{"report_id":"db734af9-1a1a-4789-8c7f-f7b0acb7b592","version":6,"status":"done","tags":[],"date":"2025-10-31T08:00:19Z","url":{"schema":"http","addr":"rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","fqdn":"rszjj7.top","domain":"rszjj7.top","tld":"top"},"ip":{"addr":"172.67.144.104","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","fqdn":"rszjj7.top","domain":"rszjj7.top","tld":"top"},"title":"3D一个姿势-在线观看-人兽杂交","dom":{"size":3224,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2677)","md5":"51dd321fd089fa60486d1b03ac3163b0","sha1":"f2c1492092293445d508752f55c42e104b9d1239","sha256":"3d1f4f6d10a11ea0da807b56ad698071a47539816a560cb3e3d4da772788fc65","sha512":"abf434dcf4124cd68dea33d6a32d980f8775609b140325c87ca4d5667ac5acb598b055c9d7399c79741d10b069fe84652037fadb365a1cf7578db087c47b70d3","ssdeep":"","tlshash":"bf612b3613896439ee532b9fe114b4ae5de17457dd425d8ce8991f33395a12039227e0","dom_hash":"domhashfb1dd55234b1b23cfb4a5c2aba72e35a","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":"PGh0bWw+PGhlYWQ+CjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIgY29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4KPHRpdGxlPnByZXN0cmFpbjwvdGl0bGU+CjwvaGVhZD4KPGJvZHkgb25jb250ZXh0bWVudT0icmV0dXJuIGZhbHNlIiBvbmRyYWdzdGFydD0id2luZG93LmV2ZW50LnJldHVyblZhbHVlPWZhbHNlIiBvbnNvdXJjZT0iZXZlbnQucmV0dXJuVmFsdWU9ZmFsc2UiIGJnY29sb3I9IiMwMDAwMDAiPgo8dGFibGUgd2lkdGg9IjEwMCUiIGhlaWdodD0iMTAwJSIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiPgo8dGJvZHk+PHRyPgo8dGQgYWxpZ249ImNlbnRlciI+Cjxmb250IGNvbG9yPSIjRkZGRkZGIj48c3Ryb25nPui/nuaOpeaIkOWKnyznqI3nrYnmlbDmja7mraPlnKjnvJPlhrLkuK0uLi48L3N0cm9uZz48L2ZvbnQ+PGJyPgo8aW1nIHNyYz0iZGF0YTppbWFnZS9naWY7YmFzZTY0LFIwbEdPRGxobUFBVEFQVVNBQWhwZ0FRMlFnUXlQUUFCQWdkYmJ3QUVCUU11T0FobmZRWlVaZ1pWYUFaUFlBWlNZd2tRRHdVSkNRRUNBZ2dPRFFVSUNBUUdCZzJ2MVFFQkFRSUVCQkVkSEJnb0ppWS9QUUlEQXdnTkRCQWJHZzBXRlNROU9oODBNaE9seFJvdEt4ODFNeDkranlWRVF4V2d2aGVhdGg2Q2xBNnQwaUI3aWhXZnZDQjhqQmFkdWc2dTFCYWN1UUFBQUFWR1ZRSVdHd1ZGVkFRNlJnSVhIQ1ErT3dWQlR3SWVKQU1rTEFNcU13UThTUVUrVEFxQW5BcUZvZ2x4aWdwL21ncUVvUUFBQUNIL0MwNUZWRk5EUVZCRk1pNHdBd0VBQUFBaCtRUUZDZ0FTQUN3QUFBQUFtQUFUQUFBRy84Q0JvMEFzUWhySTVJUEJmRG1mc21odFNyVlpyN2VzMXNBVmVBUGdNRzZjSzlQT2FKaDY3V3F6MDNCeVRQeXRkN2ZZS2xVS2RUYVhTa2RHZ3kyRmhvZUlpWXFMakkyT2o1Q1JrcE9VbFphWG1KbWFtNXlkbnArZ29hS2pwS1dtbUFZSUJ3Z0dwNjZ2cGdvQXM3TUtpeThCTUFFdmpMaTZ2TGU1dTczQ3dMREhpd0sweXdLSkwyNXRNb3JQME5MTzBDN1dpTlJ1MnNqZmhRVEx0QVNKTWRneGl1ZlE2ZWJvNnUvZzhnZmp0SWx2YllyNE1QclkvUGYrNU1rVFY2OGNvblZ1MmgyTXQ1QWRQSWNDdndXb0J5REF0V3JUc0hrenhDMWFSb3dSdnkwWWg0QlFJVi9EZ3JsSU9hMFlzWlhHUWlJVGtBQkFnbVl5YytyY3liT256eXlmUUlNS0hVbzBVb1JBZ1pyMDRhTW5ENTQ3ZHVqSU1STm5uOVU0Y3VqWXVhTWxqeDZtZmY0Z1BVb29DQUFoK1FRRkNnQXRBQ3duQUFFQUd3QVJBQUFHeU1DV3NEVnhVSTdJeVhESlhCWWpqUXhqS29VcW04M25ZMVBwZWgrUUk5YUpnVXd0SGM1RmJkRk15MlBoVS9PNW5GQXIxT255Y1VQbEJnZ0hDQVlEUkZGb0pCS0xpeVI4RzFGRUNnQ1VsQW9EUnhVZElZeWRJUjBWR1JRdEFwV21BaFFNbWg2ZGpCNGNvYU1FcHBVRXFXZ21yWXlQb3dlMGxiY2NyTHF2c1MyenY3WVptaVc2RWlVZ3hnRy9BQUZHWENJc3JTb2liWkVGQzdRSUJkZDBkaU1TSXltUFlBNkFDUUFKcUlkbWRHbHJvSDV3Y2ZSYlhsOWhydkRyVitXTmxZRk10Q1FST0RBSUFDSDVCQVVLQUM0QUxDY0FBUUFwQUJFQUFBYm53Slp3U0N3YUtjamtjY2xrTmpLTUtEU0NtVFN0MStOalUrbDZIeEJsZGd5SldqcWNTOXFpaVZiSlFnUGlnREFNaU52UDVZUmFvVTRYSDIxVVEzSjBka1lLQUl1TENrUmNGeVFTazVNa2dSdFBWb3FNQUk1RUFweU1Ba0laRlIwaGxLa2hIUlVaU0tDaEFLTllCTEVBQkZZTXBoNnBsQjRjclVpMXNiaERCN1lIcEdjbXZaU1h3c2hFdzZIRnVoeTh6Yi9CRTlPY3hYRzJBY29nSmMwU0pTRGJBZUZGQzlRRnBKQXN2U29pYkprRjd0N3dSUUlKdDdQaWFkQ1RZb1NFRVNrdWdYR0F4Ui9BTzNDcW1FR2podFdnTnhHdmJQSHlKUXlXakJxbnVDRUVzaVJETWtFQUFDSDVCQVVLQURRQUxDc0FBUUF6QUJFQUFBYi93Slp3U0N3YWp4TUhaY2xNSXAvUUtMR1JZVmlyRVl4VHl1VStOcFd3K0FGcGRzOUhxNlhEdWJRdEdxc1dEVFVnRGdqRFlLcjVYRTRvS3lnbkZ4OXhXVU4yZUhwN0xTOEJNQUV2U0FvQWxwWUtqVlJySkJLZW5pU0ZHMVJKbFpjQW1ZNHVxNnN5UmdLbmx3SkNHUlVkSVorNUlSMFZHVXV3c1FDek1heXJNVVlFd1FBRXRMWWV1WjhlSEwxTHljSE1NTVdyUmdmS0I3UnJKdENmb3RYZUxjVEZ4MFhXc2N3VURNN2pFdExVRSsybnpDL2FybHZveWdHYWdTZ3hyd1FJZXdFQUNubmtRaElsZHdXYVdSREJBcG9LRVhCSUZWZ0FFWTJBQk10bThmR1RZZ1M5RktMSUtObnpNYVFtT21uVXNISEQ2OUFjbURpL2lCbFR4aDlPRFRwVXJtQzUrZk5sVWFOUGdnQUFJZmtFQlFvQU5BQXNPUUFCQURNQUVRQUFCdi9BbG5CSUxCcVBFd2RseVV3aW45QW9zWkZoV0tzUmpGUEs1VDQybGJENEFXbDJ6MGVycGNPNXRDMGFxeFlOTlNBT0NNTmdxdmxjVGlncktDY1hIM0ZaUTNaNGVuc3RMd0V3QVM5SUNnQ1dsZ3FOVkdza0VwNmVKSVViVkVtVmx3Q1pqaTZycXpKR0FxZVhBa0laRlIwaG43a2hIUlVaUzdDeEFMTXhyS3N4UmdUQkFBUzB0aDY1bng0Y3ZVdkp3Y3d3eGF0R0I4b0h0R3NtMEoraTFkNHR4TVhIUmRheHpCUU16dU1TMHRRVDdhZk1MOXF1VytqS0FacUJLREd2QkFoN0FRQUtlZVJDRWlWM0JacFpFTUVDbWdvUmNFZ1ZXQUFSallBRXkyYng4Wk5pQkwwVW9zZ28yZk14cENZNmFkU3djY1ByMEJ5WU9MK0lHVlBHSDA0Tk9sU3VZTG41ODJWUm8wK0NBQUFoK1FRRkNnQTBBQ3hIQUFFQUtRQVJBQUFHOE1DV2NFZ3NHbzhUQjJYSlRDS2YwR0lqdzZoU0l4aG5kQ3ZkVkw3Z0I2VEo1Vll0SGM1RmJkRlVzMldoQVhGQUdBYkVoK1p6T2FGV0tDY1hIMjVZUWk4Qk1BRXZTQW84UFQ0OVBBcDRTbDRYSkJLYW1pU0RHMU1UTHk2am96SkdBbzg3cWpzOEFvY1ZIU0dic3lFZEZSbExNYVNqTVVZRU9xdXJCSzhjSHJPYkhoeTN1YnVqUmdlUndUNEh4Q2JIbTU3TXU3MUZ2OUk2d3hRTXNNYlh5Y3VoemFaYUxRR3BxNjNFSmRjU0pTRG9MWWd1aTQzdmt3VkRMckU0cGtKRUcxQnhCQ1FBa01CVm5qMTlSa2dZa2NLVEdDVnhvcHhKczhaV0lUZ1pOWG9COCtVaXU1QlBwbGk1QWhLbFN5SkJBQUFoK1FRRkNnQU1BQ3hWQUFFQUd3QVJBQUFHV3NDV2NFZ3NHby9JcEhMSmJEcWZSQVBpZ0RBZ1h3Rlk0SVZVQUw1ZmhmSGxLcGRsUmdGNExTakd6T1dZa2JBR0U0b3dlTmw0cUlQZGVuSkZkSDUzUkdSd2FHNStBQUZqV1Z0ZGRRZ0ZVRkVKQUFsdGxweWRucCtjUVFBNyIgYm9yZGVyPSIwIj48YnI+CjwvdGQ+CjwvdHI+CjwvdGJvZHk+PC90YWJsZT4KPHNwYW4gc3R5bGU9ImRpc3BsYXk6bm9uZSI+PC9zcGFuPgoKPC9ib2R5PjwvaHRtbD4="}},"submit":{"url":{"schema":"http","addr":"rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","fqdn":"rszjj7.top","domain":"rszjj7.top","tld":"top"},"ip":{"addr":"172.67.144.104","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null,"user":{"country_code":"zz"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-05T08:00:19Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":2,"urlquery":0,"analyzer":7}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-31T08:00:09Z","timestamp":1761897609,"ip_dst":{"addr":"188.114.96.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.4","port":45204,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-10-31T08:00:09.883605+0000\",\"flow_id\":960195446389544,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.4\",\"src_port\":45204,\"dest_ip\":\"188.114.96.1\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"rszjj7.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":2,\"bytes_toserver\":547,\"bytes_toclient\":140,\"start\":\"2025-10-31T07:59:59.801576+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-31T08:00:14Z","timestamp":1761897614,"ip_dst":{"addr":"172.18.0.4","port":51172,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"134.122.187.241","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"severity":"medium","alert":"ET DROP Spamhaus DROP Listed Traffic Inbound group 25","source":"{\"timestamp\":\"2025-10-31T08:00:14.390573+0000\",\"flow_id\":1195963382168958,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"134.122.187.241\",\"src_port\":443,\"dest_ip\":\"172.18.0.4\",\"dest_port\":51172,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.Evil\",\"ET.DROPIP\"]},\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2400024,\"rev\":4421,\"signature\":\"ET DROP Spamhaus DROP Listed Traffic Inbound group 25\",\"category\":\"Misc Attack\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Any\"],\"created_at\":[\"2010_12_30\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Minor\"],\"tag\":[\"Dshield\"],\"updated_at\":[\"2025_08_01\"]}},\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":1,\"bytes_toserver\":74,\"bytes_toclient\":74,\"start\":\"2025-10-31T08:00:14.064894+0000\"}}"}],"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"rszjj7.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"rszjj7.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"union.maccms.la","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"cpbfj.zhwen415-no4c.today","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"03hao.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"jpgjingpinx1.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"union.dplayerstatic.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"rszjj7.top","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-02-15","domain_rank":0,"first_seen":"2025-10-07T18:50:22.235016Z","last_seen":"2025-10-07T18:50:22.235016Z","alert_count":34,"request_count":17,"received_data":1888552,"sent_data":8130,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"dbt6ga5v6d15f.cloudfront.net","ip":{"addr":"3.167.7.204","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2008-04-25","domain_rank":0,"first_seen":"2025-05-09T14:48:42.03241Z","last_seen":"2025-10-31T07:27:27.713947Z","alert_count":0,"request_count":1,"received_data":96335,"sent_data":441,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"union.maccms.la","ip":{"addr":"192.253.235.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"United States","country_code":"US"},"domain_registered":"2020-05-01","domain_rank":2025376,"first_seen":"2021-07-24T20:10:26Z","last_seen":"2025-10-29T00:41:33.114133Z","alert_count":1,"request_count":1,"received_data":3500,"sent_data":531,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cpbfj.zhwen415-no4c.today","ip":{"addr":"104.21.59.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-04-22","domain_rank":0,"first_seen":"2025-06-14T06:31:28.604326Z","last_seen":"2025-10-25T01:28:26.667876Z","alert_count":1,"request_count":1,"received_data":592,"sent_data":444,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"jpgjingpinx1.top","ip":{"addr":"204.188.235.18","port":443,"asn":46844,"as":"SHARKTECH","country":"United States","country_code":"US"},"domain_registered":"2025-03-13","domain_rank":172398,"first_seen":"2025-04-02T05:04:02.716789Z","last_seen":"2025-10-24T19:01:32.602585Z","alert_count":4,"request_count":4,"received_data":616,"sent_data":1916,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"union.dplayerstatic.com","ip":{"addr":"134.122.187.241","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"domain_registered":"2021-09-16","domain_rank":2912264,"first_seen":"2021-11-05T15:39:37Z","last_seen":"2025-10-29T00:41:33.2806Z","alert_count":1,"request_count":1,"received_data":3498,"sent_data":539,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"voddadaizi.com","ip":{"addr":"173.249.235.92","port":52866,"asn":11878,"as":"TZULO","country":"United States","country_code":"US"},"domain_registered":"2024-12-15","domain_rank":2963708,"first_seen":"2025-02-24T04:41:15.659292Z","last_seen":"2025-10-31T02:42:24.630052Z","alert_count":0,"request_count":6,"received_data":140528,"sent_data":2856,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"jpgjingpinx.com","ip":{"addr":"104.21.26.248","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-06-22","domain_rank":166501,"first_seen":"2024-07-25T07:47:53Z","last_seen":"2025-10-25T01:28:26.565523Z","alert_count":0,"request_count":8,"received_data":4820,"sent_data":3824,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"03hao.top","ip":{"addr":"204.188.235.18","port":443,"asn":46844,"as":"SHARKTECH","country":"United States","country_code":"US"},"domain_registered":"2024-06-21","domain_rank":552313,"first_seen":"2024-08-12T08:29:48Z","last_seen":"2025-10-18T02:33:46.46037Z","alert_count":2,"request_count":2,"received_data":1158,"sent_data":890,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-31T08:00:09Z","timestamp":1761897609,"ip_dst":{"addr":"188.114.96.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.4","port":45204,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-10-31T08:00:09.883605+0000\",\"flow_id\":960195446389544,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.4\",\"src_port\":45204,\"dest_ip\":\"188.114.96.1\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"rszjj7.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":2,\"bytes_toserver\":547,\"bytes_toclient\":140,\"start\":\"2025-10-31T07:59:59.801576+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-31T08:00:14Z","timestamp":1761897614,"ip_dst":{"addr":"172.18.0.4","port":51172,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"134.122.187.241","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"severity":"medium","alert":"ET DROP Spamhaus DROP Listed Traffic Inbound group 25","source":"{\"timestamp\":\"2025-10-31T08:00:14.390573+0000\",\"flow_id\":1195963382168958,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"134.122.187.241\",\"src_port\":443,\"dest_ip\":\"172.18.0.4\",\"dest_port\":51172,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.Evil\",\"ET.DROPIP\"]},\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2400024,\"rev\":4421,\"signature\":\"ET DROP Spamhaus DROP Listed Traffic Inbound group 25\",\"category\":\"Misc Attack\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Any\"],\"created_at\":[\"2010_12_30\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Minor\"],\"tag\":[\"Dshield\"],\"updated_at\":[\"2025_08_01\"]}},\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":1,\"bytes_toserver\":74,\"bytes_toclient\":74,\"start\":\"2025-10-31T08:00:14.064894+0000\"}}"}]}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"rszjj7.top/static/js/playerconfig.js?t=20251031","fqdn":"rszjj7.top","domain":"rszjj7.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1506aa16a0b3d33e84f121bf4748d486","sha1":"3273701e98ed27468c9acf93ebcf729aba844159","sha256":"ce384574d2220f523882539f255e49278c3569fb524bd7cfc9c9826fb4a479d5","sha512":"9362bef6693b7ac71ae0ea5bb206b230410da83b92c0c5f2f0d57d978abacebb0ac18b915f2bb14d5e4cbecedc3e0860c9a33c127fc3758755a1b5a92fefd4b8","ssdeep":"","tlshash":"b831fe2b8b5a1835c3f760f5ddd42f520adf1b78b191ced92d26bc782aec12aa604059","size":1500,"data":"","first_seen":"2023-10-29T11:44:17Z","last_seen":"2025-11-29T04:57:38.908336Z","times_seen":36,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","fqdn":"rszjj7.top","domain":"rszjj7.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"9506fba58b340d141d15d540fa095b68","sha1":"1ec1c5b657a0f2b45bef1ca7ad9025454f82e99e","sha256":"03921af318cf6a50507fb5c129d54fc6f440d6136400addd3d40bdd3045e8dd3","sha512":"5df738f900147a18e208b0dcbfbf6d7bbb0376797fd0989c9bcfd15269876a2790f72ee6a0225b260536cdea80e632d873a99db7897ca2503c6f7bfb68c88bf3","ssdeep":"","tlshash":"a7b012908d0eb00b785331e0065b4f0e41dd1170707f050905079434c94e000060e1c4","size":97,"data":"","first_seen":"2025-10-18T02:21:53.636122Z","last_seen":"2025-11-25T15:21:55.367227Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","fqdn":"rszjj7.top","domain":"rszjj7.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"8ab355d4fa0c0f5771abb01aa13ede33","sha1":"70aca3fa9f0d1eab987f318dcb9147f0891e86eb","sha256":"2eaad75bb1888c3aa7f8ff14f3fd4b043e2f1cbdc66498c99245f6194d863568","sha512":"32f214dcb772fadd847db1a9124c63ef297fe0d29971afd755c3cd90f243b8928727369d1aa8e972f834e06b04b0a909d9ccdfeb8360ef97f2d466791c604dad","ssdeep":"","tlshash":"1671abe78aba54874f1720ec6699311ce702172eddc3c457fb2da8e14ba82376024b5b","size":3588,"data":"","first_seen":"2025-09-23T11:03:28.567246Z","last_seen":"2025-11-27T21:38:10.120398Z","times_seen":26,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","fqdn":"rszjj7.top","domain":"rszjj7.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"309676595e1d7faaea6ba5bf9769dcee","sha1":"3eb496827e8e04d8cf8509e5b3e2d5bd87bc6fda","sha256":"21eabac63ca488e46b043346cd4492ff47d98648aae7d1f87d78a604df02ddc3","sha512":"42a7cb750de852e4a142e421f6fb8aa98daf3e0f32fa4a2fc784a18a50d2bcd3a13b507f9092b9a509710851fc7315359466cfdc9356dfe1ce797320d8a63c2d","ssdeep":"","tlshash":"8201b54fb1b601710ef6f07a6beb832c74b3150bd504ca057c8c46186fb4e82a8672a9","size":758,"data":"","first_seen":"2024-08-20T17:04:24.014993Z","last_seen":"2025-12-01T19:36:35.470007Z","times_seen":71,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rszjj7.top/static/player/dplayer/flv.min.js","fqdn":"rszjj7.top","domain":"rszjj7.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1eaec119243c01fd19cca260fec95aac","sha1":"9a91f58c82094561a077b4684c5a8fd54ee8d140","sha256":"6a49cca365c1e2750f9baa1f04c99847a99a965f78704786f439a396ed481acd","sha512":"65ea4b5239dd70b62140c5d120bc21a5c71f306dad53c13e5fa473a927f6ef0a3601df72ecc005010636a9e55f5ef1e833a229efa0f509e6d27e92ce3790cad0","ssdeep":"1536:zCCjEQqBjzTaddMmL1kTkwcpMtMcVU5ybEYD09fc09Ms2W3bO8ZSkFkGbIDjArP/:zilTanMmLaAtPqOqq/PAK","tlshash":"73f309a93351a41281c67166583f120b227268556889c09cb77adcee6ffce8db173f7c","size":170443,"data":"","first_seen":"2023-03-10T10:42:11Z","last_seen":"2026-04-26T12:44:43.094739Z","times_seen":1969,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rszjj7.top/static/player/dplayer/hls.min.js","fqdn":"rszjj7.top","domain":"rszjj7.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6cfa29933ba9ba506ea73e084de951b9","sha1":"30004f2da2e1e06f671eb2bfda00f8bcbe69b47b","sha256":"0d925ef64b764ee2d8e362ebec98668e5fd09887ec0fb70bd82d121097c40d7c","sha512":"5e7b2ea8fd8b8edca2554f5423cde03bcc8934fb03904259baba2bb9e51ae98af837877ea0223016c71660bbb418543667ecfdfc1b4831d513d57a4ff886915e","ssdeep":"3072:pI5L1S8HY5x1kVQ5ToDOzBPCB2baeBSZ3yg:pI5xSCY31O2oDO15tS","tlshash":"53341c9db661706543c3a1a5803f061a7236b92e7409c1fcfa6bd5f61cb885e603bf78","size":241648,"data":"","first_seen":"2023-03-07T14:15:35Z","last_seen":"2026-04-26T16:03:48.171561Z","times_seen":14380,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","fqdn":"rszjj7.top","domain":"rszjj7.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"e970677fc8acec7ff2d5aa3beb2b6845","sha1":"aa636e2e371897206c5d0a0be9133f61e712915e","sha256":"bc5c19c4d1712d5dd1113d4d9e9ba2f3ed4ee5c52f52b470a784c2ff0949fd47","sha512":"95b075d7190ace37d668175daf9b7bc033af5f982a4d4af4fb0d1843ab2b962c83a0d395c59d5f538199e33248d5c0e6bc96c574449587c9579b9af1ca6dcb0c","ssdeep":"","tlshash":"30e02b6d246d1a15858580c1c0c76641a2fe16a565fc0b0de7d8ee0dd6e934463469ba","size":417,"data":"","first_seen":"2025-10-31T08:00:29.433252Z","last_seen":"2025-10-31T08:00:29.433252Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rszjj7.top/static/player/dplayer/DPlayer.min.js","fqdn":"rszjj7.top","domain":"rszjj7.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"472552604f19815d0a634bd3d953171e","sha1":"490148a22ab2b03a880495cc733ecd1840c02ed6","sha256":"389834de50d93f4340725df0682f4e4f98c46bc5d9f123369f4f35224f79de8e","sha512":"d6dd94d7fd311a105902b883fbff6594e8633ece671410d9eca6e71c1e121b00143ebcf24bed362aeb35733d1ec64e5e3325f1c1f1f18ffd492ee89efe9eb15c","ssdeep":"1536:z+J45mB2BeDaJgotYr/hizxdUDr5+GslH7ukBbWLwVm2jBXl3PQ6DkbilY6G2wcd:m4IBvI7ukBbWC13zcvF+","tlshash":"48f3f85522947131029366e4c58ba70c32356325e9028b5ef13efacd8fadc8d2577f76","size":160805,"data":"","first_seen":"2023-03-08T05:44:13Z","last_seen":"2026-04-26T15:29:43.182075Z","times_seen":1961,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rszjj7.top/static/js/home.js","fqdn":"rszjj7.top","domain":"rszjj7.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"97e311d35a4aa0ba09575a8dc989660b","sha1":"8166b5f8ba52aa57ab23321a8ddc8d0118f1e590","sha256":"1a52c16e5a7fc905630d52185ca457108cb0a65a4567cf6157709c1c5eceb311","sha512":"d3f4e4ef8af316fd4207a6db03e856917d5124263104ba9ebf0db1be151ce65172d26b6338d24553df9fe65b828e2a452a39bde7d1144a875c20bd5e28da9db8","ssdeep":"768:hR0cTTu8eMbZLbhpa6a/b7z9SsbhbeA5gr9GiSo5E7Iw4TQv5:hRZXde96oRiG5","tlshash":"ae03a45d7af3142050b3317a4fbf69082276815f190ddd88fe2d11a48fc4a4eba66bbd","size":38309,"data":"","first_seen":"2023-03-07T01:18:35Z","last_seen":"2026-04-26T14:58:07.317919Z","times_seen":5701,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","fqdn":"rszjj7.top","domain":"rszjj7.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"9814c4f08d01018013f717f7fb05fac2","sha1":"cfed651f6770c6780288fd5865fdb9e4529ab70b","sha256":"8481dffe962cf59a0d2d96562e64ad197634f72bfe1b50ade6ebaa343b5c8ea4","sha512":"514c1497c4c1888085f67cca3fc0a200bf570e97c75da9d31755712a7f0f5964eb7f00f8948c118417e698dcb5c528480febaab34d9a7c7517264020fbb0ccaa","ssdeep":"","tlshash":"37e02b2998e706384cf67a441079da7934f878a4aaa3d057a25cc86dcd39fc54c14aed","size":424,"data":"","first_seen":"2025-01-17T06:00:31.072172Z","last_seen":"2026-02-16T13:59:16.393227Z","times_seen":73,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","fqdn":"rszjj7.top","domain":"rszjj7.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"61782ca6f2a82f20eaf6d9fb898c4cf4","sha1":"8fd9e92c91c2e0b6bff022f22a787b8bdf531885","sha256":"671e1020c69cdb8c2335e46e98e76b9c79c11544d1338cb083d8445075d0c609","sha512":"ec1b61d52e04b9bcd89389c297881e622daf3a2d4b20f0d601e7a1d2382c820fa6aac355207f067f811767947c929f2f5238138fad69e6f3ae536e98fa6e475a","ssdeep":"","tlshash":"60e02b2998e70a384cf67a441079da7934f878a4aab3d057525cc86dcd39fc54c14aed","size":424,"data":"","first_seen":"2025-06-17T05:13:29.085707Z","last_seen":"2025-11-27T21:38:10.121435Z","times_seen":37,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rszjj7.top/static/player/dplayer/webtorrent.min.js","fqdn":"rszjj7.top","domain":"rszjj7.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5e7e104b545010d20d66fb5dfffbfd36","sha1":"cc726e58a454fe23128399944094f727b49fb0b3","sha256":"53ee52566beac51b5b7c2883d735f7d4aff671d73d9d3c45f9ba66d3b0d1dff3","sha512":"8954085337ca119a27205f40358161bf143ab7be1286d46383fe2767f4bb50081171ccadc8de20a4bae46f3d7b9f4d16b705e18f63e089e81f4e85fd478db411","ssdeep":"3072:fcClpuCB2/oCRicWhqP/WWwJLvMKOCg6lrk/wHHNvnHbAip/NENiULPEy:0W6oC+QWW6kvMvHkUGb","tlshash":"ae4407c8baa17022539731b5112f540fb37a682a580d8578f340d8f56ebde9da237f78","size":265975,"data":"","first_seen":"2023-03-09T12:52:10Z","last_seen":"2026-04-26T12:44:43.097306Z","times_seen":1966,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rszjj7.top/static/js/player.js?t=a20251031","fqdn":"rszjj7.top","domain":"rszjj7.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ae960a30d07fe16b6a89c2ec900fd364","sha1":"a0a34824e7c8426fa717ebfdca5a206667de21cb","sha256":"f5d4414345c7260647834fc027eda6e617b50842c1d483e0eb12a299e086fd28","sha512":"d202d2b2995118e17892cf7f6e38cfefa5255ee6442acc3891be5347d0171b6adb566b05105bb86897536d685708ae8c68b77360f095f01ae8b7db6625a71b62","ssdeep":"96:Aa9WTDBJYsrTueTPlRls8wme//yJdz1neT6HNhHyomYIce9SU6:IIsrTuIlRls8o/qL5ng6HNhH/eP6","tlshash":"a7f13017232e1411c1f5ba6a5ea7480ae638a747061203e9fb3c75dc9ff8535563af38","size":8158,"data":"","first_seen":"2023-03-07T12:12:30Z","last_seen":"2026-04-26T09:46:07.694616Z","times_seen":403,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rszjj7.top/static/js/jquery.js","fqdn":"rszjj7.top","domain":"rszjj7.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"397754ba49e9e0cf4e7c190da78dda05","sha1":"ae49e56999d82802727455f0ba83b63acd90a22b","sha256":"c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4","sha512":"8c64754f77507ab2c24a6fc818419b9dd3f0ceccc9065290e41afdbee0743f0da2cb13b2fbb00afa525c082f1e697cb3ffd76ef9b902cb81d7c41ca1c641dffb","ssdeep":"1536:dnu00HWWaRxkqJg09pYxoxDKMXJrg8hXXO4dK3kyfiLJBhdSZE+I+Qg7rbaN1RUx:ddkWgoBhcZRQgmW42qe","tlshash":"8c932bdd72d2b03257ab30bd106f540ff2361959280d8850f268d8f9bc79a49a277f6d","size":92629,"data":"","first_seen":"2023-03-07T01:02:08Z","last_seen":"2026-04-26T16:03:48.093703Z","times_seen":63074,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","fqdn":"rszjj7.top","domain":"rszjj7.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"0543e53ff1500409db7a35b2278f84e4","sha1":"62bbd8983f29d376b8c4d4d24d8844f3b250e2f7","sha256":"21ff148f8ba1d8a29127990c6fa73571fc88ba7e0dc6fb1d6d33afc8b6bcd340","sha512":"a8a8c0a12aefa15baf8825ac787f341869e95310d176bf418c25288600a58a0342fe5cb21cac72c19d76022b2fb4d9983b102e9e0eed2e722e03bc63a33cc991","ssdeep":"","tlshash":"daf09e1159ef1dfd623a627e7d7e8d2d73eb2c19a4a0c0447e80d4259e72a8186507cc","size":510,"data":"","first_seen":"2025-06-17T05:13:29.087637Z","last_seen":"2025-11-27T21:38:10.121895Z","times_seen":27,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rszjj7.top/static/player/dplayer.js","fqdn":"rszjj7.top","domain":"rszjj7.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"cd4b8c6908d65f1b38297702436bb411","sha1":"21b02bcad0c7b6b5e05f65203d7fcaa670424785","sha256":"38cdec0c18bd69ef30e1c5584db742193f91c9910ab14d33f44a60d84fadb4be","sha512":"c6cd765809836fbb5940668d307f6a0e5ba8b606c30092b51a92efd2be60d6a23027a0dcfceb361132a813b881f72fe868a1138ca75e87346929df00d8eccb4d","ssdeep":"","tlshash":"5ad0a712e24ce80dd87a6395a1f28458371299a3e712e725ee63343d405d1b72d5177d","size":243,"data":"","first_seen":"2024-05-07T17:14:55Z","last_seen":"2026-04-26T04:38:40.365782Z","times_seen":256,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rszjj7.top/static/player/dplayer/dash.all.min.js","fqdn":"rszjj7.top","domain":"rszjj7.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"36eaa831a1c8d4695f36dfe564c7107e","sha1":"530f059f6be2c2a8297aca9fcdca3ff6ecfd3ecd","sha256":"b074dbe302792f75d5b71e82bf47fe46f3eb377a7ec604c8146fc725a2740d6b","sha512":"ed5ae807243fae6aa470530a2d1b33a66aebd81eca03d5cb50cf5611af0ccdc83a03e01afc70d735f2a7b116661a5564f1d74a7aa8fb60a6495a17152c86d7e4","ssdeep":"6144:Rw4gB7jaBEeTm1OLWdSUnzQkaQ6mrF1InSazuQQvP4vLqBA47AGbxdUCoCy:Rw4gR8y1OLWd5dmLqThod","tlshash":"dac408887681f492428754b2c47f150bb135dcaee408a864ebd5e9d03d789ae237bf3d","size":558107,"data":"","first_seen":"2023-03-10T10:42:10Z","last_seen":"2026-04-26T12:44:43.095504Z","times_seen":1958,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"a9e24f3258fecac69fad37a6885b9589","sha1":"f1fb70fea99118dea4cc83a491dc738680d8023f","sha256":"41b4ec87610c8dca9de8139ec6512242f006f3b75dd0c1cf11e8fafdd6a62865","sha512":"8b7344ff653b0ff01339f075bd27a65bec4f848dc2ccd88dba20542a158af912ab71d944ea89517d300590d5a03ec2f2c2f9c217cae4551c2a3bcd369ad5d6d4","ssdeep":"","tlshash":"9d011521520d3028d857b260f1f0de8c1735488bab224f68c8737c31a18947e1825d6d","size":713,"data":"","first_seen":"2023-03-07T01:15:08Z","last_seen":"2026-04-26T16:42:34.936403Z","times_seen":2915,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"91c7236ca8d1906329127f63ed3d5d31","sha1":"dad44f8590766ffdad9b2f5979f136dca5a280a4","sha256":"623c309054bf487f0f841fa06b71f92f49dbaaa9707ea19d1736be0cd7264d87","sha512":"f100c393b2582bdafa6de450f9310ab2fcd85094e2190bc0d1692eb988d8a48b3712958a1d7cdf25e7935701a9689502d341f04e019e72bd29be78df399b3124","ssdeep":"","tlshash":"bd900205ad04e454442058c80070941874308554a1259668e2a5294c4a1918a0d46411","size":49,"data":"","first_seen":"2023-03-10T15:13:43Z","last_seen":"2026-04-26T12:02:43.693568Z","times_seen":351,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"voddadaizi.com:52866/videos/202502/14/67aed8474e7d663df46495b0/cover.jpg","fqdn":"voddadaizi.com","domain":"voddadaizi.com","tld":"com"},"ip":{"addr":"173.249.235.92","port":52866,"asn":11878,"as":"TZULO","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","date":"2025-10-31T08:00:10.544Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.voddadaizi.com","organization":""},"issuer":{"commonName":"SSL.com TLS Issuing RSA CA R1","organization":"SSL Corporation"},"validity":{"start":"Thu, 19 Dec 2024 14:27:34 GMT","end":"Mon, 19 Jan 2026 14:27:34 GMT"},"fingerprint":{"sha1":"64:02:2F:72:F0:81:42:AD:15:56:E4:0D:51:FE:F3:68:13:04:9F:B1","sha256":"B8:52:F2:62:4D:7D:DF:D0:D7:34:6F:0D:66:D9:D9:1A:FC:B5:B4:36:A6:70:18:3C:D5:E3:32:5B:CC:D1:FD:A6"}}},"request":{"raw":"GET /videos/202502/14/67aed8474e7d663df46495b0/cover.jpg HTTP/1.1\r\nHost: voddadaizi.com:52866\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rszjj7.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 31 Oct 2025 08:00:11 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 16182\r\ncross-origin-opener-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\ncache-control: public, max-age=31536000\r\nlast-modified: Fri, 14 Feb 2025 11:53:30 GMT\r\netag: W/\"3f36-195044e869b\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16182,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"Generated by Snipaste\", baseline, precision 8, 276x390, components 3","md5":"05f057c7c68d8829eff5cdd637180e9e","sha1":"30bbbee2bf1845862fb49923ed1fec6cf6429966","sha256":"8b1e82627aa1cc76393a146813901d1c0b328813c6e361f166c9ad90d5a9a855","sha512":"db9c937fceab20f8febcd2f3203ba737541d3d01dd7a1a10d7c821c93f643c90af7939df17b827aea5bf7bfb0bdd2e9d0e013f0bd360ec22d9bcb734539c3f8f","ssdeep":"384:7JeTgiYTvq1DOq3HSJzKBxV3zfmE0j30mXwQiRHcmMUCvapBAD9p:7J/iY2XWzKVTmj30avitcvU+apBADb","tlshash":"8d72c07af389c3634b17707e563d3ee78b5615e994f239228d564a704220f385382e3d","first_seen":"2025-10-31T08:00:29.374071Z","last_seen":"2025-10-31T08:00:29.374071Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1806,"timings":{"blocked":705,"dns":11,"connect":149,"send":0,"wait":344,"receive":27,"ssl":561},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jpgjingpinx.com/upload/vod/20240208-1/61e083a54d50e0d2b5480353686738a2.jpg","fqdn":"jpgjingpinx.com","domain":"jpgjingpinx.com","tld":"com"},"ip":{"addr":"104.21.26.248","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","date":"2025-10-31T08:00:11.474Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jpgjingpinx.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 13:26:48 GMT","end":"Fri, 23 Jan 2026 14:23:24 GMT"},"fingerprint":{"sha1":"81:E5:A4:14:FC:3B:2F:1E:09:B0:9E:0A:D9:20:A5:91:E1:84:02:F8","sha256":"AD:03:4C:8F:61:CD:63:2E:9E:98:29:18:A0:6B:04:44:A7:A3:76:59:11:34:FB:F4:6F:E3:50:EC:2D:DA:93:E7"}}},"request":{"raw":"GET /upload/vod/20240208-1/61e083a54d50e0d2b5480353686738a2.jpg HTTP/1.1\r\nHost: jpgjingpinx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rszjj7.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Fri, 31 Oct 2025 08:00:11 GMT\r\ncontent-type: text/html\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=z%2FQAKbcZe%2B%2FeKAlEkFbHVnRVbohO9603%2BSBn4Gyd%2F15icUv6Wl%2Fsw0HI4ECSX3toot3lV7tLnM2tMofLdmX%2BAyxX01tXJgqYCv57JikwlQ%3D%3D\"}]}\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 99719e079b743181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T16:08:29.690696Z","times_seen":14235158,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rszjj7.top/static/player/dplayer/flv.min.js","fqdn":"rszjj7.top","domain":"rszjj7.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rszjj7.top/static/player/dplayer.html","date":"2025-10-31T08:00:11.787Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rszjj7.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Oct 2025 03:29:05 GMT","end":"Wed, 07 Jan 2026 04:27:27 GMT"},"fingerprint":{"sha1":"7C:56:55:5A:84:CB:28:CD:40:32:F4:10:D6:4B:B7:D0:7A:93:3E:CE","sha256":"A9:3C:2B:F5:9B:E4:96:25:E7:DA:17:FD:33:0E:C5:77:26:2D:14:62:3C:E3:F2:E1:CB:1E:61:50:75:06:72:9C"}}},"request":{"raw":"GET /static/player/dplayer/flv.min.js HTTP/1.1\r\nHost: rszjj7.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rszjj7.top/static/player/dplayer.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 31 Oct 2025 08:00:12 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Feb 2023 13:29:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"63f4c72d-299cb\"\r\nexpires: Fri, 31 Oct 2025 20:00:12 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jA9ZK3ZgdniGD9NG2br78QxOAMabeIdgWmgib3szD3cmijdYT0vDPJlVm0MhFfBWv%2Bq%2BafO9SiCyoSzxCXeuVqI5VqIOAlvg\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 99719e09afd5b4f9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":170443,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (31982)","md5":"1eaec119243c01fd19cca260fec95aac","sha1":"9a91f58c82094561a077b4684c5a8fd54ee8d140","sha256":"6a49cca365c1e2750f9baa1f04c99847a99a965f78704786f439a396ed481acd","sha512":"65ea4b5239dd70b62140c5d120bc21a5c71f306dad53c13e5fa473a927f6ef0a3601df72ecc005010636a9e55f5ef1e833a229efa0f509e6d27e92ce3790cad0","ssdeep":"1536:zCCjEQqBjzTaddMmL1kTkwcpMtMcVU5ybEYD09fc09Ms2W3bO8ZSkFkGbIDjArP/:zilTanMmLaAtPqOqq/PAK","tlshash":"73f309a93351a41281c67166583f120b227268556889c09cb77adcee6ffce8db173f7c","first_seen":"2023-03-10T10:42:11Z","last_seen":"2026-04-26T12:44:43.094739Z","times_seen":1969,"resource_available":true,"data":null}},"time_used":457,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":310,"receive":147,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"rszjj7.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"rszjj7.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rszjj7.top/static/player/dplayer/webtorrent.min.js","fqdn":"rszjj7.top","domain":"rszjj7.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rszjj7.top/static/player/dplayer.html","date":"2025-10-31T08:00:11.791Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rszjj7.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Oct 2025 03:29:05 GMT","end":"Wed, 07 Jan 2026 04:27:27 GMT"},"fingerprint":{"sha1":"7C:56:55:5A:84:CB:28:CD:40:32:F4:10:D6:4B:B7:D0:7A:93:3E:CE","sha256":"A9:3C:2B:F5:9B:E4:96:25:E7:DA:17:FD:33:0E:C5:77:26:2D:14:62:3C:E3:F2:E1:CB:1E:61:50:75:06:72:9C"}}},"request":{"raw":"GET /static/player/dplayer/webtorrent.min.js HTTP/1.1\r\nHost: rszjj7.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rszjj7.top/static/player/dplayer.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 31 Oct 2025 08:00:12 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Feb 2023 13:29:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"63f4c72d-40ef7\"\r\nexpires: Fri, 31 Oct 2025 20:00:12 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1JVs%2FFj%2Fs2THnaOwh2nc%2B5G%2BsXuP8961BFIZlbQc13WzBHSIOF58GvPM2pbgKmli%2B9RKNactdIslKobT5yfqbYEwho3TzBUz\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 99719e09afdbb4f9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":265975,"size_decoded":0,"mime_type":"application/javascript","magic":"data","md5":"5e7e104b545010d20d66fb5dfffbfd36","sha1":"cc726e58a454fe23128399944094f727b49fb0b3","sha256":"53ee52566beac51b5b7c2883d735f7d4aff671d73d9d3c45f9ba66d3b0d1dff3","sha512":"8954085337ca119a27205f40358161bf143ab7be1286d46383fe2767f4bb50081171ccadc8de20a4bae46f3d7b9f4d16b705e18f63e089e81f4e85fd478db411","ssdeep":"3072:fcClpuCB2/oCRicWhqP/WWwJLvMKOCg6lrk/wHHNvnHbAip/NENiULPEy:0W6oC+QWW6kvMvHkUGb","tlshash":"ae4407c8baa17022539731b5112f540fb37a682a580d8578f340d8f56ebde9da237f78","first_seen":"2023-03-09T12:52:10Z","last_seen":"2026-04-26T12:44:43.097306Z","times_seen":1966,"resource_available":true,"data":null}},"time_used":661,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":339,"receive":322,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"rszjj7.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"rszjj7.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rszjj7.top/static/player/dplayer/DPlayer.min.js","fqdn":"rszjj7.top","domain":"rszjj7.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rszjj7.top/static/player/dplayer.html","date":"2025-10-31T08:00:11.792Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rszjj7.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Oct 2025 03:29:05 GMT","end":"Wed, 07 Jan 2026 04:27:27 GMT"},"fingerprint":{"sha1":"7C:56:55:5A:84:CB:28:CD:40:32:F4:10:D6:4B:B7:D0:7A:93:3E:CE","sha256":"A9:3C:2B:F5:9B:E4:96:25:E7:DA:17:FD:33:0E:C5:77:26:2D:14:62:3C:E3:F2:E1:CB:1E:61:50:75:06:72:9C"}}},"request":{"raw":"GET /static/player/dplayer/DPlayer.min.js HTTP/1.1\r\nHost: rszjj7.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rszjj7.top/static/player/dplayer.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 31 Oct 2025 08:00:12 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Feb 2023 13:29:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"63f4c72d-27425\"\r\nexpires: Fri, 31 Oct 2025 20:00:12 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yAV2KPjkgmSOaOYiI20X%2FuQRQTxtbuSvrLI2rSHOHH%2Bxe4OoEO1A73lKj8w6CumJPdjx2phN9JnAXGpjZR9UFqbvtXxIW7RZ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 99719e09afdeb4f9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":160805,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"472552604f19815d0a634bd3d953171e","sha1":"490148a22ab2b03a880495cc733ecd1840c02ed6","sha256":"389834de50d93f4340725df0682f4e4f98c46bc5d9f123369f4f35224f79de8e","sha512":"d6dd94d7fd311a105902b883fbff6594e8633ece671410d9eca6e71c1e121b00143ebcf24bed362aeb35733d1ec64e5e3325f1c1f1f18ffd492ee89efe9eb15c","ssdeep":"1536:z+J45mB2BeDaJgotYr/hizxdUDr5+GslH7ukBbWLwVm2jBXl3PQ6DkbilY6G2wcd:m4IBvI7ukBbWC13zcvF+","tlshash":"48f3f85522947131029366e4c58ba70c32356325e9028b5ef13efacd8fadc8d2577f76","first_seen":"2023-03-08T05:44:13Z","last_seen":"2026-04-26T15:29:43.182075Z","times_seen":1961,"resource_available":true,"data":null}},"time_used":513,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":347,"receive":166,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"rszjj7.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"rszjj7.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dbt6ga5v6d15f.cloudfront.net/1322.png","fqdn":"dbt6ga5v6d15f.cloudfront.net","domain":"dbt6ga5v6d15f.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"3.167.7.204","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","date":"2025-10-31T08:00:11.853Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /1322.png HTTP/1.1\r\nHost: dbt6ga5v6d15f.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rszjj7.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 95822\r\nserver: nginx\r\ndate: Sun, 12 Oct 2025 14:56:18 GMT\r\nlast-modified: Tue, 05 Aug 2025 16:25:57 GMT\r\naccept-ranges: bytes\r\netag: \"68923095-1764e\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 0bc6ea800eda1e813056323cb53f8c70.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: yeoFoB0ZA0PDdGGuJRFxgApV274e3GSMm88Sl8x7VfRYPq-E2slWng==\r\nage: 1616633\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":95822,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced","md5":"2172428a7f157e7c2cd2e113fd84ffcd","sha1":"89f2335bb20f05aff3f45e7384992041338efba3","sha256":"51b66e4659ce1f2e3a131e4343a74685556e0561ee20a8395689f833fd63859a","sha512":"71b2d3d6d17a51ea43988703bf6614451b502595a65b06f0d7099c5a5b2b86f7cb4ddb9239714875dd9ba651bc4e8317c5ddd218a5f071e32b37830cd27b8461","ssdeep":"1536:iomea6PjBu3bdi+AvQJTEWCTJ2DD2nU5rmUF6Iac8WGeIqKefp/k9L+1XM/:Fmeawk3bE+Avk4rTwunU5rmWxaVqK+pu","tlshash":"479302b15699c6315e3ca58c56dbcd6cd503ab98e088768b32e2f313011a17beefc4d2","first_seen":"2025-06-14T06:31:33.051106Z","last_seen":"2026-01-23T14:55:28.985721Z","times_seen":46,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":12,"dns":53,"connect":2,"send":0,"wait":4,"receive":7,"ssl":7},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rszjj7.top/upload/site/20241115-1/044a1f169f537127a1c746690763af5f.png","fqdn":"rszjj7.top","domain":"rszjj7.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","date":"2025-10-31T08:00:10.535Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rszjj7.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Oct 2025 03:29:05 GMT","end":"Wed, 07 Jan 2026 04:27:27 GMT"},"fingerprint":{"sha1":"7C:56:55:5A:84:CB:28:CD:40:32:F4:10:D6:4B:B7:D0:7A:93:3E:CE","sha256":"A9:3C:2B:F5:9B:E4:96:25:E7:DA:17:FD:33:0E:C5:77:26:2D:14:62:3C:E3:F2:E1:CB:1E:61:50:75:06:72:9C"}}},"request":{"raw":"GET /upload/site/20241115-1/044a1f169f537127a1c746690763af5f.png HTTP/1.1\r\nHost: rszjj7.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 31 Oct 2025 08:00:10 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Fri, 15 Nov 2024 13:34:40 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67374df0-f95c\"\r\nexpires: Sun, 30 Nov 2025 08:00:10 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QqqqYR5%2B19CSWVXba6hU0Vmr2iu3MoB1cNg9FAjlx%2B80EDpBZc7ByatcHJMCLtv%2FI5ZEv6Rgmx2FsL7PP4Dws19j8googrcY\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 99719e01b848b4f9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":63836,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 610 x 134, 8-bit/color RGBA, non-interlaced","md5":"1c1bd0dc89f5e1ed5a80f01935ef7c1b","sha1":"e3328f36b9943c07bdf81cb67d42af7b83dafdee","sha256":"07625e0aea2b0ad46f604eff84533517efc80113f871d5c641be48f41d252583","sha512":"21b93053f647a2a0e8f418d75d5e74b880a3390a9dca6e43855f8701a9bb3ee60f0f9c6a59fead7489ab4699b7df0c533d2c172f3cd7591adfc312a280342b61","ssdeep":"1536:sI3+g+GuoVr6qOgAnWawBKvPgZmWSUyfb9hG/SM5+9:x3CToV+XgiXvmSUyfb9h1P","tlshash":"9053013ded08c1f981d69414a7632dda95349c280f0c778e06e3e3664462dfba8b6fc9","first_seen":"2025-06-17T05:13:29.077307Z","last_seen":"2025-11-27T21:38:10.081326Z","times_seen":37,"resource_available":false,"data":null}},"time_used":600,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":307,"receive":293,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"rszjj7.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"rszjj7.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"voddadaizi.com:52866/videos/202502/15/67b05d41846149d7bc56f8a1/cover.jpg","fqdn":"voddadaizi.com","domain":"voddadaizi.com","tld":"com"},"ip":{"addr":"173.249.235.92","port":52866,"asn":11878,"as":"TZULO","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","date":"2025-10-31T08:00:10.543Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.voddadaizi.com","organization":""},"issuer":{"commonName":"SSL.com TLS Issuing RSA CA R1","organization":"SSL Corporation"},"validity":{"start":"Thu, 19 Dec 2024 14:27:34 GMT","end":"Mon, 19 Jan 2026 14:27:34 GMT"},"fingerprint":{"sha1":"64:02:2F:72:F0:81:42:AD:15:56:E4:0D:51:FE:F3:68:13:04:9F:B1","sha256":"B8:52:F2:62:4D:7D:DF:D0:D7:34:6F:0D:66:D9:D9:1A:FC:B5:B4:36:A6:70:18:3C:D5:E3:32:5B:CC:D1:FD:A6"}}},"request":{"raw":"GET /videos/202502/15/67b05d41846149d7bc56f8a1/cover.jpg HTTP/1.1\r\nHost: voddadaizi.com:52866\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rszjj7.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 31 Oct 2025 08:00:11 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 23260\r\ncross-origin-opener-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\ncache-control: public, max-age=31536000\r\nlast-modified: Sat, 15 Feb 2025 09:23:53 GMT\r\netag: W/\"5adc-19508ebe92e\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23260,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"Generated by Snipaste\", baseline, precision 8, 285x382, components 3","md5":"e77e7f6e3a47c0ede7c03255d020572b","sha1":"f71b5388ae3e8aad7ec4b9619c4b0e66837fce6a","sha256":"4a4142a13db5de718ecdd4afd1b7bd59d0bde300dee43d5189d2b5bbaafb4a9c","sha512":"2af12769c7fcca9765b29df2a4cfa62c9b0f7a213a6f61ee3a068cb22f45a4a9246df0025bdf8f04bbe5a32708ede9d2eebc9cd000785aa7fe3221f3613b243a","ssdeep":"384:+MY+BNMaU1yl09mGPwl7PMwY9XEkwndnhj1gYhjq2sLdbRZAppVJg9dNRaI72/MN:+SuylAmNlLMwYvMdh5n1sxAPVJedNN2U","tlshash":"44a2d0339650a5b09a01bfbf0a4c237dee35d5f4b9a1e4309149ddaf29a0e81c78d49e","first_seen":"2025-10-31T08:00:29.386367Z","last_seen":"2025-11-07T08:40:23.395541Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2019,"timings":{"blocked":783,"dns":12,"connect":149,"send":0,"wait":396,"receive":33,"ssl":642},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"voddadaizi.com:52866/videos/202502/15/67b017ffcf22ae3e04bdc013/cover.jpg","fqdn":"voddadaizi.com","domain":"voddadaizi.com","tld":"com"},"ip":{"addr":"173.249.235.92","port":52866,"asn":11878,"as":"TZULO","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","date":"2025-10-31T08:00:10.552Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.voddadaizi.com","organization":""},"issuer":{"commonName":"SSL.com TLS Issuing RSA CA R1","organization":"SSL Corporation"},"validity":{"start":"Thu, 19 Dec 2024 14:27:34 GMT","end":"Mon, 19 Jan 2026 14:27:34 GMT"},"fingerprint":{"sha1":"64:02:2F:72:F0:81:42:AD:15:56:E4:0D:51:FE:F3:68:13:04:9F:B1","sha256":"B8:52:F2:62:4D:7D:DF:D0:D7:34:6F:0D:66:D9:D9:1A:FC:B5:B4:36:A6:70:18:3C:D5:E3:32:5B:CC:D1:FD:A6"}}},"request":{"raw":"GET /videos/202502/15/67b017ffcf22ae3e04bdc013/cover.jpg HTTP/1.1\r\nHost: voddadaizi.com:52866\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rszjj7.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 31 Oct 2025 08:00:11 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 21537\r\ncross-origin-opener-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\naccess-control-allow-headers: X-Requested-With, Content-Type\r\ncache-control: public, max-age=31536000\r\nlast-modified: Fri, 29 Aug 2025 02:33:16 GMT\r\netag: W/\"5421-198f3ac1112\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21537,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"Generated by Snipaste\", baseline, precision 8, 287x406, components 3","md5":"f3b166297a459ab43e3c6c265a921317","sha1":"57487b35c1d9cd2b1541678673dec852e64b371d","sha256":"0b44107cee9e7635ebab195795555d76c9de373c4d3bb2bf366d49f3f8d5042c","sha512":"2a2d6c9131083c37033bd47b812e349f88a23bbd378de59290daf1d7e9b5f8aecd695930f407c5c14aea60fde69263540dbc0601144e87af0bdb8f48018cd7ec","ssdeep":"384:IrUnv8yj4vxRZVFCmGDgLQ+H1WT3NvS6NdKw8tyK8fYuVUhCXU8W5QWGYcKX/erT:IrUnv8ycvb9UgLv43Na62Ztb8AuVU0BP","tlshash":"48a2d0db0bea13255916bce9b6fdab5bc64b101a37c43ba41cbb42b1bf50843d710834","first_seen":"2025-10-18T02:21:53.600449Z","last_seen":"2025-11-09T13:18:30.58155Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1323,"timings":{"blocked":-1,"dns":6,"connect":148,"send":0,"wait":494,"receive":3,"ssl":664},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"union.maccms.la/html/prestrain.html","fqdn":"union.maccms.la","domain":"maccms.la","tld":"la"},"ip":{"addr":"192.253.235.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","date":"2025-10-31T08:00:11.445Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"union.maccms.la","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Sep 2025 07:14:05 GMT","end":"Tue, 09 Dec 2025 07:14:04 GMT"},"fingerprint":{"sha1":"5C:55:17:7A:27:BC:78:BE:0C:54:FC:EE:29:E0:2C:7D:61:38:48:94","sha256":"61:E9:9F:30:66:5C:AC:80:8B:BB:AF:45:EF:F6:C8:B0:55:4C:1B:70:39:C1:B6:E4:9F:E5:5D:86:5B:09:5B:A8"}}},"request":{"raw":"GET /html/prestrain.html HTTP/1.1\r\nHost: union.maccms.la\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rszjj7.top/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\naccess-control-allow-origin: *\r\ncontent-type: text/html; charset=utf-8\r\nlocation: https://union.dplayerstatic.com/html/prestrain.html\r\nstrict-transport-security: max-age=31536000\r\ncontent-length: 0\r\ndate: Fri, 31 Oct 2025 08:00:13 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3212,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T16:08:29.690696Z","times_seen":14235158,"resource_available":true,"data":null}},"time_used":3729,"timings":{"blocked":1696,"dns":1009,"connect":337,"send":0,"wait":337,"receive":0,"ssl":348},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"union.maccms.la","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rszjj7.top/template/riri//css/zui.css","fqdn":"rszjj7.top","domain":"rszjj7.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","date":"2025-10-31T08:00:10.529Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rszjj7.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Oct 2025 03:29:05 GMT","end":"Wed, 07 Jan 2026 04:27:27 GMT"},"fingerprint":{"sha1":"7C:56:55:5A:84:CB:28:CD:40:32:F4:10:D6:4B:B7:D0:7A:93:3E:CE","sha256":"A9:3C:2B:F5:9B:E4:96:25:E7:DA:17:FD:33:0E:C5:77:26:2D:14:62:3C:E3:F2:E1:CB:1E:61:50:75:06:72:9C"}}},"request":{"raw":"GET /template/riri//css/zui.css HTTP/1.1\r\nHost: rszjj7.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 31 Oct 2025 08:00:10 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Tue, 03 Oct 2023 13:09:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"651c1284-16139\"\r\nexpires: Fri, 31 Oct 2025 20:00:10 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=N4pQ3Cr2wCZai6pU0aaMF%2F%2FeKgybwvtt9zLezsslM3w7WduxLwl6Jxs2x4WNtIdUzYxu91YFFsERDYUjVNAV4RXA3uNrf1UB\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 99719e01a841b4f9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":90425,"size_decoded":0,"mime_type":"text/css","magic":"CSV Unicode text, UTF-8 text","md5":"375477366e775983d88d37569f2e13a6","sha1":"0924a6e79c99447815cb877e4f3210221e7a4f52","sha256":"4988759c988cc1f74eb2dab9007ee33b71e3240a7bdc3f5257318a81883249eb","sha512":"3400178c3b5555b6ca9e4e8a3df59e4342e04efb06507d04cee79be75a84bd3fb67025fb423995a8fd529815616b8e4a4101189d7a5b24e775c0ac27352ee8f6","ssdeep":"1536:hNU97qj7PX6qgHRQblsTXa4y0W2oAXFm4hzhQbsTBb2D4TkABzwD4TT8:kqj7PX6qgHGZsTXaIW2owFmUu4TBb2D9","tlshash":"36933156dbb30889b40f81a8abfe676573295083910fcd78bf8d72588f050d599b2f8d","first_seen":"2025-05-24T05:34:36.545936Z","last_seen":"2026-03-31T12:19:33.781341Z","times_seen":184,"resource_available":false,"data":null}},"time_used":312,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":312,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"rszjj7.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"rszjj7.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jpgjingpinx.com/upload/vod/20241204-1/151d7231ac97b874f3c36555daf95fb3.jpg","fqdn":"jpgjingpinx.com","domain":"jpgjingpinx.com","tld":"com"},"ip":{"addr":"104.21.26.248","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","date":"2025-10-31T08:00:10.550Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jpgjingpinx.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 13:26:48 GMT","end":"Fri, 23 Jan 2026 14:23:24 GMT"},"fingerprint":{"sha1":"81:E5:A4:14:FC:3B:2F:1E:09:B0:9E:0A:D9:20:A5:91:E1:84:02:F8","sha256":"AD:03:4C:8F:61:CD:63:2E:9E:98:29:18:A0:6B:04:44:A7:A3:76:59:11:34:FB:F4:6F:E3:50:EC:2D:DA:93:E7"}}},"request":{"raw":"GET /upload/vod/20241204-1/151d7231ac97b874f3c36555daf95fb3.jpg HTTP/1.1\r\nHost: jpgjingpinx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rszjj7.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Fri, 31 Oct 2025 08:00:11 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LcduaKMNAeE5vVAUYuYdE%2F9yV5Mod%2BXvdK282QvMpFvKF%2FgbXWcVglzNknu4oDslCKlsICN0DzJO7S2b9KYdZPhwZ94CdqDEuyvms96ZJQ%3D%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 99719e01f87e120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T16:08:29.690696Z","times_seen":14235158,"resource_available":true,"data":null}},"time_used":576,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":539,"receive":0,"ssl":35},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jpgjingpinx.com/upload/vod/20241204-1/151d7231ac97b874f3c36555daf95fb3.jpg","fqdn":"jpgjingpinx.com","domain":"jpgjingpinx.com","tld":"com"},"ip":{"addr":"104.21.26.248","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","date":"2025-10-31T08:00:11.472Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jpgjingpinx.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 13:26:48 GMT","end":"Fri, 23 Jan 2026 14:23:24 GMT"},"fingerprint":{"sha1":"81:E5:A4:14:FC:3B:2F:1E:09:B0:9E:0A:D9:20:A5:91:E1:84:02:F8","sha256":"AD:03:4C:8F:61:CD:63:2E:9E:98:29:18:A0:6B:04:44:A7:A3:76:59:11:34:FB:F4:6F:E3:50:EC:2D:DA:93:E7"}}},"request":{"raw":"GET /upload/vod/20241204-1/151d7231ac97b874f3c36555daf95fb3.jpg HTTP/1.1\r\nHost: jpgjingpinx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rszjj7.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Fri, 31 Oct 2025 08:00:11 GMT\r\ncontent-type: text/html\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=I4ybBLe4nrd6PNwANKrfmSWsEkO6CTWE6NEV2ZXH2K39tr2hwZ3dDvUj5tmcoAzrjaHGUhbYANsT0VxH87RMIusGdYojI19ZJW2PWcHSkQ%3D%3D\"}]}\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 99719e079b733181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T16:08:29.690696Z","times_seen":14235158,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cpbfj.zhwen415-no4c.today/static/17c.gif","fqdn":"cpbfj.zhwen415-no4c.today","domain":"zhwen415-no4c.today","tld":"today"},"ip":{"addr":"104.21.59.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","date":"2025-10-31T08:00:10.537Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zhwen415-no4c.today","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Oct 2025 14:36:05 GMT","end":"Wed, 14 Jan 2026 15:34:49 GMT"},"fingerprint":{"sha1":"AC:DE:59:43:38:7F:DF:C7:C1:6E:20:19:A8:90:9A:FD:F8:07:60:FA","sha256":"B4:47:BC:1C:8A:DE:8B:D2:A4:BF:75:97:21:27:01:C5:82:C0:D7:C4:6C:23:D3:A7:4A:64:E2:6F:0E:06:83:94"}}},"request":{"raw":"GET /static/17c.gif HTTP/1.1\r\nHost: cpbfj.zhwen415-no4c.today\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rszjj7.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Fri, 31 Oct 2025 08:00:10 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RM%2Bz6p1Tmn4WMmAnv54W9KK5YAcZ05LLtozwC71XOn0xd0KRVub9KlYtgNteTB%2F6ohdWgvKkx7A4ftE0zPRcuQFpVLFOoUzyr5QpjIi%2BhWlTy3FziEqm\"}]}\r\ncontent-encoding: br\r\ncf-ray: 99719e023cf356c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T16:08:29.690696Z","times_seen":14235158,"resource_available":true,"data":null}},"time_used":537,"timings":{"blocked":63,"dns":66,"connect":1,"send":0,"wait":389,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"cpbfj.zhwen415-no4c.today","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rszjj7.top/static/js/player.js?t=a20251031","fqdn":"rszjj7.top","domain":"rszjj7.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","date":"2025-10-31T08:00:10.540Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rszjj7.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Oct 2025 03:29:05 GMT","end":"Wed, 07 Jan 2026 04:27:27 GMT"},"fingerprint":{"sha1":"7C:56:55:5A:84:CB:28:CD:40:32:F4:10:D6:4B:B7:D0:7A:93:3E:CE","sha256":"A9:3C:2B:F5:9B:E4:96:25:E7:DA:17:FD:33:0E:C5:77:26:2D:14:62:3C:E3:F2:E1:CB:1E:61:50:75:06:72:9C"}}},"request":{"raw":"GET /static/js/player.js?t=a20251031 HTTP/1.1\r\nHost: rszjj7.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 31 Oct 2025 08:00:10 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Thu, 17 Apr 2025 05:58:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68009870-1fde\"\r\nexpires: Fri, 31 Oct 2025 20:00:10 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BUioyll%2FFQsvbN8lNKauzHce63S3Blw0ADrm%2B43ndvZ9okqu6ltk0PrNBLeznqd6CqqFop1bPJfUdEau3eZf4vQbdk74U2f7\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 99719e01b850b4f9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8158,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2677), with CRLF line terminators","md5":"ae960a30d07fe16b6a89c2ec900fd364","sha1":"a0a34824e7c8426fa717ebfdca5a206667de21cb","sha256":"f5d4414345c7260647834fc027eda6e617b50842c1d483e0eb12a299e086fd28","sha512":"d202d2b2995118e17892cf7f6e38cfefa5255ee6442acc3891be5347d0171b6adb566b05105bb86897536d685708ae8c68b77360f095f01ae8b7db6625a71b62","ssdeep":"96:Aa9WTDBJYsrTueTPlRls8wme//yJdz1neT6HNhHyomYIce9SU6:IIsrTuIlRls8o/qL5ng6HNhH/eP6","tlshash":"a7f13017232e1411c1f5ba6a5ea7480ae638a747061203e9fb3c75dc9ff8535563af38","first_seen":"2023-03-07T12:12:30Z","last_seen":"2026-04-26T09:46:07.694616Z","times_seen":403,"resource_available":true,"data":null}},"time_used":310,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":306,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"rszjj7.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"rszjj7.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rszjj7.top/static/player/dplayer.js","fqdn":"rszjj7.top","domain":"rszjj7.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","date":"2025-10-31T08:00:11.099Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rszjj7.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Oct 2025 03:29:05 GMT","end":"Wed, 07 Jan 2026 04:27:27 GMT"},"fingerprint":{"sha1":"7C:56:55:5A:84:CB:28:CD:40:32:F4:10:D6:4B:B7:D0:7A:93:3E:CE","sha256":"A9:3C:2B:F5:9B:E4:96:25:E7:DA:17:FD:33:0E:C5:77:26:2D:14:62:3C:E3:F2:E1:CB:1E:61:50:75:06:72:9C"}}},"request":{"raw":"GET /static/player/dplayer.js HTTP/1.1\r\nHost: rszjj7.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 31 Oct 2025 08:00:11 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Feb 2023 13:29:17 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Fri, 31 Oct 2025 20:00:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Fblc4wI9L9LeutzKRRk36ffuEYtOeGujHDCNwTYlW%2FAqYwvAKdfwo4W7c%2F6fN6CVmDXiksxjFJWIB%2B%2BCBodXL8eoX%2FBe0n3G\"}]}\r\netag: W/\"63f4c72d-f3\"\r\ncontent-encoding: br\r\ncf-ray: 99719e055be9b4f9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":243,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"cd4b8c6908d65f1b38297702436bb411","sha1":"21b02bcad0c7b6b5e05f65203d7fcaa670424785","sha256":"38cdec0c18bd69ef30e1c5584db742193f91c9910ab14d33f44a60d84fadb4be","sha512":"c6cd765809836fbb5940668d307f6a0e5ba8b606c30092b51a92efd2be60d6a23027a0dcfceb361132a813b881f72fe868a1138ca75e87346929df00d8eccb4d","ssdeep":"","tlshash":"5ad0a712e24ce80dd87a6395a1f28458371299a3e712e725ee63343d405d1b72d5177d","first_seen":"2024-05-07T17:14:55Z","last_seen":"2026-04-26T04:38:40.365782Z","times_seen":256,"resource_available":true,"data":null}},"time_used":339,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":339,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"rszjj7.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"rszjj7.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jpgjingpinx.com/upload/vod/20240119-1/aeef726e1b7394ea6f081f7ea1d557d4.jpg","fqdn":"jpgjingpinx.com","domain":"jpgjingpinx.com","tld":"com"},"ip":{"addr":"104.21.26.248","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","date":"2025-10-31T08:00:11.469Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jpgjingpinx.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 13:26:48 GMT","end":"Fri, 23 Jan 2026 14:23:24 GMT"},"fingerprint":{"sha1":"81:E5:A4:14:FC:3B:2F:1E:09:B0:9E:0A:D9:20:A5:91:E1:84:02:F8","sha256":"AD:03:4C:8F:61:CD:63:2E:9E:98:29:18:A0:6B:04:44:A7:A3:76:59:11:34:FB:F4:6F:E3:50:EC:2D:DA:93:E7"}}},"request":{"raw":"GET /upload/vod/20240119-1/aeef726e1b7394ea6f081f7ea1d557d4.jpg HTTP/1.1\r\nHost: jpgjingpinx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rszjj7.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Fri, 31 Oct 2025 08:00:11 GMT\r\ncontent-type: text/html\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=w6oreCG8zSSGRTp3ICrFQnPWAoSeRpWNdI7VrfU7n3xTea%2F0YfEwpBpGIivOb1kCv0KFFCyk5C0wdiz5gY%2FwOc4F0JCv6%2F4gWfEVQdmRZA%3D%3D\"}]}\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 99719e079b723181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T16:08:29.690696Z","times_seen":14235158,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"03hao.top/20240406/1qRN2Vmp/index.m3u8","fqdn":"03hao.top","domain":"03hao.top","tld":"top"},"ip":{"addr":"204.188.235.18","port":443,"asn":46844,"as":"SHARKTECH","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rszjj7.top/static/player/dplayer.html","date":"2025-10-31T08:00:12.700Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.03hao.top","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Thu, 17 Oct 2024 04:24:20 GMT","end":"Mon, 17 Nov 2025 04:24:20 GMT"},"fingerprint":{"sha1":"37:53:43:FA:86:54:CC:6D:E1:4C:4C:AA:67:31:D8:94:FF:20:E1:E7","sha256":"85:0D:07:01:75:62:1D:D4:8D:5C:9A:4E:38:B1:7E:05:73:A8:61:27:55:59:68:5C:0E:39:65:DC:F3:00:7B:14"}}},"request":{"raw":"GET /20240406/1qRN2Vmp/index.m3u8 HTTP/1.1\r\nHost: 03hao.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://rszjj7.top\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rszjj7.top/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 502 Bad Gateway\r\nX-Cache: MISS\r\nDate: Fri, 31 Oct 2025 08:00:15 GMT\r\nContent-Length: 438\r\nContent-Type: text/html; charset=utf-8\r\n\r\n","headers":null,"cookies":null,"status_code":"502","status_text":"Bad Gateway","fingerprints":null,"data":{"size":438,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"47ca9ca509e1b07f2e18880fc595ff88","sha1":"a26ce5a903c08ee01b07690301a25e91829e9299","sha256":"e05f22d5b9880b193762b7a82667dfde6289ac98ed198dfb77c0f6c6933e28c9","sha512":"5402c233970207b8295aeca47aca89aa5769b94335db145e4ecbe50fd9e0004c70e5264a4782ef4707de0754b4f23788fa3819a4869992a49483d7bfec07e46b","ssdeep":"","tlshash":"7df05c6a71003150b2d3927c5696335057102ac2e24e544159d7edbf9fe9b28cd8e6d2","first_seen":"2025-10-31T08:00:29.392296Z","last_seen":"2025-10-31T08:00:29.392296Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5087,"timings":{"blocked":2487,"dns":1782,"connect":111,"send":0,"wait":111,"receive":1,"ssl":591},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"03hao.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","fqdn":"rszjj7.top","domain":"rszjj7.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-31T07:59:56.814Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rszjj7.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Oct 2025 03:29:05 GMT","end":"Wed, 07 Jan 2026 04:27:27 GMT"},"fingerprint":{"sha1":"7C:56:55:5A:84:CB:28:CD:40:32:F4:10:D6:4B:B7:D0:7A:93:3E:CE","sha256":"A9:3C:2B:F5:9B:E4:96:25:E7:DA:17:FD:33:0E:C5:77:26:2D:14:62:3C:E3:F2:E1:CB:1E:61:50:75:06:72:9C"}}},"request":{"raw":"GET /index.php/vod/play/id/18841/sid/1/nid/1.html HTTP/1.1\r\nHost: rszjj7.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 31 Oct 2025 08:00:10 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eFd2LauE6%2FMYc5mgaJosj3ByJGgMMmVZ6uxq6i8SrEF19jsn1AMiGM%2BaIR62BbtzG0erdX%2FKpSOQalWkByrikgipy6ti7B%2Bt58k%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 99719dae19a6723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":56932,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2331), with CRLF, CR, LF line terminators","md5":"bd229616d7d7359d2e85505fe6adc740","sha1":"f7a5118399431bb9ffb570725db8ea846b0576a0","sha256":"9b98ca67d2f341e4326e188328195b8f87fb141f7b4c801b1ba8b1499ca5d501","sha512":"ed024606f0dcb44809fcf73045d932dc069d3c7cb1b9099520b1697407d9e64a1dc60d66266072f1654b3804d42ce28cace8acc90612d7902637f4c752e15548","ssdeep":"768:LNNtV25TQjvFN5Rlza0apQ4lapQ4J405lZdyz:LNVKTQLv5RlG0apQ4lapQ4J405lZc","tlshash":"8643331392cd592b526351d7c135b31ad077e636cb030e41fabd32b7b78ae64a46328e","first_seen":"2025-10-31T08:00:29.393265Z","last_seen":"2025-10-31T08:00:29.393265Z","times_seen":1,"resource_available":false,"data":null}},"time_used":13780,"timings":{"blocked":322,"dns":304,"connect":1,"send":0,"wait":13136,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"rszjj7.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"rszjj7.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jpgjingpinx.com/upload/vod/20240119-1/aeef726e1b7394ea6f081f7ea1d557d4.jpg","fqdn":"jpgjingpinx.com","domain":"jpgjingpinx.com","tld":"com"},"ip":{"addr":"104.21.26.248","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","date":"2025-10-31T08:00:10.546Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jpgjingpinx.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 13:26:48 GMT","end":"Fri, 23 Jan 2026 14:23:24 GMT"},"fingerprint":{"sha1":"81:E5:A4:14:FC:3B:2F:1E:09:B0:9E:0A:D9:20:A5:91:E1:84:02:F8","sha256":"AD:03:4C:8F:61:CD:63:2E:9E:98:29:18:A0:6B:04:44:A7:A3:76:59:11:34:FB:F4:6F:E3:50:EC:2D:DA:93:E7"}}},"request":{"raw":"GET /upload/vod/20240119-1/aeef726e1b7394ea6f081f7ea1d557d4.jpg HTTP/1.1\r\nHost: jpgjingpinx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rszjj7.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Fri, 31 Oct 2025 08:00:11 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GSApUdv0bqCt6JSIXfSZJ1R6DBDr%2BOCK98V3B9PbBynDxlUMUSj7IcgAXdt8QX%2F26AXTm2YreFnV5S%2Fm9wKn9uECrZpOV5SBHNxQUax6Ww%3D%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 99719e020886120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T16:08:29.690696Z","times_seen":14235158,"resource_available":true,"data":null}},"time_used":624,"timings":{"blocked":17,"dns":3,"connect":1,"send":0,"wait":565,"receive":0,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"voddadaizi.com:52866/videos/202502/14/67af3c05cf22ae3e04bdb786/cover.jpg","fqdn":"voddadaizi.com","domain":"voddadaizi.com","tld":"com"},"ip":{"addr":"173.249.235.92","port":52866,"asn":11878,"as":"TZULO","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","date":"2025-10-31T08:00:10.548Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.voddadaizi.com","organization":""},"issuer":{"commonName":"SSL.com TLS Issuing RSA CA R1","organization":"SSL Corporation"},"validity":{"start":"Thu, 19 Dec 2024 14:27:34 GMT","end":"Mon, 19 Jan 2026 14:27:34 GMT"},"fingerprint":{"sha1":"64:02:2F:72:F0:81:42:AD:15:56:E4:0D:51:FE:F3:68:13:04:9F:B1","sha256":"B8:52:F2:62:4D:7D:DF:D0:D7:34:6F:0D:66:D9:D9:1A:FC:B5:B4:36:A6:70:18:3C:D5:E3:32:5B:CC:D1:FD:A6"}}},"request":{"raw":"GET /videos/202502/14/67af3c05cf22ae3e04bdb786/cover.jpg HTTP/1.1\r\nHost: voddadaizi.com:52866\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rszjj7.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 31 Oct 2025 08:00:11 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 24250\r\ncross-origin-opener-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\ncache-control: public, max-age=31536000\r\nlast-modified: Sat, 15 Feb 2025 12:09:46 GMT\r\netag: W/\"5eba-1950983caa7\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":24250,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"Generated by Snipaste\", baseline, precision 8, 302x460, components 3","md5":"8710770405e49498872042f87a607083","sha1":"6a43940c4c42520d78ac4e8495370fb5ca07df42","sha256":"29aaae018e66c05e58be3bbdb4a71bf919da6f4a2493cabc150c04b69ab0c542","sha512":"15f46067beffff89a8fc4d280a3024873cbf3cab61d7e2167575266d5b7c231ce6053d06a6655dc707c7f80697f85b4ccb59edfabdd9214d312d183ef3a91c9a","ssdeep":"384:P9KsJsEV4TgO0j01cSdoQs4pURpenJpeZjr4dAxbKHUZ59QIOgTUZmi2KZQhnKSf:P9Fxy/0Y1cSbWesT1TUw4KuZItnOjnI","tlshash":"73b2b035fb82c7554687592f753e3e338b5c62d262e8010b56a70fb21de8d38a317a2d","first_seen":"2025-10-18T02:21:53.574793Z","last_seen":"2025-11-25T15:21:55.357457Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1180,"timings":{"blocked":-1,"dns":8,"connect":149,"send":0,"wait":396,"receive":53,"ssl":559},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rszjj7.top/static/player/dplayer/DPlayer.min.css","fqdn":"rszjj7.top","domain":"rszjj7.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rszjj7.top/static/player/dplayer.html","date":"2025-10-31T08:00:11.785Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rszjj7.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Oct 2025 03:29:05 GMT","end":"Wed, 07 Jan 2026 04:27:27 GMT"},"fingerprint":{"sha1":"7C:56:55:5A:84:CB:28:CD:40:32:F4:10:D6:4B:B7:D0:7A:93:3E:CE","sha256":"A9:3C:2B:F5:9B:E4:96:25:E7:DA:17:FD:33:0E:C5:77:26:2D:14:62:3C:E3:F2:E1:CB:1E:61:50:75:06:72:9C"}}},"request":{"raw":"GET /static/player/dplayer/DPlayer.min.css HTTP/1.1\r\nHost: rszjj7.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rszjj7.top/static/player/dplayer.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 31 Oct 2025 08:00:12 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Feb 2023 13:29:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"63f4c72d-b0c1\"\r\nexpires: Fri, 31 Oct 2025 20:00:12 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JX3xsVmBbHOd4TskwSNeqFmIlSo98CZZlbAeaXXHRhuh62cHqvD0qfB3HpN4KmU55xvr6387q7lIULvNLejCJj4ZYFMk2Hg3\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 99719e099fd3b4f9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":45249,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (36675)","md5":"31ac9b1a5a7f018dcc9a0e0f66261c08","sha1":"f7d19655f873b813ffba5d1a17145c91f82631b8","sha256":"fba0d89e59046d8bd52df0d3b28850b3af41aa4959233634286087af7d741b03","sha512":"0a300da551f0c709c5501b27e5a582bd7a8f7678ef23d71b83938233dca8ec205aa5d7b3243da88ce0772eeb54dfefb33213236fc36774a968881696cad0b019","ssdeep":"768:7FK8KSkZqtIfw3YH4ZqtIfw3YHvHYr/hizxdUDr5+0ysGif0y9g:9HYr/hizxdUDr5+9soyg","tlshash":"4013bb1618a5329891225b91cbc8676c6738d312e9224f8ff31b780ecf8e69d215ff57","first_seen":"2023-05-02T12:31:45Z","last_seen":"2026-04-26T16:42:34.898102Z","times_seen":2842,"resource_available":false,"data":null}},"time_used":311,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":311,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"rszjj7.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"rszjj7.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"03hao.top/20240406/1qRN2Vmp/index.m3u8","fqdn":"03hao.top","domain":"03hao.top","tld":"top"},"ip":{"addr":"204.188.235.18","port":443,"asn":46844,"as":"SHARKTECH","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rszjj7.top/static/player/dplayer.html","date":"2025-10-31T08:00:16.327Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.03hao.top","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Thu, 17 Oct 2024 04:24:20 GMT","end":"Mon, 17 Nov 2025 04:24:20 GMT"},"fingerprint":{"sha1":"37:53:43:FA:86:54:CC:6D:E1:4C:4C:AA:67:31:D8:94:FF:20:E1:E7","sha256":"85:0D:07:01:75:62:1D:D4:8D:5C:9A:4E:38:B1:7E:05:73:A8:61:27:55:59:68:5C:0E:39:65:DC:F3:00:7B:14"}}},"request":{"raw":"GET /20240406/1qRN2Vmp/index.m3u8 HTTP/1.1\r\nHost: 03hao.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://rszjj7.top\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rszjj7.top/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 502 Bad Gateway\r\nX-Cache: MISS\r\nDate: Fri, 31 Oct 2025 08:00:16 GMT\r\nContent-Length: 438\r\nContent-Type: text/html; charset=utf-8\r\n\r\n","headers":null,"cookies":null,"status_code":"502","status_text":"Bad Gateway","fingerprints":null,"data":{"size":438,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"39fed8aa93d06acb6480bed544aa319c","sha1":"634a78d153e11b04943b11dc66dbdedfdec9bfe0","sha256":"cb9cd1d8243ed476c6d179bc5a2b0cfdb516a466aa9e2ddc8c1d251ba2bc546b","sha512":"703911142ed075c481594560b1b64a4acc519b39f39dd990b5e6de0046001014ea105ab6041f198c39a993cd92a8d6e2d36889b40d2cf8282e65132e70baddc5","ssdeep":"","tlshash":"e8f0dc6e31003190b2d3827c5286334013002ac2e10d444059c7edbf9fe9b18cc4e6c2","first_seen":"2025-10-31T08:00:29.397097Z","last_seen":"2025-10-31T08:00:29.397097Z","times_seen":1,"resource_available":false,"data":null}},"time_used":111,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":111,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"03hao.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rszjj7.top/template/riri//css/ate.css","fqdn":"rszjj7.top","domain":"rszjj7.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","date":"2025-10-31T08:00:10.526Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rszjj7.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Oct 2025 03:29:05 GMT","end":"Wed, 07 Jan 2026 04:27:27 GMT"},"fingerprint":{"sha1":"7C:56:55:5A:84:CB:28:CD:40:32:F4:10:D6:4B:B7:D0:7A:93:3E:CE","sha256":"A9:3C:2B:F5:9B:E4:96:25:E7:DA:17:FD:33:0E:C5:77:26:2D:14:62:3C:E3:F2:E1:CB:1E:61:50:75:06:72:9C"}}},"request":{"raw":"GET /template/riri//css/ate.css HTTP/1.1\r\nHost: rszjj7.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 31 Oct 2025 08:00:10 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Tue, 03 Oct 2023 13:09:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"651c1284-13133\"\r\nexpires: Fri, 31 Oct 2025 20:00:10 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FE3ukAefWlEzrHcxVEP6DUpg1ygvracv9j3lVRZjk4kc8FseyaLg2mHdVSVaaS12RdLcXxigZl07O2fb8EliLpk6fLjgr32q\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 99719e01a83fb4f9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":78131,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"9e6e0537cae1ecd115be15e8e254afb8","sha1":"82e1c98d4c5428cd66357a9c3cf1d6b3285b8caf","sha256":"e8fd2253b7fc8fd86a3193d3619757c4a04f14a8ebeed865d00a709dd55bdda3","sha512":"aa0c613b526f72bfe97f914f9653e23cda110bcef2bd2ca7f59733c6116ce11652bcebb893659bb9d15ed12ef80b2508c16482b7017ad1a6d31770ef20c0b0d2","ssdeep":"384:QVUeaehM+vZvaeVe4vUv91e1v2D2ev1vTifiZvxvu:CUeaenvZvaeVe4vUvtv1vTifiZvxvu","tlshash":"75735e6e1991118453278a2d83de4e68673cd173182a6cee72ce5c8bcf87f6c67c9607","first_seen":"2024-01-01T16:26:13Z","last_seen":"2026-03-31T12:19:33.810223Z","times_seen":310,"resource_available":false,"data":null}},"time_used":313,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":313,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"rszjj7.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"rszjj7.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jpgjingpinx.com/upload/vod/20241023-1/3dea1dd22506b59dee2aa5895197cb24.jpg","fqdn":"jpgjingpinx.com","domain":"jpgjingpinx.com","tld":"com"},"ip":{"addr":"104.21.26.248","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","date":"2025-10-31T08:00:10.555Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jpgjingpinx.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 13:26:48 GMT","end":"Fri, 23 Jan 2026 14:23:24 GMT"},"fingerprint":{"sha1":"81:E5:A4:14:FC:3B:2F:1E:09:B0:9E:0A:D9:20:A5:91:E1:84:02:F8","sha256":"AD:03:4C:8F:61:CD:63:2E:9E:98:29:18:A0:6B:04:44:A7:A3:76:59:11:34:FB:F4:6F:E3:50:EC:2D:DA:93:E7"}}},"request":{"raw":"GET /upload/vod/20241023-1/3dea1dd22506b59dee2aa5895197cb24.jpg HTTP/1.1\r\nHost: jpgjingpinx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rszjj7.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Fri, 31 Oct 2025 08:00:11 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lBBs%2FGfQaNMypT%2Fz631LGWEv5e1P1MIP86cU7of47z6zpmbgPDBkShhm0ma4EK0Seala2bCARjvDs%2F5pBqYGQY%2FuNZD26%2BgzvnrwE%2Fy0Lg%3D%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 99719e020890120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T16:08:29.690696Z","times_seen":14235158,"resource_available":true,"data":null}},"time_used":599,"timings":{"blocked":-1,"dns":1,"connect":6,"send":0,"wait":564,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jpgjingpinx1.top/upload/vod/20250511-1/bd65979744bd9484635bc936cf83069a.png","fqdn":"jpgjingpinx1.top","domain":"jpgjingpinx1.top","tld":"top"},"ip":{"addr":"204.188.235.18","port":443,"asn":46844,"as":"SHARKTECH","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","date":"2025-10-31T08:00:11.463Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jpgjingpinx1.top","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV SSL CA 2","organization":"GoGetSSL"},"validity":{"start":"Tue, 09 Sep 2025 00:00:00 GMT","end":"Fri, 09 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C3:DB:9D:36:6B:CF:BC:20:26:A0:FD:81:4D:7E:BC:1A:D3:10:29:3E","sha256":"75:E7:41:57:8D:0F:68:3C:E2:47:83:FE:F1:B6:1B:F0:0E:66:9F:ED:99:2B:3E:6E:D6:9A:D6:4F:64:04:66:04"}}},"request":{"raw":"GET /upload/vod/20250511-1/bd65979744bd9484635bc936cf83069a.png HTTP/1.1\r\nHost: jpgjingpinx1.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rszjj7.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nContent-Length: 146\r\nContent-Type: text/html\r\nDate: Fri, 31 Oct 2025 08:00:11 GMT\r\nServer: nginx\r\nX-Cache: BYPASS, Status: 404\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T16:08:29.690696Z","times_seen":14235158,"resource_available":true,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"jpgjingpinx1.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jpgjingpinx1.top/upload/vod/20250603-1/b48cd1761aa94d3daa2926232051d74a.png","fqdn":"jpgjingpinx1.top","domain":"jpgjingpinx1.top","tld":"top"},"ip":{"addr":"204.188.235.18","port":443,"asn":46844,"as":"SHARKTECH","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","date":"2025-10-31T08:00:11.470Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jpgjingpinx1.top","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV SSL CA 2","organization":"GoGetSSL"},"validity":{"start":"Tue, 09 Sep 2025 00:00:00 GMT","end":"Fri, 09 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C3:DB:9D:36:6B:CF:BC:20:26:A0:FD:81:4D:7E:BC:1A:D3:10:29:3E","sha256":"75:E7:41:57:8D:0F:68:3C:E2:47:83:FE:F1:B6:1B:F0:0E:66:9F:ED:99:2B:3E:6E:D6:9A:D6:4F:64:04:66:04"}}},"request":{"raw":"GET /upload/vod/20250603-1/b48cd1761aa94d3daa2926232051d74a.png HTTP/1.1\r\nHost: jpgjingpinx1.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rszjj7.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nContent-Length: 146\r\nContent-Type: text/html\r\nDate: Fri, 31 Oct 2025 08:00:11 GMT\r\nServer: nginx\r\nX-Cache: BYPASS, Status: 404\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T16:08:29.690696Z","times_seen":14235158,"resource_available":true,"data":null}},"time_used":171,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":171,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"jpgjingpinx1.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rszjj7.top/template/riri//image/video-play.png","fqdn":"rszjj7.top","domain":"rszjj7.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","date":"2025-10-31T08:00:11.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rszjj7.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Oct 2025 03:29:05 GMT","end":"Wed, 07 Jan 2026 04:27:27 GMT"},"fingerprint":{"sha1":"7C:56:55:5A:84:CB:28:CD:40:32:F4:10:D6:4B:B7:D0:7A:93:3E:CE","sha256":"A9:3C:2B:F5:9B:E4:96:25:E7:DA:17:FD:33:0E:C5:77:26:2D:14:62:3C:E3:F2:E1:CB:1E:61:50:75:06:72:9C"}}},"request":{"raw":"GET /template/riri//image/video-play.png HTTP/1.1\r\nHost: rszjj7.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rszjj7.top/template/riri//css/zui.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 31 Oct 2025 08:00:11 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Tue, 03 Oct 2023 13:09:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"651c1280-61f\"\r\nexpires: Sun, 30 Nov 2025 08:00:11 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3NcJaEWpm3vo8fOuQDDVcOGSBvfr7gRhC62rZPzr1g1HhIno4Ib6jH5r5aXlNeJh1vMyBn5xLE5znHx1Q0rVFxUKeOd6U9kI\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 99719e07de0ab4f9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1567,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced","md5":"be7ca0a4a7c0317398a11162b1e09b75","sha1":"5dbe6a02524cfbf5f5111478a71f91a9259056b5","sha256":"cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4","sha512":"a738fdac66796ab0963d1455f08ae6abfbce330a962b0318975db98a8c1939b4406a39302e6bccacff8bd0f7f52fb59a41eb9b664af975719ac1f3c0a3753e6a","ssdeep":"","tlshash":"7e31d78dfd61184267ead44b28f5805b8c170980dedce69bba8fc82719201f6193a3cf","first_seen":"2023-04-05T09:54:40Z","last_seen":"2026-04-26T04:16:54.611072Z","times_seen":4270,"resource_available":false,"data":null}},"time_used":305,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":305,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"rszjj7.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"rszjj7.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rszjj7.top/static/player/dplayer/dash.all.min.js","fqdn":"rszjj7.top","domain":"rszjj7.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rszjj7.top/static/player/dplayer.html","date":"2025-10-31T08:00:11.790Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rszjj7.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Oct 2025 03:29:05 GMT","end":"Wed, 07 Jan 2026 04:27:27 GMT"},"fingerprint":{"sha1":"7C:56:55:5A:84:CB:28:CD:40:32:F4:10:D6:4B:B7:D0:7A:93:3E:CE","sha256":"A9:3C:2B:F5:9B:E4:96:25:E7:DA:17:FD:33:0E:C5:77:26:2D:14:62:3C:E3:F2:E1:CB:1E:61:50:75:06:72:9C"}}},"request":{"raw":"GET /static/player/dplayer/dash.all.min.js HTTP/1.1\r\nHost: rszjj7.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rszjj7.top/static/player/dplayer.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 31 Oct 2025 08:00:12 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Feb 2023 13:29:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"63f4c72d-8841b\"\r\nexpires: Fri, 31 Oct 2025 20:00:12 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DSZ6fJVFDbroWxX0ptPXlYvLBp%2BTY4fsfchJ4k0AF%2FDNR1%2FosktVimKuyrodirVPU%2BZlTv35wyf5HJXZ2M0zzfxZk8NAGPcw\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 99719e09afd9b4f9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":558107,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (30974)","md5":"36eaa831a1c8d4695f36dfe564c7107e","sha1":"530f059f6be2c2a8297aca9fcdca3ff6ecfd3ecd","sha256":"b074dbe302792f75d5b71e82bf47fe46f3eb377a7ec604c8146fc725a2740d6b","sha512":"ed5ae807243fae6aa470530a2d1b33a66aebd81eca03d5cb50cf5611af0ccdc83a03e01afc70d735f2a7b116661a5564f1d74a7aa8fb60a6495a17152c86d7e4","ssdeep":"6144:Rw4gB7jaBEeTm1OLWdSUnzQkaQ6mrF1InSazuQQvP4vLqBA47AGbxdUCoCy:Rw4gR8y1OLWd5dmLqThod","tlshash":"dac408887681f492428754b2c47f150bb135dcaee408a864ebd5e9d03d789ae237bf3d","first_seen":"2023-03-10T10:42:10Z","last_seen":"2026-04-26T12:44:43.095504Z","times_seen":1958,"resource_available":true,"data":null}},"time_used":749,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":309,"receive":440,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"rszjj7.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"rszjj7.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"union.dplayerstatic.com/html/prestrain.html","fqdn":"union.dplayerstatic.com","domain":"dplayerstatic.com","tld":"com"},"ip":{"addr":"134.122.187.241","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","date":"2025-10-31T08:00:13.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.dplayerstatic.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Sep 2025 07:09:31 GMT","end":"Tue, 09 Dec 2025 07:09:30 GMT"},"fingerprint":{"sha1":"05:B9:BD:67:A3:DB:40:2B:D2:64:6A:9C:E9:51:4B:34:F7:89:73:A4","sha256":"52:B5:43:A8:21:7F:72:55:42:9F:3C:92:A8:30:F2:E0:70:2C:B4:8F:60:81:4D:82:B1:E7:86:54:3A:68:7F:B4"}}},"request":{"raw":"GET /html/prestrain.html HTTP/1.1\r\nHost: union.dplayerstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rszjj7.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Encoding: gzip\r\nContent-Type: text/html; charset=utf-8\r\nDate: Fri, 31 Oct 2025 07:27:45 GMT\r\nEtag: W/\"686fd0c2-c8c\"\r\nLast-Modified: Fri, 31 Oct 2025 07:29:02 GMT\r\nServer: nginx\r\nVary: Accept-Encoding\r\nX-Cache: HIT, policy, memory\r\nTransfer-Encoding: chunked\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3212,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2677)","md5":"d58ddc697c6f3a91d9b41ca0dd1bc8c7","sha1":"911afaa695efc4e215d87007ebe9d607fb46f4b4","sha256":"6cba23e34fda0664c0e09eacb9d7bf72e27f10a3ee61196c7a14589ba481c34f","sha512":"09828fe9190152edcf6b8a4b09e4a56a1a9e6d2078d00f39a0a623f4bffface6501f2b5519e743a6ceade7d6bdbb76d1889113d6b05e07a499a45819722f4696","ssdeep":"","tlshash":"2c615c3613896439ee132b5fe014b46e5ee27457dd821dcce8951f333d5a1103a217e0","first_seen":"2023-07-30T12:19:09Z","last_seen":"2026-03-22T19:34:02.932922Z","times_seen":415,"resource_available":false,"data":null}},"time_used":2815,"timings":{"blocked":1244,"dns":582,"connect":326,"send":0,"wait":326,"receive":1,"ssl":332},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"union.dplayerstatic.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"voddadaizi.com:52866/videos/202502/15/67b05d12846149d7bc56f6a2/cover.jpg","fqdn":"voddadaizi.com","domain":"voddadaizi.com","tld":"com"},"ip":{"addr":"173.249.235.92","port":52866,"asn":11878,"as":"TZULO","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","date":"2025-10-31T08:00:10.541Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.voddadaizi.com","organization":""},"issuer":{"commonName":"SSL.com TLS Issuing RSA CA R1","organization":"SSL Corporation"},"validity":{"start":"Thu, 19 Dec 2024 14:27:34 GMT","end":"Mon, 19 Jan 2026 14:27:34 GMT"},"fingerprint":{"sha1":"64:02:2F:72:F0:81:42:AD:15:56:E4:0D:51:FE:F3:68:13:04:9F:B1","sha256":"B8:52:F2:62:4D:7D:DF:D0:D7:34:6F:0D:66:D9:D9:1A:FC:B5:B4:36:A6:70:18:3C:D5:E3:32:5B:CC:D1:FD:A6"}}},"request":{"raw":"GET /videos/202502/15/67b05d12846149d7bc56f6a2/cover.jpg HTTP/1.1\r\nHost: voddadaizi.com:52866\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rszjj7.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 31 Oct 2025 08:00:11 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 25855\r\ncross-origin-opener-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\ncache-control: public, max-age=31536000\r\nlast-modified: Sat, 15 Feb 2025 09:23:10 GMT\r\netag: W/\"64ff-19508eb421a\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":25855,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"Generated by Snipaste\", baseline, precision 8, 285x402, components 3","md5":"8618466b2872023b10367eae4837c5d5","sha1":"b3c3030be3da3800999ff637fbebb80c932678e9","sha256":"439c52023ecf33e48c03c558e79dcf435d647b614b6aed52410853ba8b2d8729","sha512":"6b1af40749ab5d237a71551aa4d40a8c0d6e4d7e224d996a6c275bbaa410b4a015fc18e94dc16d322c8757c29ef1df8b7727928d8843ddcaf51975dfa4ec7e3d","ssdeep":"768:igtcXMp+R1vHlefag5WeGYfHQ0edyMC8V0ymLrUs3Mc:igtKMp+Ze/5BJ1cC8V1mLYo","tlshash":"91c2e071ebf8d3e8920c8ac98536874139152da6f488ff020c05df56e01b2ac6f8e78d","first_seen":"2025-10-31T08:00:29.401671Z","last_seen":"2025-11-25T15:21:55.366483Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1757,"timings":{"blocked":706,"dns":10,"connect":144,"send":0,"wait":287,"receive":37,"ssl":568},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jpgjingpinx1.top/upload/vod/20250511-1/bd65979744bd9484635bc936cf83069a.png","fqdn":"jpgjingpinx1.top","domain":"jpgjingpinx1.top","tld":"top"},"ip":{"addr":"204.188.235.18","port":443,"asn":46844,"as":"SHARKTECH","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","date":"2025-10-31T08:00:10.545Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jpgjingpinx1.top","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV SSL CA 2","organization":"GoGetSSL"},"validity":{"start":"Tue, 09 Sep 2025 00:00:00 GMT","end":"Fri, 09 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C3:DB:9D:36:6B:CF:BC:20:26:A0:FD:81:4D:7E:BC:1A:D3:10:29:3E","sha256":"75:E7:41:57:8D:0F:68:3C:E2:47:83:FE:F1:B6:1B:F0:0E:66:9F:ED:99:2B:3E:6E:D6:9A:D6:4F:64:04:66:04"}}},"request":{"raw":"GET /upload/vod/20250511-1/bd65979744bd9484635bc936cf83069a.png HTTP/1.1\r\nHost: jpgjingpinx1.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rszjj7.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nContent-Length: 146\r\nContent-Type: text/html\r\nDate: Fri, 31 Oct 2025 08:00:10 GMT\r\nServer: nginx\r\nX-Cache: BYPASS, Status: 404\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T16:08:29.690696Z","times_seen":14235158,"resource_available":true,"data":null}},"time_used":554,"timings":{"blocked":235,"dns":0,"connect":0,"send":0,"wait":172,"receive":0,"ssl":147},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"jpgjingpinx1.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"voddadaizi.com:52866/videos/202502/15/67b018dfdb8c77d79bb4a56d/cover.jpg","fqdn":"voddadaizi.com","domain":"voddadaizi.com","tld":"com"},"ip":{"addr":"173.249.235.92","port":52866,"asn":11878,"as":"TZULO","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","date":"2025-10-31T08:00:10.551Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.voddadaizi.com","organization":""},"issuer":{"commonName":"SSL.com TLS Issuing RSA CA R1","organization":"SSL Corporation"},"validity":{"start":"Thu, 19 Dec 2024 14:27:34 GMT","end":"Mon, 19 Jan 2026 14:27:34 GMT"},"fingerprint":{"sha1":"64:02:2F:72:F0:81:42:AD:15:56:E4:0D:51:FE:F3:68:13:04:9F:B1","sha256":"B8:52:F2:62:4D:7D:DF:D0:D7:34:6F:0D:66:D9:D9:1A:FC:B5:B4:36:A6:70:18:3C:D5:E3:32:5B:CC:D1:FD:A6"}}},"request":{"raw":"GET /videos/202502/15/67b018dfdb8c77d79bb4a56d/cover.jpg HTTP/1.1\r\nHost: voddadaizi.com:52866\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rszjj7.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 31 Oct 2025 08:00:11 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 25772\r\ncross-origin-opener-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\ncache-control: public, max-age=31536000\r\nlast-modified: Sat, 15 Feb 2025 04:32:17 GMT\r\netag: W/\"64ac-19507e0f11b\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":25772,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"Generated by Snipaste\", baseline, precision 8, 286x401, components 3","md5":"041dec5c26032e62a41020713a87d78b","sha1":"f29a08ce26c05566e71a57490a69172ff6558d57","sha256":"81f1a9cba07ce1ed184a9603e22f9803b50283c0f7b479f59c7153d31ce73200","sha512":"b163b9b4c934c51268dcd0a9fb4ab3940d4cc709ab0fbc18523bd690d4cd611cafbb3d57da0260afbca6a6b8312a49a1686e8e3cbb17b0d5b494275691229a6c","ssdeep":"768:yDzrxEMWEVV8ywAYM1ZUkU0B6IYcrmqD/ie:yDzVEMWEzn73+UHbie","tlshash":"4ac2e14196065527cbad5d231cae133beeec02683dc0e9b690707dd379d466167827d8","first_seen":"2025-10-18T02:21:53.62226Z","last_seen":"2025-11-09T13:18:30.559893Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1301,"timings":{"blocked":-1,"dns":7,"connect":148,"send":0,"wait":441,"receive":32,"ssl":660},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jpgjingpinx.com/upload/vod/20240208-1/61e083a54d50e0d2b5480353686738a2.jpg","fqdn":"jpgjingpinx.com","domain":"jpgjingpinx.com","tld":"com"},"ip":{"addr":"104.21.26.248","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","date":"2025-10-31T08:00:10.553Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jpgjingpinx.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 13:26:48 GMT","end":"Fri, 23 Jan 2026 14:23:24 GMT"},"fingerprint":{"sha1":"81:E5:A4:14:FC:3B:2F:1E:09:B0:9E:0A:D9:20:A5:91:E1:84:02:F8","sha256":"AD:03:4C:8F:61:CD:63:2E:9E:98:29:18:A0:6B:04:44:A7:A3:76:59:11:34:FB:F4:6F:E3:50:EC:2D:DA:93:E7"}}},"request":{"raw":"GET /upload/vod/20240208-1/61e083a54d50e0d2b5480353686738a2.jpg HTTP/1.1\r\nHost: jpgjingpinx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rszjj7.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Fri, 31 Oct 2025 08:00:11 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wRXewuPuNbudzO%2FC6eJEy4ixjJST6oOePmaQ4sLlVrTa%2BSX4gzEFqza6u9SpnbLwjkdjk7ZNNx132yLpE1eCLII8wT%2B2CjEs%2Fy2SERGIrQ%3D%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 99719e020888120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T16:08:29.690696Z","times_seen":14235158,"resource_available":true,"data":null}},"time_used":575,"timings":{"blocked":-1,"dns":5,"connect":1,"send":0,"wait":537,"receive":0,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rszjj7.top/static/player/dplayer/hls.min.js","fqdn":"rszjj7.top","domain":"rszjj7.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rszjj7.top/static/player/dplayer.html","date":"2025-10-31T08:00:11.789Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rszjj7.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Oct 2025 03:29:05 GMT","end":"Wed, 07 Jan 2026 04:27:27 GMT"},"fingerprint":{"sha1":"7C:56:55:5A:84:CB:28:CD:40:32:F4:10:D6:4B:B7:D0:7A:93:3E:CE","sha256":"A9:3C:2B:F5:9B:E4:96:25:E7:DA:17:FD:33:0E:C5:77:26:2D:14:62:3C:E3:F2:E1:CB:1E:61:50:75:06:72:9C"}}},"request":{"raw":"GET /static/player/dplayer/hls.min.js HTTP/1.1\r\nHost: rszjj7.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rszjj7.top/static/player/dplayer.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 31 Oct 2025 08:00:12 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Feb 2023 13:29:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"63f4c72d-3aff0\"\r\nexpires: Fri, 31 Oct 2025 20:00:12 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8BsEi8YeXM4ZqYQXm0TMVgCE7DKNKEvDxNlogvb5I%2BrH1IW2asoyjanlSwMZ%2B3xdbBNKyYiK%2Fa2PmZjazudXf8LA9710h4tZ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 99719e09afd8b4f9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":241648,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65533), with no line terminators","md5":"6cfa29933ba9ba506ea73e084de951b9","sha1":"30004f2da2e1e06f671eb2bfda00f8bcbe69b47b","sha256":"0d925ef64b764ee2d8e362ebec98668e5fd09887ec0fb70bd82d121097c40d7c","sha512":"5e7b2ea8fd8b8edca2554f5423cde03bcc8934fb03904259baba2bb9e51ae98af837877ea0223016c71660bbb418543667ecfdfc1b4831d513d57a4ff886915e","ssdeep":"3072:pI5L1S8HY5x1kVQ5ToDOzBPCB2baeBSZ3yg:pI5xSCY31O2oDO15tS","tlshash":"53341c9db661706543c3a1a5803f061a7236b92e7409c1fcfa6bd5f61cb885e603bf78","first_seen":"2023-03-07T14:15:35Z","last_seen":"2026-04-26T16:03:48.171561Z","times_seen":14380,"resource_available":true,"data":null}},"time_used":592,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":305,"receive":287,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"rszjj7.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"rszjj7.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rszjj7.top/static/js/home.js","fqdn":"rszjj7.top","domain":"rszjj7.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","date":"2025-10-31T08:00:10.533Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rszjj7.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Oct 2025 03:29:05 GMT","end":"Wed, 07 Jan 2026 04:27:27 GMT"},"fingerprint":{"sha1":"7C:56:55:5A:84:CB:28:CD:40:32:F4:10:D6:4B:B7:D0:7A:93:3E:CE","sha256":"A9:3C:2B:F5:9B:E4:96:25:E7:DA:17:FD:33:0E:C5:77:26:2D:14:62:3C:E3:F2:E1:CB:1E:61:50:75:06:72:9C"}}},"request":{"raw":"GET /static/js/home.js HTTP/1.1\r\nHost: rszjj7.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 31 Oct 2025 08:00:10 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 24 Aug 2021 06:28:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61249190-95a5\"\r\nexpires: Fri, 31 Oct 2025 20:00:10 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=b43u3C6AEou0JsDEvyKwwMYWgzaUu8esVj3EQBQRgEXbmH%2FFGeI3PVeCs7OjimqoMOO8BLPu6kFc3qlUJRSOn1lnRyFm%2FG8C\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 99719e01b846b4f9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":38309,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2677)","md5":"97e311d35a4aa0ba09575a8dc989660b","sha1":"8166b5f8ba52aa57ab23321a8ddc8d0118f1e590","sha256":"1a52c16e5a7fc905630d52185ca457108cb0a65a4567cf6157709c1c5eceb311","sha512":"d3f4e4ef8af316fd4207a6db03e856917d5124263104ba9ebf0db1be151ce65172d26b6338d24553df9fe65b828e2a452a39bde7d1144a875c20bd5e28da9db8","ssdeep":"768:hR0cTTu8eMbZLbhpa6a/b7z9SsbhbeA5gr9GiSo5E7Iw4TQv5:hRZXde96oRiG5","tlshash":"ae03a45d7af3142050b3317a4fbf69082276815f190ddd88fe2d11a48fc4a4eba66bbd","first_seen":"2023-03-07T01:18:35Z","last_seen":"2026-04-26T14:58:07.317919Z","times_seen":5701,"resource_available":true,"data":null}},"time_used":315,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":315,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"rszjj7.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"rszjj7.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jpgjingpinx1.top/upload/vod/20250603-1/b48cd1761aa94d3daa2926232051d74a.png","fqdn":"jpgjingpinx1.top","domain":"jpgjingpinx1.top","tld":"top"},"ip":{"addr":"204.188.235.18","port":443,"asn":46844,"as":"SHARKTECH","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","date":"2025-10-31T08:00:10.547Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jpgjingpinx1.top","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV SSL CA 2","organization":"GoGetSSL"},"validity":{"start":"Tue, 09 Sep 2025 00:00:00 GMT","end":"Fri, 09 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C3:DB:9D:36:6B:CF:BC:20:26:A0:FD:81:4D:7E:BC:1A:D3:10:29:3E","sha256":"75:E7:41:57:8D:0F:68:3C:E2:47:83:FE:F1:B6:1B:F0:0E:66:9F:ED:99:2B:3E:6E:D6:9A:D6:4F:64:04:66:04"}}},"request":{"raw":"GET /upload/vod/20250603-1/b48cd1761aa94d3daa2926232051d74a.png HTTP/1.1\r\nHost: jpgjingpinx1.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rszjj7.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nContent-Length: 146\r\nContent-Type: text/html\r\nDate: Fri, 31 Oct 2025 08:00:10 GMT\r\nServer: nginx\r\nX-Cache: BYPASS, Status: 404\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T16:08:29.690696Z","times_seen":14235158,"resource_available":true,"data":null}},"time_used":428,"timings":{"blocked":-1,"dns":0,"connect":110,"send":0,"wait":173,"receive":0,"ssl":144},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"jpgjingpinx1.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rszjj7.top/static/player/dplayer.html","fqdn":"rszjj7.top","domain":"rszjj7.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","date":"2025-10-31T08:00:11.454Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rszjj7.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Oct 2025 03:29:05 GMT","end":"Wed, 07 Jan 2026 04:27:27 GMT"},"fingerprint":{"sha1":"7C:56:55:5A:84:CB:28:CD:40:32:F4:10:D6:4B:B7:D0:7A:93:3E:CE","sha256":"A9:3C:2B:F5:9B:E4:96:25:E7:DA:17:FD:33:0E:C5:77:26:2D:14:62:3C:E3:F2:E1:CB:1E:61:50:75:06:72:9C"}}},"request":{"raw":"GET /static/player/dplayer.html HTTP/1.1\r\nHost: rszjj7.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 31 Oct 2025 08:00:11 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Feb 2023 13:29:17 GMT\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=le5npMY3d8SDaDCVuUFp6%2Ben9HrhAaqrEZqoxardDp58ASAOK8j6KUd%2BvsNcSEsr9vAvVFdFVftL9ARpiVcnYy1sX85SH9kI\"}]}\r\ncontent-encoding: br\r\ncf-ray: 99719e079dcfb4f9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2049,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"a55ae5dd1e2ff3d69117fa106380c48f","sha1":"dba6cc334a506c721e281d0930c7341af2411f25","sha256":"40873a4ab328694c84b546a66d5ff59f6fdcd14c11b1dc198047072e88fda0a1","sha512":"ffb584144fac36c544b422dcc6fb1488a4063f1434ed9092ccc7749a56a1f0da08fcda2d0840fcfd7f9ba5f1ea336eb9ff51301ad528b4587501ce56234794e2","ssdeep":"","tlshash":"7741f21e6c4ad421d8112ac0e5fe4444f036c2036716de14f59dbd6d8f8c79e4eaa2f8","first_seen":"2023-07-22T06:57:35Z","last_seen":"2026-04-26T12:44:43.119364Z","times_seen":1509,"resource_available":false,"data":null}},"time_used":313,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":313,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"rszjj7.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"rszjj7.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jpgjingpinx.com/upload/vod/20241023-1/3dea1dd22506b59dee2aa5895197cb24.jpg","fqdn":"jpgjingpinx.com","domain":"jpgjingpinx.com","tld":"com"},"ip":{"addr":"104.21.26.248","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","date":"2025-10-31T08:00:11.476Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jpgjingpinx.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 13:26:48 GMT","end":"Fri, 23 Jan 2026 14:23:24 GMT"},"fingerprint":{"sha1":"81:E5:A4:14:FC:3B:2F:1E:09:B0:9E:0A:D9:20:A5:91:E1:84:02:F8","sha256":"AD:03:4C:8F:61:CD:63:2E:9E:98:29:18:A0:6B:04:44:A7:A3:76:59:11:34:FB:F4:6F:E3:50:EC:2D:DA:93:E7"}}},"request":{"raw":"GET /upload/vod/20241023-1/3dea1dd22506b59dee2aa5895197cb24.jpg HTTP/1.1\r\nHost: jpgjingpinx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rszjj7.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Fri, 31 Oct 2025 08:00:11 GMT\r\ncontent-type: text/html\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IEsTGJOhJQAc%2Fjv5CSJxivOyFT8NJ20sG12l7oe8BmuCPjSWnBV74Xf6RtL%2Bmhc%2FsGz7wtXCV5k1GMXQcU0myRTB0w%2BqVlnM1r5q6fvRwQ%3D%3D\"}]}\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 99719e07ab753181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T16:08:29.690696Z","times_seen":14235158,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rszjj7.top/static/js/jquery.js","fqdn":"rszjj7.top","domain":"rszjj7.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","date":"2025-10-31T08:00:10.531Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rszjj7.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Oct 2025 03:29:05 GMT","end":"Wed, 07 Jan 2026 04:27:27 GMT"},"fingerprint":{"sha1":"7C:56:55:5A:84:CB:28:CD:40:32:F4:10:D6:4B:B7:D0:7A:93:3E:CE","sha256":"A9:3C:2B:F5:9B:E4:96:25:E7:DA:17:FD:33:0E:C5:77:26:2D:14:62:3C:E3:F2:E1:CB:1E:61:50:75:06:72:9C"}}},"request":{"raw":"GET /static/js/jquery.js HTTP/1.1\r\nHost: rszjj7.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 31 Oct 2025 08:00:10 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Feb 2023 13:29:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"63f4c72d-169d5\"\r\nexpires: Fri, 31 Oct 2025 20:00:10 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=otAybzIFJJipO4A%2B5sd32H4TyTPWwDhmfABI%2FCaulfnop0R5cxb%2BEmB75XLzDh9bSTb0B2Tm8%2FZdFLByBIJhVOXRsVVmUMeR\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 99719e01b844b4f9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":92629,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32089)","md5":"397754ba49e9e0cf4e7c190da78dda05","sha1":"ae49e56999d82802727455f0ba83b63acd90a22b","sha256":"c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4","sha512":"8c64754f77507ab2c24a6fc818419b9dd3f0ceccc9065290e41afdbee0743f0da2cb13b2fbb00afa525c082f1e697cb3ffd76ef9b902cb81d7c41ca1c641dffb","ssdeep":"1536:dnu00HWWaRxkqJg09pYxoxDKMXJrg8hXXO4dK3kyfiLJBhdSZE+I+Qg7rbaN1RUx:ddkWgoBhcZRQgmW42qe","tlshash":"8c932bdd72d2b03257ab30bd106f540ff2361959280d8850f268d8f9bc79a49a277f6d","first_seen":"2023-03-07T01:02:08Z","last_seen":"2026-04-26T16:03:48.093703Z","times_seen":63074,"resource_available":true,"data":null}},"time_used":459,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":316,"receive":143,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"rszjj7.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"rszjj7.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rszjj7.top/static/js/playerconfig.js?t=20251031","fqdn":"rszjj7.top","domain":"rszjj7.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html","date":"2025-10-31T08:00:10.539Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rszjj7.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Oct 2025 03:29:05 GMT","end":"Wed, 07 Jan 2026 04:27:27 GMT"},"fingerprint":{"sha1":"7C:56:55:5A:84:CB:28:CD:40:32:F4:10:D6:4B:B7:D0:7A:93:3E:CE","sha256":"A9:3C:2B:F5:9B:E4:96:25:E7:DA:17:FD:33:0E:C5:77:26:2D:14:62:3C:E3:F2:E1:CB:1E:61:50:75:06:72:9C"}}},"request":{"raw":"GET /static/js/playerconfig.js?t=20251031 HTTP/1.1\r\nHost: rszjj7.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rszjj7.top/index.php/vod/play/id/18841/sid/1/nid/1.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 31 Oct 2025 08:00:10 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 03 Dec 2024 05:19:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"674e94d5-5dc\"\r\nexpires: Fri, 31 Oct 2025 20:00:10 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QpIEcI%2BT9J7XRY7ajjKc7gd48y%2Blb7oNVHxxbKkDKTxYHguUq0WZhC8xFW%2FyfHa1S3ddW6%2F4a8r0Fazw4kWLPOft7h8vO2DN\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 99719e01b84db4f9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1500,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (993), with CRLF, LF line terminators","md5":"1506aa16a0b3d33e84f121bf4748d486","sha1":"3273701e98ed27468c9acf93ebcf729aba844159","sha256":"ce384574d2220f523882539f255e49278c3569fb524bd7cfc9c9826fb4a479d5","sha512":"9362bef6693b7ac71ae0ea5bb206b230410da83b92c0c5f2f0d57d978abacebb0ac18b915f2bb14d5e4cbecedc3e0860c9a33c127fc3758755a1b5a92fefd4b8","ssdeep":"","tlshash":"b831fe2b8b5a1835c3f760f5ddd42f520adf1b78b191ced92d26bc782aec12aa604059","first_seen":"2023-10-29T11:44:17Z","last_seen":"2025-11-29T04:57:38.908336Z","times_seen":36,"resource_available":true,"data":null}},"time_used":311,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":311,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"rszjj7.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"rszjj7.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}