{"report_id":"f94871a6-aa20-411b-a81b-8c890bfd490d","version":6,"status":"done","tags":[],"date":"2026-03-07T07:55:36Z","url":{"schema":"http","addr":"llw.brjy6.lat/s/%E5%A5%B4.html","fqdn":"llw.brjy6.lat","domain":"brjy6.lat","tld":"lat"},"ip":{"addr":"154.21.90.73","port":0,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"llw.brjy6.lat/s/%E5%A5%B4.html","fqdn":"llw.brjy6.lat","domain":"brjy6.lat","tld":"lat"},"title":"奴_搜索_第1页 - 爆乳骄阳","dom":{"size":8518,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (6130)","md5":"469b04d0c83f700daa0c989db397c622","sha1":"b927afeea4d99341f7e99b56c89e4d9a60d55389","sha256":"e1d5d35a167c2718c68e41ae701d26d9457c5364a2b23e61f24eb71293030926","sha512":"c00182cc415bdf2310efbbd192c33d9e47a0cc56b9c4b24f8903baa796865c15e4c0abce12d658081891650d5925ebff82cd054fea61b006f9a189f73eaecf67","ssdeep":"192:z92pwHm2y82vfgT8ICZOW4hpnw780Y1Iep0gvCnGydYJnjlFe:FWQV6epLvCUji","tlshash":"d2027712368a742f612b95a8b691f33ca53713a4db550f2434ac7dabcf86f440256f8f","dom_hash":"domhash078c6f749cef9b9d3ffc4f442b36d5c4","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"llw.brjy6.lat/s/%E5%A5%B4.html","fqdn":"llw.brjy6.lat","domain":"brjy6.lat","tld":"lat"},"ip":{"addr":"154.21.90.73","port":0,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-11T07:55:36Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"llw.brjy6.lat","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"llw.brjy6.lat","ip":{"addr":"154.21.91.33","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"domain_registered":"2026-02-19","domain_rank":0,"first_seen":"2026-03-07T05:02:03.113306Z","last_seen":"2026-03-07T05:02:03.113306Z","alert_count":11,"request_count":11,"received_data":141650,"sent_data":5651,"comment":"","tags":null,"fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"llw.brjy6.lat/abc/fixed_ui_630cbd.js","fqdn":"llw.brjy6.lat","domain":"brjy6.lat","tld":"lat"},"ip":{"addr":"154.21.91.33","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"47e19168047029672b065934831bac4c","sha1":"60d3ab6ce96048f4d50d9401f3160dd8deb4c6eb","sha256":"806f40f4a8974868d8057ef00e789730027c0046e135a710b7cf8da581e2582e","sha512":"e402886373811ccc534fae10a3986369202f1190ec4f11114c8120d98cfb34d12a3fb53554e5bb6048f72a1115bd30a8f8e83105f6a0d4e385a44d1d846a767f","ssdeep":"96:UYrFraN8XyMwEwxg2y82EefEbTzg2VCubJkiTzoP5VYb5G6JS/lWrNJyKsKQmX:rBzwHm2y82vfgT8ICubJy5VGGg+gbOlS","tlshash":"90b1805f79e33196892330b48fff14083a365013920edd907c0d91a4afa9bd86672fe9","size":5591,"data":"","first_seen":"2026-03-07T07:42:36.977677Z","last_seen":"2026-03-07T07:55:38.112778Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"llw.brjy6.lat/cn/home/web/template/033ccyy_wtpl/js/jquery.lazyload.js","fqdn":"llw.brjy6.lat","domain":"brjy6.lat","tld":"lat"},"ip":{"addr":"154.21.91.33","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"ad5888b989e1e62ebb23fecbae6c8053","sha1":"7695266013b2091502554616c6a3ac4c2f5a79fb","sha256":"38bc7cc88c754d4f93d7c73abeebb0687986bd8bfe416ee364ac0dfa26a5a6e6","sha512":"df0158f02027a2b973f0bbd14afba0f21c73de5042899400a8395065100e3dc5d04c6d399ed89a6200ab47d037905e8bdb32a9a9cfb972839ce09d35122ff88b","ssdeep":"","tlshash":"3b41e5863f027534f179a9ad430f52096127d03b92d58dd1b089d8ecfcf86579a3698b","size":2230,"data":"","first_seen":"2023-03-08T08:34:55Z","last_seen":"2026-03-29T23:38:37.887769Z","times_seen":308,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"llw.brjy6.lat/cn/home/web/template/033ccyy_wtpl/js/home.js","fqdn":"llw.brjy6.lat","domain":"brjy6.lat","tld":"lat"},"ip":{"addr":"154.21.91.33","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d16ee6960489d8bf6135e6d6950bf088","sha1":"35f1ccbe2ff39e1b05ab03af04c7ae31d19c0615","sha256":"5c108bd4cdac141ab658fe7f84cf134e39cf29065dd2b901a0973ba813e05cc0","sha512":"fa654b0d2ced5203e49149c7bb5c1c24ed2356aa708c5de1ff185e9c94d78a3bea5e920bd71e4c6ed28cebdeca035011aa68b19da369d38bb2d9ab3b2bc64f28","ssdeep":"","tlshash":"cdf0279a32ed0540543330b58e2f6c143702b53b1846dc0c794d20f0cf4ca1df82abb6","size":584,"data":"","first_seen":"2023-03-08T08:34:55Z","last_seen":"2026-03-29T23:38:37.881993Z","times_seen":287,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"llw.brjy6.lat/cn/home/web/static/js/jquery.js","fqdn":"llw.brjy6.lat","domain":"brjy6.lat","tld":"lat"},"ip":{"addr":"154.21.91.33","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"397754ba49e9e0cf4e7c190da78dda05","sha1":"ae49e56999d82802727455f0ba83b63acd90a22b","sha256":"c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4","sha512":"8c64754f77507ab2c24a6fc818419b9dd3f0ceccc9065290e41afdbee0743f0da2cb13b2fbb00afa525c082f1e697cb3ffd76ef9b902cb81d7c41ca1c641dffb","ssdeep":"1536:dnu00HWWaRxkqJg09pYxoxDKMXJrg8hXXO4dK3kyfiLJBhdSZE+I+Qg7rbaN1RUx:ddkWgoBhcZRQgmW42qe","tlshash":"8c932bdd72d2b03257ab30bd106f540ff2361959280d8850f268d8f9bc79a49a277f6d","size":92629,"data":"","first_seen":"2023-03-07T01:02:08Z","last_seen":"2026-04-04T15:48:44.569044Z","times_seen":60616,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"llw.brjy6.lat/s/%E5%A5%B4.html","fqdn":"llw.brjy6.lat","domain":"brjy6.lat","tld":"lat"},"ip":{"addr":"154.21.91.33","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"57ca1679beecd06eaa00944bec96c8d5","sha1":"90d2c545a94b7fa7ea2a0bb2e79d47db91cf7164","sha256":"7c766318d776596c427c9707337cc501d4a06a8186257b80a24d129fc3b97d42","sha512":"971021ae72ea21612944d42c4b9048028e447eb31df65c34a3311c1a6246773b9d8465eb20cb52c6b34099d5a7a714d791cd2eed9323764eed0b3addd104aa6b","ssdeep":"","tlshash":"27e07d9a8841d2e6d986b3bbffe0d368e8983b193817d83207101cd6221336fd446b4d","size":332,"data":"","first_seen":"2023-11-16T12:30:34Z","last_seen":"2026-04-04T15:25:57.554778Z","times_seen":8956,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"llw.brjy6.lat/s/%E5%A5%B4.html","fqdn":"llw.brjy6.lat","domain":"brjy6.lat","tld":"lat"},"ip":{"addr":"154.21.91.33","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-07T07:55:14.319Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.brjy6.lat","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Feb 2026 05:46:04 GMT","end":"Wed, 20 May 2026 05:46:03 GMT"},"fingerprint":{"sha1":"D8:75:8B:A6:BC:DB:0E:8B:A4:48:8F:21:0B:04:8D:A2:26:F9:2C:07","sha256":"38:59:BF:11:88:F9:AF:4E:F9:01:F4:09:39:07:9A:BA:9E:9B:AF:C3:FB:17:42:51:6D:0F:4A:25:E4:46:DB:5D"}}},"request":{"raw":"GET /s/%E5%A5%B4.html HTTP/1.1\r\nHost: llw.brjy6.lat\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: https://www.xzylm.com\r\ncontent-type: text/html;charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: Deny\r\nset-cookie: PHPSESSID=er41ukbll0dnfsnk39ghj42mp4; path=/\r\ncache-control: public, max-age=3600\r\ncontent-encoding: gzip\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cMsSf ])\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":7420,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (6949), with no line terminators","md5":"89faa9e886982fdb48ed1df95b4446d7","sha1":"8ec17e4228f1abf0df9a441aae34c7d3f9e1ff5a","sha256":"fb45d5956fad0fc2e0e22766f4f6f529beac220041dd2146b761f0ca53b39243","sha512":"7fabcb56bd36c56bd1ad4e0f11041f99ae1e47c69d800fa060cd5e531e11629aee25232573453a3277a0da11f156370c7f070ef04e4d2dee06f759182e83ae84","ssdeep":"192:fwv/cW4hpnw780Y1Iep0gvCnGydYJnjlFA:ZWQV6epLvCUjM","tlshash":"f6e1651236ca742f612b95acb6a1f33da42713b4db550f2434a47dafca81f44125af8f","first_seen":"2026-03-07T07:55:38.10502Z","last_seen":"2026-03-07T07:55:38.10502Z","times_seen":1,"resource_available":true,"data":null}},"time_used":955,"timings":{"blocked":392,"dns":78,"connect":153,"send":0,"wait":171,"receive":0,"ssl":159},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"llw.brjy6.lat","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"llw.brjy6.lat/cn/home/web/template/033ccyy_wtpl/js/jquery.lazyload.js","fqdn":"llw.brjy6.lat","domain":"brjy6.lat","tld":"lat"},"ip":{"addr":"154.21.91.33","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://llw.brjy6.lat/s/%E5%A5%B4.html","date":"2026-03-07T07:55:15.156Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.brjy6.lat","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Feb 2026 05:46:04 GMT","end":"Wed, 20 May 2026 05:46:03 GMT"},"fingerprint":{"sha1":"D8:75:8B:A6:BC:DB:0E:8B:A4:48:8F:21:0B:04:8D:A2:26:F9:2C:07","sha256":"38:59:BF:11:88:F9:AF:4E:F9:01:F4:09:39:07:9A:BA:9E:9B:AF:C3:FB:17:42:51:6D:0F:4A:25:E4:46:DB:5D"}}},"request":{"raw":"GET /cn/home/web/template/033ccyy_wtpl/js/jquery.lazyload.js HTTP/1.1\r\nHost: llw.brjy6.lat\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://llw.brjy6.lat/s/%E5%A5%B4.html\r\nCookie: PHPSESSID=er41ukbll0dnfsnk39ghj42mp4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: https://www.xzylm.com\r\ncontent-type: application/javascript\r\ncontent-length: 2230\r\nlast-modified: Wed, 31 Aug 2022 08:21:38 GMT\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2230,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2230), with no line terminators","md5":"ad5888b989e1e62ebb23fecbae6c8053","sha1":"7695266013b2091502554616c6a3ac4c2f5a79fb","sha256":"38bc7cc88c754d4f93d7c73abeebb0687986bd8bfe416ee364ac0dfa26a5a6e6","sha512":"df0158f02027a2b973f0bbd14afba0f21c73de5042899400a8395065100e3dc5d04c6d399ed89a6200ab47d037905e8bdb32a9a9cfb972839ce09d35122ff88b","ssdeep":"","tlshash":"3b41e5863f027534f179a9ad430f52096127d03b92d58dd1b089d8ecfcf86579a3698b","first_seen":"2023-03-08T08:34:55Z","last_seen":"2026-03-29T23:38:37.887769Z","times_seen":308,"resource_available":true,"data":null}},"time_used":511,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":511,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"llw.brjy6.lat","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"llw.brjy6.lat/cn/home/web/template/033ccyy_wtpl/js/home.js","fqdn":"llw.brjy6.lat","domain":"brjy6.lat","tld":"lat"},"ip":{"addr":"154.21.91.33","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://llw.brjy6.lat/s/%E5%A5%B4.html","date":"2026-03-07T07:55:15.159Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.brjy6.lat","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Feb 2026 05:46:04 GMT","end":"Wed, 20 May 2026 05:46:03 GMT"},"fingerprint":{"sha1":"D8:75:8B:A6:BC:DB:0E:8B:A4:48:8F:21:0B:04:8D:A2:26:F9:2C:07","sha256":"38:59:BF:11:88:F9:AF:4E:F9:01:F4:09:39:07:9A:BA:9E:9B:AF:C3:FB:17:42:51:6D:0F:4A:25:E4:46:DB:5D"}}},"request":{"raw":"GET /cn/home/web/template/033ccyy_wtpl/js/home.js HTTP/1.1\r\nHost: llw.brjy6.lat\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://llw.brjy6.lat/s/%E5%A5%B4.html\r\nCookie: PHPSESSID=er41ukbll0dnfsnk39ghj42mp4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: https://www.xzylm.com\r\ncontent-type: application/javascript\r\ncontent-length: 584\r\nlast-modified: Wed, 31 Aug 2022 08:21:38 GMT\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":584,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"d16ee6960489d8bf6135e6d6950bf088","sha1":"35f1ccbe2ff39e1b05ab03af04c7ae31d19c0615","sha256":"5c108bd4cdac141ab658fe7f84cf134e39cf29065dd2b901a0973ba813e05cc0","sha512":"fa654b0d2ced5203e49149c7bb5c1c24ed2356aa708c5de1ff185e9c94d78a3bea5e920bd71e4c6ed28cebdeca035011aa68b19da369d38bb2d9ab3b2bc64f28","ssdeep":"","tlshash":"cdf0279a32ed0540543330b58e2f6c143702b53b1846dc0c794d20f0cf4ca1df82abb6","first_seen":"2023-03-08T08:34:55Z","last_seen":"2026-03-29T23:38:37.881993Z","times_seen":287,"resource_available":true,"data":null}},"time_used":510,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":510,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"llw.brjy6.lat","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"llw.brjy6.lat/cn/home/web/static/css/a_pc_wap.css","fqdn":"llw.brjy6.lat","domain":"brjy6.lat","tld":"lat"},"ip":{"addr":"154.21.91.33","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://llw.brjy6.lat/s/%E5%A5%B4.html","date":"2026-03-07T07:55:15.160Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.brjy6.lat","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Feb 2026 05:46:04 GMT","end":"Wed, 20 May 2026 05:46:03 GMT"},"fingerprint":{"sha1":"D8:75:8B:A6:BC:DB:0E:8B:A4:48:8F:21:0B:04:8D:A2:26:F9:2C:07","sha256":"38:59:BF:11:88:F9:AF:4E:F9:01:F4:09:39:07:9A:BA:9E:9B:AF:C3:FB:17:42:51:6D:0F:4A:25:E4:46:DB:5D"}}},"request":{"raw":"GET /cn/home/web/static/css/a_pc_wap.css HTTP/1.1\r\nHost: llw.brjy6.lat\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://llw.brjy6.lat/s/%E5%A5%B4.html\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=er41ukbll0dnfsnk39ghj42mp4\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: https://www.xzylm.com\r\ncontent-type: text/css\r\ncontent-length: 2876\r\nlast-modified: Mon, 24 Oct 2022 09:16:10 GMT\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2876,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"74a8b81d486fd0fab0c1e1a21faf815c","sha1":"3671d10e96160cba777510eafe225a6fab98dbdf","sha256":"db0fd01915d66b5e8e03851256f02c85422be168cf9b2b68ab776878447f9e1c","sha512":"9399229eae7fd56b29d69e0cacc7b2a439aa45fb392df8549e04ed3fd81ee280694bf2a96acebdfc759862fb7a863fcba5e4adc4228c40bb25ac75fbca504226","ssdeep":"","tlshash":"2e515a162b6f2488a80ba1b85fb567686a294053bb0fcc2975547324ff4e78d09b2789","first_seen":"2023-11-16T12:30:34Z","last_seen":"2026-04-04T15:25:57.379425Z","times_seen":9227,"resource_available":false,"data":null}},"time_used":519,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":519,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"llw.brjy6.lat","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"llw.brjy6.lat/abc/fixed_ui_630cbd.js","fqdn":"llw.brjy6.lat","domain":"brjy6.lat","tld":"lat"},"ip":{"addr":"154.21.91.33","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://llw.brjy6.lat/s/%E5%A5%B4.html","date":"2026-03-07T07:55:15.164Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.brjy6.lat","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Feb 2026 05:46:04 GMT","end":"Wed, 20 May 2026 05:46:03 GMT"},"fingerprint":{"sha1":"D8:75:8B:A6:BC:DB:0E:8B:A4:48:8F:21:0B:04:8D:A2:26:F9:2C:07","sha256":"38:59:BF:11:88:F9:AF:4E:F9:01:F4:09:39:07:9A:BA:9E:9B:AF:C3:FB:17:42:51:6D:0F:4A:25:E4:46:DB:5D"}}},"request":{"raw":"GET /abc/fixed_ui_630cbd.js HTTP/1.1\r\nHost: llw.brjy6.lat\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://llw.brjy6.lat/s/%E5%A5%B4.html\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=er41ukbll0dnfsnk39ghj42mp4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: https://www.xzylm.com\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=2592000\r\ncontent-length: 5591\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5591,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"47e19168047029672b065934831bac4c","sha1":"60d3ab6ce96048f4d50d9401f3160dd8deb4c6eb","sha256":"806f40f4a8974868d8057ef00e789730027c0046e135a710b7cf8da581e2582e","sha512":"e402886373811ccc534fae10a3986369202f1190ec4f11114c8120d98cfb34d12a3fb53554e5bb6048f72a1115bd30a8f8e83105f6a0d4e385a44d1d846a767f","ssdeep":"96:UYrFraN8XyMwEwxg2y82EefEbTzg2VCubJkiTzoP5VYb5G6JS/lWrNJyKsKQmX:rBzwHm2y82vfgT8ICubJy5VGGg+gbOlS","tlshash":"90b1805f79e33196892330b48fff14083a365013920edd907c0d91a4afa9bd86672fe9","first_seen":"2026-03-07T07:42:36.977677Z","last_seen":"2026-03-07T07:55:38.112778Z","times_seen":2,"resource_available":true,"data":null}},"time_used":521,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":521,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"llw.brjy6.lat","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"llw.brjy6.lat/cn/home/web/template/033ccyy_wtpl/fonts/search.svg","fqdn":"llw.brjy6.lat","domain":"brjy6.lat","tld":"lat"},"ip":{"addr":"154.21.91.33","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://llw.brjy6.lat/s/%E5%A5%B4.html","date":"2026-03-07T07:55:15.703Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.brjy6.lat","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Feb 2026 05:46:04 GMT","end":"Wed, 20 May 2026 05:46:03 GMT"},"fingerprint":{"sha1":"D8:75:8B:A6:BC:DB:0E:8B:A4:48:8F:21:0B:04:8D:A2:26:F9:2C:07","sha256":"38:59:BF:11:88:F9:AF:4E:F9:01:F4:09:39:07:9A:BA:9E:9B:AF:C3:FB:17:42:51:6D:0F:4A:25:E4:46:DB:5D"}}},"request":{"raw":"GET /cn/home/web/template/033ccyy_wtpl/fonts/search.svg HTTP/1.1\r\nHost: llw.brjy6.lat\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://llw.brjy6.lat/cn/home/web/template/033ccyy_wtpl/css/m.css\r\nCookie: PHPSESSID=er41ukbll0dnfsnk39ghj42mp4\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: https://www.xzylm.com\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 31 Aug 2022 08:21:38 GMT\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 730\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])\r\ncache-control: public, max-age=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1419,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b75a072562021d3f9b506a204c8f8e40","sha1":"1e5cac4c8bb5ec9988856eeab604c35f8b34b9de","sha256":"21ff017ea788786afe33c005274a62ea2b53df0eecce816de3d157407675f727","sha512":"89980cab9ba4bed79bce003e8fe8d597b44d463a3a420ac73b52fc792f0b251cb0361548787a1437bc14bf50c5bddfc46b06a3bf2126cad085c96930f125f57d","ssdeep":"","tlshash":"e12112a64102a4248cc39bce69d43fc8db2ff0965c488aa9e8546db099f44b316843c9","first_seen":"2023-06-04T22:00:19Z","last_seen":"2026-03-29T23:38:37.914462Z","times_seen":356,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"llw.brjy6.lat","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"llw.brjy6.lat/000/flink/analytics.php","fqdn":"llw.brjy6.lat","domain":"brjy6.lat","tld":"lat"},"ip":{"addr":"154.21.91.33","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://llw.brjy6.lat/s/%E5%A5%B4.html","date":"2026-03-07T07:55:15.749Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.brjy6.lat","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Feb 2026 05:46:04 GMT","end":"Wed, 20 May 2026 05:46:03 GMT"},"fingerprint":{"sha1":"D8:75:8B:A6:BC:DB:0E:8B:A4:48:8F:21:0B:04:8D:A2:26:F9:2C:07","sha256":"38:59:BF:11:88:F9:AF:4E:F9:01:F4:09:39:07:9A:BA:9E:9B:AF:C3:FB:17:42:51:6D:0F:4A:25:E4:46:DB:5D"}}},"request":{"raw":"POST /000/flink/analytics.php HTTP/1.1\r\nHost: llw.brjy6.lat\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://llw.brjy6.lat/s/%E5%A5%B4.html\r\nContent-type: application/x-www-form-urlencoded\r\nContent-Length: 9\r\nOrigin: https://llw.brjy6.lat\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=er41ukbll0dnfsnk39ghj42mp4\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":9,"data":"referrer="}},"response":{"raw":"HTTP/2 204 No Content\r\nserver: https://www.xzylm.com\r\ndate: Sat, 07 Mar 2026 07:55:15 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nage: 0\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cMs f ])\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":156,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":156,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"llw.brjy6.lat","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"llw.brjy6.lat/favicon.ico","fqdn":"llw.brjy6.lat","domain":"brjy6.lat","tld":"lat"},"ip":{"addr":"154.21.91.33","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://llw.brjy6.lat/s/%E5%A5%B4.html","date":"2026-03-07T07:55:15.922Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.brjy6.lat","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Feb 2026 05:46:04 GMT","end":"Wed, 20 May 2026 05:46:03 GMT"},"fingerprint":{"sha1":"D8:75:8B:A6:BC:DB:0E:8B:A4:48:8F:21:0B:04:8D:A2:26:F9:2C:07","sha256":"38:59:BF:11:88:F9:AF:4E:F9:01:F4:09:39:07:9A:BA:9E:9B:AF:C3:FB:17:42:51:6D:0F:4A:25:E4:46:DB:5D"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: llw.brjy6.lat\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://llw.brjy6.lat/s/%E5%A5%B4.html\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=er41ukbll0dnfsnk39ghj42mp4\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: https://www.xzylm.com\r\ncontent-type: image/x-icon\r\ncontent-length: 9662\r\nlast-modified: Fri, 25 Nov 2022 03:52:48 GMT\r\naccept-ranges: bytes\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])\r\ncache-control: public, max-age=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9662,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel","md5":"18804c433d8dd737be046adab903411e","sha1":"c67fa82887c5c1a6055837aac4b08b0f9775a347","sha256":"3cb727e02717cefc4dfe60fc7c4b3891e248f1486178265f3b4168e3a0113fff","sha512":"b4985ff566876fca5f63feeb9acb13ca5532ee03a77365ecec9e4e9b3ab5820e85ca5e628a0b8d07b6872695034424da66e5efbb02728982ff0258202e61df08","ssdeep":"96:90wDO8XGuqzBrcvfZ8AtR1/V+1g885DTBmZy/oxm2urGHjAsM/T1Sg:48XGumwBlV/V+1g88PmZEoTcGDAsM/kg","tlshash":"37125e1af656e015c0310278cc83d6dc6d386d1c6890ce67a2c1bd2b757713f6d6b28a","first_seen":"2025-05-24T03:57:27.301417Z","last_seen":"2026-03-29T23:38:37.886999Z","times_seen":155,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":160,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"llw.brjy6.lat","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"llw.brjy6.lat/cn/home/web/template/033ccyy_wtpl/css/m.css","fqdn":"llw.brjy6.lat","domain":"brjy6.lat","tld":"lat"},"ip":{"addr":"154.21.91.33","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://llw.brjy6.lat/s/%E5%A5%B4.html","date":"2026-03-07T07:55:15.150Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.brjy6.lat","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Feb 2026 05:46:04 GMT","end":"Wed, 20 May 2026 05:46:03 GMT"},"fingerprint":{"sha1":"D8:75:8B:A6:BC:DB:0E:8B:A4:48:8F:21:0B:04:8D:A2:26:F9:2C:07","sha256":"38:59:BF:11:88:F9:AF:4E:F9:01:F4:09:39:07:9A:BA:9E:9B:AF:C3:FB:17:42:51:6D:0F:4A:25:E4:46:DB:5D"}}},"request":{"raw":"GET /cn/home/web/template/033ccyy_wtpl/css/m.css HTTP/1.1\r\nHost: llw.brjy6.lat\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://llw.brjy6.lat/s/%E5%A5%B4.html\r\nCookie: PHPSESSID=er41ukbll0dnfsnk39ghj42mp4\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: https://www.xzylm.com\r\ncontent-type: text/css\r\ncontent-length: 6167\r\nlast-modified: Wed, 31 Aug 2022 08:21:38 GMT\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6167,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (324), with CRLF line terminators","md5":"eb4d844210b97b29362dbf748c854618","sha1":"5acb45bd749c0b80642b628953ffd549853d1f38","sha256":"954c95f57645694fe3011c8a45531e40e79c6cf5d23779de5e078210e56697fe","sha512":"d0277bc8c8c3dbd9bf7261160c1e9d41dcac791617bc76f6735ca6a2358d016fe7b593789b46202fcaf2add5af1f00e7a8f8d31fceb2d597b13bb8487cdf7049","ssdeep":"48:aOOaFGun9FaZ1voAwceGNUo0lvHeaHMkEAm8Tfsg238Y3SUo6xXqc3SUoEIniZVH:7cwwUob+Mkq8sl0UoC6pUoEZ1vWs/H","tlshash":"49d13336ab6b015db537c92179d1ebdd592841b2e5068b7ce917bc3089c70ea2c73b88","first_seen":"2025-05-24T03:57:27.296949Z","last_seen":"2026-03-29T23:38:37.866267Z","times_seen":280,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"llw.brjy6.lat","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"llw.brjy6.lat/cn/home/web/static/js/jquery.js","fqdn":"llw.brjy6.lat","domain":"brjy6.lat","tld":"lat"},"ip":{"addr":"154.21.91.33","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://llw.brjy6.lat/s/%E5%A5%B4.html","date":"2026-03-07T07:55:15.153Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.brjy6.lat","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Feb 2026 05:46:04 GMT","end":"Wed, 20 May 2026 05:46:03 GMT"},"fingerprint":{"sha1":"D8:75:8B:A6:BC:DB:0E:8B:A4:48:8F:21:0B:04:8D:A2:26:F9:2C:07","sha256":"38:59:BF:11:88:F9:AF:4E:F9:01:F4:09:39:07:9A:BA:9E:9B:AF:C3:FB:17:42:51:6D:0F:4A:25:E4:46:DB:5D"}}},"request":{"raw":"GET /cn/home/web/static/js/jquery.js HTTP/1.1\r\nHost: llw.brjy6.lat\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://llw.brjy6.lat/s/%E5%A5%B4.html\r\nCookie: PHPSESSID=er41ukbll0dnfsnk39ghj42mp4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: https://www.xzylm.com\r\ncontent-type: application/javascript\r\ncontent-length: 92629\r\nlast-modified: Thu, 04 Aug 2016 14:39:10 GMT\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":92629,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32089)","md5":"397754ba49e9e0cf4e7c190da78dda05","sha1":"ae49e56999d82802727455f0ba83b63acd90a22b","sha256":"c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4","sha512":"8c64754f77507ab2c24a6fc818419b9dd3f0ceccc9065290e41afdbee0743f0da2cb13b2fbb00afa525c082f1e697cb3ffd76ef9b902cb81d7c41ca1c641dffb","ssdeep":"1536:dnu00HWWaRxkqJg09pYxoxDKMXJrg8hXXO4dK3kyfiLJBhdSZE+I+Qg7rbaN1RUx:ddkWgoBhcZRQgmW42qe","tlshash":"8c932bdd72d2b03257ab30bd106f540ff2361959280d8850f268d8f9bc79a49a277f6d","first_seen":"2023-03-07T01:02:08Z","last_seen":"2026-04-04T15:48:44.569044Z","times_seen":60616,"resource_available":true,"data":null}},"time_used":511,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":227,"receive":284,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"llw.brjy6.lat","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"llw.brjy6.lat/abc/data_e7a6f7.json","fqdn":"llw.brjy6.lat","domain":"brjy6.lat","tld":"lat"},"ip":{"addr":"154.21.91.33","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://llw.brjy6.lat/s/%E5%A5%B4.html","date":"2026-03-07T07:55:15.754Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.brjy6.lat","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Feb 2026 05:46:04 GMT","end":"Wed, 20 May 2026 05:46:03 GMT"},"fingerprint":{"sha1":"D8:75:8B:A6:BC:DB:0E:8B:A4:48:8F:21:0B:04:8D:A2:26:F9:2C:07","sha256":"38:59:BF:11:88:F9:AF:4E:F9:01:F4:09:39:07:9A:BA:9E:9B:AF:C3:FB:17:42:51:6D:0F:4A:25:E4:46:DB:5D"}}},"request":{"raw":"GET /abc/data_e7a6f7.json HTTP/1.1\r\nHost: llw.brjy6.lat\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://llw.brjy6.lat/s/%E5%A5%B4.html\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=er41ukbll0dnfsnk39ghj42mp4\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: https://www.xzylm.com\r\ndate: Sat, 07 Mar 2026 07:54:09 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=300\r\nage: 66\r\ncontent-length: 9745\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cHs f ])\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9745,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"28a36fb9b4778538a331caf85aaa896f","sha1":"d222e59c52fd229907fc1ac4338b6b737b5cab66","sha256":"11a4b2f8273eb9cf9715bfdddeaa0b972495f55879c1af18dd78608f474669f6","sha512":"49ec8e6ab8568e8c792f835dcfd6ba5007021a42ee424027fb5f14840551ade5126c558a541680a8236d938b6e49327bc9ffc6a5e4464d280936ec848bdae208","ssdeep":"96:fFDqZ7S7oocvscvHmBKffPtcu2POTPOXW7HvFjQvMl1MmahODqfzQOdzBZvdH3w1:fm7+cUcPffWsTNEvL8OpNC1RSSpj4a","tlshash":"1a1269b637f969bcf6b452c15b0a3a69578d3027884ce38737cddc3454ec1aa220b463","first_seen":"2026-03-07T05:28:33.44685Z","last_seen":"2026-03-07T08:34:37.33632Z","times_seen":8,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":161,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"llw.brjy6.lat","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}