{"report_id":"ec571369-e782-4e7b-b64b-542b96f52bf1","version":6,"status":"done","tags":[],"date":"2026-03-07T12:51:50Z","url":{"schema":"http","addr":"ypcyy.com","fqdn":"ypcyy.com","domain":"ypcyy.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":0,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"ypcyy.com/pc.html","fqdn":"ypcyy.com","domain":"ypcyy.com","tld":"com"},"title":"Shopify","dom":{"size":364610,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (10675), with CRLF, LF line terminators","md5":"3c6839584c4aad3718c34ef1a0b3e1de","sha1":"a3b31af35bf8296c898f9716b35bed2ae5c3c60f","sha256":"5731b082e109601fa881c871d54c8269278d154b4daef757cabfd6bfecf4e9b7","sha512":"33a3e7e1ce035a4ad9c46be951fc4820b0e78ff1e7d2edd37f474ae5e2f5cb083768081c664be59f596a8a98148baaff7ba772798820337c1bac28fbca036511","ssdeep":"6144:nKFMS/bArr7fnFS78dltYFrVnxcV5AoffelhF:PS/bAr3nk78dltYFrVnyV5AoffelhF","tlshash":"01749752728c1029f53bc553d0c06678f5daf61ac6124a9dee22373a8ff63d326a931d","dom_hash":"domhashed7a3edf538016842bea9de729cb5c6d","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"ypcyy.com","fqdn":"ypcyy.com","domain":"ypcyy.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":0,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-11T12:51:50Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-07","alert":"Phishing Block","trigger":"ypcyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"ypcyy.com","ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"domain_registered":"2019-07-23","domain_rank":0,"first_seen":"2026-03-07T12:51:52.743066Z","last_seen":"2026-03-07T12:51:52.743066Z","alert_count":72,"request_count":18,"received_data":2120745,"sent_data":8535,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.dcloud.net.cn","ip":{"addr":"111.231.169.247","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"domain_registered":"2013-07-17","domain_rank":296858,"first_seen":"2018-09-15T09:18:08Z","last_seen":"2026-03-04T18:52:40.619563Z","alert_count":0,"request_count":1,"received_data":579,"sent_data":440,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"ayyvv.piaob.com","ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"domain_registered":"2020-06-06","domain_rank":0,"first_seen":"2026-03-05T22:30:18.678541Z","last_seen":"2026-03-05T22:30:18.678541Z","alert_count":0,"request_count":24,"received_data":35636,"sent_data":13107,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"ypcyy.com/h5/static/js/pages-tabBar-home~pages-tabBar-my~pagesB-distribution-income~pagesB-my-feedback~pagesB-setting-userI~520e68bb.25827f3e.js","fqdn":"ypcyy.com","domain":"ypcyy.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"573bbf73ff7bce69073c74002af7c770","sha1":"1fad51e27301a43a882986127e1e7b972df25578","sha256":"e9edcd49a2d604123573d6a1594522a35d16008d7e273e1a2556b3a49656035a","sha512":"2f8550e2d556cfd43fccd4fb73e3181dbb8ff58e2ddee989903823e3d9e1ac4842ee9ea41bf8bbaf3d113616a488a0ce1d31819d1af8cdc4f2eee1cadc36baa6","ssdeep":"192:kHErNq1WSORYs5vqqY++VcvVk+8ym/roEWsRs6wPjHRS6Pa+0eollroEWsRs6e:kHErNpPRttqkMSkJym/kET4k6KkETc","tlshash":"6c62f814f48f78250de3401924bb1b0c923a6e5da83a6485fbe599fecdf5bcd114bb28","size":15907,"data":"","first_seen":"2026-03-05T22:30:26.144637Z","last_seen":"2026-04-27T14:48:12.865124Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ypcyy.com/h5/static/js/pages-tabBar-cart~pages-tabBar-find~pages-tabBar-home~pages-tabBar-my~pagesB-comment-addGoodsComment~ecf31bf2.da0a11cf.js","fqdn":"ypcyy.com","domain":"ypcyy.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"7a11436cd5564586942f9dcbbba83ece","sha1":"d697d85d00c5ed8be45212b6ec0ff1d591f77fa3","sha256":"ef14b266904acb32995ea4aeec6962fcaab03fd3eb3e3fd8ea545090e60000e7","sha512":"3e56125d20c53f43106dcdb5f0f160b5d8e892bb3f187a94cb8370ba63aaa9cebb2233da1d9fc84f8316e01576dbe7fc66160f21ed75f475f983955c4eb86654","ssdeep":"1536:9F+LG7sYId0FHoMqu7NdEAaM2Ol51hwJX2RcJZHYpN7xCIx/+eJF4cL3nnisGQay:9ML0sp0NVr7fnaMj51hwJX2RcJZHYpNJ","tlshash":"b643f9e6e10c1cd13f7bc88f6340235f6549ff66d8968cc8f166564c8ce27a121a9b3a","size":56622,"data":"","first_seen":"2026-03-05T22:30:26.133011Z","last_seen":"2026-04-27T14:48:12.844126Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ypcyy.com/h5/static/js/pages-tabBar-find~pages-tabBar-home~pages-tabBar-my~pagesC-goods-categoryGoods~pagesC-goods-goodsDet~a6f50aa2.72046e76.js","fqdn":"ypcyy.com","domain":"ypcyy.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"6f55c3d300f2edbfede2c0a69f4f6cc0","sha1":"1b1bfd2b64c7ef9eccacc40dc0abe387c59cdb95","sha256":"1e350c7a65d4de3949350741e2cce8d9fa15c06fdd3667d1076e1c09a98caa44","sha512":"34b2cd1c0d1dc3b0f63d1d00b9fec935863d328e006e432f8cd55df40d505143797f7cf30b795186be60589ab8d0213b5b32c1d85921b44bba75ca2cf5b72b89","ssdeep":"768:Iu6NXMCEGJzJG7I+89x8906olCAGbG4a+0MU/FeGO3KkXK+6ff7ayXBqpz:LyPEGfGk+89xio4AGbG5GTGO3KzBq","tlshash":"47d2d616f18f781a1d538408246b970ce276396ca826e180dbf0aafd8cf5bcf1527f58","size":30848,"data":"","first_seen":"2026-03-05T22:30:26.140535Z","last_seen":"2026-04-27T14:48:12.79588Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ypcyy.com/pc.html","fqdn":"ypcyy.com","domain":"ypcyy.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"6b73ce8eb474188cb73f79502553776f","sha1":"0f762034a38b9ce3687d01799154a7633e8f089a","sha256":"bc51bf1641ecce056bc1c60822b667f66a8894cf486f05b71550a5c8abae231b","sha512":"6102496e3963a53c4f122cd7d6d48887b73ff811329fc0a0938fefb194fe57fd1bc6ea40ecb4d05442ddba6b0cd0f0a74c60aad4a2b5ccdf9342a7eb12722ac3","ssdeep":"","tlshash":"ead0a71c9593814781673c5a59da200910a2407b1c2949007d0cde849fa7135425fa6e","size":252,"data":"","first_seen":"2025-06-29T21:27:13.209678Z","last_seen":"2026-04-27T14:48:12.868739Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ypcyy.com/h5/static/js/chunk-vendors.57d402ed.js","fqdn":"ypcyy.com","domain":"ypcyy.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"999d224b01d54e422fbd9aca67d13e9b","sha1":"5ecf8aacea3189316be4a828b295424c5b99665a","sha256":"669cc077e15fd3a6eb3cfd6a99905d87bbd43d60f09663ec5c493b7a61c6c0e7","sha512":"e945cb622e7c24a8c7739969bf828333827f592767db037a8d7fdf2295d2d5e455200cac18cbc87ef60f45198fea6cbb51dd6372279bb9ed1c5580ec707737e8","ssdeep":"6144:wI+n9WCHQmqzifgpPjXxhzqiZckyUp6IBpggYTq5V61Q3sqGhJqfY1:SnW7zi+4knrgVq5g1Jqfg","tlshash":"41f4089cb281b0a607e760f5003f220ba13b6968b40ae4d5f2b5e5d56e7dd8e5127f3c","size":774425,"data":"","first_seen":"2026-03-05T22:30:26.086649Z","last_seen":"2026-04-27T14:48:12.734344Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ypcyy.com/h5/static/js/index.1afc00c7.js","fqdn":"ypcyy.com","domain":"ypcyy.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"cd7127cfe3d4365c0ff2068292937c83","sha1":"cf43e754b0428a55aa46a55f4b77af9dc6dcf184","sha256":"3e890d8eb654da847c63638e98cebffd653338d4dfd1701238faf4dbb660c19d","sha512":"493db314b3f72cfab03b47e3ab77974dbe00e53d832a3dc6a37808180a16b4bc68494ebbf7d4cddd34e68ab473696df589955d43a571f7f38c54efe917bbaf6c","ssdeep":"24576:EN9ElNbpNUEHcqmJ7K05U7K0yixpdX8rCNvrqmGZ:HlMs0K7K0yixpdX82M","tlshash":"5a258d6364c966fe35475607f05b3a0421b22f9ef686fad8a4f2f4181adc3868133f65","size":973633,"data":"","first_seen":"2026-03-05T22:30:26.14347Z","last_seen":"2026-04-27T14:48:12.857282Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ypcyy.com/h5/static/js/pages-tabBar-home.a617c143.js","fqdn":"ypcyy.com","domain":"ypcyy.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"97d9ff52de1a7eb65992d23c78143e0e","sha1":"3222384eddd52fc60f687f63585da1baeaa8fc08","sha256":"8aae6152b8b2abd5bd9bf18417d49c67d8972916f92a14ad70f79ea12ecca282","sha512":"184c7b46b6c4025a7571fbd08a6254c36b89f18dfb8d6a03314664b8c21da9f476985970b39414c37307f2be9caf6dff758dbdee2beb479a60a4562f70c1b8f9","ssdeep":"1536:FGnVpSvCw0GVGqfV3FUGGXGqDGrGwGpKGEUM1hG9:FCDw0opfV1xq/DGJ8KhUM1hK","tlshash":"4be30382b7cd201cd937cf6384ca21b8f6fb352a95016486dd523b668fb27c7326952d","size":151006,"data":"","first_seen":"2026-03-05T22:30:26.126184Z","last_seen":"2026-04-27T14:48:12.784106Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"3d5272693eb411e5b8b13a243f76c720","sha1":"6a586ab8e0a4bf12bbc60eea6ca9f2418625a22c","sha256":"9582f31f9eb892b8823a780e579d464d54e26d97d65dc327d2b2bdd92d47c4b8","sha512":"03fc5614f48fc9a2e3c4a30626fdbacde74c1fda09ffa9d1cde0393d31cd5fe1588e270c241f4cedb473c6e5cc224ff16c141468a29519ea6159accf3e3a18f1","ssdeep":"","tlshash":"a4c08c8350e2080c8210861b848880050b8808b04f9308a22cd85b7ecc9ae88c8f804c","size":148,"data":"","first_seen":"2023-03-07T01:10:06Z","last_seen":"2026-06-07T08:18:02.151537Z","times_seen":15899,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"ayyvv.piaob.com/api/Config/getShowConfig?lang=vnm\u0026?t=1772887891890","fqdn":"ayyvv.piaob.com","domain":"piaob.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ypcyy.com/index.html","date":"2026-03-07T12:51:32.894Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pkpk66.piaob.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 10:45:53 GMT","end":"Sat, 11 Apr 2026 10:45:52 GMT"},"fingerprint":{"sha1":"7F:DD:A7:40:50:71:F0:38:03:24:6B:ED:AE:66:F8:E4:4D:78:53:4F","sha256":"9B:71:B9:3D:83:AE:50:9F:8C:18:B2:21:54:7B:1E:5B:BC:91:50:04:B5:0E:E7:94:4F:C4:DA:47:D1:1C:74:BC"}}},"request":{"raw":"POST /api/Config/getShowConfig?lang=vnm\u0026?t=1772887891890 HTTP/1.1\r\nHost: ayyvv.piaob.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json;charset=utf-8\r\nContent-Length: 91\r\nOrigin: https://ypcyy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ypcyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":91,"data":"{\"api_token\":\"e4edb4425dd5c3c01036abc753ce91d9\",\"client_id\":1,\"token\":\"\",\"device_token\":\"\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:32 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":549,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"238543158867d689175e417f51a5b468","sha1":"d9f7e979d5bda0c0ddf6809ebd4eb1f7f9ff558b","sha256":"eb4f4a3b03d561052ec60416689b72a11bfd7da8644eeb3d5f66e7341ea64167","sha512":"138aa047ce53b88aeb8cd05569ba9b19348dcbcdea25e6b421412a8770ca3ed70177da76a935cb771ba23c0189383688ee95dbb625ec6d3b14c0528c524da281","ssdeep":"","tlshash":"bff0595d780a3e3e142fb6945daf062e61852c4412d7cdbb00a1cddc3f40801e32acbe","first_seen":"2025-06-29T21:27:13.206321Z","last_seen":"2026-04-27T14:48:12.82803Z","times_seen":13,"resource_available":false,"data":null}},"time_used":269,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":269,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ayyvv.piaob.com/api/Raffle/getPluginInfo?lang=vnm\u0026?t=1772887892172","fqdn":"ayyvv.piaob.com","domain":"piaob.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ypcyy.com/index.html","date":"2026-03-07T12:51:32.901Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pkpk66.piaob.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 10:45:53 GMT","end":"Sat, 11 Apr 2026 10:45:52 GMT"},"fingerprint":{"sha1":"7F:DD:A7:40:50:71:F0:38:03:24:6B:ED:AE:66:F8:E4:4D:78:53:4F","sha256":"9B:71:B9:3D:83:AE:50:9F:8C:18:B2:21:54:7B:1E:5B:BC:91:50:04:B5:0E:E7:94:4F:C4:DA:47:D1:1C:74:BC"}}},"request":{"raw":"POST /api/Raffle/getPluginInfo?lang=vnm\u0026?t=1772887892172 HTTP/1.1\r\nHost: ayyvv.piaob.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json;charset=utf-8\r\nContent-Length: 91\r\nOrigin: https://ypcyy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ypcyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":91,"data":"{\"api_token\":\"16064ca64d39f405c5432c8b0d5ee8a7\",\"client_id\":1,\"token\":\"\",\"device_token\":\"\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:33 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":80,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"ab47183bb7d9cbd7c9cd551da9da0e84","sha1":"184c6c9f5fd4b507270dc987a50c5c6ced6a8828","sha256":"537bacee569c073c8e51f56d9a014038d8586ee4a465e6b8d74fc7b6609a6806","sha512":"77d3aca962e2265d12c5176e0ad62a42af12ef1dc5f251c209e8874271c4967162f4a63dd287a15ee29de864096fb1b2762c2efc50349b3f73a38c05c085daf3","ssdeep":"","tlshash":"e3a012441d103085b40286810abe0104dde42490001541d000945830b59a5784812914","first_seen":"2026-03-05T22:30:26.100941Z","last_seen":"2026-04-27T14:48:12.682133Z","times_seen":10,"resource_available":false,"data":null}},"time_used":275,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":275,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ayyvv.piaob.com/api/Config/getShowConfig?lang=vnm\u0026?t=1772887891890","fqdn":"ayyvv.piaob.com","domain":"piaob.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ypcyy.com/index.html","date":"2026-03-07T12:51:31.919Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pkpk66.piaob.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 10:45:53 GMT","end":"Sat, 11 Apr 2026 10:45:52 GMT"},"fingerprint":{"sha1":"7F:DD:A7:40:50:71:F0:38:03:24:6B:ED:AE:66:F8:E4:4D:78:53:4F","sha256":"9B:71:B9:3D:83:AE:50:9F:8C:18:B2:21:54:7B:1E:5B:BC:91:50:04:B5:0E:E7:94:4F:C4:DA:47:D1:1C:74:BC"}}},"request":{"raw":"OPTIONS /api/Config/getShowConfig?lang=vnm\u0026?t=1772887891890 HTTP/1.1\r\nHost: ayyvv.piaob.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://ypcyy.com/\r\nOrigin: https://ypcyy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:32 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":76,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"1fbb952908f0822020aa78087f3e0714","sha1":"94ffd5fb29c97f185b72ca3e261b1111d0ccec14","sha256":"c98be7863deb9ffe6eccff1d914d40fe667724dd12180b49198380090305ef25","sha512":"f12534e4240cec8602ff37d71746a744e84ddc2cc36f7703076cba3e3f44d8211d029bc9c1a3e32cd23b6ea81e5dd7b02ee504ea1ea7d6af11ad4841a537be81","ssdeep":"","tlshash":"5ba0247c0304743514f51144dc1c107c41c534100005407000fcc134171007dd103ccd","first_seen":"2024-08-19T13:17:27.865692Z","last_seen":"2026-06-01T04:40:07.662166Z","times_seen":93,"resource_available":false,"data":null}},"time_used":1305,"timings":{"blocked":501,"dns":10,"connect":240,"send":0,"wait":303,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ayyvv.piaob.com/api/Index/getIndexNavList?lang=vnm\u0026?t=1772887892178","fqdn":"ayyvv.piaob.com","domain":"piaob.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ypcyy.com/index.html","date":"2026-03-07T12:51:32.347Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pkpk66.piaob.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 10:45:53 GMT","end":"Sat, 11 Apr 2026 10:45:52 GMT"},"fingerprint":{"sha1":"7F:DD:A7:40:50:71:F0:38:03:24:6B:ED:AE:66:F8:E4:4D:78:53:4F","sha256":"9B:71:B9:3D:83:AE:50:9F:8C:18:B2:21:54:7B:1E:5B:BC:91:50:04:B5:0E:E7:94:4F:C4:DA:47:D1:1C:74:BC"}}},"request":{"raw":"OPTIONS /api/Index/getIndexNavList?lang=vnm\u0026?t=1772887892178 HTTP/1.1\r\nHost: ayyvv.piaob.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://ypcyy.com/\r\nOrigin: https://ypcyy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:32 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept\r\nset-cookie: think_var=en-us; path=/\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":88,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"588f362f532081fd1430597942474d99","sha1":"d6f58b4daf534310ae52f85f3039c41d82c49fdb","sha256":"9d839d88761786200ed3c22a886eaf83257c684a9f5ee6bf5bf9eecbd1967ac8","sha512":"3d0fcc25ccf1de6a70bac85c134e0dd33636f7fd39cd72ea412ab2e6197e8ce55afe8a888593161b81f42983d027a7c31a48e53de949029135fd8382cfd022be","ssdeep":"","tlshash":"65b0126d0204a02518f655445818103c97d63910400a44b400ec813419240bdd106c8d","first_seen":"2024-01-15T04:52:00Z","last_seen":"2026-06-01T04:40:07.632943Z","times_seen":77,"resource_available":false,"data":null}},"time_used":601,"timings":{"blocked":75,"dns":0,"connect":0,"send":0,"wait":526,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ayyvv.piaob.com/api/Ad/getAdByTag?lang=vnm\u0026?t=1772887892174","fqdn":"ayyvv.piaob.com","domain":"piaob.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ypcyy.com/index.html","date":"2026-03-07T12:51:32.892Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pkpk66.piaob.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 10:45:53 GMT","end":"Sat, 11 Apr 2026 10:45:52 GMT"},"fingerprint":{"sha1":"7F:DD:A7:40:50:71:F0:38:03:24:6B:ED:AE:66:F8:E4:4D:78:53:4F","sha256":"9B:71:B9:3D:83:AE:50:9F:8C:18:B2:21:54:7B:1E:5B:BC:91:50:04:B5:0E:E7:94:4F:C4:DA:47:D1:1C:74:BC"}}},"request":{"raw":"POST /api/Ad/getAdByTag?lang=vnm\u0026?t=1772887892174 HTTP/1.1\r\nHost: ayyvv.piaob.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json;charset=utf-8\r\nContent-Length: 119\r\nOrigin: https://ypcyy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ypcyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":119,"data":"{\"tag\":\"mobile_index_banner\",\"api_token\":\"4091898421453677a7ffc108570a71a0\",\"client_id\":1,\"token\":\"\",\"device_token\":\"\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:32 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1246,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"ea9f8c1ba9a445fb60971819a5e6745d","sha1":"6c5e1650e3559b3921a823e4f08cc8187a1e431e","sha256":"e0731d47df5c74cdac752ed8fa427c3f06efe0ede9c55d400093483c43a0d8eb","sha512":"bb77c7840a7180fc3d0ccb452404fdaa4622f4605f1e64de5cb60cafedd04049e46a65a3afb2cafa6284f4792db0ed601e6f11d320a064aeb4584dd2fe8b2fb4","ssdeep":"","tlshash":"c4219d9fbed88c7693f475c01495212e80a025d39cb0b7ce7bd9d46e668c09e022bb31","first_seen":"2026-03-05T22:30:26.130213Z","last_seen":"2026-04-27T14:48:12.831644Z","times_seen":10,"resource_available":false,"data":null}},"time_used":276,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":276,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ypcyy.com/h5/static/js/pages-tabBar-home~pages-tabBar-my~pagesB-distribution-income~pagesB-my-feedback~pagesB-setting-userI~520e68bb.25827f3e.js","fqdn":"ypcyy.com","domain":"ypcyy.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ypcyy.com/index.html","date":"2026-03-07T12:51:31.858Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wxxhd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 14:53:19 GMT","end":"Sat, 11 Apr 2026 14:53:18 GMT"},"fingerprint":{"sha1":"A3:F4:B2:B1:94:95:40:36:D8:96:22:AE:8B:E0:CC:88:1A:C9:6C:55","sha256":"B2:5F:35:7F:A8:DA:BF:71:24:CA:46:9D:C5:47:C5:C7:94:ED:FB:95:06:0F:7D:E0:E6:44:BE:24:23:43:63:00"}}},"request":{"raw":"GET /h5/static/js/pages-tabBar-home~pages-tabBar-my~pagesB-distribution-income~pagesB-my-feedback~pagesB-setting-userI~520e68bb.25827f3e.js HTTP/1.1\r\nHost: ypcyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ypcyy.com/index.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:31 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 11 Jan 2026 13:56:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6963ac16-3e23\"\r\nexpires: Sun, 08 Mar 2026 00:51:31 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15907,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (13033), with NEL line terminators","md5":"32baa313c7a4ee3d9e140a0c7fc29042","sha1":"bfae5db018bceeb992b0d5aa694ff0d4f1c34eaf","sha256":"84158188f73f62a1374df0386a3b583bac158fe22e9d8b263f48acd362709900","sha512":"08061efc797f728e2227bf4ba0f7b9d781036262239e8eadc031662356e10e894752120d9f2112331a7e50411d035d789bed4bd6d29f51a6844575f2bb2fa28d","ssdeep":"384:kHErNpPRttqkMSkJym/kET4k6KkEQoghl:kHErNpPRttqTFJQG4kmvoU","tlshash":"9f72f714f48fb7240ae3402928bb1b0c91366e9ce87a6485f7e195f98df5b8d104bb39","first_seen":"2026-03-05T22:30:26.137703Z","last_seen":"2026-04-27T14:48:12.717479Z","times_seen":10,"resource_available":false,"data":null}},"time_used":244,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":244,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-07","alert":"Phishing Block","trigger":"ypcyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ayyvv.piaob.com/api/Shops/getRecommendShops?lang=vnm\u0026?t=1772887892176","fqdn":"ayyvv.piaob.com","domain":"piaob.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ypcyy.com/index.html","date":"2026-03-07T12:51:32.899Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pkpk66.piaob.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 10:45:53 GMT","end":"Sat, 11 Apr 2026 10:45:52 GMT"},"fingerprint":{"sha1":"7F:DD:A7:40:50:71:F0:38:03:24:6B:ED:AE:66:F8:E4:4D:78:53:4F","sha256":"9B:71:B9:3D:83:AE:50:9F:8C:18:B2:21:54:7B:1E:5B:BC:91:50:04:B5:0E:E7:94:4F:C4:DA:47:D1:1C:74:BC"}}},"request":{"raw":"POST /api/Shops/getRecommendShops?lang=vnm\u0026?t=1772887892176 HTTP/1.1\r\nHost: ayyvv.piaob.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json;charset=utf-8\r\nContent-Length: 91\r\nOrigin: https://ypcyy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ypcyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":91,"data":"{\"api_token\":\"d30d8edb5d4b6eb236d1ed5bae628f45\",\"client_id\":1,\"token\":\"\",\"device_token\":\"\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:33 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12018,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"db67d46a2a1dbd9592a1b949e18a3809","sha1":"50c74f07fb403148635f148c162b19ffeeb71ad6","sha256":"99e8a3f9d23dd891cf3ba531ade34f51563786f26f83d087fcfe964fd31ea285","sha512":"ea40793b28c0d52517e4338aa59fc57d32d81f8a20cbc6b7ac18b2876a6a140aa993d32f326be4c8e3622d6271b19f7529a2e94887084356598de79a2475787e","ssdeep":"192:Iwne1YZbRbEVp4/J0bSYZ3AD80lsn0f+Sd0ufPJ3KW0PxPpi0MvHK50M2FYEWcb/:PneSbUW/SJADrsBSBfB3KxPSfi25Lz","tlshash":"e74223a5b5593ce68be740414ebb74dacdfc09930f881f64abfeaf0611e8976d702421","first_seen":"2026-03-07T12:51:57.744556Z","last_seen":"2026-03-07T12:51:57.744556Z","times_seen":1,"resource_available":false,"data":null}},"time_used":342,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":342,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ayyvv.piaob.com/api/Index/indexInfo?lang=vnm\u0026?t=1772887892177","fqdn":"ayyvv.piaob.com","domain":"piaob.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ypcyy.com/index.html","date":"2026-03-07T12:51:32.942Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pkpk66.piaob.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 10:45:53 GMT","end":"Sat, 11 Apr 2026 10:45:52 GMT"},"fingerprint":{"sha1":"7F:DD:A7:40:50:71:F0:38:03:24:6B:ED:AE:66:F8:E4:4D:78:53:4F","sha256":"9B:71:B9:3D:83:AE:50:9F:8C:18:B2:21:54:7B:1E:5B:BC:91:50:04:B5:0E:E7:94:4F:C4:DA:47:D1:1C:74:BC"}}},"request":{"raw":"POST /api/Index/indexInfo?lang=vnm\u0026?t=1772887892177 HTTP/1.1\r\nHost: ayyvv.piaob.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json;charset=utf-8\r\nContent-Length: 91\r\nOrigin: https://ypcyy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ypcyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":91,"data":"{\"api_token\":\"e5b6dc49edce8a7b32ebfd5a7c900c08\",\"client_id\":1,\"token\":\"\",\"device_token\":\"\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:33 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":152,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"8010109aaa80be28011810b13309a57b","sha1":"6867584f3c4fcb7a0183a0f71b98202d4493b32a","sha256":"f6a96f8962e0d4a25d1d7ceb8da8b0abae5d1c9da47b42f9efde2228e9733986","sha512":"ca1e691e0f1f0e0caf4cb1b01d0a635584ba30f7513a7ab31b3e648f66e6b39c9005e6d243c50e24518c07b8ff874a4cb55b444e05f16ef979ef61f1f51bf936","ssdeep":"","tlshash":"d6c02b4b3f043008d844748906bf9dd8f7a414bd00c20df30572481cb63d13b6503414","first_seen":"2026-03-07T12:51:57.745706Z","last_seen":"2026-03-07T12:51:57.745706Z","times_seen":1,"resource_available":false,"data":null}},"time_used":283,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":283,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ayyvv.piaob.com/api/Index/getIndexNavList?lang=vnm\u0026?t=1772887892178","fqdn":"ayyvv.piaob.com","domain":"piaob.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ypcyy.com/index.html","date":"2026-03-07T12:51:32.952Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pkpk66.piaob.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 10:45:53 GMT","end":"Sat, 11 Apr 2026 10:45:52 GMT"},"fingerprint":{"sha1":"7F:DD:A7:40:50:71:F0:38:03:24:6B:ED:AE:66:F8:E4:4D:78:53:4F","sha256":"9B:71:B9:3D:83:AE:50:9F:8C:18:B2:21:54:7B:1E:5B:BC:91:50:04:B5:0E:E7:94:4F:C4:DA:47:D1:1C:74:BC"}}},"request":{"raw":"POST /api/Index/getIndexNavList?lang=vnm\u0026?t=1772887892178 HTTP/1.1\r\nHost: ayyvv.piaob.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json;charset=utf-8\r\nContent-Length: 91\r\nOrigin: https://ypcyy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ypcyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":91,"data":"{\"api_token\":\"2c371efab178e47e7d8c956a070af7c7\",\"client_id\":1,\"token\":\"\",\"device_token\":\"\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:33 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept\r\nset-cookie: think_var=en-us; path=/\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1658,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"500d949d28ffbbfe54b904c8e02afc6c","sha1":"42ed052794d498ef4dcd89ada5d8ac7af7617c90","sha256":"eb416c4ed574300655886731c37ac8b1aa267600a32a7310d25a79daa94fcc1e","sha512":"ea086599805735bb147327f24e268e5f09a55daaa2e9b88187d20cbbece5a77105e6c763acf558819aac905b783de211fd4920b656175ed65dbb980134bef00c","ssdeep":"","tlshash":"5331b4de1b71bdaee4017d224e7744cddab9f882325a6c542776fa0ed4241a8a43e033","first_seen":"2026-03-05T22:30:26.098838Z","last_seen":"2026-04-27T14:48:12.836072Z","times_seen":10,"resource_available":false,"data":null}},"time_used":296,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":296,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ayyvv.piaob.com/api/Index/indexInfo?lang=vnm\u0026?t=1772887892177","fqdn":"ayyvv.piaob.com","domain":"piaob.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ypcyy.com/index.html","date":"2026-03-07T12:51:32.344Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pkpk66.piaob.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 10:45:53 GMT","end":"Sat, 11 Apr 2026 10:45:52 GMT"},"fingerprint":{"sha1":"7F:DD:A7:40:50:71:F0:38:03:24:6B:ED:AE:66:F8:E4:4D:78:53:4F","sha256":"9B:71:B9:3D:83:AE:50:9F:8C:18:B2:21:54:7B:1E:5B:BC:91:50:04:B5:0E:E7:94:4F:C4:DA:47:D1:1C:74:BC"}}},"request":{"raw":"OPTIONS /api/Index/indexInfo?lang=vnm\u0026?t=1772887892177 HTTP/1.1\r\nHost: ayyvv.piaob.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://ypcyy.com/\r\nOrigin: https://ypcyy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:32 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":88,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"588f362f532081fd1430597942474d99","sha1":"d6f58b4daf534310ae52f85f3039c41d82c49fdb","sha256":"9d839d88761786200ed3c22a886eaf83257c684a9f5ee6bf5bf9eecbd1967ac8","sha512":"3d0fcc25ccf1de6a70bac85c134e0dd33636f7fd39cd72ea412ab2e6197e8ce55afe8a888593161b81f42983d027a7c31a48e53de949029135fd8382cfd022be","ssdeep":"","tlshash":"65b0126d0204a02518f655445818103c97d63910400a44b400ec813419240bdd106c8d","first_seen":"2024-01-15T04:52:00Z","last_seen":"2026-06-01T04:40:07.632943Z","times_seen":77,"resource_available":false,"data":null}},"time_used":593,"timings":{"blocked":78,"dns":0,"connect":0,"send":0,"wait":515,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ayyvv.piaob.com/api/Ad/getAdByTag?lang=vnm\u0026?t=1772887892175","fqdn":"ayyvv.piaob.com","domain":"piaob.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ypcyy.com/index.html","date":"2026-03-07T12:51:32.897Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pkpk66.piaob.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 10:45:53 GMT","end":"Sat, 11 Apr 2026 10:45:52 GMT"},"fingerprint":{"sha1":"7F:DD:A7:40:50:71:F0:38:03:24:6B:ED:AE:66:F8:E4:4D:78:53:4F","sha256":"9B:71:B9:3D:83:AE:50:9F:8C:18:B2:21:54:7B:1E:5B:BC:91:50:04:B5:0E:E7:94:4F:C4:DA:47:D1:1C:74:BC"}}},"request":{"raw":"POST /api/Ad/getAdByTag?lang=vnm\u0026?t=1772887892175 HTTP/1.1\r\nHost: ayyvv.piaob.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json;charset=utf-8\r\nContent-Length: 120\r\nOrigin: https://ypcyy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ypcyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":120,"data":"{\"tag\":\"mobile_index_capsule\",\"api_token\":\"4091898421453677a7ffc108570a71a0\",\"client_id\":1,\"token\":\"\",\"device_token\":\"\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:32 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":338,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"ea3b8e24509c14ba09783025e86cf37b","sha1":"a5e00c73d4f5b9067658c4fa8014c7547b73cd73","sha256":"94ff9976e1c5381cee3e809e28a85941e8e6b2dca8de755a2eed49cf0d172fc6","sha512":"cd53799a33eb8760ca33fdb61147f99783925bcce19db2f97667d206ee9e548554af91dcb05fca54d570dcd317f2a473007b324556532adf9715e5319b977b4f","ssdeep":"","tlshash":"aee0288e3e647c66b7e16ec1096c212ce4f40dd20c60e6dd9dd8441d65481e90237531","first_seen":"2026-03-05T22:30:26.115306Z","last_seen":"2026-04-27T14:48:12.771934Z","times_seen":10,"resource_available":false,"data":null}},"time_used":272,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":272,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ypcyy.com/h5/static/js/pages-tabBar-home.a617c143.js","fqdn":"ypcyy.com","domain":"ypcyy.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ypcyy.com/index.html","date":"2026-03-07T12:51:31.862Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wxxhd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 14:53:19 GMT","end":"Sat, 11 Apr 2026 14:53:18 GMT"},"fingerprint":{"sha1":"A3:F4:B2:B1:94:95:40:36:D8:96:22:AE:8B:E0:CC:88:1A:C9:6C:55","sha256":"B2:5F:35:7F:A8:DA:BF:71:24:CA:46:9D:C5:47:C5:C7:94:ED:FB:95:06:0F:7D:E0:E6:44:BE:24:23:43:63:00"}}},"request":{"raw":"GET /h5/static/js/pages-tabBar-home.a617c143.js HTTP/1.1\r\nHost: ypcyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ypcyy.com/index.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:31 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 11 Jan 2026 13:56:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6963ac16-24dde\"\r\nexpires: Sun, 08 Mar 2026 00:51:31 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":151006,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (63945), with no line terminators","md5":"97d9ff52de1a7eb65992d23c78143e0e","sha1":"3222384eddd52fc60f687f63585da1baeaa8fc08","sha256":"8aae6152b8b2abd5bd9bf18417d49c67d8972916f92a14ad70f79ea12ecca282","sha512":"184c7b46b6c4025a7571fbd08a6254c36b89f18dfb8d6a03314664b8c21da9f476985970b39414c37307f2be9caf6dff758dbdee2beb479a60a4562f70c1b8f9","ssdeep":"1536:FGnVpSvCw0GVGqfV3FUGGXGqDGrGwGpKGEUM1hG9:FCDw0opfV1xq/DGJ8KhUM1hK","tlshash":"4be30382b7cd201cd937cf6384ca21b8f6fb352a95016486dd523b668fb27c7326952d","first_seen":"2026-03-05T22:30:26.126184Z","last_seen":"2026-04-27T14:48:12.784106Z","times_seen":10,"resource_available":true,"data":null}},"time_used":245,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":245,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-07","alert":"Phishing Block","trigger":"ypcyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ayyvv.piaob.com/api/Config/getConfig?lang=vnm\u0026?t=1772887892178","fqdn":"ayyvv.piaob.com","domain":"piaob.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ypcyy.com/index.html","date":"2026-03-07T12:51:32.348Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pkpk66.piaob.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 10:45:53 GMT","end":"Sat, 11 Apr 2026 10:45:52 GMT"},"fingerprint":{"sha1":"7F:DD:A7:40:50:71:F0:38:03:24:6B:ED:AE:66:F8:E4:4D:78:53:4F","sha256":"9B:71:B9:3D:83:AE:50:9F:8C:18:B2:21:54:7B:1E:5B:BC:91:50:04:B5:0E:E7:94:4F:C4:DA:47:D1:1C:74:BC"}}},"request":{"raw":"OPTIONS /api/Config/getConfig?lang=vnm\u0026?t=1772887892178 HTTP/1.1\r\nHost: ayyvv.piaob.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://ypcyy.com/\r\nOrigin: https://ypcyy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:32 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":76,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"1fbb952908f0822020aa78087f3e0714","sha1":"94ffd5fb29c97f185b72ca3e261b1111d0ccec14","sha256":"c98be7863deb9ffe6eccff1d914d40fe667724dd12180b49198380090305ef25","sha512":"f12534e4240cec8602ff37d71746a744e84ddc2cc36f7703076cba3e3f44d8211d029bc9c1a3e32cd23b6ea81e5dd7b02ee504ea1ea7d6af11ad4841a537be81","ssdeep":"","tlshash":"5ba0247c0304743514f51144dc1c107c41c534100005407000fcc134171007dd103ccd","first_seen":"2024-08-19T13:17:27.865692Z","last_seen":"2026-06-01T04:40:07.662166Z","times_seen":93,"resource_available":false,"data":null}},"time_used":589,"timings":{"blocked":74,"dns":0,"connect":0,"send":0,"wait":515,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ypcyy.com/favicon.ico","fqdn":"ypcyy.com","domain":"ypcyy.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ypcyy.com/pc.html","date":"2026-03-07T12:51:29.791Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wxxhd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 14:53:19 GMT","end":"Sat, 11 Apr 2026 14:53:18 GMT"},"fingerprint":{"sha1":"A3:F4:B2:B1:94:95:40:36:D8:96:22:AE:8B:E0:CC:88:1A:C9:6C:55","sha256":"B2:5F:35:7F:A8:DA:BF:71:24:CA:46:9D:C5:47:C5:C7:94:ED:FB:95:06:0F:7D:E0:E6:44:BE:24:23:43:63:00"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: ypcyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ypcyy.com/pc.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:29 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 4286\r\nlast-modified: Mon, 12 Jan 2026 03:44:03 GMT\r\netag: \"69646e03-10be\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4286,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel","md5":"2240c17cbc01319a865e2358311b0715","sha1":"e1aee0112e3672cc75e52eabc1b569ad200094d3","sha256":"7a78eed11d29022445f5009c4f5ba1e17ed7f951b1f9c40201cb0ef632fae6a7","sha512":"e7129156d6253ae1d24064c9b927c014e13c9fa6e76a59d59e160a2e0d42b997847fcb4155cc65a29adac97be02eaddc91e40987f6403bcdcf74457dbb8fd614","ssdeep":"48:dVZk/cprQ7fy1XWfeP0Q5MsFz+HGHtTtfwvIkjCcaKTyAnZMu661GcGCTa0LQx8e:dGcJQW1TLZDtTmbjCHN2r6kGcNzMG2v","tlshash":"e9911f75fcd11630e5a91a3529b7086c05db6fe80d186c3f80b9f8029fb76e6501341f","first_seen":"2026-03-05T22:30:26.106667Z","last_seen":"2026-04-27T14:48:12.839112Z","times_seen":12,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-07","alert":"Phishing Block","trigger":"ypcyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ypcyy.com/h5/static/images/tabbar/cart.png","fqdn":"ypcyy.com","domain":"ypcyy.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ypcyy.com/index.html","date":"2026-03-07T12:51:31.874Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wxxhd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 14:53:19 GMT","end":"Sat, 11 Apr 2026 14:53:18 GMT"},"fingerprint":{"sha1":"A3:F4:B2:B1:94:95:40:36:D8:96:22:AE:8B:E0:CC:88:1A:C9:6C:55","sha256":"B2:5F:35:7F:A8:DA:BF:71:24:CA:46:9D:C5:47:C5:C7:94:ED:FB:95:06:0F:7D:E0:E6:44:BE:24:23:43:63:00"}}},"request":{"raw":"GET /h5/static/images/tabbar/cart.png HTTP/1.1\r\nHost: ypcyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ypcyy.com/index.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:31 GMT\r\ncontent-type: image/png\r\ncontent-length: 887\r\nlast-modified: Sun, 11 Jan 2026 13:56:38 GMT\r\netag: \"6963ac16-377\"\r\nexpires: Mon, 06 Apr 2026 12:51:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":887,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 96, 8-bit colormap, non-interlaced","md5":"9b0ad7005dbb900cf7128bb2456c0dda","sha1":"5f2f2fcc250ac98ea4abe2485818b338caa61d9d","sha256":"41e3321f8b17d1d704eecc54604bf024fb0d5c6e69f40744f0e981c4f448fdb2","sha512":"4386683f5bc23188c9d57dd35d8f3c997ad4f9470cd4467cbb127f49d8bef7796eb147f596064c6fcd7763151a8aaf41ec46c78d07e1da4f9b63f41024987c40","ssdeep":"","tlshash":"1211566ebd84dcaaf3fa07ae4780d532f81a0e856d15683af24d57135e1f13f6605900","first_seen":"2023-07-21T16:15:40Z","last_seen":"2026-04-27T14:48:12.805301Z","times_seen":105,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-07","alert":"Phishing Block","trigger":"ypcyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ypcyy.com/h5/static/js/index.1afc00c7.js","fqdn":"ypcyy.com","domain":"ypcyy.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ypcyy.com/index.html","date":"2026-03-07T12:51:30.044Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wxxhd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 14:53:19 GMT","end":"Sat, 11 Apr 2026 14:53:18 GMT"},"fingerprint":{"sha1":"A3:F4:B2:B1:94:95:40:36:D8:96:22:AE:8B:E0:CC:88:1A:C9:6C:55","sha256":"B2:5F:35:7F:A8:DA:BF:71:24:CA:46:9D:C5:47:C5:C7:94:ED:FB:95:06:0F:7D:E0:E6:44:BE:24:23:43:63:00"}}},"request":{"raw":"GET /h5/static/js/index.1afc00c7.js HTTP/1.1\r\nHost: ypcyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ypcyy.com/index.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:30 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 11 Jan 2026 13:56:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6963ac16-edb41\"\r\nexpires: Sun, 08 Mar 2026 00:51:30 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":973633,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (42852), with no line terminators","md5":"495e4e99667e73295d5c10ff79044edf","sha1":"a6425717e802731bea1336d43bae64cc5bf09693","sha256":"7c146747d031c32bae9f9318fd1f26ac034f78c9e7d67a9d31ed7ca572c055d1","sha512":"369df18df380be2e9df7312ed5143e7c11e92141cf75ec203128ccb6df575ef84c2d300cd2bcf9c7c4e20bc2a6916022be7830953564986120d12e97a46a44f4","ssdeep":"6144:TQ3hzhDhEoQwuFh/hvvze+hPid25rLU95h8ghEz0vh1r+gp2jY:TQ3hN9EoQNbpvvtP225rQJ7K051r+RY","tlshash":"4445080db591c3a4a7ce75f27c1227915b70cbcac6cdb61f4b6ad1e43acfad4012a660","first_seen":"2026-03-07T12:51:57.751793Z","last_seen":"2026-03-07T12:51:57.751793Z","times_seen":1,"resource_available":false,"data":null}},"time_used":973,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":973,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-07","alert":"Phishing Block","trigger":"ypcyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ayyvv.piaob.com/api/Config/getConfig?lang=vnm\u0026?t=1772887892173","fqdn":"ayyvv.piaob.com","domain":"piaob.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ypcyy.com/index.html","date":"2026-03-07T12:51:32.323Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pkpk66.piaob.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 10:45:53 GMT","end":"Sat, 11 Apr 2026 10:45:52 GMT"},"fingerprint":{"sha1":"7F:DD:A7:40:50:71:F0:38:03:24:6B:ED:AE:66:F8:E4:4D:78:53:4F","sha256":"9B:71:B9:3D:83:AE:50:9F:8C:18:B2:21:54:7B:1E:5B:BC:91:50:04:B5:0E:E7:94:4F:C4:DA:47:D1:1C:74:BC"}}},"request":{"raw":"OPTIONS /api/Config/getConfig?lang=vnm\u0026?t=1772887892173 HTTP/1.1\r\nHost: ayyvv.piaob.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://ypcyy.com/\r\nOrigin: https://ypcyy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:32 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":76,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"1fbb952908f0822020aa78087f3e0714","sha1":"94ffd5fb29c97f185b72ca3e261b1111d0ccec14","sha256":"c98be7863deb9ffe6eccff1d914d40fe667724dd12180b49198380090305ef25","sha512":"f12534e4240cec8602ff37d71746a744e84ddc2cc36f7703076cba3e3f44d8211d029bc9c1a3e32cd23b6ea81e5dd7b02ee504ea1ea7d6af11ad4841a537be81","ssdeep":"","tlshash":"5ba0247c0304743514f51144dc1c107c41c534100005407000fcc134171007dd103ccd","first_seen":"2024-08-19T13:17:27.865692Z","last_seen":"2026-06-01T04:40:07.662166Z","times_seen":93,"resource_available":false,"data":null}},"time_used":401,"timings":{"blocked":98,"dns":0,"connect":0,"send":0,"wait":303,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ypcyy.com/h5/static/js/pages-tabBar-find~pages-tabBar-home~pages-tabBar-my~pagesC-goods-categoryGoods~pagesC-goods-goodsDet~a6f50aa2.72046e76.js","fqdn":"ypcyy.com","domain":"ypcyy.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ypcyy.com/index.html","date":"2026-03-07T12:51:31.860Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wxxhd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 14:53:19 GMT","end":"Sat, 11 Apr 2026 14:53:18 GMT"},"fingerprint":{"sha1":"A3:F4:B2:B1:94:95:40:36:D8:96:22:AE:8B:E0:CC:88:1A:C9:6C:55","sha256":"B2:5F:35:7F:A8:DA:BF:71:24:CA:46:9D:C5:47:C5:C7:94:ED:FB:95:06:0F:7D:E0:E6:44:BE:24:23:43:63:00"}}},"request":{"raw":"GET /h5/static/js/pages-tabBar-find~pages-tabBar-home~pages-tabBar-my~pagesC-goods-categoryGoods~pagesC-goods-goodsDet~a6f50aa2.72046e76.js HTTP/1.1\r\nHost: ypcyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ypcyy.com/index.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:31 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 11 Jan 2026 13:56:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6963ac16-7880\"\r\nexpires: Sun, 08 Mar 2026 00:51:31 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":30848,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (28125), with no line terminators","md5":"6f55c3d300f2edbfede2c0a69f4f6cc0","sha1":"1b1bfd2b64c7ef9eccacc40dc0abe387c59cdb95","sha256":"1e350c7a65d4de3949350741e2cce8d9fa15c06fdd3667d1076e1c09a98caa44","sha512":"34b2cd1c0d1dc3b0f63d1d00b9fec935863d328e006e432f8cd55df40d505143797f7cf30b795186be60589ab8d0213b5b32c1d85921b44bba75ca2cf5b72b89","ssdeep":"768:Iu6NXMCEGJzJG7I+89x8906olCAGbG4a+0MU/FeGO3KkXK+6ff7ayXBqpz:LyPEGfGk+89xio4AGbG5GTGO3KzBq","tlshash":"47d2d616f18f781a1d538408246b970ce276396ca826e180dbf0aafd8cf5bcf1527f58","first_seen":"2026-03-05T22:30:26.140535Z","last_seen":"2026-04-27T14:48:12.79588Z","times_seen":10,"resource_available":true,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-07","alert":"Phishing Block","trigger":"ypcyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ypcyy.com/h5/static/images/icon-shopcart.png","fqdn":"ypcyy.com","domain":"ypcyy.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ypcyy.com/index.html","date":"2026-03-07T12:51:32.268Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wxxhd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 14:53:19 GMT","end":"Sat, 11 Apr 2026 14:53:18 GMT"},"fingerprint":{"sha1":"A3:F4:B2:B1:94:95:40:36:D8:96:22:AE:8B:E0:CC:88:1A:C9:6C:55","sha256":"B2:5F:35:7F:A8:DA:BF:71:24:CA:46:9D:C5:47:C5:C7:94:ED:FB:95:06:0F:7D:E0:E6:44:BE:24:23:43:63:00"}}},"request":{"raw":"GET /h5/static/images/icon-shopcart.png HTTP/1.1\r\nHost: ypcyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ypcyy.com/index.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:32 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 11 Jan 2026 13:56:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6963ac16-48e\"\r\nexpires: Mon, 06 Apr 2026 12:51:32 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1166,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"52f09dc9ab3ba934035a112d00292772","sha1":"0e10c946abf10c18d17748e49c632b013ff2767b","sha256":"844cca652f7e5036336d11de228a166463f488421a53b027bb0f7b3aa5706604","sha512":"9424ff8e8a532c29a6d2f0e035e4e6360725a0d04685299fbb27627902b48491de77f5a4f0db94946d8615b4e49627af100c7e2cbd88a775d7ee793fa6bf9559","ssdeep":"","tlshash":"3a2107d8a3d70993cb2b63243e501286fe193806a68b551e5a20062e8930702a384b13","first_seen":"2023-07-21T16:15:40Z","last_seen":"2026-04-27T14:48:12.769142Z","times_seen":53,"resource_available":false,"data":null}},"time_used":244,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":244,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-07","alert":"Phishing Block","trigger":"ypcyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ayyvv.piaob.com/api/Ad/getAdByTag?lang=vnm\u0026?t=1772887892174","fqdn":"ayyvv.piaob.com","domain":"piaob.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ypcyy.com/index.html","date":"2026-03-07T12:51:32.324Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pkpk66.piaob.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 10:45:53 GMT","end":"Sat, 11 Apr 2026 10:45:52 GMT"},"fingerprint":{"sha1":"7F:DD:A7:40:50:71:F0:38:03:24:6B:ED:AE:66:F8:E4:4D:78:53:4F","sha256":"9B:71:B9:3D:83:AE:50:9F:8C:18:B2:21:54:7B:1E:5B:BC:91:50:04:B5:0E:E7:94:4F:C4:DA:47:D1:1C:74:BC"}}},"request":{"raw":"OPTIONS /api/Ad/getAdByTag?lang=vnm\u0026?t=1772887892174 HTTP/1.1\r\nHost: ayyvv.piaob.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://ypcyy.com/\r\nOrigin: https://ypcyy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:32 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":107,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"60244dc62970abe0d6979e11bf2f52bb","sha1":"9274032c9cb69f5e494cc2209b46bffb3938a728","sha256":"e6f5b8a0710cecc05e592c505e018d2aa4d0208aad08dc0dab6bf5610b6324f2","sha512":"2e447460b509c920dd5b40b2cea42f25f9533b8f7dcc6e2f0bf1c1081cc8583a99e9afed18155380c152dfed714cfc1bde19052806e63073d1dcdb64a66fe839","ssdeep":"","tlshash":"26b0124d26b076eb19835db74a7e8ddcadf06d80133444f430753324f94442ff852925","first_seen":"2026-03-05T22:30:26.108355Z","last_seen":"2026-04-27T14:48:12.714473Z","times_seen":10,"resource_available":false,"data":null}},"time_used":396,"timings":{"blocked":97,"dns":0,"connect":0,"send":0,"wait":299,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ypcyy.com/pc.html","fqdn":"ypcyy.com","domain":"ypcyy.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-07T12:51:29.509Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wxxhd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 14:53:19 GMT","end":"Sat, 11 Apr 2026 14:53:18 GMT"},"fingerprint":{"sha1":"A3:F4:B2:B1:94:95:40:36:D8:96:22:AE:8B:E0:CC:88:1A:C9:6C:55","sha256":"B2:5F:35:7F:A8:DA:BF:71:24:CA:46:9D:C5:47:C5:C7:94:ED:FB:95:06:0F:7D:E0:E6:44:BE:24:23:43:63:00"}}},"request":{"raw":"GET /pc.html HTTP/1.1\r\nHost: ypcyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ypcyy.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:29 GMT\r\ncontent-type: text/html\r\ncontent-length: 804\r\nlast-modified: Sun, 11 Jan 2026 14:01:58 GMT\r\netag: \"6963ad56-324\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":804,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"f0bce51132d01e07133d81fdfce0f251","sha1":"3a78f4f85790aeaa8bc3b6075b006aedb0d3d5e1","sha256":"97f1ab7f406d7eccb4160d0d8836cb776e244421ac9add109c0d41719342c391","sha512":"914fa36f48c524c95eb0bcd9115977041045ae049cfa730b509b8e7ad7fc50d1b577daa8d904d106bc6db1b077eecc592a62be291214227a42b8cce7111cbc07","ssdeep":"","tlshash":"670110184ce3e04ad21290a19bd175086453448f67208c10ba9cb9b5af9661180e7bbd","first_seen":"2026-03-05T22:30:26.135309Z","last_seen":"2026-04-27T14:48:12.808056Z","times_seen":12,"resource_available":true,"data":null}},"time_used":244,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":244,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-07","alert":"Phishing Block","trigger":"ypcyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ayyvv.piaob.com/api/Ad/getAdByTag?lang=vnm\u0026?t=1772887892175","fqdn":"ayyvv.piaob.com","domain":"piaob.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ypcyy.com/index.html","date":"2026-03-07T12:51:32.331Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pkpk66.piaob.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 10:45:53 GMT","end":"Sat, 11 Apr 2026 10:45:52 GMT"},"fingerprint":{"sha1":"7F:DD:A7:40:50:71:F0:38:03:24:6B:ED:AE:66:F8:E4:4D:78:53:4F","sha256":"9B:71:B9:3D:83:AE:50:9F:8C:18:B2:21:54:7B:1E:5B:BC:91:50:04:B5:0E:E7:94:4F:C4:DA:47:D1:1C:74:BC"}}},"request":{"raw":"OPTIONS /api/Ad/getAdByTag?lang=vnm\u0026?t=1772887892175 HTTP/1.1\r\nHost: ayyvv.piaob.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://ypcyy.com/\r\nOrigin: https://ypcyy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:32 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":107,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"60244dc62970abe0d6979e11bf2f52bb","sha1":"9274032c9cb69f5e494cc2209b46bffb3938a728","sha256":"e6f5b8a0710cecc05e592c505e018d2aa4d0208aad08dc0dab6bf5610b6324f2","sha512":"2e447460b509c920dd5b40b2cea42f25f9533b8f7dcc6e2f0bf1c1081cc8583a99e9afed18155380c152dfed714cfc1bde19052806e63073d1dcdb64a66fe839","ssdeep":"","tlshash":"26b0124d26b076eb19835db74a7e8ddcadf06d80133444f430753324f94442ff852925","first_seen":"2026-03-05T22:30:26.108355Z","last_seen":"2026-04-27T14:48:12.714473Z","times_seen":10,"resource_available":false,"data":null}},"time_used":393,"timings":{"blocked":90,"dns":0,"connect":0,"send":0,"wait":303,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ypcyy.com/","fqdn":"ypcyy.com","domain":"ypcyy.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-07T12:51:28.596Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wxxhd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 14:53:19 GMT","end":"Sat, 11 Apr 2026 14:53:18 GMT"},"fingerprint":{"sha1":"A3:F4:B2:B1:94:95:40:36:D8:96:22:AE:8B:E0:CC:88:1A:C9:6C:55","sha256":"B2:5F:35:7F:A8:DA:BF:71:24:CA:46:9D:C5:47:C5:C7:94:ED:FB:95:06:0F:7D:E0:E6:44:BE:24:23:43:63:00"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ypcyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:29 GMT\r\ncontent-type: text/html\r\nlast-modified: Sun, 11 Jan 2026 14:01:27 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6963ad37-48b\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1163,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (509)","md5":"80825a03b23160f6147198c65c3cd3ec","sha1":"9c1f748c3dcbfaf53ccf65636a2b5ea2f7abe350","sha256":"d40be2ece5a0355351e8dbc1890e5dbf6da479b791a3df69b364d221bccfad12","sha512":"b5fca1e6f3ad774eeed4d524057c3c7d9b9c54622ef230c2cab61f23a91b4dd16a616f2fd7caf00b9e749805cdaeffb5b15bdb63ff9014a1f30df73d6f49a468","ssdeep":"","tlshash":"682130465c92d44e43101551a8bbf10e89a689b6ad21c8003cccbeec9fe1b9aca5fd6c","first_seen":"2026-03-05T22:30:26.093414Z","last_seen":"2026-04-27T14:48:12.705327Z","times_seen":12,"resource_available":true,"data":null}},"time_used":1255,"timings":{"blocked":503,"dns":6,"connect":243,"send":0,"wait":248,"receive":0,"ssl":252},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-07","alert":"Phishing Block","trigger":"ypcyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ayyvv.piaob.com/api/Index/getGoodsList?lang=vnm\u0026?t=1772887892177","fqdn":"ayyvv.piaob.com","domain":"piaob.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ypcyy.com/index.html","date":"2026-03-07T12:51:32.342Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pkpk66.piaob.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 10:45:53 GMT","end":"Sat, 11 Apr 2026 10:45:52 GMT"},"fingerprint":{"sha1":"7F:DD:A7:40:50:71:F0:38:03:24:6B:ED:AE:66:F8:E4:4D:78:53:4F","sha256":"9B:71:B9:3D:83:AE:50:9F:8C:18:B2:21:54:7B:1E:5B:BC:91:50:04:B5:0E:E7:94:4F:C4:DA:47:D1:1C:74:BC"}}},"request":{"raw":"OPTIONS /api/Index/getGoodsList?lang=vnm\u0026?t=1772887892177 HTTP/1.1\r\nHost: ayyvv.piaob.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://ypcyy.com/\r\nOrigin: https://ypcyy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:32 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":88,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"588f362f532081fd1430597942474d99","sha1":"d6f58b4daf534310ae52f85f3039c41d82c49fdb","sha256":"9d839d88761786200ed3c22a886eaf83257c684a9f5ee6bf5bf9eecbd1967ac8","sha512":"3d0fcc25ccf1de6a70bac85c134e0dd33636f7fd39cd72ea412ab2e6197e8ce55afe8a888593161b81f42983d027a7c31a48e53de949029135fd8382cfd022be","ssdeep":"","tlshash":"65b0126d0204a02518f655445818103c97d63910400a44b400ec813419240bdd106c8d","first_seen":"2024-01-15T04:52:00Z","last_seen":"2026-06-01T04:40:07.632943Z","times_seen":77,"resource_available":false,"data":null}},"time_used":561,"timings":{"blocked":80,"dns":0,"connect":0,"send":0,"wait":481,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ayyvv.piaob.com/api/Config/getConfig?lang=vnm\u0026?t=1772887892173","fqdn":"ayyvv.piaob.com","domain":"piaob.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ypcyy.com/index.html","date":"2026-03-07T12:51:32.896Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pkpk66.piaob.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 10:45:53 GMT","end":"Sat, 11 Apr 2026 10:45:52 GMT"},"fingerprint":{"sha1":"7F:DD:A7:40:50:71:F0:38:03:24:6B:ED:AE:66:F8:E4:4D:78:53:4F","sha256":"9B:71:B9:3D:83:AE:50:9F:8C:18:B2:21:54:7B:1E:5B:BC:91:50:04:B5:0E:E7:94:4F:C4:DA:47:D1:1C:74:BC"}}},"request":{"raw":"POST /api/Config/getConfig?lang=vnm\u0026?t=1772887892173 HTTP/1.1\r\nHost: ayyvv.piaob.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json;charset=utf-8\r\nContent-Length: 91\r\nOrigin: https://ypcyy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ypcyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":91,"data":"{\"api_token\":\"3048dbb796dfa67724fad70aefcba1a9\",\"client_id\":1,\"token\":\"\",\"device_token\":\"\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:32 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":142,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"e50e39a46f052e8c3b41e300d82b42c5","sha1":"96c2784ad168d8f5ba556013a443168fa24a4d7f","sha256":"44378e90a3ffa68bf78d242d29da105ec40883f6563094e139602964cd0196e8","sha512":"3f7b15e24e89c7981b671567f8503b621430eec30e4fe3ae76dd3a88329a72d14fdca9d73b0fdd80541b1ba553626f23faeafcd69b98ef863101a9e42b426802","ssdeep":"","tlshash":"dec02b542d35b575fa97f6c00aff0048cdf8a79500e431d232bcf0309098934241991b","first_seen":"2026-03-05T22:30:26.105145Z","last_seen":"2026-04-27T14:48:12.729881Z","times_seen":10,"resource_available":false,"data":null}},"time_used":269,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":269,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ayyvv.piaob.com/api/Index/getGoodsList?lang=vnm\u0026?t=1772887892177","fqdn":"ayyvv.piaob.com","domain":"piaob.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ypcyy.com/index.html","date":"2026-03-07T12:51:32.910Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pkpk66.piaob.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 10:45:53 GMT","end":"Sat, 11 Apr 2026 10:45:52 GMT"},"fingerprint":{"sha1":"7F:DD:A7:40:50:71:F0:38:03:24:6B:ED:AE:66:F8:E4:4D:78:53:4F","sha256":"9B:71:B9:3D:83:AE:50:9F:8C:18:B2:21:54:7B:1E:5B:BC:91:50:04:B5:0E:E7:94:4F:C4:DA:47:D1:1C:74:BC"}}},"request":{"raw":"POST /api/Index/getGoodsList?lang=vnm\u0026?t=1772887892177 HTTP/1.1\r\nHost: ayyvv.piaob.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json;charset=utf-8\r\nContent-Length: 100\r\nOrigin: https://ypcyy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ypcyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":100,"data":"{\"page\":1,\"api_token\":\"6d5e7f2475c781c00bb84002847f0449\",\"client_id\":1,\"token\":\"\",\"device_token\":\"\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:37 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3473,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"972b5a0d0ba009daeb38c30f10ef8c2b","sha1":"0e7d12e2438ece8ce265c0cc27ef556754eef14a","sha256":"1e1558cd928569fdbe42446ff292f9d8cff928f1d3014cd32cb61ece7c26d9c9","sha512":"55b85fa8c7fa984eb41fadf7ed4b54af0f660376400e82e11afd23df7c57814693f6fa9a42cc56b71bcd5a6f3e3aae31ccd0178281d2f2e61cdb96465e0f73e8","ssdeep":"","tlshash":"246145f91aaa5df5a73b028098ef31a9c8da10474dc0df1b77ec5c06535e1be0659837","first_seen":"2026-03-07T12:51:57.759001Z","last_seen":"2026-03-07T12:51:57.759001Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5033,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5033,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ayyvv.piaob.com/api/NavMenu/getMenuList?lang=vnm\u0026?t=1772887892177","fqdn":"ayyvv.piaob.com","domain":"piaob.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ypcyy.com/index.html","date":"2026-03-07T12:51:32.951Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pkpk66.piaob.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 10:45:53 GMT","end":"Sat, 11 Apr 2026 10:45:52 GMT"},"fingerprint":{"sha1":"7F:DD:A7:40:50:71:F0:38:03:24:6B:ED:AE:66:F8:E4:4D:78:53:4F","sha256":"9B:71:B9:3D:83:AE:50:9F:8C:18:B2:21:54:7B:1E:5B:BC:91:50:04:B5:0E:E7:94:4F:C4:DA:47:D1:1C:74:BC"}}},"request":{"raw":"POST /api/NavMenu/getMenuList?lang=vnm\u0026?t=1772887892177 HTTP/1.1\r\nHost: ayyvv.piaob.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json;charset=utf-8\r\nContent-Length: 91\r\nOrigin: https://ypcyy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ypcyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":91,"data":"{\"api_token\":\"affc055d48fd6303e3e6c89585b09b8a\",\"client_id\":1,\"token\":\"\",\"device_token\":\"\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:33 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1124,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"6f8b02a51df02347640fa4522512e45b","sha1":"35c8d9d05f6e0ac3c83a0dbe26136982f92dee11","sha256":"984bca8dd4ee6cc8dd68dfc8fbe7c2f391d6a78e3afc373d667991085db9bd2c","sha512":"41748c27931bfbd0e5a100738ac89c6f90395c5074995972410538f0b3e03dc2b8e149559c491e06c4f55a12254c80cfb213ed1ef1b5725c39e033acb3cbb586","ssdeep":"","tlshash":"ab21beac2098ddbbd3a471d058f7587d84f22546cf980dca76f7701b841915a52bbd32","first_seen":"2026-03-05T22:30:26.112247Z","last_seen":"2026-04-27T14:48:12.814681Z","times_seen":10,"resource_available":false,"data":null}},"time_used":274,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":274,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ayyvv.piaob.com/api/Shops/getRecommendShops?lang=vnm\u0026?t=1772887892176","fqdn":"ayyvv.piaob.com","domain":"piaob.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ypcyy.com/index.html","date":"2026-03-07T12:51:32.339Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pkpk66.piaob.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 10:45:53 GMT","end":"Sat, 11 Apr 2026 10:45:52 GMT"},"fingerprint":{"sha1":"7F:DD:A7:40:50:71:F0:38:03:24:6B:ED:AE:66:F8:E4:4D:78:53:4F","sha256":"9B:71:B9:3D:83:AE:50:9F:8C:18:B2:21:54:7B:1E:5B:BC:91:50:04:B5:0E:E7:94:4F:C4:DA:47:D1:1C:74:BC"}}},"request":{"raw":"OPTIONS /api/Shops/getRecommendShops?lang=vnm\u0026?t=1772887892176 HTTP/1.1\r\nHost: ayyvv.piaob.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://ypcyy.com/\r\nOrigin: https://ypcyy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:32 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":88,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"588f362f532081fd1430597942474d99","sha1":"d6f58b4daf534310ae52f85f3039c41d82c49fdb","sha256":"9d839d88761786200ed3c22a886eaf83257c684a9f5ee6bf5bf9eecbd1967ac8","sha512":"3d0fcc25ccf1de6a70bac85c134e0dd33636f7fd39cd72ea412ab2e6197e8ce55afe8a888593161b81f42983d027a7c31a48e53de949029135fd8382cfd022be","ssdeep":"","tlshash":"65b0126d0204a02518f655445818103c97d63910400a44b400ec813419240bdd106c8d","first_seen":"2024-01-15T04:52:00Z","last_seen":"2026-06-01T04:40:07.632943Z","times_seen":77,"resource_available":false,"data":null}},"time_used":387,"timings":{"blocked":83,"dns":0,"connect":0,"send":0,"wait":304,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ypcyy.com/index.html","fqdn":"ypcyy.com","domain":"ypcyy.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://ypcyy.com/pc.html","date":"2026-03-07T12:51:29.787Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wxxhd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 14:53:19 GMT","end":"Sat, 11 Apr 2026 14:53:18 GMT"},"fingerprint":{"sha1":"A3:F4:B2:B1:94:95:40:36:D8:96:22:AE:8B:E0:CC:88:1A:C9:6C:55","sha256":"B2:5F:35:7F:A8:DA:BF:71:24:CA:46:9D:C5:47:C5:C7:94:ED:FB:95:06:0F:7D:E0:E6:44:BE:24:23:43:63:00"}}},"request":{"raw":"GET /index.html HTTP/1.1\r\nHost: ypcyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ypcyy.com/pc.html\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:29 GMT\r\ncontent-type: text/html\r\nlast-modified: Sun, 11 Jan 2026 14:01:27 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6963ad37-48b\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1163,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (509)","md5":"80825a03b23160f6147198c65c3cd3ec","sha1":"9c1f748c3dcbfaf53ccf65636a2b5ea2f7abe350","sha256":"d40be2ece5a0355351e8dbc1890e5dbf6da479b791a3df69b364d221bccfad12","sha512":"b5fca1e6f3ad774eeed4d524057c3c7d9b9c54622ef230c2cab61f23a91b4dd16a616f2fd7caf00b9e749805cdaeffb5b15bdb63ff9014a1f30df73d6f49a468","ssdeep":"","tlshash":"682130465c92d44e43101551a8bbf10e89a689b6ad21c8003cccbeec9fe1b9aca5fd6c","first_seen":"2026-03-05T22:30:26.093414Z","last_seen":"2026-04-27T14:48:12.705327Z","times_seen":12,"resource_available":true,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-07","alert":"Phishing Block","trigger":"ypcyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ayyvv.piaob.com/api/NavMenu/getMenuList?lang=vnm\u0026?t=1772887892177","fqdn":"ayyvv.piaob.com","domain":"piaob.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ypcyy.com/index.html","date":"2026-03-07T12:51:32.346Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pkpk66.piaob.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 10:45:53 GMT","end":"Sat, 11 Apr 2026 10:45:52 GMT"},"fingerprint":{"sha1":"7F:DD:A7:40:50:71:F0:38:03:24:6B:ED:AE:66:F8:E4:4D:78:53:4F","sha256":"9B:71:B9:3D:83:AE:50:9F:8C:18:B2:21:54:7B:1E:5B:BC:91:50:04:B5:0E:E7:94:4F:C4:DA:47:D1:1C:74:BC"}}},"request":{"raw":"OPTIONS /api/NavMenu/getMenuList?lang=vnm\u0026?t=1772887892177 HTTP/1.1\r\nHost: ayyvv.piaob.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://ypcyy.com/\r\nOrigin: https://ypcyy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:32 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":67,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"c4020558c51858b42e42f3daf78d5e25","sha1":"144f956c6b59f829b7538bc52d3825b3e411314b","sha256":"64732a1430acc4e88a809be688b01214f3b76fe49d7f582b81718bd7f1872e30","sha512":"b948c728af07352b483ccc59daf9d862e6b793aaf26ca3c5230723e567361be206c39a700217a9982a60e8f7ae08f7b4905c07117b7a45471c9b8a072cdb4021","ssdeep":"","tlshash":"8da002092900f5136d91dc58126d41766ff3bb85852f0de8048e96754e2d8eca24971e","first_seen":"2024-04-19T18:06:58Z","last_seen":"2026-06-01T04:40:07.670267Z","times_seen":108,"resource_available":false,"data":null}},"time_used":602,"timings":{"blocked":76,"dns":0,"connect":0,"send":0,"wait":526,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.dcloud.net.cn/img/shadow-grey.png","fqdn":"cdn.dcloud.net.cn","domain":"dcloud.net.cn","tld":"net.cn"},"ip":{"addr":"111.231.169.247","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ypcyy.com/index.html","date":"2026-03-07T12:51:33.569Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.dcloud.net.cn","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 26 Aug 2025 11:47:17 GMT","end":"Fri, 25 Sep 2026 11:47:16 GMT"},"fingerprint":{"sha1":"47:A7:6C:09:6B:1D:CA:2D:7D:39:2E:C1:7F:15:DE:5D:F2:C4:0F:77","sha256":"EA:73:37:83:D0:38:44:D9:3C:0B:26:F0:DD:D1:22:2F:36:F7:F2:86:A1:B0:58:52:DE:4E:0A:21:D6:89:E7:3E"}}},"request":{"raw":"GET /img/shadow-grey.png HTTP/1.1\r\nHost: cdn.dcloud.net.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ypcyy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:34 GMT\r\ncontent-type: image/png\r\ncontent-length: 136\r\nlast-modified: Thu, 06 Jun 2019 06:42:07 GMT\r\netag: \"5cf8b5bf-88\"\r\nexpires: Sat, 07 Mar 2026 15:51:34 GMT\r\ncache-control: max-age=10800\r\nset-cookie: __uni__uid=rBEQUmmsH1YWP8UpA7aPAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dcloud.net.cn; path=/; secure; httponly; samesite=none\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":136,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1 x 6, 4-bit colormap, non-interlaced","md5":"5a962adf74d92ae702467b3f47976547","sha1":"36f74049375584e3fa69b5ef87e9572336ff9e7a","sha256":"ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f","sha512":"4ace23fe7ec6c7271710030fd423aace13eafac68ac3e76366ce4ce9bdc702caf71c9bdc2fb6a32c8e9791546098617cc0259decd8bb8489afdbce43e1b53a73","ssdeep":"","tlshash":"47c09bf3a615dc754a0d153b42e98271f429511e07046d0e5a13c216741e3448d56793","first_seen":"2023-04-15T10:50:30Z","last_seen":"2026-06-08T02:01:06.914299Z","times_seen":16211,"resource_available":false,"data":null}},"time_used":1552,"timings":{"blocked":643,"dns":37,"connect":266,"send":0,"wait":266,"receive":0,"ssl":336},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ypcyy.com/h5/static/images/tabbar/category.png","fqdn":"ypcyy.com","domain":"ypcyy.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ypcyy.com/index.html","date":"2026-03-07T12:51:31.872Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wxxhd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 14:53:19 GMT","end":"Sat, 11 Apr 2026 14:53:18 GMT"},"fingerprint":{"sha1":"A3:F4:B2:B1:94:95:40:36:D8:96:22:AE:8B:E0:CC:88:1A:C9:6C:55","sha256":"B2:5F:35:7F:A8:DA:BF:71:24:CA:46:9D:C5:47:C5:C7:94:ED:FB:95:06:0F:7D:E0:E6:44:BE:24:23:43:63:00"}}},"request":{"raw":"GET /h5/static/images/tabbar/category.png HTTP/1.1\r\nHost: ypcyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ypcyy.com/index.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:31 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 11 Jan 2026 13:56:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6963ac16-750\"\r\nexpires: Mon, 06 Apr 2026 12:51:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1872,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 96, 8-bit colormap, non-interlaced","md5":"c4de8d31ca284ce6a9d306aa5ed1a2f7","sha1":"583fe3006f6f540c5ee3e98897398ea6fc916f36","sha256":"cf8fdf312634504b333135a3817d646bce8c27688cbf33e5c3bb444f1c11d7f5","sha512":"1003d342d652a875fec3ae7aaf9086593fe1a8d45778ca1fb02caa23e357f81f581c691d184159a4bc56f9f035b88b7fdfd6e80e7e44a25b5ec61b6299a31249","ssdeep":"","tlshash":"703162ad32e88c2d97f8f0bad7e3ac14e41f3b9209e16c8060357eb16923b168757009","first_seen":"2023-07-21T16:15:40Z","last_seen":"2026-04-27T14:48:12.747888Z","times_seen":105,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-07","alert":"Phishing Block","trigger":"ypcyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ypcyy.com/h5/static/images/icon-chat.png","fqdn":"ypcyy.com","domain":"ypcyy.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ypcyy.com/index.html","date":"2026-03-07T12:51:32.270Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wxxhd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 14:53:19 GMT","end":"Sat, 11 Apr 2026 14:53:18 GMT"},"fingerprint":{"sha1":"A3:F4:B2:B1:94:95:40:36:D8:96:22:AE:8B:E0:CC:88:1A:C9:6C:55","sha256":"B2:5F:35:7F:A8:DA:BF:71:24:CA:46:9D:C5:47:C5:C7:94:ED:FB:95:06:0F:7D:E0:E6:44:BE:24:23:43:63:00"}}},"request":{"raw":"GET /h5/static/images/icon-chat.png HTTP/1.1\r\nHost: ypcyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ypcyy.com/index.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:32 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 11 Jan 2026 13:56:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6963ac16-57a\"\r\nexpires: Mon, 06 Apr 2026 12:51:32 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1402,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"4431c92c5ad29600a121debe93052df0","sha1":"9fa703fcd2f9953d2e4461fdafe3cfe83c8c56f3","sha256":"40bfa38a73b97c255bf552445a2ba381dc52f23997ec9d407bd150e67d741754","sha512":"8ef3a866e6493fa0f30023bc17c1f197a77df12ebfe387a9fa7364e15659308963e0a3f57c56efeebd020a1bcf8d8c6124c782f99f427b14e7fd9e09c38e1d0b","ssdeep":"","tlshash":"b921d6ebc6e13e2cf91f4d5591e4ffe6e81e14052e395201a30602a8cb96f64dc9c62a","first_seen":"2023-07-21T16:15:40Z","last_seen":"2026-04-27T14:48:12.852824Z","times_seen":58,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-07","alert":"Phishing Block","trigger":"ypcyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ayyvv.piaob.com/api/Raffle/getPluginInfo?lang=vnm\u0026?t=1772887892172","fqdn":"ayyvv.piaob.com","domain":"piaob.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ypcyy.com/index.html","date":"2026-03-07T12:51:32.319Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pkpk66.piaob.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 10:45:53 GMT","end":"Sat, 11 Apr 2026 10:45:52 GMT"},"fingerprint":{"sha1":"7F:DD:A7:40:50:71:F0:38:03:24:6B:ED:AE:66:F8:E4:4D:78:53:4F","sha256":"9B:71:B9:3D:83:AE:50:9F:8C:18:B2:21:54:7B:1E:5B:BC:91:50:04:B5:0E:E7:94:4F:C4:DA:47:D1:1C:74:BC"}}},"request":{"raw":"OPTIONS /api/Raffle/getPluginInfo?lang=vnm\u0026?t=1772887892172 HTTP/1.1\r\nHost: ayyvv.piaob.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://ypcyy.com/\r\nOrigin: https://ypcyy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:32 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":80,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"ab47183bb7d9cbd7c9cd551da9da0e84","sha1":"184c6c9f5fd4b507270dc987a50c5c6ced6a8828","sha256":"537bacee569c073c8e51f56d9a014038d8586ee4a465e6b8d74fc7b6609a6806","sha512":"77d3aca962e2265d12c5176e0ad62a42af12ef1dc5f251c209e8874271c4967162f4a63dd287a15ee29de864096fb1b2762c2efc50349b3f73a38c05c085daf3","ssdeep":"","tlshash":"e3a012441d103085b40286810abe0104dde42490001541d000945830b59a5784812914","first_seen":"2026-03-05T22:30:26.100941Z","last_seen":"2026-04-27T14:48:12.682133Z","times_seen":10,"resource_available":false,"data":null}},"time_used":407,"timings":{"blocked":102,"dns":0,"connect":0,"send":0,"wait":305,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ayyvv.piaob.com/api/Index/getIndexShowcase?lang=vnm\u0026?t=1772887892176","fqdn":"ayyvv.piaob.com","domain":"piaob.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ypcyy.com/index.html","date":"2026-03-07T12:51:32.337Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pkpk66.piaob.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 10:45:53 GMT","end":"Sat, 11 Apr 2026 10:45:52 GMT"},"fingerprint":{"sha1":"7F:DD:A7:40:50:71:F0:38:03:24:6B:ED:AE:66:F8:E4:4D:78:53:4F","sha256":"9B:71:B9:3D:83:AE:50:9F:8C:18:B2:21:54:7B:1E:5B:BC:91:50:04:B5:0E:E7:94:4F:C4:DA:47:D1:1C:74:BC"}}},"request":{"raw":"OPTIONS /api/Index/getIndexShowcase?lang=vnm\u0026?t=1772887892176 HTTP/1.1\r\nHost: ayyvv.piaob.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://ypcyy.com/\r\nOrigin: https://ypcyy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:32 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":88,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"588f362f532081fd1430597942474d99","sha1":"d6f58b4daf534310ae52f85f3039c41d82c49fdb","sha256":"9d839d88761786200ed3c22a886eaf83257c684a9f5ee6bf5bf9eecbd1967ac8","sha512":"3d0fcc25ccf1de6a70bac85c134e0dd33636f7fd39cd72ea412ab2e6197e8ce55afe8a888593161b81f42983d027a7c31a48e53de949029135fd8382cfd022be","ssdeep":"","tlshash":"65b0126d0204a02518f655445818103c97d63910400a44b400ec813419240bdd106c8d","first_seen":"2024-01-15T04:52:00Z","last_seen":"2026-06-01T04:40:07.632943Z","times_seen":77,"resource_available":false,"data":null}},"time_used":387,"timings":{"blocked":84,"dns":0,"connect":0,"send":0,"wait":303,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ypcyy.com/h5/static/images/tabbar/personal.png","fqdn":"ypcyy.com","domain":"ypcyy.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ypcyy.com/index.html","date":"2026-03-07T12:51:31.875Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wxxhd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 14:53:19 GMT","end":"Sat, 11 Apr 2026 14:53:18 GMT"},"fingerprint":{"sha1":"A3:F4:B2:B1:94:95:40:36:D8:96:22:AE:8B:E0:CC:88:1A:C9:6C:55","sha256":"B2:5F:35:7F:A8:DA:BF:71:24:CA:46:9D:C5:47:C5:C7:94:ED:FB:95:06:0F:7D:E0:E6:44:BE:24:23:43:63:00"}}},"request":{"raw":"GET /h5/static/images/tabbar/personal.png HTTP/1.1\r\nHost: ypcyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ypcyy.com/index.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:31 GMT\r\ncontent-type: image/png\r\ncontent-length: 902\r\nlast-modified: Sun, 11 Jan 2026 13:56:38 GMT\r\netag: \"6963ac16-386\"\r\nexpires: Mon, 06 Apr 2026 12:51:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":902,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 96, 4-bit colormap, non-interlaced","md5":"f182a443e2c66fe069755423207eb6e7","sha1":"26048ca9210ae0b56f5141d10ec77f6c3fae1f2a","sha256":"62e1850bb1f34008190c980c84500c371e6d48f6c49ed23d1620e8acdfb07fed","sha512":"69101511cd66693c0025a17fdf6dd347e12b6e9b07a8f6e29e30bab363c116175cb2da8da841623b2b110b62f52f194b6baa1c46f42e6a308a34d59edf5fe8ff","ssdeep":"","tlshash":"3d11e65e2d0058a8d1e7136d93408becae3aac1caa1558cc741085f28c372f4ddcbfe4","first_seen":"2023-07-21T16:15:40Z","last_seen":"2026-05-31T22:12:36.458527Z","times_seen":138,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-07","alert":"Phishing Block","trigger":"ypcyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ayyvv.piaob.com/api/Index/getIndexShowcase?lang=vnm\u0026?t=1772887892176","fqdn":"ayyvv.piaob.com","domain":"piaob.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ypcyy.com/index.html","date":"2026-03-07T12:51:32.898Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pkpk66.piaob.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 10:45:53 GMT","end":"Sat, 11 Apr 2026 10:45:52 GMT"},"fingerprint":{"sha1":"7F:DD:A7:40:50:71:F0:38:03:24:6B:ED:AE:66:F8:E4:4D:78:53:4F","sha256":"9B:71:B9:3D:83:AE:50:9F:8C:18:B2:21:54:7B:1E:5B:BC:91:50:04:B5:0E:E7:94:4F:C4:DA:47:D1:1C:74:BC"}}},"request":{"raw":"POST /api/Index/getIndexShowcase?lang=vnm\u0026?t=1772887892176 HTTP/1.1\r\nHost: ayyvv.piaob.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json;charset=utf-8\r\nContent-Length: 91\r\nOrigin: https://ypcyy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ypcyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":91,"data":"{\"api_token\":\"3045cf1646580932e23721ba738f07ed\",\"client_id\":1,\"token\":\"\",\"device_token\":\"\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:33 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4268,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"c81e7e526e4a7bf637aa2c68eb914c1a","sha1":"38cc1a6fecb824c4fba050a5a3ba8315cedac15a","sha256":"44d7987ac2e5e21aa28743d627098f2238ecf2f32b4a835ec9878c9ca0cf1b29","sha512":"3ec6c8e5090fa3c1c1193a11f97fd392aaa35417586af249d0845f5c3c53c18efe1806ab793eb3dc2b1d09741473bd972e2c9e4342e4b3c4050829bfd593aab5","ssdeep":"96:IwtiR5fL6ChAhsbgQJXS0NR3s9JUcWuf2j5AZ:IwIR5fWkx9sHUcWuf2jaZ","tlshash":"4d9193e2760898ffef5587409c9671ec5ef2680792c44d961ffeb61a720d0ed5268073","first_seen":"2026-03-05T22:30:26.123658Z","last_seen":"2026-03-23T01:48:46.487862Z","times_seen":7,"resource_available":false,"data":null}},"time_used":366,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":366,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ypcyy.com/h5/static/js/chunk-vendors.57d402ed.js","fqdn":"ypcyy.com","domain":"ypcyy.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ypcyy.com/index.html","date":"2026-03-07T12:51:30.043Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wxxhd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 14:53:19 GMT","end":"Sat, 11 Apr 2026 14:53:18 GMT"},"fingerprint":{"sha1":"A3:F4:B2:B1:94:95:40:36:D8:96:22:AE:8B:E0:CC:88:1A:C9:6C:55","sha256":"B2:5F:35:7F:A8:DA:BF:71:24:CA:46:9D:C5:47:C5:C7:94:ED:FB:95:06:0F:7D:E0:E6:44:BE:24:23:43:63:00"}}},"request":{"raw":"GET /h5/static/js/chunk-vendors.57d402ed.js HTTP/1.1\r\nHost: ypcyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ypcyy.com/index.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:30 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 11 Jan 2026 13:56:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6963ac16-bd119\"\r\nexpires: Sun, 08 Mar 2026 00:51:30 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":774425,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65527), with no line terminators","md5":"999d224b01d54e422fbd9aca67d13e9b","sha1":"5ecf8aacea3189316be4a828b295424c5b99665a","sha256":"669cc077e15fd3a6eb3cfd6a99905d87bbd43d60f09663ec5c493b7a61c6c0e7","sha512":"e945cb622e7c24a8c7739969bf828333827f592767db037a8d7fdf2295d2d5e455200cac18cbc87ef60f45198fea6cbb51dd6372279bb9ed1c5580ec707737e8","ssdeep":"6144:wI+n9WCHQmqzifgpPjXxhzqiZckyUp6IBpggYTq5V61Q3sqGhJqfY1:SnW7zi+4knrgVq5g1Jqfg","tlshash":"41f4089cb281b0a607e760f5003f220ba13b6968b40ae4d5f2b5e5d56e7dd8e5127f3c","first_seen":"2026-03-05T22:30:26.086649Z","last_seen":"2026-04-27T14:48:12.734344Z","times_seen":10,"resource_available":true,"data":null}},"time_used":730,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":730,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-07","alert":"Phishing Block","trigger":"ypcyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ypcyy.com/h5/static/js/pages-tabBar-cart~pages-tabBar-find~pages-tabBar-home~pages-tabBar-my~pagesB-comment-addGoodsComment~ecf31bf2.da0a11cf.js","fqdn":"ypcyy.com","domain":"ypcyy.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ypcyy.com/index.html","date":"2026-03-07T12:51:31.850Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wxxhd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 14:53:19 GMT","end":"Sat, 11 Apr 2026 14:53:18 GMT"},"fingerprint":{"sha1":"A3:F4:B2:B1:94:95:40:36:D8:96:22:AE:8B:E0:CC:88:1A:C9:6C:55","sha256":"B2:5F:35:7F:A8:DA:BF:71:24:CA:46:9D:C5:47:C5:C7:94:ED:FB:95:06:0F:7D:E0:E6:44:BE:24:23:43:63:00"}}},"request":{"raw":"GET /h5/static/js/pages-tabBar-cart~pages-tabBar-find~pages-tabBar-home~pages-tabBar-my~pagesB-comment-addGoodsComment~ecf31bf2.da0a11cf.js HTTP/1.1\r\nHost: ypcyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ypcyy.com/index.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:31 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 11 Jan 2026 13:56:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6963ac16-dd2e\"\r\nexpires: Sun, 08 Mar 2026 00:51:31 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":56622,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (56009), with no line terminators","md5":"7a11436cd5564586942f9dcbbba83ece","sha1":"d697d85d00c5ed8be45212b6ec0ff1d591f77fa3","sha256":"ef14b266904acb32995ea4aeec6962fcaab03fd3eb3e3fd8ea545090e60000e7","sha512":"3e56125d20c53f43106dcdb5f0f160b5d8e892bb3f187a94cb8370ba63aaa9cebb2233da1d9fc84f8316e01576dbe7fc66160f21ed75f475f983955c4eb86654","ssdeep":"1536:9F+LG7sYId0FHoMqu7NdEAaM2Ol51hwJX2RcJZHYpN7xCIx/+eJF4cL3nnisGQay:9ML0sp0NVr7fnaMj51hwJX2RcJZHYpNJ","tlshash":"b643f9e6e10c1cd13f7bc88f6340235f6549ff66d8968cc8f166564c8ce27a121a9b3a","first_seen":"2026-03-05T22:30:26.133011Z","last_seen":"2026-04-27T14:48:12.844126Z","times_seen":10,"resource_available":true,"data":null}},"time_used":245,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":245,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-07","alert":"Phishing Block","trigger":"ypcyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ypcyy.com/h5/static/images/tabbar/home_active.png","fqdn":"ypcyy.com","domain":"ypcyy.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ypcyy.com/index.html","date":"2026-03-07T12:51:31.867Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wxxhd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 14:53:19 GMT","end":"Sat, 11 Apr 2026 14:53:18 GMT"},"fingerprint":{"sha1":"A3:F4:B2:B1:94:95:40:36:D8:96:22:AE:8B:E0:CC:88:1A:C9:6C:55","sha256":"B2:5F:35:7F:A8:DA:BF:71:24:CA:46:9D:C5:47:C5:C7:94:ED:FB:95:06:0F:7D:E0:E6:44:BE:24:23:43:63:00"}}},"request":{"raw":"GET /h5/static/images/tabbar/home_active.png HTTP/1.1\r\nHost: ypcyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ypcyy.com/index.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:31 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 11 Jan 2026 13:56:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6963ac16-501\"\r\nexpires: Mon, 06 Apr 2026 12:51:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1281,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 96, 8-bit colormap, non-interlaced","md5":"c7670309f364da66bc0efe6f55926fdf","sha1":"0ced8841cd2b7e57cf3dddd1788106e0d5a99013","sha256":"1fd7ca29f3eff6bfcec02633be23b6a65cf2c2ebfe0dcf8373f83e18414d7e47","sha512":"62782c2cfb98247890a2fc7687a268bd7c629a96b1aec6891e590076a7ecd4aefb7fab99f48f991de961237ca7e62da2ce48719d5b7ef00775704835609d5632","ssdeep":"","tlshash":"e2211aa6442708dac29e1646e2990597e407ee5c40ca432d556c2c7fc39f52dd07efdf","first_seen":"2023-07-21T16:15:40Z","last_seen":"2026-04-27T14:48:12.788117Z","times_seen":103,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-07","alert":"Phishing Block","trigger":"ypcyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ypcyy.com/h5/static/images/icon-translation.png","fqdn":"ypcyy.com","domain":"ypcyy.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ypcyy.com/index.html","date":"2026-03-07T12:51:32.271Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wxxhd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 14:53:19 GMT","end":"Sat, 11 Apr 2026 14:53:18 GMT"},"fingerprint":{"sha1":"A3:F4:B2:B1:94:95:40:36:D8:96:22:AE:8B:E0:CC:88:1A:C9:6C:55","sha256":"B2:5F:35:7F:A8:DA:BF:71:24:CA:46:9D:C5:47:C5:C7:94:ED:FB:95:06:0F:7D:E0:E6:44:BE:24:23:43:63:00"}}},"request":{"raw":"GET /h5/static/images/icon-translation.png HTTP/1.1\r\nHost: ypcyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ypcyy.com/index.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:32 GMT\r\ncontent-type: image/png\r\ncontent-length: 763\r\nlast-modified: Sun, 11 Jan 2026 13:56:38 GMT\r\netag: \"6963ac16-2fb\"\r\nexpires: Mon, 06 Apr 2026 12:51:32 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":763,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"ffaab3633e02f0d2c11a6389f29fe3f0","sha1":"46de0c308792ea91dc02063ed6727270beba4662","sha256":"5704d46e0ff6e9884ac28472dcca629353118c1c302991ef35ffea028aac5418","sha512":"1fcf88743b508b4dcab3a017aea371e18cb084226b2b0e5933b660f1819309403ac78cbfda40f4c69fb514f2933b4b9bd5627dfbb28da7a2a7e0d2db8e57ca53","ssdeep":"","tlshash":"0a0170a310181dc2a88e8bd5b8a6b427d5a362844c8e112a1806caf99c24bd239d8c0f","first_seen":"2023-07-21T16:15:40Z","last_seen":"2026-04-27T14:48:12.709014Z","times_seen":53,"resource_available":false,"data":null}},"time_used":250,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-07","alert":"Phishing Block","trigger":"ypcyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ayyvv.piaob.com/api/Config/getConfig?lang=vnm\u0026?t=1772887892178","fqdn":"ayyvv.piaob.com","domain":"piaob.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ypcyy.com/index.html","date":"2026-03-07T12:51:32.943Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pkpk66.piaob.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 10:45:53 GMT","end":"Sat, 11 Apr 2026 10:45:52 GMT"},"fingerprint":{"sha1":"7F:DD:A7:40:50:71:F0:38:03:24:6B:ED:AE:66:F8:E4:4D:78:53:4F","sha256":"9B:71:B9:3D:83:AE:50:9F:8C:18:B2:21:54:7B:1E:5B:BC:91:50:04:B5:0E:E7:94:4F:C4:DA:47:D1:1C:74:BC"}}},"request":{"raw":"POST /api/Config/getConfig?lang=vnm\u0026?t=1772887892178 HTTP/1.1\r\nHost: ayyvv.piaob.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json;charset=utf-8\r\nContent-Length: 91\r\nOrigin: https://ypcyy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ypcyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":91,"data":"{\"api_token\":\"3048dbb796dfa67724fad70aefcba1a9\",\"client_id\":1,\"token\":\"\",\"device_token\":\"\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:33 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":142,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"e50e39a46f052e8c3b41e300d82b42c5","sha1":"96c2784ad168d8f5ba556013a443168fa24a4d7f","sha256":"44378e90a3ffa68bf78d242d29da105ec40883f6563094e139602964cd0196e8","sha512":"3f7b15e24e89c7981b671567f8503b621430eec30e4fe3ae76dd3a88329a72d14fdca9d73b0fdd80541b1ba553626f23faeafcd69b98ef863101a9e42b426802","ssdeep":"","tlshash":"dec02b542d35b575fa97f6c00aff0048cdf8a79500e431d232bcf0309098934241991b","first_seen":"2026-03-05T22:30:26.105145Z","last_seen":"2026-04-27T14:48:12.729881Z","times_seen":10,"resource_available":false,"data":null}},"time_used":269,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":269,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ypcyy.com/h5/static/index.ed4a2d2b.css","fqdn":"ypcyy.com","domain":"ypcyy.com","tld":"com"},"ip":{"addr":"103.87.243.221","port":443,"asn":135581,"as":"19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ypcyy.com/index.html","date":"2026-03-07T12:51:30.041Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wxxhd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 14:53:19 GMT","end":"Sat, 11 Apr 2026 14:53:18 GMT"},"fingerprint":{"sha1":"A3:F4:B2:B1:94:95:40:36:D8:96:22:AE:8B:E0:CC:88:1A:C9:6C:55","sha256":"B2:5F:35:7F:A8:DA:BF:71:24:CA:46:9D:C5:47:C5:C7:94:ED:FB:95:06:0F:7D:E0:E6:44:BE:24:23:43:63:00"}}},"request":{"raw":"GET /h5/static/index.ed4a2d2b.css HTTP/1.1\r\nHost: ypcyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ypcyy.com/index.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 12:51:30 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 11 Jan 2026 13:56:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6963ac16-1794e\"\r\nexpires: Sun, 08 Mar 2026 00:51:30 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":96590,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"d2c05a28c7f2113821d909b7b5b918a3","sha1":"ccac94311f6ac6f580b64f47f7705318f1d226a3","sha256":"695bdbeea38a126c139158967cdd4f3a435e9936b9dff5b002e5f20a10fc7907","sha512":"3b96fbd1a89be8ae0b7479705cd4a2958ffe7f2f3f57ec23f407ad51ed8b447b9960728d77502e8fd8b2b19bf0971682030117559df250ea11c9bc1802364c3c","ssdeep":"1536:qlIApuK7hmVmb2RS1Wu3xdynGJ7eh/nrhlvbc:hApuK7hmVrS1Wu3iG41nrPI","tlshash":"4493f73719012e39e52bcd26b6c1ab5a1e61c033e15307adfba47628cbcf9c9167b345","first_seen":"2025-10-16T12:28:28.877032Z","last_seen":"2026-06-07T20:08:58.141306Z","times_seen":1233,"resource_available":false,"data":null}},"time_used":489,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":489,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ypcyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-07","alert":"Phishing Block","trigger":"ypcyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}