nov 2025 00:00:00 GMT","end":"Mon, 09 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E3:D1:7C:68:A1:BF:C8:93:8D:41:82:B1:74:BA:70:63:68:D1:D1:EC","sha256":"5A:C3:0C:D7:0B:14:4C:3C:D4:22:8C:BF:B8:D2:7C:D8:56:97:6D:49:07:96:2E:3E:20:71:45:19:2C:EB:F3:F0"}}},"request":{"raw":"GET /ipacdn.txt?t=1767463110095 HTTP/1.1\r\nHost: iyhjkilahh.zsydh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nOrigin: https://2ijdl7g2.y9dq7o4ree.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: text/plain\r\ncontent-length: 2\r\nstrict-transport-security: max-age=5184000\r\ndate: Sat, 03 Jan 2026 17:58:32 GMT\r\nset-cookie: acw_tc=0a0ccafd17674631121906305e5036ab9275784687d5cbd82b064a377bb03f;path=/;HttpOnly;Max-Age=1800\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 3600\r\naccess-control-allow-credentials: true\r\nvia: cache30.l2cn8734[159,159,200-0,M], cache40.l2cn8734[160,0], kunlun10.cn7174[217,217,200-0,M], kunlun6.cn7174[219,0]\r\nali-swift-global-savetime: 1767463112\r\nx-cache: MISS TCP_MISS dirn:-2:-2\r\nx-swift-savetime: Sat, 03 Jan 2026 17:58:32 GMT\r\nx-swift-cachetime: 315360000\r\ntiming-allow-origin: *\r\neagleid: b4a3921a17674631120178440e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":2,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"e0aa021e21dddbd6d8cecec71e9cf564","sha1":"9ce3bd4224c8c1780db56b4125ecf3f24bf748b7","sha256":"565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3","sha512":"900110c951560eff857b440e89cc29f529416e0e3b3d7f0ad51651bfdbd8025b91768c5ed7db5352d1a5523354ce06ced2c42047e33a3e958a1bba5f742db874","ssdeep":"","tlshash":"c710000000000000000000030000000030000000000000000c000000c0000000000000","first_seen":"2023-03-09T09:04:49Z","last_seen":"2026-04-05T06:47:06.21703Z","times_seen":257817,"resource_available":true,"data":null}},"time_used":2277,"timings":{"blocked":-1,"dns":1311,"connect":237,"send":0,"wait":458,"receive":0,"ssl":270},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hghjklhh.879ossdatingss003.com/hall/api/agent/promote/binding/reportViewV2","fqdn":"hghjklhh.879ossdatingss003.com","domain":"879ossdatingss003.com","tld":"com"},"ip":{"addr":"174.35.102.43","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:30.626Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hghjklhh.879ossdatingss003.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 25 Nov 2025 05:57:28 GMT","end":"Mon, 23 Feb 2026 05:57:27 GMT"},"fingerprint":{"sha1":"64:04:32:BE:39:54:3A:8B:79:67:4B:A3:87:4C:C8:36:78:54:D0:AB","sha256":"E5:E9:B8:82:35:D8:EC:6B:D5:73:6E:78:BF:B8:7C:E8:E5:BB:95:C2:BE:4D:7C:2B:B4:6C:AE:8D:54:77:2B:CD"}}},"request":{"raw":"OPTIONS /hall/api/agent/promote/binding/reportViewV2 HTTP/1.1\r\nHost: hghjklhh.879ossdatingss003.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: clienttimezone,content-type,device,devicemodel,domain,language,nonce,platformtype,sign,sitecode,timestamp,x-request-id\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nOrigin: https://2ijdl7g2.y9dq7o4ree.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:58:30 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 0\r\nset-cookie: acw_tc=0a0ccafc17674631107275181e5cd90d7c672b7d2b84e94499b55dcd3e98f9;path=/;HttpOnly;Max-Age=1800\r\nx-saas-server-id: f49dcffcc-2sndd|c599b8f64b0be5524ae37165fde6cef8\r\naccess-control-allow-methods: *\r\naccess-control-max-age: 1728000\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: clienttimezone,content-type,device,devicemodel,domain,language,nonce,platformtype,sign,sitecode,timestamp,x-request-id\r\naccess-control-expose-headers: X-Trace-ID, newjwt, token\r\nvia: 1.1 PS-SIN-01RKJ185:13 (W), 1.1 PS-CDG-04Aeg47:24 (W)\r\nx-px: ms PS-CDG-04Aeg47CDG, ms PS-SIN-01RKJ185SIN(origin)\r\nx-ws-request-id: 695958c6_PS-CDG-04Aeg47_17011-11088\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/octet-stream","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T06:47:06.202855Z","times_seen":13363998,"resource_available":true,"data":null}},"time_used":225,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":225,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"879song-1358886481.cos.accelerate.myqcloud.com/879-2/css/style.min.css","fqdn":"879song-1358886481.cos.accelerate.myqcloud.com","domain":"myqcloud.com","tld":"com"},"ip":{"addr":"49.51.131.81","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:23.035Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.cos.eu-frankfurt.myqcloud.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 24 Feb 2025 08:16:09 GMT","end":"Sat, 28 Mar 2026 08:16:08 GMT"},"fingerprint":{"sha1":"5D:6B:83:19:D3:CF:26:95:9A:15:AD:12:4C:FA:7A:A2:B5:80:79:D5","sha256":"80:F6:87:FC:21:53:95:FE:44:5C:DF:56:D6:33:73:25:93:79:C4:83:29:8D:22:E5:B2:32:6E:45:A7:7D:8F:CC"}}},"request":{"raw":"GET /879-2/css/style.min.css HTTP/1.1\r\nHost: 879song-1358886481.cos.accelerate.myqcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: text/css\r\nContent-Length: 7309\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nContent-Disposition: attachment\r\nDate: Sat, 03 Jan 2026 17:58:26 GMT\r\nETag: \"2f57ebbcb79925055010d68dbc7b848e\"\r\nLast-Modified: Mon, 30 Jun 2025 12:56:25 GMT\r\nServer: tencent-cos\r\nx-cos-force-download: true\r\nx-cos-hash-crc64ecma: 7933678404126771782\r\nx-cos-request-id: Njk1OTU4YmZfZDg4ODUxMWRfMjNmMDNfMTM2Yjc0Zg==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7309,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7309), with no line terminators","md5":"2f57ebbcb79925055010d68dbc7b848e","sha1":"b15ceec5ef903114f71b13059f8ee07dc0493f41","sha256":"b93bb6b7dce6d515e2bd0d8485c3181b1c20ee88e1e0ab7cfaaa0c8aaeeefe7d","sha512":"effda7f41dbed7d028cf05e4544ede883eae85c7781fd1b11978790fce3233d3d92661db6117ff89b305456993b8946f21a3df7dfa5c0cd3e50f8ecb4c6aac8b","ssdeep":"96:3zQdbEQFb+tree4IsYI9XJUcps7zG2xkq2P5Y0wSE9LocmZL4O+jwh6ar3r1tj3w:ztreVbb2V2WL6U06arT0","tlshash":"58e1737a9962351dd027e2513de4abdc1538c026e7130b8de51b7a3a8a8f14b09b7acd","first_seen":"2025-07-26T12:48:30.143544Z","last_seen":"2026-03-26T15:35:56.868775Z","times_seen":195,"resource_available":false,"data":null}},"time_used":4221,"timings":{"blocked":865,"dns":714,"connect":20,"send":0,"wait":2472,"receive":4,"ssl":142},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"879song-1358886481.cos.accelerate.myqcloud.com/879-2/img/622535_158x158.js","fqdn":"879song-1358886481.cos.accelerate.myqcloud.com","domain":"myqcloud.com","tld":"com"},"ip":{"addr":"49.51.131.81","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:23.069Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.cos.eu-frankfurt.myqcloud.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 24 Feb 2025 08:16:09 GMT","end":"Sat, 28 Mar 2026 08:16:08 GMT"},"fingerprint":{"sha1":"5D:6B:83:19:D3:CF:26:95:9A:15:AD:12:4C:FA:7A:A2:B5:80:79:D5","sha256":"80:F6:87:FC:21:53:95:FE:44:5C:DF:56:D6:33:73:25:93:79:C4:83:29:8D:22:E5:B2:32:6E:45:A7:7D:8F:CC"}}},"request":{"raw":"GET /879-2/img/622535_158x158.js HTTP/1.1\r\nHost: 879song-1358886481.cos.accelerate.myqcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nContent-Length: 16058\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nContent-Disposition: attachment\r\nDate: Sat, 03 Jan 2026 17:58:26 GMT\r\nETag: \"b8f1359a3029a7727903dbfdb5064e71\"\r\nLast-Modified: Mon, 30 Jun 2025 03:59:14 GMT\r\nServer: tencent-cos\r\nx-cos-force-download: true\r\nx-cos-hash-crc64ecma: 3520160662769116541\r\nx-cos-request-id: Njk1OTU4YzJfZWJiMmYwMDlfOWY5MV8xNGE4MmVi\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16058,"size_decoded":0,"mime_type":"application/javascript","magic":"data","md5":"3cba9d364f65f4a9ceddc9897c64d16b","sha1":"213bd300e46c11900c86a639bad7420fe4c5eacf","sha256":"89979810b5e6e263470bb5195cb212e4c04fd075e8fd91b1eec072e434b524ff","sha512":"63faa9cb6b35559db0b76223f4a44fe8be13b52a82e22baf34a10ab95c2c2f06ffc98a625419eeb4c23f8456a453ade9deba3b783cb8549ffd13fb5cae72c68d","ssdeep":"384:dO8EZN1NvM+H2DKuumGJsAeWTt8IwVo4mIROfCxvpee2rpizIv9gDPC38K2ujdRj:doZNfvV6JubJsA1Tt8m4meNRGpiAk63f","tlshash":"33a2bf579182c3707717e1f83c1306d4a29963e636a1afc9d9307291be4a50f978e9f3","first_seen":"2025-07-26T12:48:30.118177Z","last_seen":"2026-04-04T22:44:40.62348Z","times_seen":193,"resource_available":false,"data":null}},"time_used":3725,"timings":{"blocked":3311,"dns":0,"connect":0,"send":0,"wait":412,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"6ijkwiiwiaxnzijoi56e73yqoiiwagxvkijoihd7wwkeilcj2ijoins6yljqifq.biz/bewcdn.txt?t=1767463110091","fqdn":"6ijkwiiwiaxnzijoi56e73yqoiiwagxvkijoihd7wwkeilcj2ijoins6yljqifq.biz","domain":"6ijkwiiwiaxnzijoi56e73yqoiiwagxvkijoihd7wwkeilcj2ijoins6yljqifq.biz","tld":"biz"},"ip":{"addr":"134.122.175.148","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:30.108Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 02 Jan 2026 18:56:07 GMT","end":"Thu, 02 Apr 2026 18:56:06 GMT"},"fingerprint":{"sha1":"F1:23:3A:0F:A6:51:B0:D8:C3:1D:C2:04:40:CE:50:8A:87:04:0D:E5","sha256":"4D:FF:DF:11:39:33:89:10:FA:7F:18:96:A0:14:C7:F8:FC:D2:3D:5F:6E:B2:64:19:6C:FC:8D:53:D8:0B:FA:45"}}},"request":{"raw":"GET /bewcdn.txt?t=1767463110091 HTTP/1.1\r\nHost: 6ijkwiiwiaxnzijoi56e73yqoiiwagxvkijoihd7wwkeilcj2ijoins6yljqifq.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nOrigin: https://2ijdl7g2.y9dq7o4ree.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, PUT\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Etag\r\naccess-control-max-age: 200\r\ncache-control: s-maxage=31622400,max-age=0,public\r\ncontent-md5: 4KoCHiHd29bYzs7HHpz1ZA==\r\ncontent-type: text/plain\r\ndate: Sat, 03 Jan 2026 17:58:31 GMT\r\netag: \"E0AA021E21DDDBD6D8CECEC71E9CF564\"\r\nlast-modified: Sat, 03 Jan 2026 10:50:25 GMT\r\nserver: AliyunOSS\r\nstrict-transport-security: max-age=31536000\r\nvary: Origin\r\nx-cache: UPDATING\r\nx-oss-hash-crc64ecma: 4312349438756823821\r\nx-oss-meta-version: v7.0.29\r\nx-oss-object-type: Normal\r\nx-oss-request-id: 695958C7F4962B3439408299\r\nx-oss-server-time: 1\r\nx-oss-storage-class: Standard\r\ncontent-length: 2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"e0aa021e21dddbd6d8cecec71e9cf564","sha1":"9ce3bd4224c8c1780db56b4125ecf3f24bf748b7","sha256":"565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3","sha512":"900110c951560eff857b440e89cc29f529416e0e3b3d7f0ad51651bfdbd8025b91768c5ed7db5352d1a5523354ce06ced2c42047e33a3e958a1bba5f742db874","ssdeep":"","tlshash":"c710000000000000000000030000000030000000000000000c000000c0000000000000","first_seen":"2023-03-09T09:04:49Z","last_seen":"2026-04-05T06:47:06.21703Z","times_seen":257817,"resource_available":true,"data":null}},"time_used":3294,"timings":{"blocked":1358,"dns":700,"connect":317,"send":0,"wait":575,"receive":0,"ssl":339},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hghjklhh.879ossdatingss003.com/hall/api/statistics/domain/pointer","fqdn":"hghjklhh.879ossdatingss003.com","domain":"879ossdatingss003.com","tld":"com"},"ip":{"addr":"174.35.102.43","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:30.627Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hghjklhh.879ossdatingss003.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 25 Nov 2025 05:57:28 GMT","end":"Mon, 23 Feb 2026 05:57:27 GMT"},"fingerprint":{"sha1":"64:04:32:BE:39:54:3A:8B:79:67:4B:A3:87:4C:C8:36:78:54:D0:AB","sha256":"E5:E9:B8:82:35:D8:EC:6B:D5:73:6E:78:BF:B8:7C:E8:E5:BB:95:C2:BE:4D:7C:2B:B4:6C:AE:8D:54:77:2B:CD"}}},"request":{"raw":"OPTIONS /hall/api/statistics/domain/pointer HTTP/1.1\r\nHost: hghjklhh.879ossdatingss003.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: clienttimezone,content-type,device,devicemodel,domain,language,nonce,platformtype,sign,sitecode,timestamp,x-request-id\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nOrigin: https://2ijdl7g2.y9dq7o4ree.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:58:31 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 0\r\nset-cookie: acw_tc=0a094e6517674631110922857e4e68cb97ad3a9b31e5b26796896aa68fd72b;path=/;HttpOnly;Max-Age=1800\r\nx-saas-server-id: f49dcffcc-lhnp2|b41847a256eeae5d7ff6ebe991a0d31b\r\naccess-control-allow-methods: *\r\naccess-control-max-age: 1728000\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: clienttimezone,content-type,device,devicemodel,domain,language,nonce,platformtype,sign,sitecode,timestamp,x-request-id\r\naccess-control-expose-headers: X-Trace-ID, newjwt, token\r\nvia: 1.1 jp184:6 (W), 1.1 PS-CDG-04Aeg47:24 (W)\r\nx-px: ms PS-CDG-04Aeg47CDG, ms jp184SIN(origin)\r\nx-ws-request-id: 695958c6_PS-CDG-04Aeg47_17011-11089\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/octet-stream","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T06:47:06.202855Z","times_seen":13363998,"resource_available":true,"data":null}},"time_used":595,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":591,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"146.103.81.165/hall/api/lobby/config/getAppDownloadInfo.json?t=1767463","fqdn":"146.103.81.165","domain":"146.103.81.165","tld":""},"ip":{"addr":"146.103.81.165","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:30.628Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"146.103.81.102","organization":"TXNetworks Beijing Co., Ltd."},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 22 May 2025 09:33:59 GMT","end":"Tue, 23 Jun 2026 09:33:58 GMT"},"fingerprint":{"sha1":"A2:A9:4B:43:6F:D9:56:1B:47:D2:4B:FC:80:BF:DF:30:C2:F6:D2:BA","sha256":"0E:6D:3E:6E:4C:B5:F3:96:13:73:43:88:78:12:08:02:12:46:62:F0:6A:C8:02:4F:D1:83:88:3D:C0:D5:FA:9B"}}},"request":{"raw":"OPTIONS /hall/api/lobby/config/getAppDownloadInfo.json?t=1767463 HTTP/1.1\r\nHost: 146.103.81.165\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: clienttimezone,device,devicemodel,domain,language,nonce,platformtype,sign,sitecode,timestamp,x-request-id\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nOrigin: https://2ijdl7g2.y9dq7o4ree.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:58:30 GMT\r\ncontent-length: 0\r\nserver: AliyunOSS\r\nx-oss-request-id: 695958C6F4962B35325A7E99\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, HEAD, PUT\r\naccess-control-allow-headers: clienttimezone, device, devicemodel, domain, language, nonce, platformtype, sign, sitecode, timestamp, x-request-id\r\naccess-control-expose-headers: Etag\r\naccess-control-max-age: 200\r\nx-oss-server-time: 0\r\nvia: 1.1 PS-HKG-040fc30:0 (W), 1.1 jp18:25 (W)\r\nx-px: ms jp18SIN, ms PS-HKG-040fc30HKG(origin)\r\nx-ws-request-id: 695958c6_jp18_35084-17493\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T06:47:06.202855Z","times_seen":13363998,"resource_available":true,"data":null}},"time_used":224,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":224,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hghjklhh.879ossdatingss003.com/hall/api/agent/promote/binding/reportViewV2","fqdn":"hghjklhh.879ossdatingss003.com","domain":"879ossdatingss003.com","tld":"com"},"ip":{"addr":"174.35.102.43","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:30.856Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hghjklhh.879ossdatingss003.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 25 Nov 2025 05:57:28 GMT","end":"Mon, 23 Feb 2026 05:57:27 GMT"},"fingerprint":{"sha1":"64:04:32:BE:39:54:3A:8B:79:67:4B:A3:87:4C:C8:36:78:54:D0:AB","sha256":"E5:E9:B8:82:35:D8:EC:6B:D5:73:6E:78:BF:B8:7C:E8:E5:BB:95:C2:BE:4D:7C:2B:B4:6C:AE:8D:54:77:2B:CD"}}},"request":{"raw":"POST /hall/api/agent/promote/binding/reportViewV2 HTTP/1.1\r\nHost: hghjklhh.879ossdatingss003.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en;q=0.9, *;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nlanguage: en\r\ndevice: 8abadba07036e1a3c9f0ba61a745fd86\r\nX-Request-Id: 48dc4fe0-95c8-4f8e-be91-02f1453f0ba8\r\ndomain: 2ijdl7g2.y9dq7o4ree.com\r\nclienttimezone: UTC0\r\ndeviceModel: \r\nnonce: 48dc4fe0-95c8-4f8e-be91-02f1453f0ba8\r\ntimestamp: 1767463110\r\nsiteCode: 1658\r\nsign: uz481/3+Avv1c7N1Vehm+mV03MDd8aaYvb5QCIcNNzl2/+L8z+JtCfylqDHaLfl6\r\nplatformtype: 3\r\nContent-Type: application/json\r\nContent-Length: 123\r\nOrigin: https://2ijdl7g2.y9dq7o4ree.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":123,"data":"{\"channel_info\":\"911400\",\"visitor_device\":\"8abadba07036e1a3c9f0ba61a745fd86\",\"accessUrl\":\"https://2ijdl7g2.y9dq7o4ree.com\"}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:58:31 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 100\r\nset-cookie: acw_tc=0a0ccafc17674631109585246e5cd92bf4d0124d28ac3c045653e7f06eacd4;path=/;HttpOnly;Max-Age=1800\r\nx-trace-id: e9ba8a056c034cc8df025d2c10395141\r\nx-env-apisix: 0\r\nx-env-go-biz-agent-server: 0\r\ncache-control: no-cache\r\nx-saas-server-id: f49dcffcc-fndg4|e846a41516f2e5099011dbd00337828e\r\naccess-control-allow-methods: *\r\naccess-control-max-age: 1728000\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: X-Trace-ID, newjwt, token\r\nvia: 1.1 PS-SIN-01RKJ185:13 (W), 1.1 PS-CDG-04Aeg47:24 (W)\r\nx-px: ms PS-CDG-04Aeg47CDG, ms PS-SIN-01RKJ185SIN(origin)\r\nx-ws-request-id: 695958c6_PS-CDG-04Aeg47_17011-11096\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":100,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"9ecbb0ae8fae06b8a1fa3790f423f6ea","sha1":"dc96a378e4bffe32e85df67180eac2aa0b5fa873","sha256":"bceb878f3330682f95ee5a52025c0991e78f46994363da5d3440b81055c6f84e","sha512":"41b74ede32e3d6b4519f3c2c312d4520ca080aa655bccf24a4648c96695700d23e975a75dcd773be77b47e668b4119e4567b239600d4c07eaf71543d3d3fc556","ssdeep":"","tlshash":"88b012d0512ccb424495a375110e1d81eb9e56468c388318ccceaf28c54a06762060b4","first_seen":"2026-01-03T17:59:00.999978Z","last_seen":"2026-01-03T17:59:00.999978Z","times_seen":1,"resource_available":false,"data":null}},"time_used":319,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":316,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"146.103.90.32/ipacdn.txt?t=1767463110094","fqdn":"146.103.90.32","domain":"146.103.90.32","tld":""},"ip":{"addr":"146.103.90.32","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:30.117Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"146.103.90.2","organization":"TXNetworks Beijing Co., Ltd."},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 24 Jun 2025 05:56:15 GMT","end":"Sun, 26 Jul 2026 05:56:14 GMT"},"fingerprint":{"sha1":"9A:F1:E4:5C:A8:A6:BA:2E:F6:D1:AA:09:1A:90:83:14:06:31:E8:88","sha256":"3B:9D:08:BB:60:85:1F:01:AC:A0:C6:3D:5A:14:6F:35:AD:22:9C:1A:84:4A:DC:3B:9A:CE:80:97:43:A0:CC:F8"}}},"request":{"raw":"GET /ipacdn.txt?t=1767463110094 HTTP/1.1\r\nHost: 146.103.90.32\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nOrigin: https://2ijdl7g2.y9dq7o4ree.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:58:30 GMT\r\ncontent-type: text/plain\r\ncontent-length: 2\r\nset-cookie: acw_tc=0a0ccafd17674631108793068e4ff5cd44ba881b17cd81b55e22bcfb01a0f7;path=/;HttpOnly;Max-Age=1800\r\ncache-control: s-maxage=315360000,max-age=0,public\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 3600\r\naccess-control-allow-credentials: true\r\nvia: 1.1 PS-SIN-047qh52:15 (W), 1.1 jp18:8 (W)\r\nx-px: ms jp18SIN, ms PS-SIN-047qh52SIN(origin)\r\nx-ws-request-id: 695958c6_jp18_32260-51064\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"e0aa021e21dddbd6d8cecec71e9cf564","sha1":"9ce3bd4224c8c1780db56b4125ecf3f24bf748b7","sha256":"565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3","sha512":"900110c951560eff857b440e89cc29f529416e0e3b3d7f0ad51651bfdbd8025b91768c5ed7db5352d1a5523354ce06ced2c42047e33a3e958a1bba5f742db874","ssdeep":"","tlshash":"c710000000000000000000030000000030000000000000000c000000c0000000000000","first_seen":"2023-03-09T09:04:49Z","last_seen":"2026-04-05T06:47:06.21703Z","times_seen":257817,"resource_available":true,"data":null}},"time_used":860,"timings":{"blocked":-1,"dns":0,"connect":173,"send":0,"wait":190,"receive":0,"ssl":497},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"6ijkwiiwiaxnzijoi56e70yqoiiwagxvkijoihd7wwkeilcj2ijoins6yljqifq.biz/bewcdn.txt?t=1767463112062","fqdn":"6ijkwiiwiaxnzijoi56e70yqoiiwagxvkijoihd7wwkeilcj2ijoins6yljqifq.biz","domain":"6ijkwiiwiaxnzijoi56e70yqoiiwagxvkijoihd7wwkeilcj2ijoins6yljqifq.biz","tld":"biz"},"ip":{"addr":"118.107.9.42","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:32.077Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 02 Jan 2026 18:55:45 GMT","end":"Thu, 02 Apr 2026 18:55:44 GMT"},"fingerprint":{"sha1":"83:E8:1C:E4:36:FB:DF:C2:CA:15:BC:A4:36:88:93:A2:29:BC:69:7D","sha256":"47:03:A8:76:AF:4B:E5:A3:F1:3C:5F:73:FB:F0:D4:8A:C2:60:DE:31:B0:88:DB:B4:5F:96:D3:13:B4:E1:9C:B6"}}},"request":{"raw":"GET /bewcdn.txt?t=1767463112062 HTTP/1.1\r\nHost: 6ijkwiiwiaxnzijoi56e70yqoiiwagxvkijoihd7wwkeilcj2ijoins6yljqifq.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nOrigin: https://2ijdl7g2.y9dq7o4ree.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, PUT\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Etag\r\naccess-control-max-age: 200\r\ncache-control: s-maxage=31622400,max-age=0,public\r\ncontent-md5: 4KoCHiHd29bYzs7HHpz1ZA==\r\ncontent-type: text/plain\r\ndate: Sat, 03 Jan 2026 17:58:33 GMT\r\netag: \"E0AA021E21DDDBD6D8CECEC71E9CF564\"\r\nlast-modified: Sat, 03 Jan 2026 10:50:25 GMT\r\nserver: AliyunOSS\r\nstrict-transport-security: max-age=31536000\r\nvary: Origin\r\nx-cache: UPDATING\r\nx-oss-hash-crc64ecma: 4312349438756823821\r\nx-oss-meta-version: v7.0.29\r\nx-oss-object-type: Normal\r\nx-oss-request-id: 695958C9337D79383478CBF9\r\nx-oss-server-time: 2\r\nx-oss-storage-class: Standard\r\ncontent-length: 2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"e0aa021e21dddbd6d8cecec71e9cf564","sha1":"9ce3bd4224c8c1780db56b4125ecf3f24bf748b7","sha256":"565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3","sha512":"900110c951560eff857b440e89cc29f529416e0e3b3d7f0ad51651bfdbd8025b91768c5ed7db5352d1a5523354ce06ced2c42047e33a3e958a1bba5f742db874","ssdeep":"","tlshash":"c710000000000000000000030000000030000000000000000c000000c0000000000000","first_seen":"2023-03-09T09:04:49Z","last_seen":"2026-04-05T06:47:06.21703Z","times_seen":257817,"resource_available":true,"data":null}},"time_used":2459,"timings":{"blocked":1051,"dns":363,"connect":339,"send":0,"wait":352,"receive":1,"ssl":350},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"879.bigo.h5.awardg.com/879/cg-download-lib.umd.js","fqdn":"879.bigo.h5.awardg.com","domain":"awardg.com","tld":"com"},"ip":{"addr":"125.94.244.5","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:23.044Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.0505.h5.awardg.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 10:15:12 GMT","end":"Tue, 31 Mar 2026 10:15:11 GMT"},"fingerprint":{"sha1":"72:F7:01:64:F2:2C:06:5E:6D:B2:75:15:E8:05:D8:EF:F6:30:E0:50","sha256":"29:C5:AB:C5:4B:1C:2F:9F:4E:51:17:77:1B:5F:E0:A4:BB:D3:82:51:80:F7:04:AA:F4:E1:EE:0C:01:AB:E5:88"}}},"request":{"raw":"GET /879/cg-download-lib.umd.js HTTP/1.1\r\nHost: 879.bigo.h5.awardg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Encoding: gzip\r\nContent-Type: application/javascript\r\nDate: Thu, 01 Jan 2026 09:23:55 GMT\r\nEtag: W/\"68a4d483-2cc12\"\r\nLast-Modified: Thu, 01 Jan 2026 09:23:54 GMT\r\nServer: openresty\r\nVary: Accept-Encoding\r\nX-Cache: HIT, server, disk\r\nTransfer-Encoding: chunked\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":183314,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (26618)","md5":"2098edecc98713b59fdbbc17908c30e8","sha1":"2b6ddf9d0551ca386e8e7bebd89ae518dfc1e3ea","sha256":"56ee10bd93c1350af346e4e9cdeca03e9d96b1f033ef84537282bea16c93dce1","sha512":"7bf83a46928e081539aeda20941942b17273997676f0523d80f9ef21b7b9c3d0230ea0e71e385d2c500bfd1d83d2350269da078539260ae30b81640f15ac4e61","ssdeep":"3072:0uphfMBqtaIGqLOZR62CWlCqE8rU7b3sy:0yEUtBjL4Ro4ZDrUH3sy","tlshash":"51045ad97282b0a193f718e0003f100bb37a69663849c598f169f9df3da948a51b7f7d","first_seen":"2025-08-03T01:45:23.616467Z","last_seen":"2026-04-05T00:12:20.185897Z","times_seen":787,"resource_available":true,"data":null}},"time_used":3146,"timings":{"blocked":1103,"dns":584,"connect":263,"send":0,"wait":265,"receive":654,"ssl":272},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"879song-1358886481.cos.accelerate.myqcloud.com/879-2/img/4fece6_158x158.js","fqdn":"879song-1358886481.cos.accelerate.myqcloud.com","domain":"myqcloud.com","tld":"com"},"ip":{"addr":"49.51.131.81","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:23.062Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.cos.eu-frankfurt.myqcloud.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 24 Feb 2025 08:16:09 GMT","end":"Sat, 28 Mar 2026 08:16:08 GMT"},"fingerprint":{"sha1":"5D:6B:83:19:D3:CF:26:95:9A:15:AD:12:4C:FA:7A:A2:B5:80:79:D5","sha256":"80:F6:87:FC:21:53:95:FE:44:5C:DF:56:D6:33:73:25:93:79:C4:83:29:8D:22:E5:B2:32:6E:45:A7:7D:8F:CC"}}},"request":{"raw":"GET /879-2/img/4fece6_158x158.js HTTP/1.1\r\nHost: 879song-1358886481.cos.accelerate.myqcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nContent-Length: 19718\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nContent-Disposition: attachment\r\nDate: Sat, 03 Jan 2026 17:58:26 GMT\r\nETag: \"48e069e238966a90aaf57169276fd63f\"\r\nLast-Modified: Mon, 30 Jun 2025 03:59:13 GMT\r\nServer: tencent-cos\r\nx-cos-force-download: true\r\nx-cos-hash-crc64ecma: 3141950072352618380\r\nx-cos-request-id: Njk1OTU4YzJfZDg4ODUxMWRfMjNlZTFfMTJmNWQ5NQ==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19718,"size_decoded":0,"mime_type":"application/javascript","magic":"data","md5":"bf52b888de81a75d4af3ca00fd72cd2e","sha1":"9109d4a08eb55c23f3949a7a84b7311762ed6806","sha256":"4801083e6c881cfbaa85aefaa7d180deb8eee643a7054418356993cfbe9cfc09","sha512":"7cf361c4f3a7682f7aabe41972ca0594c34d07abdb42a4f9a6a29b66e359dc5c1f2e95edf945b64d16afcc371acbad81c3f0d205efc57fcebcfc34fb8e00cc97","ssdeep":"768:fTo9M3hUAWDKj8ugpIfjhSDRB3FP09djrtii4N:7oOxdW68PIfdaB3FP6djrtih","tlshash":"81d2e10382e1d360d7c24afc745ba1e0a024269cfb8db690e439ded89ade239614f066","first_seen":"2025-07-26T12:48:30.131206Z","last_seen":"2026-04-04T22:44:40.637042Z","times_seen":193,"resource_available":false,"data":null}},"time_used":3739,"timings":{"blocked":3318,"dns":0,"connect":0,"send":0,"wait":419,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"879song-1358886481.cos.accelerate.myqcloud.com/879-2/img/814fae_121x206.js","fqdn":"879song-1358886481.cos.accelerate.myqcloud.com","domain":"myqcloud.com","tld":"com"},"ip":{"addr":"49.51.131.81","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:23.094Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.cos.eu-frankfurt.myqcloud.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 24 Feb 2025 08:16:09 GMT","end":"Sat, 28 Mar 2026 08:16:08 GMT"},"fingerprint":{"sha1":"5D:6B:83:19:D3:CF:26:95:9A:15:AD:12:4C:FA:7A:A2:B5:80:79:D5","sha256":"80:F6:87:FC:21:53:95:FE:44:5C:DF:56:D6:33:73:25:93:79:C4:83:29:8D:22:E5:B2:32:6E:45:A7:7D:8F:CC"}}},"request":{"raw":"GET /879-2/img/814fae_121x206.js HTTP/1.1\r\nHost: 879song-1358886481.cos.accelerate.myqcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nContent-Length: 12109\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nContent-Disposition: attachment\r\nDate: Sat, 03 Jan 2026 17:58:28 GMT\r\nETag: \"8d1640a8c13bc915c50de270b9678929\"\r\nLast-Modified: Mon, 30 Jun 2025 03:59:14 GMT\r\nServer: tencent-cos\r\nx-cos-force-download: true\r\nx-cos-hash-crc64ecma: 10689541442602131318\r\nx-cos-request-id: Njk1OTU4YzRfNmMwODdkMWRfMjc0NDhfMTVkYmZkZA==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12109,"size_decoded":0,"mime_type":"application/javascript","magic":"data","md5":"87ca45bd87db7d04e28e1146f7ffb8f8","sha1":"d4c938ce031c990c2db2bb866f0e2ac71ab21891","sha256":"45cebc4202184a06b246cda442424455f61bbb7d5b7c096be4be25afea73e5d8","sha512":"3a47f43e34a091abb3189166df692bc68351d367856e5c65db1b4d9ba5ba0f3e07c59e53bd0ac5f7b3bd90b222a89ec231689453b5186f4d048222d3970a6160","ssdeep":"384:j9glCIzmoSfMdcM7HuQnWSDgfkxwkq7bEA1mdD:jKBS0dcM7O7SDgawxh1ED","tlshash":"4572be27419273f0f7bac0f9c54611d8f4ca32adf6aa2c65c261a3a41c5d0b9673e7d2","first_seen":"2025-07-26T12:48:30.114835Z","last_seen":"2026-04-04T22:44:40.639874Z","times_seen":193,"resource_available":false,"data":null}},"time_used":5399,"timings":{"blocked":4970,"dns":0,"connect":0,"send":0,"wait":428,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"6ijkwiiwiaxnzijoi56e74yqoiiwagxvkijoihd7wwkeilcj2ijoins6yljqifq.biz/bewcdn.txt?t=1767463112060","fqdn":"6ijkwiiwiaxnzijoi56e74yqoiiwagxvkijoihd7wwkeilcj2ijoins6yljqifq.biz","domain":"6ijkwiiwiaxnzijoi56e74yqoiiwagxvkijoihd7wwkeilcj2ijoins6yljqifq.biz","tld":"biz"},"ip":{"addr":"14.128.63.157","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:32.072Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 02 Jan 2026 18:55:58 GMT","end":"Thu, 02 Apr 2026 18:55:57 GMT"},"fingerprint":{"sha1":"64:AE:AB:E0:0B:8F:0D:BB:E3:A7:3E:21:D4:81:46:21:D9:8C:EE:87","sha256":"39:3E:EB:35:E3:1E:49:CE:D0:1A:31:DE:A6:22:6B:04:51:00:3C:A9:7C:7D:0F:B0:31:65:E4:CC:BF:50:8C:E7"}}},"request":{"raw":"GET /bewcdn.txt?t=1767463112060 HTTP/1.1\r\nHost: 6ijkwiiwiaxnzijoi56e74yqoiiwagxvkijoihd7wwkeilcj2ijoins6yljqifq.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nOrigin: https://2ijdl7g2.y9dq7o4ree.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, PUT\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Etag\r\naccess-control-max-age: 200\r\ncache-control: s-maxage=31622400,max-age=0,public\r\ncontent-md5: 4KoCHiHd29bYzs7HHpz1ZA==\r\ncontent-type: text/plain\r\ndate: Sat, 03 Jan 2026 17:58:33 GMT\r\netag: \"E0AA021E21DDDBD6D8CECEC71E9CF564\"\r\nlast-modified: Sat, 03 Jan 2026 10:50:25 GMT\r\nserver: AliyunOSS\r\nstrict-transport-security: max-age=31536000\r\nvary: Origin\r\nx-cache: UPDATING\r\nx-oss-hash-crc64ecma: 4312349438756823821\r\nx-oss-meta-version: v7.0.29\r\nx-oss-object-type: Normal\r\nx-oss-request-id: 695958C901B8FA3830B228F8\r\nx-oss-server-time: 1\r\nx-oss-storage-class: Standard\r\ncontent-length: 2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"e0aa021e21dddbd6d8cecec71e9cf564","sha1":"9ce3bd4224c8c1780db56b4125ecf3f24bf748b7","sha256":"565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3","sha512":"900110c951560eff857b440e89cc29f529416e0e3b3d7f0ad51651bfdbd8025b91768c5ed7db5352d1a5523354ce06ced2c42047e33a3e958a1bba5f742db874","ssdeep":"","tlshash":"c710000000000000000000030000000030000000000000000c000000c0000000000000","first_seen":"2023-03-09T09:04:49Z","last_seen":"2026-04-05T06:47:06.21703Z","times_seen":257817,"resource_available":true,"data":null}},"time_used":2336,"timings":{"blocked":1001,"dns":358,"connect":316,"send":0,"wait":330,"receive":0,"ssl":326},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ddkid.blog/","fqdn":"ddkid.blog","domain":"ddkid.blog","tld":"blog"},"ip":{"addr":"165.22.154.225","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-03T17:58:18.395Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ddkid.blog","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 16:53:37 GMT","end":"Sat, 28 Mar 2026 16:53:36 GMT"},"fingerprint":{"sha1":"D5:61:74:C9:74:9B:EB:97:D2:E7:EE:98:4D:49:B2:3C:4C:90:35:5D","sha256":"10:30:D2:12:E2:49:CB:16:7F:4A:9F:8E:B3:85:8C:BA:B9:A8:95:41:A8:56:B5:A7:AE:6C:8C:0E:32:C4:22:79"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ddkid.blog\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Sat, 03 Jan 2026 17:58:20 GMT\r\nlocation: https://2ijdl7g2.y9dq7o4ree.com?cid=911400\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-302: SkipV2\r\nx-cache: BYPASS\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7988,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T06:47:06.202855Z","times_seen":13363998,"resource_available":true,"data":null}},"time_used":3966,"timings":{"blocked":1793,"dns":1452,"connect":162,"send":0,"wait":381,"receive":0,"ssl":174},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"ddkid.blog","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"ddkid.blog","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fsguf.uk/normal/speed.png?t=1767463110125","fqdn":"fsguf.uk","domain":"fsguf.uk","tld":"uk"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:30.129Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /normal/speed.png?t=1767463110125 HTTP/1.1\r\nHost: fsguf.uk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nOrigin: https://2ijdl7g2.y9dq7o4ree.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T06:47:06.202855Z","times_seen":13363998,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"fsguf.uk","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"6ijkwiiwiaxnzijoi56e90yqoiiwagxvkijoihd7wwkeilcj2ijoins6yljqifq.biz/bewcdn.txt?t=1767463112061","fqdn":"6ijkwiiwiaxnzijoi56e90yqoiiwagxvkijoihd7wwkeilcj2ijoins6yljqifq.biz","domain":"6ijkwiiwiaxnzijoi56e90yqoiiwagxvkijoihd7wwkeilcj2ijoins6yljqifq.biz","tld":"biz"},"ip":{"addr":"134.122.196.115","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:32.075Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 02 Jan 2026 18:56:12 GMT","end":"Thu, 02 Apr 2026 18:56:11 GMT"},"fingerprint":{"sha1":"E8:45:82:2B:FC:A9:6F:D3:70:0C:87:23:57:F0:58:FD:AD:98:18:F3","sha256":"11:94:EC:66:E9:C6:93:F7:19:89:8A:A4:E4:44:D7:F7:DF:B2:12:0E:34:3D:E6:43:EB:75:56:74:A3:89:27:A2"}}},"request":{"raw":"GET /bewcdn.txt?t=1767463112061 HTTP/1.1\r\nHost: 6ijkwiiwiaxnzijoi56e90yqoiiwagxvkijoihd7wwkeilcj2ijoins6yljqifq.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nOrigin: https://2ijdl7g2.y9dq7o4ree.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, PUT\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Etag\r\naccess-control-max-age: 200\r\ncache-control: s-maxage=31622400,max-age=0,public\r\ncontent-md5: 4KoCHiHd29bYzs7HHpz1ZA==\r\ncontent-type: text/plain\r\ndate: Sat, 03 Jan 2026 17:58:33 GMT\r\netag: \"E0AA021E21DDDBD6D8CECEC71E9CF564\"\r\nlast-modified: Sat, 03 Jan 2026 10:50:25 GMT\r\nserver: AliyunOSS\r\nstrict-transport-security: max-age=31536000\r\nvary: Origin\r\nx-cache: UPDATING\r\nx-oss-hash-crc64ecma: 4312349438756823821\r\nx-oss-meta-version: v7.0.29\r\nx-oss-object-type: Normal\r\nx-oss-request-id: 695958C930856F32344C2A0F\r\nx-oss-server-time: 1\r\nx-oss-storage-class: Standard\r\ncontent-length: 2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"e0aa021e21dddbd6d8cecec71e9cf564","sha1":"9ce3bd4224c8c1780db56b4125ecf3f24bf748b7","sha256":"565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3","sha512":"900110c951560eff857b440e89cc29f529416e0e3b3d7f0ad51651bfdbd8025b91768c5ed7db5352d1a5523354ce06ced2c42047e33a3e958a1bba5f742db874","ssdeep":"","tlshash":"c710000000000000000000030000000030000000000000000c000000c0000000000000","first_seen":"2023-03-09T09:04:49Z","last_seen":"2026-04-05T06:47:06.21703Z","times_seen":257817,"resource_available":true,"data":null}},"time_used":2241,"timings":{"blocked":952,"dns":305,"connect":317,"send":0,"wait":332,"receive":1,"ssl":330},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"6ijkwiiwiaxnzijoi56e72yqoiiwagxvkijoihd7wwkeilcj2ijoins6yljqifq.biz/bewcdn.txt?t=1767463112061","fqdn":"6ijkwiiwiaxnzijoi56e72yqoiiwagxvkijoihd7wwkeilcj2ijoins6yljqifq.biz","domain":"6ijkwiiwiaxnzijoi56e72yqoiiwagxvkijoihd7wwkeilcj2ijoins6yljqifq.biz","tld":"biz"},"ip":{"addr":"134.122.135.253","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:32.076Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 02 Jan 2026 18:56:03 GMT","end":"Thu, 02 Apr 2026 18:56:02 GMT"},"fingerprint":{"sha1":"50:F7:5A:F8:7F:45:1F:D5:5E:B8:5C:32:61:1E:CA:E2:04:14:57:8B","sha256":"54:0B:DA:59:D3:D4:17:75:B5:0C:AE:D9:22:5C:54:FA:88:F5:E5:8D:A8:D3:7B:81:B3:12:35:37:BD:B0:E5:A1"}}},"request":{"raw":"GET /bewcdn.txt?t=1767463112061 HTTP/1.1\r\nHost: 6ijkwiiwiaxnzijoi56e72yqoiiwagxvkijoihd7wwkeilcj2ijoins6yljqifq.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nOrigin: https://2ijdl7g2.y9dq7o4ree.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, PUT\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Etag\r\naccess-control-max-age: 200\r\ncache-control: s-maxage=31622400,max-age=0,public\r\ncontent-md5: 4KoCHiHd29bYzs7HHpz1ZA==\r\ncontent-type: text/plain\r\ndate: Sat, 03 Jan 2026 17:58:33 GMT\r\netag: \"E0AA021E21DDDBD6D8CECEC71E9CF564\"\r\nlast-modified: Sat, 03 Jan 2026 10:50:25 GMT\r\nserver: AliyunOSS\r\nstrict-transport-security: max-age=31536000\r\nvary: Origin\r\nx-cache: UPDATING\r\nx-oss-hash-crc64ecma: 4312349438756823821\r\nx-oss-meta-version: v7.0.29\r\nx-oss-object-type: Normal\r\nx-oss-request-id: 695958C901B8FA3334102AF8\r\nx-oss-server-time: 1\r\nx-oss-storage-class: Standard\r\ncontent-length: 2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":2,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"e0aa021e21dddbd6d8cecec71e9cf564","sha1":"9ce3bd4224c8c1780db56b4125ecf3f24bf748b7","sha256":"565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3","sha512":"900110c951560eff857b440e89cc29f529416e0e3b3d7f0ad51651bfdbd8025b91768c5ed7db5352d1a5523354ce06ced2c42047e33a3e958a1bba5f742db874","ssdeep":"","tlshash":"c710000000000000000000030000000030000000000000000c000000c0000000000000","first_seen":"2023-03-09T09:04:49Z","last_seen":"2026-04-05T06:47:06.21703Z","times_seen":257817,"resource_available":true,"data":null}},"time_used":3027,"timings":{"blocked":1318,"dns":668,"connect":320,"send":0,"wait":386,"receive":0,"ssl":332},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"879song-1358886481.cos.accelerate.myqcloud.com/879-2/js/rem.js","fqdn":"879song-1358886481.cos.accelerate.myqcloud.com","domain":"myqcloud.com","tld":"com"},"ip":{"addr":"49.51.131.81","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:23.042Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.cos.eu-frankfurt.myqcloud.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 24 Feb 2025 08:16:09 GMT","end":"Sat, 28 Mar 2026 08:16:08 GMT"},"fingerprint":{"sha1":"5D:6B:83:19:D3:CF:26:95:9A:15:AD:12:4C:FA:7A:A2:B5:80:79:D5","sha256":"80:F6:87:FC:21:53:95:FE:44:5C:DF:56:D6:33:73:25:93:79:C4:83:29:8D:22:E5:B2:32:6E:45:A7:7D:8F:CC"}}},"request":{"raw":"GET /879-2/js/rem.js HTTP/1.1\r\nHost: 879song-1358886481.cos.accelerate.myqcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nContent-Length: 843\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nContent-Disposition: attachment\r\nDate: Sat, 03 Jan 2026 17:58:26 GMT\r\nETag: \"64be87678d5c1ca1c6a5407022de0a60\"\r\nLast-Modified: Mon, 30 Jun 2025 03:59:11 GMT\r\nServer: tencent-cos\r\nx-cos-force-download: true\r\nx-cos-hash-crc64ecma: 1382663547486533972\r\nx-cos-request-id: Njk1OTU4YmZfNmMwODdkMWRfMjc0MWVfMTMyM2Y0MQ==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":843,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with CRLF line terminators","md5":"e74e945fcc19cbd1d5276e5d4548d525","sha1":"8236e3f3fc64916f9f7f65e8aa2680c9302f0858","sha256":"33442081f56c808935dba715de506e29ebf99eea4d997a64818edb9081369fa5","sha512":"a31082fa7c4afd5138b6f5048ea64b3fced8635505c69b56b2de5168b699069401b415f26eb42ed6ccdbc8e8c8db6f50618fea5890565ed5404f360176907245","ssdeep":"","tlshash":"8a01f166644125384b2b0009a925726cfeb7811303235283f45cae766fb0e430ab1fdc","first_seen":"2023-03-07T12:23:57Z","last_seen":"2026-04-05T05:33:11.485767Z","times_seen":14239,"resource_available":true,"data":null}},"time_used":4201,"timings":{"blocked":859,"dns":711,"connect":23,"send":0,"wait":2465,"receive":0,"ssl":128},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"879song-1358886481.cos.accelerate.myqcloud.com/879-2/img/a4e541_158x158.js","fqdn":"879song-1358886481.cos.accelerate.myqcloud.com","domain":"myqcloud.com","tld":"com"},"ip":{"addr":"49.51.131.81","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:23.079Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.cos.eu-frankfurt.myqcloud.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 24 Feb 2025 08:16:09 GMT","end":"Sat, 28 Mar 2026 08:16:08 GMT"},"fingerprint":{"sha1":"5D:6B:83:19:D3:CF:26:95:9A:15:AD:12:4C:FA:7A:A2:B5:80:79:D5","sha256":"80:F6:87:FC:21:53:95:FE:44:5C:DF:56:D6:33:73:25:93:79:C4:83:29:8D:22:E5:B2:32:6E:45:A7:7D:8F:CC"}}},"request":{"raw":"GET /879-2/img/a4e541_158x158.js HTTP/1.1\r\nHost: 879song-1358886481.cos.accelerate.myqcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nContent-Length: 14779\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nContent-Disposition: attachment\r\nDate: Sat, 03 Jan 2026 17:58:27 GMT\r\nETag: \"6c93c63680eb4b32b1d112d0d4bf3676\"\r\nLast-Modified: Mon, 30 Jun 2025 03:59:15 GMT\r\nServer: tencent-cos\r\nx-cos-force-download: true\r\nx-cos-hash-crc64ecma: 6045619344561903408\r\nx-cos-request-id: Njk1OTU4YzJfZDg4ODUxMWRfMjNmNTdfMTQwNGE2MQ==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14779,"size_decoded":0,"mime_type":"application/javascript","magic":"data","md5":"785dd97e35a94ed88101cf37d68d98fb","sha1":"648c0816ec3c76411dd003c62e3fc40a24d549ec","sha256":"5c360413da7d43f992c46447e89823aeb5cdc1640134b8ca518f4ddda3c24cd4","sha512":"1d067f812c4059f10f518d0c7856d327e545cbb5635e229693cf922baa89f529ed23c8e534d19f7477e50d2e17afadc26aaf93ab31f230e701404ae60276b630","ssdeep":"384:z7Hx1c+/Mxj75RqM38nC++9V67kwpI2/AfC55Vvj3Vo/nreTBqByJvX2LjDAQDn9:zIwGjiM38C+CUo0Af8VvRYqEQJPQVlv","tlshash":"eda2be135331e37182ca89ff2d63a5c47a136f6cf2fa69c2c279d1112a9a227315dcd6","first_seen":"2025-07-26T12:48:30.133075Z","last_seen":"2026-04-04T22:44:40.629284Z","times_seen":193,"resource_available":false,"data":null}},"time_used":4131,"timings":{"blocked":3721,"dns":0,"connect":0,"send":0,"wait":409,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"879song-1358886481.cos.accelerate.myqcloud.com/879-2/img/e779a0_458x128.js","fqdn":"879song-1358886481.cos.accelerate.myqcloud.com","domain":"myqcloud.com","tld":"com"},"ip":{"addr":"49.51.131.81","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:26.490Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.cos.eu-frankfurt.myqcloud.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 24 Feb 2025 08:16:09 GMT","end":"Sat, 28 Mar 2026 08:16:08 GMT"},"fingerprint":{"sha1":"5D:6B:83:19:D3:CF:26:95:9A:15:AD:12:4C:FA:7A:A2:B5:80:79:D5","sha256":"80:F6:87:FC:21:53:95:FE:44:5C:DF:56:D6:33:73:25:93:79:C4:83:29:8D:22:E5:B2:32:6E:45:A7:7D:8F:CC"}}},"request":{"raw":"GET /879-2/img/e779a0_458x128.js HTTP/1.1\r\nHost: 879song-1358886481.cos.accelerate.myqcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://879song-1358886481.cos.accelerate.myqcloud.com/879-2/css/style.min.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nContent-Length: 108565\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nContent-Disposition: attachment\r\nDate: Sat, 03 Jan 2026 17:58:27 GMT\r\nETag: \"86e7a1cd3f150e32b625461c4960b9d9\"\r\nLast-Modified: Mon, 30 Jun 2025 03:59:15 GMT\r\nServer: tencent-cos\r\nx-cos-force-download: true\r\nx-cos-hash-crc64ecma: 12632047051208674705\r\nx-cos-request-id: Njk1OTU4YzJfNmMwODdkMWRfMjczYzVfMTJhZDE5Ng==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":108565,"size_decoded":0,"mime_type":"application/javascript","magic":"GIF image data, version 89a, 35523 x 49665","md5":"9587941d19f82cfd2ff4a8dc03dc4700","sha1":"5ec4a94a2754e5b7508fad3b31ee88cb7c65b977","sha256":"de6aa2770cd2fb99c78b8276166f992c9fce8c001999b4ac8ca7118ae019908e","sha512":"2aa1a92cb16c9d1ed193148e4d5f7b5a43dc67ef0768a85365fd8c0152e4642a207b7b8f864c69a3be140641980c32e8d2b0a51582883a8189f6e30aa4e08318","ssdeep":"3072:AaRUTu613jrvRfGtVC7VCGY+AO82569AhguglOkoNvJ:v61TrvRfYC7Vg+AxsWAhFglOkoNB","tlshash":"32f3e1036265f330d1b2d2f95e1157e07a0aea98f2dbad50d224d0712ddb23a63ed5e3","first_seen":"2025-07-26T12:48:30.141057Z","last_seen":"2026-04-04T22:44:40.635011Z","times_seen":186,"resource_available":false,"data":null}},"time_used":754,"timings":{"blocked":308,"dns":0,"connect":0,"send":0,"wait":421,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"879song-1358886481.cos.accelerate.myqcloud.com/879-2/img/47a482_750x120.js","fqdn":"879song-1358886481.cos.accelerate.myqcloud.com","domain":"myqcloud.com","tld":"com"},"ip":{"addr":"49.51.131.81","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:23.048Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.cos.eu-frankfurt.myqcloud.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 24 Feb 2025 08:16:09 GMT","end":"Sat, 28 Mar 2026 08:16:08 GMT"},"fingerprint":{"sha1":"5D:6B:83:19:D3:CF:26:95:9A:15:AD:12:4C:FA:7A:A2:B5:80:79:D5","sha256":"80:F6:87:FC:21:53:95:FE:44:5C:DF:56:D6:33:73:25:93:79:C4:83:29:8D:22:E5:B2:32:6E:45:A7:7D:8F:CC"}}},"request":{"raw":"GET /879-2/img/47a482_750x120.js HTTP/1.1\r\nHost: 879song-1358886481.cos.accelerate.myqcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nContent-Length: 19057\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nContent-Disposition: attachment\r\nDate: Sat, 03 Jan 2026 17:58:27 GMT\r\nETag: \"f984eb034792a65fe08274c39fb57cb2\"\r\nLast-Modified: Mon, 30 Jun 2025 03:59:13 GMT\r\nServer: tencent-cos\r\nx-cos-force-download: true\r\nx-cos-hash-crc64ecma: 10595592079194965762\r\nx-cos-request-id: Njk1OTU4YzNfZWJiMmYwMDlfOWY5NV8xNGJkNjdk\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19057,"size_decoded":0,"mime_type":"application/javascript","magic":"data","md5":"bf01ed044bcfeee7302214a40777b23e","sha1":"abfb2cb87e6f8950a9388f568b0d56d0fc180195","sha256":"4519536cf765f5bc9400395b597f0ced346cacc0d0e49b14c95a64f14fe6d0f5","sha512":"2972283f27794f48a3f8b11fd3d1bebb45063d9dc8649c7bf7365b78f418d2a15f029db4e4cc1e7aa2e68ed56cfab113ee5f0a415be8625ae0babcb1297133bd","ssdeep":"768:ffyVYnpp3vrbm9FuRfNAzyIWRW1nDjCRGpyyUmHbW+sR:f6VYj5V9tOnDjZpnUSWRR","tlshash":"02c2e0436503d759e6be24f68c7507d87724af8e07d9ec80e524c3a0b88b239a19ecf1","first_seen":"2025-07-26T12:48:30.137324Z","last_seen":"2026-04-04T22:44:40.636468Z","times_seen":194,"resource_available":false,"data":null}},"time_used":4782,"timings":{"blocked":4359,"dns":0,"connect":0,"send":0,"wait":421,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"879song-1358886481.cos.accelerate.myqcloud.com/879-2/img/a195f2_158x158.js","fqdn":"879song-1358886481.cos.accelerate.myqcloud.com","domain":"myqcloud.com","tld":"com"},"ip":{"addr":"49.51.131.81","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:23.065Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.cos.eu-frankfurt.myqcloud.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 24 Feb 2025 08:16:09 GMT","end":"Sat, 28 Mar 2026 08:16:08 GMT"},"fingerprint":{"sha1":"5D:6B:83:19:D3:CF:26:95:9A:15:AD:12:4C:FA:7A:A2:B5:80:79:D5","sha256":"80:F6:87:FC:21:53:95:FE:44:5C:DF:56:D6:33:73:25:93:79:C4:83:29:8D:22:E5:B2:32:6E:45:A7:7D:8F:CC"}}},"request":{"raw":"GET /879-2/img/a195f2_158x158.js HTTP/1.1\r\nHost: 879song-1358886481.cos.accelerate.myqcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nContent-Length: 16548\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nContent-Disposition: attachment\r\nDate: Sat, 03 Jan 2026 17:58:27 GMT\r\nETag: \"6678a5331cc3cea86d540e7d52818e69\"\r\nLast-Modified: Mon, 30 Jun 2025 03:59:15 GMT\r\nServer: tencent-cos\r\nx-cos-force-download: true\r\nx-cos-hash-crc64ecma: 3322812260507646801\r\nx-cos-request-id: Njk1OTU4YzJfNDQxODA2MDlfMTViMTFfZTdiNzdm\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16548,"size_decoded":0,"mime_type":"application/javascript","magic":"data","md5":"3b5271dcb3ae5c26469219cbf8c6cc2c","sha1":"5fe25fca07b17c3081a0b10ecaeae354a422df88","sha256":"db3b78635bfcd2edd76d6c5fdde734f09fb014092db01c8904e334d48c7a54f3","sha512":"1981a57e595c05302961471c83eae19da82e9cd0ab86fd93de4d5f80ce30efb24b8a90ecf3e22a27193454d34b9eb0c43b659e6b452ebeea0219092f2030f7cb","ssdeep":"384:xU4aCf7CJMdwjvnWWriWgJ3g9ewcWJ4DRoqn+o8vdgcc6u8DZlyiJRdoXQOCF:xU4aCj4ywrnWvI8HDRLgiccxM7huQ/F","tlshash":"3eb2d0166205ebf1d0369bf56c6069c47900aeabe176ae61f73047a517c70083bbcece","first_seen":"2025-07-26T12:48:30.148832Z","last_seen":"2026-04-04T22:44:40.620555Z","times_seen":193,"resource_available":false,"data":null}},"time_used":4577,"timings":{"blocked":3315,"dns":0,"connect":19,"send":0,"wait":1179,"receive":1,"ssl":62},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"879song-1358886481.cos.accelerate.myqcloud.com/879-2/img/270c68_158x158.js","fqdn":"879song-1358886481.cos.accelerate.myqcloud.com","domain":"myqcloud.com","tld":"com"},"ip":{"addr":"49.51.131.81","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:23.075Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.cos.eu-frankfurt.myqcloud.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 24 Feb 2025 08:16:09 GMT","end":"Sat, 28 Mar 2026 08:16:08 GMT"},"fingerprint":{"sha1":"5D:6B:83:19:D3:CF:26:95:9A:15:AD:12:4C:FA:7A:A2:B5:80:79:D5","sha256":"80:F6:87:FC:21:53:95:FE:44:5C:DF:56:D6:33:73:25:93:79:C4:83:29:8D:22:E5:B2:32:6E:45:A7:7D:8F:CC"}}},"request":{"raw":"GET /879-2/img/270c68_158x158.js HTTP/1.1\r\nHost: 879song-1358886481.cos.accelerate.myqcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nContent-Length: 18805\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nContent-Disposition: attachment\r\nDate: Sat, 03 Jan 2026 17:58:26 GMT\r\nETag: \"2af369739832551d1a102903c7730fed\"\r\nLast-Modified: Mon, 30 Jun 2025 03:59:13 GMT\r\nServer: tencent-cos\r\nx-cos-force-download: true\r\nx-cos-hash-crc64ecma: 7694106405661883796\r\nx-cos-request-id: Njk1OTU4YzJfZTA5N2QxZF8yZWQ1Ml8xNDRkNDI4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18805,"size_decoded":0,"mime_type":"application/javascript","magic":"data","md5":"a76e0da11aa9f2cf994f724aeb5dac83","sha1":"981df719bdda7e5f652639cce384fbe1565d2a3e","sha256":"52d818ab47f2819b82d00eaace55b77e25015efba569fe88850fd3495ac0a97d","sha512":"6a9a98e7192051d269a44977d954a475038e21bb1a13ee93b3b06f5f650ad697f2da2bc5766f5ff7292145a9892dc1b5c8573fbb0195e706d9f6787f96717c0d","ssdeep":"384:z7gkGAc8VQ/fhp2sc924wdurwxpPWRBOIv66f9njxdo964Vb5t0BGlNlfPkFG3Kb:z7gReWaV9IggIO83fBjzolZkFGyTL","tlshash":"f5c2d0016293fbb44f9ce3faad43a8e4260ad589f7475451c96f3263788762e32cf581","first_seen":"2025-07-26T12:48:30.124038Z","last_seen":"2026-04-04T22:44:40.631529Z","times_seen":193,"resource_available":false,"data":null}},"time_used":3759,"timings":{"blocked":3341,"dns":0,"connect":0,"send":0,"wait":416,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"879song-1358886481.cos.accelerate.myqcloud.com/879-2/img/363a02_158x158.js","fqdn":"879song-1358886481.cos.accelerate.myqcloud.com","domain":"myqcloud.com","tld":"com"},"ip":{"addr":"49.51.131.81","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:23.084Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.cos.eu-frankfurt.myqcloud.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 24 Feb 2025 08:16:09 GMT","end":"Sat, 28 Mar 2026 08:16:08 GMT"},"fingerprint":{"sha1":"5D:6B:83:19:D3:CF:26:95:9A:15:AD:12:4C:FA:7A:A2:B5:80:79:D5","sha256":"80:F6:87:FC:21:53:95:FE:44:5C:DF:56:D6:33:73:25:93:79:C4:83:29:8D:22:E5:B2:32:6E:45:A7:7D:8F:CC"}}},"request":{"raw":"GET /879-2/img/363a02_158x158.js HTTP/1.1\r\nHost: 879song-1358886481.cos.accelerate.myqcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nContent-Length: 18783\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nContent-Disposition: attachment\r\nDate: Sat, 03 Jan 2026 17:58:27 GMT\r\nETag: \"a634d3b6558c54561ab45d52ceb51e9b\"\r\nLast-Modified: Mon, 30 Jun 2025 03:59:13 GMT\r\nServer: tencent-cos\r\nx-cos-force-download: true\r\nx-cos-hash-crc64ecma: 5781349560695225073\r\nx-cos-request-id: Njk1OTU4YzNfZDg4ODUxMWRfMjNlYWFfMTQ3YmRmYw==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18783,"size_decoded":0,"mime_type":"application/javascript","magic":"data","md5":"3d2740065a8eae2872f2a4c1c16fb12c","sha1":"b9a78e5390ce4322a6838fba1177bceedfdff6c1","sha256":"a80a9164d3777403177fe581f3dc9104290ad3c34be0f8aaa94167cfad6c34a0","sha512":"f07f8f41288f52d090b9f93a9f73daf7ccf0010f6317f526e23ac38851310eb883d6fc940d29661033e52b4ea2ed90f7ed120ca6e809b4cf151f9fbf2e5ce141","ssdeep":"384:GGXWywYCoZafHbPtQf/cVNMq95F5W4J7vhPGYuZ8Ec3rd3vHxriWaechR6NM9zUz:2gafHbmfMj5nvheYN3hvReheUR6+zUz","tlshash":"9bc2c01053d2d3b087b582f6b407ace0a20d0e5ed759ec65e934a6210e9e4687bcf9f7","first_seen":"2025-07-26T12:48:30.134509Z","last_seen":"2026-04-04T22:44:40.624065Z","times_seen":194,"resource_available":false,"data":null}},"time_used":4542,"timings":{"blocked":4126,"dns":0,"connect":0,"send":0,"wait":415,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bgfds.cz/bewcdn.txt?t=1767463110090","fqdn":"bgfds.cz","domain":"bgfds.cz","tld":"cz"},"ip":{"addr":"174.35.120.200","port":443,"asn":54994,"as":"ML-1432-54994","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:30.099Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bgfds.cz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 02 Jan 2026 15:27:13 GMT","end":"Thu, 02 Apr 2026 15:27:12 GMT"},"fingerprint":{"sha1":"FF:25:1F:6D:D4:27:56:46:34:62:2E:F7:8D:96:E8:9A:B0:4D:D5:06","sha256":"64:BC:85:17:11:C6:C0:67:E3:86:04:1A:97:F5:BF:9A:17:49:B6:6F:05:CF:7A:3D:FE:51:42:B4:3A:F5:6C:5B"}}},"request":{"raw":"GET /bewcdn.txt?t=1767463110090 HTTP/1.1\r\nHost: bgfds.cz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nOrigin: https://2ijdl7g2.y9dq7o4ree.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:58:30 GMT\r\ncontent-type: text/plain\r\ncontent-length: 2\r\nserver: AliyunOSS\r\nx-oss-request-id: 695958C62E390731386F0F8A\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, HEAD, PUT\r\naccess-control-expose-headers: Etag\r\naccess-control-max-age: 200\r\naccept-ranges: bytes\r\netag: \"E0AA021E21DDDBD6D8CECEC71E9CF564\"\r\nlast-modified: Sat, 03 Jan 2026 10:50:25 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 4312349438756823821\r\nx-oss-storage-class: Standard\r\nx-oss-meta-version: v7.0.29\r\ncache-control: s-maxage=31622400,max-age=0,public\r\ncontent-md5: 4KoCHiHd29bYzs7HHpz1ZA==\r\nx-oss-server-time: 2\r\nvia: 1.1 ianxun21:19 (W), 1.1 PS-CDG-04Aeg47:11 (W)\r\nx-px: ms PS-CDG-04Aeg47CDG, ms ianxun21HKG(origin)\r\nx-ws-request-id: 695958c6_PS-CDG-04Aeg47_13041-59257\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":2,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"e0aa021e21dddbd6d8cecec71e9cf564","sha1":"9ce3bd4224c8c1780db56b4125ecf3f24bf748b7","sha256":"565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3","sha512":"900110c951560eff857b440e89cc29f529416e0e3b3d7f0ad51651bfdbd8025b91768c5ed7db5352d1a5523354ce06ced2c42047e33a3e958a1bba5f742db874","ssdeep":"","tlshash":"c710000000000000000000030000000030000000000000000c000000c0000000000000","first_seen":"2023-03-09T09:04:49Z","last_seen":"2026-04-05T06:47:06.21703Z","times_seen":257817,"resource_available":true,"data":null}},"time_used":1163,"timings":{"blocked":440,"dns":374,"connect":30,"send":0,"wait":284,"receive":0,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"153.43.20.52/bewcdn.txt?t=1767463110090","fqdn":"153.43.20.52","domain":"153.43.20.52","tld":""},"ip":{"addr":"153.43.20.52","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:30.102Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"153.43.20.2","organization":"TXNetworks Beijing Co., Ltd."},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 26 Dec 2025 10:31:11 GMT","end":"Wed, 27 Jan 2027 10:31:10 GMT"},"fingerprint":{"sha1":"43:37:27:07:13:52:90:AF:87:81:54:4F:F8:8B:10:28:75:90:9B:66","sha256":"3E:3A:8D:7E:A0:85:D5:2F:6B:4A:74:77:FF:86:DB:9C:B9:C6:A5:3F:24:E5:D2:E9:48:87:75:FB:08:A1:72:CB"}}},"request":{"raw":"GET /bewcdn.txt?t=1767463110090 HTTP/1.1\r\nHost: 153.43.20.52\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nOrigin: https://2ijdl7g2.y9dq7o4ree.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:58:31 GMT\r\ncontent-type: text/plain\r\ncontent-length: 2\r\nserver: AliyunOSS\r\nx-oss-request-id: 695958C7FE345039322CBBF1\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, HEAD, PUT\r\naccess-control-expose-headers: Etag\r\naccess-control-max-age: 200\r\naccept-ranges: bytes\r\netag: \"E0AA021E21DDDBD6D8CECEC71E9CF564\"\r\nlast-modified: Sat, 03 Jan 2026 10:50:25 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 4312349438756823821\r\nx-oss-storage-class: Standard\r\nx-oss-meta-version: v7.0.29\r\ncache-control: s-maxage=31622400,max-age=0,public\r\ncontent-md5: 4KoCHiHd29bYzs7HHpz1ZA==\r\nx-oss-server-time: 1\r\nvia: 1.1 ianxun22:17 (W), 1.1 jp18:9 (W)\r\nx-px: ms jp18SIN, ms ianxun22HKG(origin)\r\nx-ws-request-id: 695958c6_jp18_32422-64933\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":2,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"e0aa021e21dddbd6d8cecec71e9cf564","sha1":"9ce3bd4224c8c1780db56b4125ecf3f24bf748b7","sha256":"565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3","sha512":"900110c951560eff857b440e89cc29f529416e0e3b3d7f0ad51651bfdbd8025b91768c5ed7db5352d1a5523354ce06ced2c42047e33a3e958a1bba5f742db874","ssdeep":"","tlshash":"c710000000000000000000030000000030000000000000000c000000c0000000000000","first_seen":"2023-03-09T09:04:49Z","last_seen":"2026-04-05T06:47:06.21703Z","times_seen":257817,"resource_available":true,"data":null}},"time_used":1937,"timings":{"blocked":787,"dns":0,"connect":247,"send":0,"wait":357,"receive":3,"ssl":539},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fgthjm-ghjthj.jvstays.com/ipacdn.txt?t=1767463110093","fqdn":"fgthjm-ghjthj.jvstays.com","domain":"jvstays.com","tld":"com"},"ip":{"addr":"180.163.146.90","port":443,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:30.112Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jvstays.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sun, 28 Dec 2025 00:00:00 GMT","end":"Sat, 28 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"99:7D:03:EB:C3:F8:80:98:0C:09:46:BD:AC:5B:34:12:D6:52:D0:A3","sha256":"AA:FF:B2:AD:AE:5B:A1:1C:E0:A2:9A:4B:1D:75:2B:8D:A1:EF:1C:CB:53:1E:47:12:B4:E8:4B:5A:E0:CF:D5:54"}}},"request":{"raw":"GET /ipacdn.txt?t=1767463110093 HTTP/1.1\r\nHost: fgthjm-ghjthj.jvstays.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nOrigin: https://2ijdl7g2.y9dq7o4ree.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: text/plain\r\ncontent-length: 2\r\nstrict-transport-security: max-age=5184000\r\ndate: Sat, 03 Jan 2026 17:58:32 GMT\r\nset-cookie: acw_tc=0a0f6b8617674631123918122e5e4400e2b08172190453a16ca6d3e98d5cdd;path=/;HttpOnly;Max-Age=1800\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 3600\r\naccess-control-allow-credentials: true\r\nvia: cache23.l2cn8734[166,166,200-0,M], cache2.l2cn8734[168,0], kunlun3.cn7174[214,213,200-0,M], kunlun9.cn7174[215,0]\r\nali-swift-global-savetime: 1767463112\r\nx-cache: MISS TCP_MISS dirn:-2:-2\r\nx-swift-savetime: Sat, 03 Jan 2026 17:58:32 GMT\r\nx-swift-cachetime: 315360000\r\ntiming-allow-origin: *\r\neagleid: b4a3921d17674631122225916e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"e0aa021e21dddbd6d8cecec71e9cf564","sha1":"9ce3bd4224c8c1780db56b4125ecf3f24bf748b7","sha256":"565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3","sha512":"900110c951560eff857b440e89cc29f529416e0e3b3d7f0ad51651bfdbd8025b91768c5ed7db5352d1a5523354ce06ced2c42047e33a3e958a1bba5f742db874","ssdeep":"","tlshash":"c710000000000000000000030000000030000000000000000c000000c0000000000000","first_seen":"2023-03-09T09:04:49Z","last_seen":"2026-04-05T06:47:06.21703Z","times_seen":257817,"resource_available":true,"data":null}},"time_used":4474,"timings":{"blocked":1999,"dns":1445,"connect":255,"send":0,"wait":471,"receive":0,"ssl":300},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hghjklhh.879ossdatingss003.com/ipacdn.txt?t=1767463110094","fqdn":"hghjklhh.879ossdatingss003.com","domain":"879ossdatingss003.com","tld":"com"},"ip":{"addr":"174.35.102.43","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:30.116Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hghjklhh.879ossdatingss003.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 25 Nov 2025 05:57:28 GMT","end":"Mon, 23 Feb 2026 05:57:27 GMT"},"fingerprint":{"sha1":"64:04:32:BE:39:54:3A:8B:79:67:4B:A3:87:4C:C8:36:78:54:D0:AB","sha256":"E5:E9:B8:82:35:D8:EC:6B:D5:73:6E:78:BF:B8:7C:E8:E5:BB:95:C2:BE:4D:7C:2B:B4:6C:AE:8D:54:77:2B:CD"}}},"request":{"raw":"GET /ipacdn.txt?t=1767463110094 HTTP/1.1\r\nHost: hghjklhh.879ossdatingss003.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nOrigin: https://2ijdl7g2.y9dq7o4ree.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:58:30 GMT\r\ncontent-type: text/plain\r\ncontent-length: 2\r\nset-cookie: acw_tc=0a0ccafc17674631104735098e5cd98aefd0daecdc7379a287ed981d13643c;path=/;HttpOnly;Max-Age=1800\r\ncache-control: s-maxage=315360000,max-age=0,public\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 3600\r\naccess-control-allow-credentials: true\r\nvia: 1.1 PS-SIN-01RKJ185:13 (W), 1.1 PS-CDG-04Aeg47:24 (W)\r\nx-px: ms PS-CDG-04Aeg47CDG, ms PS-SIN-01RKJ185SIN(origin)\r\nx-ws-request-id: 695958c6_PS-CDG-04Aeg47_17011-11082\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"e0aa021e21dddbd6d8cecec71e9cf564","sha1":"9ce3bd4224c8c1780db56b4125ecf3f24bf748b7","sha256":"565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3","sha512":"900110c951560eff857b440e89cc29f529416e0e3b3d7f0ad51651bfdbd8025b91768c5ed7db5352d1a5523354ce06ced2c42047e33a3e958a1bba5f742db874","ssdeep":"","tlshash":"c710000000000000000000030000000030000000000000000c000000c0000000000000","first_seen":"2023-03-09T09:04:49Z","last_seen":"2026-04-05T06:47:06.21703Z","times_seen":257817,"resource_available":true,"data":null}},"time_used":489,"timings":{"blocked":-1,"dns":190,"connect":26,"send":0,"wait":238,"receive":0,"ssl":35},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptuki.cz/bewcdn.txt?t=1767463112062","fqdn":"ptuki.cz","domain":"ptuki.cz","tld":"cz"},"ip":{"addr":"174.35.102.43","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:32.078Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptuki.cz","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 02 Jan 2026 12:04:21 GMT","end":"Thu, 02 Apr 2026 12:04:20 GMT"},"fingerprint":{"sha1":"8E:EE:7E:F7:9F:18:65:AD:E8:8B:3D:D3:C3:99:9E:36:08:91:D7:47","sha256":"7E:1A:20:0A:49:C7:9D:24:B6:9C:F7:BA:54:F0:7D:EB:64:26:7A:6C:F2:00:97:D4:49:24:E5:70:18:36:00:F3"}}},"request":{"raw":"GET /bewcdn.txt?t=1767463112062 HTTP/1.1\r\nHost: ptuki.cz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nOrigin: https://2ijdl7g2.y9dq7o4ree.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:58:32 GMT\r\ncontent-type: text/plain\r\ncontent-length: 2\r\nserver: AliyunOSS\r\nx-oss-request-id: 695958C84F0FE43830357346\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, HEAD, PUT\r\naccess-control-expose-headers: Etag\r\naccess-control-max-age: 200\r\naccept-ranges: bytes\r\netag: \"E0AA021E21DDDBD6D8CECEC71E9CF564\"\r\nlast-modified: Sat, 03 Jan 2026 10:50:25 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 4312349438756823821\r\nx-oss-storage-class: Standard\r\nx-oss-meta-version: v7.0.29\r\ncache-control: s-maxage=31622400,max-age=0,public\r\ncontent-md5: 4KoCHiHd29bYzs7HHpz1ZA==\r\nx-oss-server-time: 1\r\nvia: 1.1 ianxun22:7 (W), 1.1 PS-CDG-04Aeg47:32 (W)\r\nx-px: ms PS-CDG-04Aeg47CDG, ms ianxun22HKG(origin)\r\nx-ws-request-id: 695958c8_PS-CDG-04Aeg47_20692-12766\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":2,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"e0aa021e21dddbd6d8cecec71e9cf564","sha1":"9ce3bd4224c8c1780db56b4125ecf3f24bf748b7","sha256":"565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3","sha512":"900110c951560eff857b440e89cc29f529416e0e3b3d7f0ad51651bfdbd8025b91768c5ed7db5352d1a5523354ce06ced2c42047e33a3e958a1bba5f742db874","ssdeep":"","tlshash":"c710000000000000000000030000000030000000000000000c000000c0000000000000","first_seen":"2023-03-09T09:04:49Z","last_seen":"2026-04-05T06:47:06.21703Z","times_seen":257817,"resource_available":true,"data":null}},"time_used":696,"timings":{"blocked":232,"dns":175,"connect":26,"send":0,"wait":229,"receive":0,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"2ijdl7g2.y9dq7o4ree.com/?cid=911400","fqdn":"2ijdl7g2.y9dq7o4ree.com","domain":"y9dq7o4ree.com","tld":"com"},"ip":{"addr":"77.83.240.177","port":443,"asn":49870,"as":"Alsycon B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-03T17:58:20.573Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.y00cg2jcwi.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 07 Dec 2025 06:18:06 GMT","end":"Sat, 07 Mar 2026 06:18:05 GMT"},"fingerprint":{"sha1":"2A:1D:31:07:D2:D0:67:49:7E:0B:4B:9C:7A:82:E9:7E:2B:62:8D:3C","sha256":"C7:FE:95:57:0D:F5:CB:7E:37:8E:C1:78:11:DD:06:92:CD:5D:85:FB:54:11:EC:6D:99:7B:97:28:69:0D:9C:A8"}}},"request":{"raw":"GET /?cid=911400 HTTP/1.1\r\nHost: 2ijdl7g2.y9dq7o4ree.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Encoding: gzip\r\nContent-Type: text/html\r\nDate: Sat, 03 Jan 2026 17:58:22 GMT\r\nEtag: W/\"69563734-1f34\"\r\nLast-Modified: Thu, 01 Jan 2026 08:58:28 GMT\r\nServer: cloudflare\r\nStrict-Transport-Security: max-age=31536000\r\nVary: Accept-Encoding\r\nContent-Length: 1491\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery:2.2.4","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7988,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"21b8a629455b6417d46729b565515f79","sha1":"2a74048feb223333a9ead98b0bdb6194d9d9bbed","sha256":"2a1be86e1cdf0f3cc32b5d15e02e4662d9ea46e62493f3383f70b36c4fc8d2ce","sha512":"d8f0cf41c605997e95429150c64db526859db2c8337cebee3ad1ecb0dc0491ad7e6202ba7b708cbb2dff10c3caac9d898c46358fd067c398cc83c6466fbe1d8a","ssdeep":"48:0vSPh0xBtCQW3PYfsYIfYzOYBNYDYYNtDBRj6JeDQBZQe2eAezcMbnPX5T22/O/e:6tCQ2bJxmDmIdIDinxqTM","tlshash":"d3f1032201f692a305838485be617e17bfd0d51bd92f4240b5fe0fdaaf9bda6cd17248","first_seen":"2026-01-01T23:18:05.109548Z","last_seen":"2026-01-23T20:00:12.334261Z","times_seen":31,"resource_available":true,"data":null}},"time_used":3848,"timings":{"blocked":1711,"dns":1657,"connect":18,"send":0,"wait":424,"receive":1,"ssl":32},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"2ijdl7g2.y9dq7o4ree.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"2ijdl7g2.y9dq7o4ree.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"879.bigo.h5.awardg.com/879/index.js","fqdn":"879.bigo.h5.awardg.com","domain":"awardg.com","tld":"com"},"ip":{"addr":"125.94.244.5","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:23.046Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.0505.h5.awardg.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 10:15:12 GMT","end":"Tue, 31 Mar 2026 10:15:11 GMT"},"fingerprint":{"sha1":"72:F7:01:64:F2:2C:06:5E:6D:B2:75:15:E8:05:D8:EF:F6:30:E0:50","sha256":"29:C5:AB:C5:4B:1C:2F:9F:4E:51:17:77:1B:5F:E0:A4:BB:D3:82:51:80:F7:04:AA:F4:E1:EE:0C:01:AB:E5:88"}}},"request":{"raw":"GET /879/index.js HTTP/1.1\r\nHost: 879.bigo.h5.awardg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Encoding: gzip\r\nContent-Type: application/javascript\r\nDate: Thu, 01 Jan 2026 09:24:01 GMT\r\nEtag: W/\"694d471e-c3b\"\r\nLast-Modified: Thu, 01 Jan 2026 09:23:59 GMT\r\nServer: openresty\r\nVary: Accept-Encoding\r\nX-Cache: HIT, server, disk\r\nContent-Length: 1575\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":3131,"size_decoded":0,"mime_type":"application/javascript","magic":"C source, Unicode text, UTF-8 text","md5":"67406404af615b036889e2df5acbb593","sha1":"6e8a2ca6d266da3610e16bbe77701ca089b018c5","sha256":"321b421a50a5964659a138227ad826bdbcc53342d349f154e52ca8f728d5b035","sha512":"4ee532bfbc9dd45cee2eb8605746e56519e0cc335d6190bc8198c1943e9f67fb2b2e4e6203c254514eb3284774ff8234e66b1d685b7b4a832e023a577d542745","ssdeep":"","tlshash":"5851505d75e5002233d334336a9db858a4d6a41b0008da00fd2ed744af37939b2babe9","first_seen":"2025-12-25T16:48:06.217837Z","last_seen":"2026-01-07T10:13:00.600391Z","times_seen":116,"resource_available":true,"data":null}},"time_used":2471,"timings":{"blocked":1094,"dns":583,"connect":259,"send":0,"wait":259,"receive":2,"ssl":272},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"879song-1358886481.cos.accelerate.myqcloud.com/879-2/img/fc5e70_158x158.js","fqdn":"879song-1358886481.cos.accelerate.myqcloud.com","domain":"myqcloud.com","tld":"com"},"ip":{"addr":"49.51.131.81","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:23.063Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.cos.eu-frankfurt.myqcloud.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 24 Feb 2025 08:16:09 GMT","end":"Sat, 28 Mar 2026 08:16:08 GMT"},"fingerprint":{"sha1":"5D:6B:83:19:D3:CF:26:95:9A:15:AD:12:4C:FA:7A:A2:B5:80:79:D5","sha256":"80:F6:87:FC:21:53:95:FE:44:5C:DF:56:D6:33:73:25:93:79:C4:83:29:8D:22:E5:B2:32:6E:45:A7:7D:8F:CC"}}},"request":{"raw":"GET /879-2/img/fc5e70_158x158.js HTTP/1.1\r\nHost: 879song-1358886481.cos.accelerate.myqcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nContent-Length: 17855\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nContent-Disposition: attachment\r\nDate: Sat, 03 Jan 2026 17:58:26 GMT\r\nETag: \"b9960602f229e33dedc3db4c8805e7fb\"\r\nLast-Modified: Mon, 30 Jun 2025 03:59:15 GMT\r\nServer: tencent-cos\r\nx-cos-force-download: true\r\nx-cos-hash-crc64ecma: 17530698211331769587\r\nx-cos-request-id: Njk1OTU4YzJfNmMwODdkMWRfMjczZmZfMTQxYTQ4MA==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17855,"size_decoded":0,"mime_type":"application/javascript","magic":"data","md5":"1ad789b96f198d8211682897d8543d2b","sha1":"6a0dd56493fe2578e1d37e954a95f489bb5005f9","sha256":"8e0707fde515de281e5826556e00e3635bca5dc6803a888980249daf3cc00314","sha512":"30ff958c70b16323a009e0e2ba9fb4d6e87ab28a2dd53eddc254464fe8b59ba8407c883aed9efab37b1d095444b5c57e70b10746b3cee232d976fc9c35dd65d2","ssdeep":"768:hi/QtmMdjvijV452vB/Hcp2kO66m/vACSJ:0/49LgVJBPcp2kOTwY7J","tlshash":"88c2bf272302a3b9f70a45f9bd51d9d1661542e2e3846c80c538e3b00997b5ef6afdf1","first_seen":"2025-07-26T12:48:30.120833Z","last_seen":"2026-04-04T22:44:40.620038Z","times_seen":193,"resource_available":false,"data":null}},"time_used":3735,"timings":{"blocked":3317,"dns":0,"connect":0,"send":0,"wait":417,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"879song-1358886481.cos.accelerate.myqcloud.com/879-2/img/0ae43e_158x158.js","fqdn":"879song-1358886481.cos.accelerate.myqcloud.com","domain":"myqcloud.com","tld":"com"},"ip":{"addr":"49.51.131.81","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:23.081Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.cos.eu-frankfurt.myqcloud.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 24 Feb 2025 08:16:09 GMT","end":"Sat, 28 Mar 2026 08:16:08 GMT"},"fingerprint":{"sha1":"5D:6B:83:19:D3:CF:26:95:9A:15:AD:12:4C:FA:7A:A2:B5:80:79:D5","sha256":"80:F6:87:FC:21:53:95:FE:44:5C:DF:56:D6:33:73:25:93:79:C4:83:29:8D:22:E5:B2:32:6E:45:A7:7D:8F:CC"}}},"request":{"raw":"GET /879-2/img/0ae43e_158x158.js HTTP/1.1\r\nHost: 879song-1358886481.cos.accelerate.myqcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nContent-Length: 18218\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nContent-Disposition: attachment\r\nDate: Sat, 03 Jan 2026 17:58:27 GMT\r\nETag: \"126b58c3963a504e6a6d7ece92c6079d\"\r\nLast-Modified: Mon, 30 Jun 2025 03:59:12 GMT\r\nServer: tencent-cos\r\nx-cos-force-download: true\r\nx-cos-hash-crc64ecma: 3662051121026414857\r\nx-cos-request-id: Njk1OTU4YzJfZTA5N2QxZF8yZWRkYl8xNGE5OGE2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18218,"size_decoded":0,"mime_type":"application/javascript","magic":"data","md5":"96078148a6be67e021f46a4d10ef6742","sha1":"4bf3a9784731601484e0be1cfe37e7dcca064d37","sha256":"2d9f1d5e0e69910e42b2f9fc4a7b34c9b1e6cce294c15d256cdd173be1a79403","sha512":"6e9a2d106e9c76c10f7fd0fc5737b788529c83be99c052a0d8acb87493c7402ba7623fecf36029f469be0f78b52666bd499489e015f601574086c9ce364c1b11","ssdeep":"768:pV5EUQ65Rg4D2Ulkidwj52NnnoeRG64Rdgz:pnEI5K67lKENoaSdo","tlshash":"b2c2cf1b0252b330d1ad87f53d372cf4e9049fadfa859902ca34e79629db50c369e883","first_seen":"2025-07-26T12:48:30.139728Z","last_seen":"2026-04-04T22:44:40.619053Z","times_seen":193,"resource_available":false,"data":null}},"time_used":4167,"timings":{"blocked":3752,"dns":0,"connect":0,"send":0,"wait":412,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"879song-1358886481.cos.accelerate.myqcloud.com/879-2/img/ce95eb_158x158.js","fqdn":"879song-1358886481.cos.accelerate.myqcloud.com","domain":"myqcloud.com","tld":"com"},"ip":{"addr":"49.51.131.81","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:23.083Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.cos.eu-frankfurt.myqcloud.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 24 Feb 2025 08:16:09 GMT","end":"Sat, 28 Mar 2026 08:16:08 GMT"},"fingerprint":{"sha1":"5D:6B:83:19:D3:CF:26:95:9A:15:AD:12:4C:FA:7A:A2:B5:80:79:D5","sha256":"80:F6:87:FC:21:53:95:FE:44:5C:DF:56:D6:33:73:25:93:79:C4:83:29:8D:22:E5:B2:32:6E:45:A7:7D:8F:CC"}}},"request":{"raw":"GET /879-2/img/ce95eb_158x158.js HTTP/1.1\r\nHost: 879song-1358886481.cos.accelerate.myqcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nContent-Length: 18925\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nContent-Disposition: attachment\r\nDate: Sat, 03 Jan 2026 17:58:27 GMT\r\nETag: \"802e1c604ce0f09d6eaf02d28d4239ab\"\r\nLast-Modified: Mon, 30 Jun 2025 03:59:15 GMT\r\nServer: tencent-cos\r\nx-cos-force-download: true\r\nx-cos-hash-crc64ecma: 288693274006003858\r\nx-cos-request-id: Njk1OTU4YzNfMTViNGYwMDlfMjNhNV8xYjIwMDc0\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18925,"size_decoded":0,"mime_type":"application/javascript","magic":"data","md5":"ce2bba9f5518f3cffd7f0d10516fee31","sha1":"1d2c4ef4ed3c833c7fa750014af60bcd2b682e84","sha256":"90ba18aa2ccc3c5e40ab33cb4326fb0d7f0a97e96edf02253d5b3617446ea290","sha512":"e6ffc646296b149d0898c2e08140b25132dce0f050a9e32e606fe44f4ba3c2524f299690b899642918c6ec57ba0bba4dd3736e72c83eec5428db6715fd85baa3","ssdeep":"768:uM0rXJkooT1MwKbH+TvKu9uL0SYoebaYPghFAWw:n0r5741MwKbemu9k/YjbaYPsFAD","tlshash":"5ec2d0076215a368ebe627f1bc433ce8e6442a54e9de5fc8f431d50667a38397aac053","first_seen":"2025-07-26T12:48:30.122154Z","last_seen":"2026-04-04T22:44:40.627488Z","times_seen":193,"resource_available":false,"data":null}},"time_used":4516,"timings":{"blocked":4093,"dns":0,"connect":0,"send":0,"wait":422,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"879song-1358886481.cos.accelerate.myqcloud.com/879-2/img/15470b_278x64.js","fqdn":"879song-1358886481.cos.accelerate.myqcloud.com","domain":"myqcloud.com","tld":"com"},"ip":{"addr":"49.51.131.81","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:23.091Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.cos.eu-frankfurt.myqcloud.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 24 Feb 2025 08:16:09 GMT","end":"Sat, 28 Mar 2026 08:16:08 GMT"},"fingerprint":{"sha1":"5D:6B:83:19:D3:CF:26:95:9A:15:AD:12:4C:FA:7A:A2:B5:80:79:D5","sha256":"80:F6:87:FC:21:53:95:FE:44:5C:DF:56:D6:33:73:25:93:79:C4:83:29:8D:22:E5:B2:32:6E:45:A7:7D:8F:CC"}}},"request":{"raw":"GET /879-2/img/15470b_278x64.js HTTP/1.1\r\nHost: 879song-1358886481.cos.accelerate.myqcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nContent-Length: 1691\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nContent-Disposition: attachment\r\nDate: Sat, 03 Jan 2026 17:58:28 GMT\r\nETag: \"4c8129b017be3756ab295188e9822664\"\r\nLast-Modified: Mon, 30 Jun 2025 03:59:13 GMT\r\nServer: tencent-cos\r\nx-cos-force-download: true\r\nx-cos-hash-crc64ecma: 5144953286502670575\r\nx-cos-request-id: Njk1OTU4YzRfZDg4ODUxMWRfMjNmMzVfMTJmOTVhOA==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1691,"size_decoded":0,"mime_type":"application/javascript","magic":"data","md5":"2d77df78c1ba601fad94b598c7cb5714","sha1":"d5c64d23a06bd8c7686359a63dc4983246c65b20","sha256":"c576f80c729dd952dfda929f759e09c4844a7a1dd57c25ffcc54673278bc2303","sha512":"2311e286eeba0a67f9690eb63aac4034fbf503e3c4ad33bed6aaac7e6cfd7ec90b582ff8c87489f3922845a4cee663202945911dc6ec9fd55c10b78806ab77d5","ssdeep":"","tlshash":"3a510c7a117ad7fb62a740ee134111ddc0e089ae2b41d567a5168da07e8b1c8321cf5b","first_seen":"2025-07-26T12:48:30.126632Z","last_seen":"2026-04-04T22:44:40.629857Z","times_seen":194,"resource_available":false,"data":null}},"time_used":5379,"timings":{"blocked":4958,"dns":0,"connect":0,"send":0,"wait":420,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"879song-1358886481.cos.accelerate.myqcloud.com/879-2/js/jquery-2.2.4.min.js","fqdn":"879song-1358886481.cos.accelerate.myqcloud.com","domain":"myqcloud.com","tld":"com"},"ip":{"addr":"49.51.131.81","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:23.096Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.cos.eu-frankfurt.myqcloud.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 24 Feb 2025 08:16:09 GMT","end":"Sat, 28 Mar 2026 08:16:08 GMT"},"fingerprint":{"sha1":"5D:6B:83:19:D3:CF:26:95:9A:15:AD:12:4C:FA:7A:A2:B5:80:79:D5","sha256":"80:F6:87:FC:21:53:95:FE:44:5C:DF:56:D6:33:73:25:93:79:C4:83:29:8D:22:E5:B2:32:6E:45:A7:7D:8F:CC"}}},"request":{"raw":"GET /879-2/js/jquery-2.2.4.min.js HTTP/1.1\r\nHost: 879song-1358886481.cos.accelerate.myqcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nContent-Length: 85578\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nContent-Disposition: attachment\r\nDate: Sat, 03 Jan 2026 17:58:26 GMT\r\nETag: \"2f6b11a7e914718e0290410e85366fe9\"\r\nLast-Modified: Mon, 30 Jun 2025 03:59:11 GMT\r\nServer: tencent-cos\r\nx-cos-force-download: true\r\nx-cos-hash-crc64ecma: 16200118577543649759\r\nx-cos-request-id: Njk1OTU4YmZfZTA5N2QxZF8yZWQ2M18xNTI1MjRk\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":85578,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32065)","md5":"2f6b11a7e914718e0290410e85366fe9","sha1":"69bb69e25ca7d5ef0935317584e6153f3fd9a88c","sha256":"05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e","sha512":"0d40bccaa59fedecf7243d63b33c42592541d0330fefc78ec81a4c6b9689922d5b211011ca4be23ae22621cce4c658f52a1552c92d7ac3615241eb640f8514db","ssdeep":"1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2","tlshash":"1e83c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-05T06:49:02.501277Z","times_seen":262545,"resource_available":true,"data":null}},"time_used":3340,"timings":{"blocked":-1,"dns":659,"connect":23,"send":0,"wait":2483,"receive":31,"ssl":140},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"879song-1358886481.cos.accelerate.myqcloud.com/879-2/js/swiper-4.2.0.min.js","fqdn":"879song-1358886481.cos.accelerate.myqcloud.com","domain":"myqcloud.com","tld":"com"},"ip":{"addr":"49.51.131.81","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:23.099Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.cos.eu-frankfurt.myqcloud.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 24 Feb 2025 08:16:09 GMT","end":"Sat, 28 Mar 2026 08:16:08 GMT"},"fingerprint":{"sha1":"5D:6B:83:19:D3:CF:26:95:9A:15:AD:12:4C:FA:7A:A2:B5:80:79:D5","sha256":"80:F6:87:FC:21:53:95:FE:44:5C:DF:56:D6:33:73:25:93:79:C4:83:29:8D:22:E5:B2:32:6E:45:A7:7D:8F:CC"}}},"request":{"raw":"GET /879-2/js/swiper-4.2.0.min.js HTTP/1.1\r\nHost: 879song-1358886481.cos.accelerate.myqcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nContent-Length: 119506\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nContent-Disposition: attachment\r\nDate: Sat, 03 Jan 2026 17:58:25 GMT\r\nETag: \"be15b3ba6a71edd608b9af34dfc6130c\"\r\nLast-Modified: Mon, 30 Jun 2025 03:59:12 GMT\r\nServer: tencent-cos\r\nx-cos-force-download: true\r\nx-cos-hash-crc64ecma: 17892873501356430583\r\nx-cos-request-id: Njk1OTU4YmZfMTViNGYwMDlfMjM0OF8xYWUyOTFl\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":119506,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65273)","md5":"be15b3ba6a71edd608b9af34dfc6130c","sha1":"b11842fbe74778511b86bf899fbd02102b57ac62","sha256":"add18244c3d92cb789bd50456f05f02ca034c908bbf4210fedbd9013b3bf5d96","sha512":"ba9c83238efc0b5f43e2e85b104a2b1b010defa0f12d7c3cbff918fae76a7f3d3753ee18dead132729bdd0ae8a3854a481bcba35655dd37a6b6a03813d295029","ssdeep":"3072:6ShcwIktpnBohgZu7HgZsUOUFBWqJTq+NX:hlIktFBohgZu7HAsUOUFBWqJTq+l","tlshash":"65c3184eb390619510e36256565e9241a3b72809780ad0ac35b6cce7adbde4c13bfffc","first_seen":"2023-03-07T12:23:57Z","last_seen":"2026-04-05T05:33:11.430931Z","times_seen":13371,"resource_available":true,"data":null}},"time_used":3104,"timings":{"blocked":-1,"dns":656,"connect":23,"send":0,"wait":1923,"receive":374,"ssl":128},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"879song-1358886481.cos.accelerate.myqcloud.com/879-2/img/0534ae_750x3639.js","fqdn":"879song-1358886481.cos.accelerate.myqcloud.com","domain":"myqcloud.com","tld":"com"},"ip":{"addr":"49.51.131.81","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:26.489Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.cos.eu-frankfurt.myqcloud.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 24 Feb 2025 08:16:09 GMT","end":"Sat, 28 Mar 2026 08:16:08 GMT"},"fingerprint":{"sha1":"5D:6B:83:19:D3:CF:26:95:9A:15:AD:12:4C:FA:7A:A2:B5:80:79:D5","sha256":"80:F6:87:FC:21:53:95:FE:44:5C:DF:56:D6:33:73:25:93:79:C4:83:29:8D:22:E5:B2:32:6E:45:A7:7D:8F:CC"}}},"request":{"raw":"GET /879-2/img/0534ae_750x3639.js HTTP/1.1\r\nHost: 879song-1358886481.cos.accelerate.myqcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://879song-1358886481.cos.accelerate.myqcloud.com/879-2/css/style.min.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nContent-Length: 66865\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nContent-Disposition: attachment\r\nDate: Sat, 03 Jan 2026 17:58:27 GMT\r\nETag: \"dfa0f55ba48785864352aa4f9c71880a\"\r\nLast-Modified: Mon, 30 Jun 2025 03:59:12 GMT\r\nServer: tencent-cos\r\nx-cos-force-download: true\r\nx-cos-hash-crc64ecma: 5831205658242337893\r\nx-cos-request-id: Njk1OTU4YzJfZWJiMmYwMDlfOWZhNF8xNGRiMjUw\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":66865,"size_decoded":0,"mime_type":"application/javascript","magic":"data","md5":"40d00692f6b624147c065143f74d3e84","sha1":"05820d788a43b5ba258f42313bfa5729ba4768db","sha256":"48e82674ca62ff1f0299fd35bb1f28d505c90191d9ab26dfbb8028a2ee39a301","sha512":"34bd6e9b0fb00a91c369d8f8306d101d38f73e6510a319743a7f8d10c8d0c0fa0b69232b3d8497ec2ebb3c2db6f03e7280301af17f1a281f1f494413709b6892","ssdeep":"1536:1NxjD1G3AqVLYPGwCS3WWiDuyChQvFOhqKHYVM47ToZZRCmydRRkv:1rjBGQqVLK3WhDJ9Qq47fnRC7Cv","tlshash":"7f93cf22e761e7f9c1bb92f524130691f7687bb6f3da6a41d52854901c8b12c3acfc93","first_seen":"2025-07-26T12:48:30.11612Z","last_seen":"2026-04-04T22:44:40.630414Z","times_seen":187,"resource_available":false,"data":null}},"time_used":918,"timings":{"blocked":305,"dns":0,"connect":0,"send":0,"wait":420,"receive":193,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"146.103.81.165/cocos/config_data.json?t=1767463","fqdn":"146.103.81.165","domain":"146.103.81.165","tld":""},"ip":{"addr":"146.103.81.165","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:29.925Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"146.103.81.102","organization":"TXNetworks Beijing Co., Ltd."},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 22 May 2025 09:33:59 GMT","end":"Tue, 23 Jun 2026 09:33:58 GMT"},"fingerprint":{"sha1":"A2:A9:4B:43:6F:D9:56:1B:47:D2:4B:FC:80:BF:DF:30:C2:F6:D2:BA","sha256":"0E:6D:3E:6E:4C:B5:F3:96:13:73:43:88:78:12:08:02:12:46:62:F0:6A:C8:02:4F:D1:83:88:3D:C0:D5:FA:9B"}}},"request":{"raw":"GET /cocos/config_data.json?t=1767463 HTTP/1.1\r\nHost: 146.103.81.165\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en;q=0.9, *;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nlanguage: en\r\ndevice: 8abadba07036e1a3c9f0ba61a745fd86\r\nX-Request-Id: 0a78aca8-0fdb-46e1-af8a-ab86fb8737f6\r\ndomain: 2ijdl7g2.y9dq7o4ree.com\r\nclienttimezone: UTC0\r\ndeviceModel: \r\nnonce: 0a78aca8-0fdb-46e1-af8a-ab86fb8737f6\r\ntimestamp: 1767463108\r\nsiteCode: undefined\r\nsign: yL5oHH9P2OqaFm2+DyunOI0iN4QAHTTgpEVhOK4E9/A0qLWZRsmh/a+9dqM5kyDo\r\nplatformtype: 3\r\nOrigin: https://2ijdl7g2.y9dq7o4ree.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:58:29 GMT\r\ncontent-type: application/json\r\nserver: AliyunOSS\r\nx-oss-request-id: 695958C5F4962B3532BB7B99\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, HEAD, PUT\r\naccess-control-expose-headers: Etag\r\naccess-control-max-age: 200\r\nlast-modified: Sat, 03 Jan 2026 15:02:08 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 17068719067391691778\r\nx-oss-storage-class: Standard\r\ncache-control: max-age=86400\r\ncontent-md5: nAF7BIPvgGqiNFFi0sUOkg==\r\nx-oss-server-time: 1\r\ncontent-encoding: gzip\r\nvia: 1.1 PS-HKG-040fc30:0 (W), 1.1 jp18:25 (W)\r\nx-px: ms jp18SIN, ms PS-HKG-040fc30HKG(origin)\r\nx-ws-request-id: 695958c5_jp18_35084-17434\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":6464,"size_decoded":0,"mime_type":"application/json","magic":"ASCII text, with very long lines (6464), with no line terminators","md5":"9c017b0483ef806aa2345162d2c50e92","sha1":"0448a759a9f6fc3390ad43e916df8c0208d57486","sha256":"13f4ac38c1cddd43aa94fa34eeee57077e25b546f030cedbbd75436afc00aa5e","sha512":"c644ddbbea862da32ff196aabcbd9d4826412b3f6e38f45ccc0303b6198021a7a6e7e1990722b7b3e4d914242e25c7964ad44a8c885e04b6c97ca97536e981ed","ssdeep":"192:4FYGn9ywZcjWAFmJujkA7MDMlH9DDC633kYqHD:4FnkwZUWAFmQjkAIwhBDC2LU","tlshash":"23d19d3768d23c6af4ce8020495e6af5b7e9cdb24c3c14c365b341161eeea30663798d","first_seen":"2026-01-03T15:41:31.160623Z","last_seen":"2026-01-04T00:40:25.095404Z","times_seen":7,"resource_available":false,"data":null}},"time_used":228,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":228,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hghjklhh.879ossdatingss003.com/hall/api/statistics/domain/pointer","fqdn":"hghjklhh.879ossdatingss003.com","domain":"879ossdatingss003.com","tld":"com"},"ip":{"addr":"174.35.102.43","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:31.239Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hghjklhh.879ossdatingss003.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 25 Nov 2025 05:57:28 GMT","end":"Mon, 23 Feb 2026 05:57:27 GMT"},"fingerprint":{"sha1":"64:04:32:BE:39:54:3A:8B:79:67:4B:A3:87:4C:C8:36:78:54:D0:AB","sha256":"E5:E9:B8:82:35:D8:EC:6B:D5:73:6E:78:BF:B8:7C:E8:E5:BB:95:C2:BE:4D:7C:2B:B4:6C:AE:8D:54:77:2B:CD"}}},"request":{"raw":"POST /hall/api/statistics/domain/pointer HTTP/1.1\r\nHost: hghjklhh.879ossdatingss003.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en;q=0.9, *;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nlanguage: en\r\ndevice: 8abadba07036e1a3c9f0ba61a745fd86\r\nX-Request-Id: 199aa3d4-9e61-41e5-87f9-9514fcae2908\r\ndomain: 2ijdl7g2.y9dq7o4ree.com\r\nclienttimezone: UTC0\r\ndeviceModel: \r\nnonce: 199aa3d4-9e61-41e5-87f9-9514fcae2908\r\ntimestamp: 1767463110\r\nsiteCode: 1658\r\nsign: FJZ7AUWah+l55XQJwioJ7+RBB/9geiUO2j4+JMW85sEJRAQSpQL00NXIdk9tmWp3\r\nplatformtype: 3\r\nContent-Type: application/json\r\nContent-Length: 88\r\nOrigin: https://2ijdl7g2.y9dq7o4ree.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":88,"data":"{\"domain\":\"2ijdl7g2.y9dq7o4ree.com\",\"deviceKind\":3,\"visitsKind\":1,\"kind\":7,\"cid\":911400}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:58:31 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 50\r\nset-cookie: acw_tc=0a0ccafc17674631113345349e5cd9f607e91ee29a7dd874e9f66980c0bf1a;path=/;HttpOnly;Max-Age=1800\r\nx-trace-id: 881641f3e5dd4ceed4750b0261347e7f\r\nx-env-apisix: 0\r\nx-env-go-biz-statistics-server: 0\r\ncache-control: no-cache\r\nx-saas-server-id: f49dcffcc-nb6d4|e533710f1526c328024b1546361eff33\r\naccess-control-allow-methods: *\r\naccess-control-max-age: 1728000\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: X-Trace-ID, newjwt, token\r\nvia: 1.1 PS-SIN-01RKJ185:13 (W), 1.1 PS-CDG-04Aeg47:24 (W)\r\nx-px: ms PS-CDG-04Aeg47CDG, ms PS-SIN-01RKJ185SIN(origin)\r\nx-ws-request-id: 695958c7_PS-CDG-04Aeg47_17011-11112\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":50,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"f5be6097edd9dd86e8e52eed0acf8777","sha1":"6c8a9f9d2ab49a4ed2186f722e54f6e95c79eb2a","sha256":"9941f582a2e0ffaeda726135f72d46fb9461d18d27bfb64a6f548a3784a547d4","sha512":"22aa41369b16ab4794de8c0b26831731f1365c99f248f4dbdd5091199691e7844153050b81a746392436ea7443de5c364a09573d1da5a7a9140ee976afbee843","ssdeep":"","tlshash":"5f9002e4421d824284856238610d6d85b51955474425c7198e4d0a2405684865001152","first_seen":"2026-01-03T17:59:01.054802Z","last_seen":"2026-01-03T17:59:01.054802Z","times_seen":1,"resource_available":false,"data":null}},"time_used":225,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":225,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"879song-1358886481.cos.accelerate.myqcloud.com/879-2/img/69f4b0_158x158.js","fqdn":"879song-1358886481.cos.accelerate.myqcloud.com","domain":"myqcloud.com","tld":"com"},"ip":{"addr":"49.51.131.81","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:23.087Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.cos.eu-frankfurt.myqcloud.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 24 Feb 2025 08:16:09 GMT","end":"Sat, 28 Mar 2026 08:16:08 GMT"},"fingerprint":{"sha1":"5D:6B:83:19:D3:CF:26:95:9A:15:AD:12:4C:FA:7A:A2:B5:80:79:D5","sha256":"80:F6:87:FC:21:53:95:FE:44:5C:DF:56:D6:33:73:25:93:79:C4:83:29:8D:22:E5:B2:32:6E:45:A7:7D:8F:CC"}}},"request":{"raw":"GET /879-2/img/69f4b0_158x158.js HTTP/1.1\r\nHost: 879song-1358886481.cos.accelerate.myqcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nContent-Length: 16185\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nContent-Disposition: attachment\r\nDate: Sat, 03 Jan 2026 17:58:27 GMT\r\nETag: \"d1dcb1b0056581dc964087a8ae5976ae\"\r\nLast-Modified: Mon, 30 Jun 2025 03:59:14 GMT\r\nServer: tencent-cos\r\nx-cos-force-download: true\r\nx-cos-hash-crc64ecma: 16166680834879889703\r\nx-cos-request-id: Njk1OTU4YzNfNmMwODdkMWRfMjczYmJfMTJhZGJjZg==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16185,"size_decoded":0,"mime_type":"application/javascript","magic":"data","md5":"82f4e8db2fd9011e1121a88dbf8416a8","sha1":"8a31768b3972d24fd16f0496005b3713e5cf6e31","sha256":"9637bf45b9dfb86420418ff1d1b73bc639325fa8b9cadf3c11932da1d6328ac7","sha512":"c39dd6f5572340cd40ebc3f1a8c95a5f8bce9583520c6806a767aa10a64c01c13502b8db4e33b59a69a372a1f48c4c35a73d6067209c6ea0d7bad3fc6fde5344","ssdeep":"384:TLLR2eNIoKsrX1SWQeEDx4b2NFDXL898ce1PBumA6BsIsSXu15arAQy6JpekxCpq:TLLRv3MDx4b23D3VPBQ2rXNAQmr4","tlshash":"f3b2c01356d2e360a6e349fe2e4019e47b1c5b29ea59a940da3162d91bdb00c3bdecd2","first_seen":"2025-07-26T12:48:30.150126Z","last_seen":"2026-04-04T22:44:40.633111Z","times_seen":194,"resource_available":false,"data":null}},"time_used":4567,"timings":{"blocked":4158,"dns":0,"connect":0,"send":0,"wait":408,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"879song-1358886481.cos.accelerate.myqcloud.com/879-2/img/8d52f7_158x158.js","fqdn":"879song-1358886481.cos.accelerate.myqcloud.com","domain":"myqcloud.com","tld":"com"},"ip":{"addr":"49.51.131.81","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:23.088Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.cos.eu-frankfurt.myqcloud.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 24 Feb 2025 08:16:09 GMT","end":"Sat, 28 Mar 2026 08:16:08 GMT"},"fingerprint":{"sha1":"5D:6B:83:19:D3:CF:26:95:9A:15:AD:12:4C:FA:7A:A2:B5:80:79:D5","sha256":"80:F6:87:FC:21:53:95:FE:44:5C:DF:56:D6:33:73:25:93:79:C4:83:29:8D:22:E5:B2:32:6E:45:A7:7D:8F:CC"}}},"request":{"raw":"GET /879-2/img/8d52f7_158x158.js HTTP/1.1\r\nHost: 879song-1358886481.cos.accelerate.myqcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nContent-Length: 18472\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nContent-Disposition: attachment\r\nDate: Sat, 03 Jan 2026 17:58:27 GMT\r\nETag: \"464ba0e1e92fe4501c86e57795d79671\"\r\nLast-Modified: Mon, 30 Jun 2025 03:59:14 GMT\r\nServer: tencent-cos\r\nx-cos-force-download: true\r\nx-cos-hash-crc64ecma: 2832588161025475107\r\nx-cos-request-id: Njk1OTU4YzNfZTA5N2QxZF8yZWQ3Yl8xMjY5OWY5\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18472,"size_decoded":0,"mime_type":"application/javascript","magic":"data","md5":"2664b3c9fe2ac342b82ec6f80c692232","sha1":"e4cc99d1eab214d7fe69c5a2c5c0bebd6789ba05","sha256":"3987db7ae70ba90636336c40fcf3c403826b53660fd7e55955a026e750edbcd8","sha512":"96094feb761b7b00f872b3e1abb8ad2ba718a40fdfe0edecd7c7903eb9640e68df950d5a49807691af64704f11e7bc6c38344033e6704e90fde291c459e3115f","ssdeep":"384:LM2Iso5tF6AuF31/WqFzwqklIq5A+2kBXYTDgAszqsohT046zlIUwhKR2JpIqEdh:wFduFlW6zwqkB5A2pKMZGxT0rlJwlEdh","tlshash":"ecc2c0123250a350e3e58afb3c5631cd318c4e56fbcafe90d570d1112c8a25de3bd6a5","first_seen":"2025-07-26T12:48:30.125257Z","last_seen":"2026-04-04T22:44:40.624585Z","times_seen":194,"resource_available":false,"data":null}},"time_used":4591,"timings":{"blocked":4161,"dns":0,"connect":0,"send":0,"wait":429,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"879song-1358886481.cos.accelerate.myqcloud.com/879-2/img/84b150_278x64.js","fqdn":"879song-1358886481.cos.accelerate.myqcloud.com","domain":"myqcloud.com","tld":"com"},"ip":{"addr":"49.51.131.81","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:23.093Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.cos.eu-frankfurt.myqcloud.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 24 Feb 2025 08:16:09 GMT","end":"Sat, 28 Mar 2026 08:16:08 GMT"},"fingerprint":{"sha1":"5D:6B:83:19:D3:CF:26:95:9A:15:AD:12:4C:FA:7A:A2:B5:80:79:D5","sha256":"80:F6:87:FC:21:53:95:FE:44:5C:DF:56:D6:33:73:25:93:79:C4:83:29:8D:22:E5:B2:32:6E:45:A7:7D:8F:CC"}}},"request":{"raw":"GET /879-2/img/84b150_278x64.js HTTP/1.1\r\nHost: 879song-1358886481.cos.accelerate.myqcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nContent-Length: 1726\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nContent-Disposition: attachment\r\nDate: Sat, 03 Jan 2026 17:58:28 GMT\r\nETag: \"1eda151ca4653367a76b186e55f41356\"\r\nLast-Modified: Mon, 30 Jun 2025 03:59:14 GMT\r\nServer: tencent-cos\r\nx-cos-force-download: true\r\nx-cos-hash-crc64ecma: 831560461671442445\r\nx-cos-request-id: Njk1OTU4YzRfNDQxODA2MDlfMTViMGJfZTU2MDg2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1726,"size_decoded":0,"mime_type":"application/javascript","magic":"data","md5":"63eccbed48d456d03bfaa28f5dfaa0ed","sha1":"ffb76e3d25d33cced687f6860e7e5ee7b53de497","sha256":"8fb7b51b7f0b559ddcd2e9c15112c402cdc8fc47c6372c482fd612356049d89c","sha512":"24cee906a9c4c792df9c0010caf7ee9cbeecf3e179ab053dd2f9e74b7818880887cb3999e194a833f02c351856f371c0e0ea91a75e1d51d58c2f7a54a10c4bd4","ssdeep":"","tlshash":"c4514d42f17a6750bd56c3b5aa1d023c306613a5e6e8bff5d7198266cf9702c64fe0c8","first_seen":"2025-07-26T12:48:30.152778Z","last_seen":"2026-04-04T22:44:40.632514Z","times_seen":194,"resource_available":false,"data":null}},"time_used":5383,"timings":{"blocked":4970,"dns":0,"connect":0,"send":0,"wait":413,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"146.103.81.165/hall/api/lobby/config/getAppDownloadInfo.json?t=1767463","fqdn":"146.103.81.165","domain":"146.103.81.165","tld":""},"ip":{"addr":"146.103.81.165","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:30.859Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"146.103.81.102","organization":"TXNetworks Beijing Co., Ltd."},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 22 May 2025 09:33:59 GMT","end":"Tue, 23 Jun 2026 09:33:58 GMT"},"fingerprint":{"sha1":"A2:A9:4B:43:6F:D9:56:1B:47:D2:4B:FC:80:BF:DF:30:C2:F6:D2:BA","sha256":"0E:6D:3E:6E:4C:B5:F3:96:13:73:43:88:78:12:08:02:12:46:62:F0:6A:C8:02:4F:D1:83:88:3D:C0:D5:FA:9B"}}},"request":{"raw":"GET /hall/api/lobby/config/getAppDownloadInfo.json?t=1767463 HTTP/1.1\r\nHost: 146.103.81.165\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en;q=0.9, *;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nlanguage: en\r\ndevice: 8abadba07036e1a3c9f0ba61a745fd86\r\nX-Request-Id: 13e1cb6b-214c-46bc-b923-8406289d5211\r\ndomain: 2ijdl7g2.y9dq7o4ree.com\r\nclienttimezone: UTC0\r\ndeviceModel: \r\nnonce: 13e1cb6b-214c-46bc-b923-8406289d5211\r\ntimestamp: 1767463110\r\nsiteCode: 1658\r\nsign: Y4Y3zkGLyccDpXXwP3zudLa9+V9wR96dYBml+Sl5f7BJs9HLHlUTqSlqR5B+gw3q\r\nplatformtype: 3\r\nOrigin: https://2ijdl7g2.y9dq7o4ree.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:58:30 GMT\r\ncontent-type: application/json\r\nserver: AliyunOSS\r\nx-oss-request-id: 695958C6F4962B35321C7F99\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, HEAD, PUT\r\naccess-control-expose-headers: Etag\r\naccess-control-max-age: 200\r\nlast-modified: Wed, 31 Dec 2025 19:08:51 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 9631405092649601151\r\nx-oss-storage-class: Standard\r\ncache-control: s-maxage=600,public,max-age=0\r\ncontent-md5: lz/WoSzeOPA5TNzLd5MTFQ==\r\nx-oss-server-time: 2\r\ncontent-encoding: gzip\r\nvia: 1.1 PS-HKG-040fc30:0 (W), 1.1 jp18:25 (W)\r\nx-px: ms jp18SIN, ms PS-HKG-040fc30HKG(origin)\r\nx-ws-request-id: 695958c6_jp18_35084-17500\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":3820,"size_decoded":0,"mime_type":"application/json","magic":"ASCII text, with very long lines (3820), with no line terminators","md5":"973fd6a12cde38f0394cdccb77931315","sha1":"5f4ca06af7b9fb7a47c91283d4e71ce79121cf85","sha256":"baf31a22840912868c69c52d71046d6ca31522a54813211ae45dafcfee94e628","sha512":"010c9485ac679c9f58977ecde2cdb929bd727d6eab483aa9393c944ec22cbb5f1c2e17e8edb3a6bb3cb430fd02128f510dc1d8cca4d8d7f170056bc0fa595dda","ssdeep":"","tlshash":"ed716c522e6b8ddb4060f00f322ba41b9da154a107c4156aed5a8fa2eefe71d2a5470c","first_seen":"2026-01-01T06:30:53.385204Z","last_seen":"2026-01-04T14:18:14.065912Z","times_seen":42,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":229,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"879song-1358886481.cos.accelerate.myqcloud.com/879-2/css/Swiper.css","fqdn":"879song-1358886481.cos.accelerate.myqcloud.com","domain":"myqcloud.com","tld":"com"},"ip":{"addr":"49.51.131.81","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:23.038Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.cos.eu-frankfurt.myqcloud.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 24 Feb 2025 08:16:09 GMT","end":"Sat, 28 Mar 2026 08:16:08 GMT"},"fingerprint":{"sha1":"5D:6B:83:19:D3:CF:26:95:9A:15:AD:12:4C:FA:7A:A2:B5:80:79:D5","sha256":"80:F6:87:FC:21:53:95:FE:44:5C:DF:56:D6:33:73:25:93:79:C4:83:29:8D:22:E5:B2:32:6E:45:A7:7D:8F:CC"}}},"request":{"raw":"GET /879-2/css/Swiper.css HTTP/1.1\r\nHost: 879song-1358886481.cos.accelerate.myqcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: text/css\r\nContent-Length: 13680\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nContent-Disposition: attachment\r\nDate: Sat, 03 Jan 2026 17:58:26 GMT\r\nETag: \"60a23d2c5b75975b1a2c21520e483352\"\r\nLast-Modified: Mon, 30 Jun 2025 03:59:12 GMT\r\nServer: tencent-cos\r\nx-cos-force-download: true\r\nx-cos-hash-crc64ecma: 15876482861024731407\r\nx-cos-request-id: Njk1OTU4YmZfZWJiMmYwMDlfOWZkZl8xNGIwY2Q4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13680,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (13412), with CRLF line terminators","md5":"60a23d2c5b75975b1a2c21520e483352","sha1":"7ec5dfff3b6bd1a12fe64fb61c568c034ce354cd","sha256":"56c3dd16a5cf2ebefe0a3ee896bb3f20bc7b4327f75588188343c488d4aa951c","sha512":"de482c885d09fc675f8cb265c60d551928a23ad9924ede951197d8c743c99db75b8b397c37c07f4bfacb970b3ab9f676e0bca839438ba8084f4373211da6e4e1","ssdeep":"384:rLUbeQS7Rgx9BU0W/XCcif65W/1mXA82FHpx:r4b67gbhW/XDif65W/1mXA82Fn","tlshash":"e252236417003837f3774f6e4aa1e6b59f60cc838a934d9db2c0dd44d6f98b9122eb95","first_seen":"2023-04-06T20:03:49Z","last_seen":"2026-04-05T05:33:11.483762Z","times_seen":10800,"resource_available":false,"data":null}},"time_used":4206,"timings":{"blocked":848,"dns":713,"connect":23,"send":0,"wait":2493,"receive":1,"ssl":117},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"6ijkwiiwiaxnzijoi56e71yqoiiwagxvkijoihd7wwkeilcj2ijoins6yljqifq.biz/bewcdn.txt?t=1767463110089","fqdn":"6ijkwiiwiaxnzijoi56e71yqoiiwagxvkijoihd7wwkeilcj2ijoins6yljqifq.biz","domain":"6ijkwiiwiaxnzijoi56e71yqoiiwagxvkijoihd7wwkeilcj2ijoins6yljqifq.biz","tld":"biz"},"ip":{"addr":"14.128.63.157","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:30.093Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 02 Jan 2026 18:55:49 GMT","end":"Thu, 02 Apr 2026 18:55:48 GMT"},"fingerprint":{"sha1":"69:D2:A1:DB:F7:62:BE:C2:F9:55:FD:9F:AA:76:25:FF:1D:EF:C5:C6","sha256":"8E:81:8E:7D:00:89:71:38:7D:AD:3B:6C:81:2E:01:40:41:21:46:B2:3C:5B:BA:41:15:18:48:3F:04:1A:D1:EB"}}},"request":{"raw":"GET /bewcdn.txt?t=1767463110089 HTTP/1.1\r\nHost: 6ijkwiiwiaxnzijoi56e71yqoiiwagxvkijoihd7wwkeilcj2ijoins6yljqifq.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nOrigin: https://2ijdl7g2.y9dq7o4ree.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, POST, HEAD, PUT\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Etag\r\naccess-control-max-age: 200\r\ncache-control: s-maxage=31622400,max-age=0,public\r\ncontent-md5: 4KoCHiHd29bYzs7HHpz1ZA==\r\ncontent-type: text/plain\r\ndate: Sat, 03 Jan 2026 17:58:31 GMT\r\netag: \"E0AA021E21DDDBD6D8CECEC71E9CF564\"\r\nlast-modified: Sat, 03 Jan 2026 10:50:25 GMT\r\nserver: AliyunOSS\r\nstrict-transport-security: max-age=31536000\r\nvary: Origin\r\nx-cache: UPDATING\r\nx-oss-hash-crc64ecma: 4312349438756823821\r\nx-oss-meta-version: v7.0.29\r\nx-oss-object-type: Normal\r\nx-oss-request-id: 695958C73F9B873437C3BF17\r\nx-oss-server-time: 1\r\nx-oss-storage-class: Standard\r\ncontent-length: 2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"e0aa021e21dddbd6d8cecec71e9cf564","sha1":"9ce3bd4224c8c1780db56b4125ecf3f24bf748b7","sha256":"565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3","sha512":"900110c951560eff857b440e89cc29f529416e0e3b3d7f0ad51651bfdbd8025b91768c5ed7db5352d1a5523354ce06ced2c42047e33a3e958a1bba5f742db874","ssdeep":"","tlshash":"c710000000000000000000030000000030000000000000000c000000c0000000000000","first_seen":"2023-03-09T09:04:49Z","last_seen":"2026-04-05T06:47:06.21703Z","times_seen":257817,"resource_available":true,"data":null}},"time_used":3229,"timings":{"blocked":1410,"dns":714,"connect":341,"send":0,"wait":407,"receive":0,"ssl":350},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"879song-1358886481.cos.accelerate.myqcloud.com/879-2/img/e3df75_632x34.js","fqdn":"879song-1358886481.cos.accelerate.myqcloud.com","domain":"myqcloud.com","tld":"com"},"ip":{"addr":"49.51.131.81","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://2ijdl7g2.y9dq7o4ree.com/?cid=911400","date":"2026-01-03T17:58:23.053Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.cos.eu-frankfurt.myqcloud.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 24 Feb 2025 08:16:09 GMT","end":"Sat, 28 Mar 2026 08:16:08 GMT"},"fingerprint":{"sha1":"5D:6B:83:19:D3:CF:26:95:9A:15:AD:12:4C:FA:7A:A2:B5:80:79:D5","sha256":"80:F6:87:FC:21:53:95:FE:44:5C:DF:56:D6:33:73:25:93:79:C4:83:29:8D:22:E5:B2:32:6E:45:A7:7D:8F:CC"}}},"request":{"raw":"GET /879-2/img/e3df75_632x34.js HTTP/1.1\r\nHost: 879song-1358886481.cos.accelerate.myqcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://2ijdl7g2.y9dq7o4ree.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nContent-Length: 6365\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nContent-Disposition: attachment\r\nDate: Sat, 03 Jan 2026 17:58:28 GMT\r\nETag: \"a027c2b36346bf042a1aa5b8db9ee636\"\r\nLast-Modified: Mon, 30 Jun 2025 03:59:15 GMT\r\nServer: tencent-cos\r\nx-cos-force-download: true\r\nx-cos-hash-crc64ecma: 17547752778061255901\r\nx-cos-request-id: Njk1OTU4YzNfNDQxODA2MDlfMTViMDZfZTZjY2Ix\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6365,"size_decoded":0,"mime_type":"application/javascript","magic":"data","md5":"b70a9190a710a6da9aa2fc20824d3aed","sha1":"c8d8b0603d3f6faa95c2ead44170b6517436a50a","sha256":"602589501d62c88024bfde9deb85932db296d1055196cc2e3edd12721593ce70","sha512":"4eec35fdae181ebb273961b10053c76a27d6b5c36989131844e0723cf9f43a88f56ca1a46b2ac84d1f906dd2f7f7e6aa49e08049ea232bc7872af8cdf53b1ebe","ssdeep":"192:ofDZyyz+8zNZ/00oznBLlThWriPxvLuYZc1bSYInY/bkA:W/+8XWLlTh5vLDKpXV","tlshash":"2d124a431206f7bded505be8ee0211d5eb50a68428965d14eb30a6704fffd3f5b0e926","first_seen":"2025-07-26T12:48:30.119442Z","last_seen":"2026-04-04T22:44:40.625387Z","times_seen":195,"resource_available":false,"data":null}},"time_used":5010,"timings":{"blocked":4590,"dns":0,"connect":0,"send":0,"wait":419,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}