{"report_id":"02e92e14-7072-49a1-8ecf-48861b752089","version":6,"status":"done","tags":[],"date":"2025-06-24T02:24:24Z","url":{"schema":"http","addr":"ad3.jiejie51-f458.cc/","fqdn":"ad3.jiejie51-f458.cc","domain":"jiejie51-f458.cc","tld":"cc"},"ip":{"addr":"14.128.63.99","port":0,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"final":{"url":{"schema":"https","addr":"ad3.jiejie51-f1372.cc/","fqdn":"ad3.jiejie51-f1372.cc","domain":"jiejie51-f1372.cc","tld":"cc"},"title":"ad3.jiejie51-f1372.cc/"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-09-02T02:24:24Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"ad3.jiejie51-f1372.cc","ip":{"addr":"14.128.63.105","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"domain_registered":"2025-05-20","domain_rank":0,"first_seen":"2025-06-24T02:24:24.52833Z","last_seen":"2025-06-24T02:24:24.52833Z","alert_count":0,"request_count":2,"received_data":20053,"sent_data":939,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ad3.jiejie51-f458.cc","ip":{"addr":"14.128.63.99","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"domain_registered":"2024-11-16","domain_rank":0,"first_seen":"2025-06-24T02:24:24.526543Z","last_seen":"2025-06-24T02:24:24.526543Z","alert_count":1,"request_count":1,"received_data":9797,"sent_data":489,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-24","alert":"Sinkholed","trigger":"jiejie51-f458.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"ad3.jiejie51-f1372.cc/","fqdn":"ad3.jiejie51-f1372.cc","domain":"jiejie51-f1372.cc","tld":"cc"},"ip":{"addr":"14.128.63.105","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"a25c979e587ee49f62d97a85d368a7fd","sha1":"3acef945cc17357258150a001734979f59b118e3","sha256":"830034a99d03a168caa3203545220c77005e7354f8156effe92a8863eb01a0d0","sha512":"dfce2a747e198e420a9db6bdb6ea1cb188e9711ca2586fedde71634ad475a911e89daa4b7eadc7e207c28836e4019dac5d38e9773f9fbf9cfd7fadd9a1ebe4ff","ssdeep":"","tlshash":"7c31dfdddda60586de47a9bc985a101c3232f11bc8d9860abc4d46c53fa193640fe6ec","size":1472,"data":"","first_seen":"2025-06-24T02:24:27.501213Z","last_seen":"2025-06-24T02:24:27.501213Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ad3.jiejie51-f1372.cc/","fqdn":"ad3.jiejie51-f1372.cc","domain":"jiejie51-f1372.cc","tld":"cc"},"ip":{"addr":"14.128.63.105","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"b203c21c3e00f104b7d1dd773bb918e6","sha1":"40e7acdf8b27d26803c65044785a6357eb787ffa","sha256":"16994b5ec01c385114087f7e744c592f19c8b1a1ad96b10c2abbdc6817b0a493","sha512":"d67eb0f43be402cb717cd75a6447f2d03f50eda987daac0bfbd2faf2004b45c3e538a3801741d124b2d331597aa16f6ced65c870da70c6a49da5d9fc04030a95","ssdeep":"","tlshash":"48e0dfdbec9a06b18e8b76b654b8474870308017dcc8c6003c1e89945f30cf2e09ebcc","size":411,"data":"","first_seen":"2024-12-28T18:34:15.591996Z","last_seen":"2025-07-03T02:55:23.443718Z","times_seen":1005,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ad3.jiejie51-f1372.cc/","fqdn":"ad3.jiejie51-f1372.cc","domain":"jiejie51-f1372.cc","tld":"cc"},"ip":{"addr":"14.128.63.105","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"19711927baafaa8503549ba762cf1bff","sha1":"596beac040b0752e4f690916c6257ab42b33eb5c","sha256":"91a464869a6132642450b59fb356945bef5c09d7bedc6818129b085b1979a934","sha512":"99b3da1e35166f47ad495998a39f4f71316f150f1e1191aade799e40733328a3e9b6c1aaa799e355142ce4a0794f3feea5eb2aee75cc74e4fe46976bac66b8c0","ssdeep":"48:9UeS7wtJDndUUzze0v7xWGunEiLiop32zfX/sBMQfBMQfBMQ7NWm01dX1w+tyS8s:hSMHlFunBZ3uPO//h+B1yIRjFh7oU","tlshash":"491267dd37325c9deca2a63ff41a7328e1948c13f94da0ad2e6904006fc195ae1d939f","size":9402,"data":"","first_seen":"2025-06-24T02:24:27.502611Z","last_seen":"2025-06-24T02:24:27.502611Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ad3.jiejie51-f1372.cc/","fqdn":"ad3.jiejie51-f1372.cc","domain":"jiejie51-f1372.cc","tld":"cc"},"ip":{"addr":"14.128.63.105","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"eb90f64a7adc636344bd6c9271de19ce","sha1":"57f15b19caefab99cce1a2a9ae158b68f09894a9","sha256":"5b803277364c8f9ba93336b0f11212ec1a4420b8be98dbb036b26d120cc532bb","sha512":"904233f5bff346df9a73c7ac82ec84756652eb4315af90d42b226767400d9c7d07e8c6d40039643fb9c16cb108734320212c855800a26018a43aaae057337010","ssdeep":"","tlshash":"34a00415c14513107303003010d1c3dc3f744013fc4115153f5f05400f40515c014444","size":64,"data":"","first_seen":"2024-12-28T18:34:15.599123Z","last_seen":"2025-07-03T02:55:23.442614Z","times_seen":1005,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"268b4253b558aa7ccf8bfee2cda71e30","sha1":"4c624e8e33d11da789f429a9495e8cff836c588f","sha256":"37e68a6b6b79ac0de34842887f7c3f6967a4e4f073f8cdddcb51b0ddbb2707a0","sha512":"077cdc02ac602161be63d82b4233db5d10aeab9e445ace3fdfc80b5d53e11f8c800ee6fa4c56dd1308af64db4fd9f6a8dbb72bc93720fbd4d1879f7d72dfd0c8","ssdeep":"","tlshash":"a6615216d9f30446f157d87f6698a51a2b21f213088ace153f8c07b0afc54a688f73cc","size":3187,"data":"","first_seen":"2025-06-24T02:24:27.503847Z","last_seen":"2025-06-24T02:24:27.503847Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"05c1f441161997e210b5ca09c8cb7640","sha1":"52dd05e2c7d370d59ad20dc7263727072ac4a4c7","sha256":"4698f273881c97630a8f7136f3035ba67bda22761686a6bee57a327fa124a88f","sha512":"3e56105789adc5c305665b77b24a7eda0b13e58e27ea9ae76116c6b17d022a7875323788d48171bd33e1f04c3bf29f894fa6be2d431acb9cf8ceb843d8c408aa","ssdeep":"","tlshash":"6b6000300cc03000c3000003c000000030fc3c0c000003c00003300c03000c000c0000","size":12,"data":"","first_seen":"2025-06-24T00:06:48.754355Z","last_seen":"2025-06-24T23:52:21.824199Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"ad3.jiejie51-f458.cc/","fqdn":"ad3.jiejie51-f458.cc","domain":"jiejie51-f458.cc","tld":"cc"},"ip":{"addr":"14.128.63.99","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-06-24T02:24:01.213Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jiejie51-f458.cc","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 01 May 2025 12:27:37 GMT","end":"Wed, 30 Jul 2025 12:27:36 GMT"},"fingerprint":{"sha1":"2A:BB:8C:89:03:03:EB:5F:EC:47:AD:3B:65:FF:FF:A0:E0:02:6F:9D","sha256":"AC:4E:6A:6E:06:4D:B2:FD:D1:4F:D5:1E:AD:3E:1E:95:82:C8:0D:29:86:45:4F:0B:BA:B9:C4:58:7B:32:E1:BE"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ad3.jiejie51-f458.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\naccess-control-allow-origin: \r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ncontent-type: text/html; charset=utf-8\r\ndate: Tue, 24 Jun 2025 02:24:01 GMT\r\nlocation: https://ad3.jiejie51-f1372.cc/\r\nserver: openresty\r\nvary: Origin, Accept-Encoding\r\nx-cache: BYPASS\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 91\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":9434,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T01:09:43.978719Z","times_seen":16160175,"resource_available":true,"data":null}},"time_used":2420,"timings":{"blocked":1055,"dns":95,"connect":300,"send":0,"wait":310,"receive":0,"ssl":655},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-24","alert":"Sinkholed","trigger":"jiejie51-f458.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ad3.jiejie51-f1372.cc/","fqdn":"ad3.jiejie51-f1372.cc","domain":"jiejie51-f1372.cc","tld":"cc"},"ip":{"addr":"14.128.63.105","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-06-24T02:24:02.587Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jiejie51-f1372.cc","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 May 2025 09:35:00 GMT","end":"Mon, 18 Aug 2025 09:34:59 GMT"},"fingerprint":{"sha1":"42:B7:19:A9:FB:1C:0F:6D:9B:4D:D9:06:58:0C:47:23:0E:1B:4C:9D","sha256":"CD:74:9D:AF:21:42:7F:7A:34:66:9E:6F:26:AB:FF:2E:66:B5:ED:A6:3F:31:94:A5:68:F3:54:CA:E1:3E:A4:F9"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ad3.jiejie51-f1372.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: \r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ncontent-encoding: gzip\r\ncontent-type: text/html;charset=utf-8\r\ndate: Tue, 24 Jun 2025 02:24:03 GMT\r\nserver: openresty\r\nvary: Origin, Accept-Encoding\r\nx-cache: BYPASS\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 1952\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9434,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (9434), with no line terminators","md5":"3df09dff9d1551c09b063374ac82f3d4","sha1":"aed6053e06950aa0d1d52e5d0f67fa02eebdb0f7","sha256":"7935c22080046aad64f8d529bab86078cc4c710343e7f984b0686c96566b230f","sha512":"f2c01eab4536b03d01133008183b3479195ea5e46407561226fa7f03820180c6ae5d404281bfaf7eb3dd457c71ac7abc9746034bb606c4c4dac9aec2fb9965a9","ssdeep":"48:CUeS7wtJDndUUzze0v7xWGunEiLiop32zfX/sBMQfBMQfBMQ7NWm01dX1w+tyS8U:ASMHlFunBZ3uPO//h+B1yIRjFh7os","tlshash":"3d1267dd37315c9deca2a63ff45a7328e1948c13f94da0ad2ea904006fc195ae1d939f","first_seen":"2025-06-24T02:24:27.499801Z","last_seen":"2025-06-24T02:24:27.499801Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2771,"timings":{"blocked":713,"dns":82,"connect":302,"send":0,"wait":1343,"receive":2,"ssl":326},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ad3.jiejie51-f1372.cc/favicon.ico","fqdn":"ad3.jiejie51-f1372.cc","domain":"jiejie51-f1372.cc","tld":"cc"},"ip":{"addr":"14.128.63.105","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"","requested_by":"https://ad3.jiejie51-f1372.cc/","date":"2025-06-24T02:24:04.974Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jiejie51-f1372.cc","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 May 2025 09:35:00 GMT","end":"Mon, 18 Aug 2025 09:34:59 GMT"},"fingerprint":{"sha1":"42:B7:19:A9:FB:1C:0F:6D:9B:4D:D9:06:58:0C:47:23:0E:1B:4C:9D","sha256":"CD:74:9D:AF:21:42:7F:7A:34:66:9E:6F:26:AB:FF:2E:66:B5:ED:A6:3F:31:94:A5:68:F3:54:CA:E1:3E:A4:F9"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: ad3.jiejie51-f1372.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ad3.jiejie51-f1372.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: \r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ncache-control: max-age=15552000, public, max-age=15552000, immutable\r\ncontent-type: image/vnd.microsoft.icon\r\ndate: Tue, 24 Jun 2025 02:24:04 GMT\r\nexpires: Sun, 21 Dec 2025 02:24:04 GMT\r\nlast-modified: Fri, 10 Jan 2025 12:00:23 GMT\r\nserver: openresty\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Origin, Accept-Encoding\r\nx-cache: UPDATING\r\nx-content-type-options: nosniff\r\nx-ua-compatible: IE=edge\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 9662\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9662,"size_decoded":0,"mime_type":"image/vnd.microsoft.icon","magic":"MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel","md5":"3331070cee004f8847884177ab747e20","sha1":"41f1edcbb7ee7fc352acd7890b755c1a36b05daa","sha256":"0b0bc70778f9a4f293440285444a35c6b02fe48ac0cd2b426227e490dae0492f","sha512":"0c77dc02aee7cfafb7f8184edb6a53122f6d694edacdc6a310028566f809cf9c3144eb507bb795f35bec8dcf20066a4fbb9412e0955775a60141b2057bf2e188","ssdeep":"96:9iALlQl0bl0Ml6tNUsl0mHxk0JjUwuRzVB65DyrMilbHArgB3zZ+e0eDAhFUhAzH:N+4UhkDM+Ftz94vzICC3UuZa","tlshash":"d2126046f2ce9401f85b59317604c3ffe42698c8daae884b3988defb5dad3578432647","first_seen":"2025-01-24T03:58:48.563186Z","last_seen":"2026-06-05T06:35:38.067915Z","times_seen":3662,"resource_available":false,"data":null}},"time_used":372,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":308,"receive":64,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}