{"report_id":"077d4c71-3858-4ea4-a97f-67ae67b775c2","version":6,"status":"done","tags":[],"date":"2025-11-24T06:19:56Z","url":{"schema":"http","addr":"worldmarkets.jp/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=12428178","fqdn":"worldmarkets.jp","domain":"worldmarkets.jp","tld":"jp"},"ip":{"addr":"194.242.11.186","port":0,"asn":34989,"as":"ServeTheWorld AS","country":"Norway","country_code":"NO"},"final":{"url":{"schema":"https","addr":"worldmarkets.jp/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=12428178","fqdn":"worldmarkets.jp","domain":"worldmarkets.jp","tld":"jp"},"title":"404 - Page Not Found","dom":{"size":40384,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (18440)","md5":"fc755a4f68e8681ccd71e88c2fa5d239","sha1":"d44ff6fd9f34b3e07105daa9359ba1c8bed1f2a4","sha256":"bc5521197673c67fdc3d30cfb6312ea013c0b93d8412116823de91b8a8525352","sha512":"306588d3d1755c6f0886fc88938c4ea38c6c14c1327054e98f43a2ab8e53ab14db5c5e53b1a287ce2e7e7debfd0c58d5ec02b9916869b339b9248bb178a05658","ssdeep":"768:mxOTF4FoFTFiAxEzDx0PKJMVg41radj5xe7HJ6LBzNiPt+sPsrQ1:RTq2BPuzDx0PTye7HU/iccR1","tlshash":"66034aa6aed710196017d23932e3a71a3a31d04bdd57cc08fadd72858fe67dc2e62748","dom_hash":"domhash823def416840ac55c65766ebccffc160","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"worldmarkets.jp/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=12428178","fqdn":"worldmarkets.jp","domain":"worldmarkets.jp","tld":"jp"},"ip":{"addr":"194.242.11.186","port":0,"asn":34989,"as":"ServeTheWorld AS","country":"Norway","country_code":"NO"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-29T06:19:56Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"lumbering-main.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"lumbering-main.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"colossal-seat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"colossal-seat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"worldmarkets.jp","ip":{"addr":"195.181.166.158","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"domain_registered":"2025-11-17","domain_rank":2013941,"first_seen":"2025-11-24T05:48:07.270588Z","last_seen":"2025-11-24T05:48:07.270589Z","alert_count":0,"request_count":4,"received_data":62700,"sent_data":2061,"comment":"","tags":null,"fingerprints":[{"name":"Clicky","description":"Clicky is web an analytics tool which helps you to get real-time analysis including spy view.","website":"https://getclicky.com","common_platform_enumeration":"","icon":"Clicky.png","categories":["Analytics"]},{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]}]},{"fqdn":"lumbering-main.com","ip":{"addr":"88.85.68.219","port":443,"asn":35415,"as":"Webzilla B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-11-10","domain_rank":0,"first_seen":"2025-11-24T05:48:07.269033Z","last_seen":"2025-11-24T05:48:07.269033Z","alert_count":2,"request_count":1,"received_data":453,"sent_data":492,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"tracking.worldmarkets.jp","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-11-17","domain_rank":0,"first_seen":"2025-11-24T05:48:07.265512Z","last_seen":"2025-11-24T05:48:07.265512Z","alert_count":0,"request_count":2,"received_data":68835,"sent_data":1279,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:8.2.26","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"www.grown-mouth.com","ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2025-11-19","domain_rank":0,"first_seen":"2025-11-21T21:06:30.949434Z","last_seen":"2025-11-21T21:06:30.949434Z","alert_count":0,"request_count":2,"received_data":208208,"sent_data":915,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"colossal-seat.com","ip":{"addr":"88.85.69.211","port":443,"asn":35415,"as":"Webzilla B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-11-15","domain_rank":0,"first_seen":"2025-11-22T22:15:46.053596Z","last_seen":"2025-11-22T22:15:46.053596Z","alert_count":8,"request_count":4,"received_data":226430,"sent_data":2336,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"sdk4push.com","ip":{"addr":"157.90.33.68","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2024-03-27","domain_rank":78856,"first_seen":"2024-04-12T08:03:31Z","last_seen":"2025-11-22T04:36:49.768981Z","alert_count":0,"request_count":2,"received_data":55831,"sent_data":885,"comment":"","tags":null,"fingerprints":[{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"worldmarkets.jp/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=12428178","fqdn":"worldmarkets.jp","domain":"worldmarkets.jp","tld":"jp"},"ip":{"addr":"195.181.166.158","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":true,"md5":"3db5afcbb29479bac5ef1be1471a8ec3","sha1":"1762967d858966d74e9c3cef8649794a63eddcfa","sha256":"c8868ceef4f2fed12dc43cf6610871d80e7577b95e2efd80c9b4f83b2ec0d926","sha512":"cdcdeaf9c9eb9268f4794fa5ab1b9f413f4cb796bc88c4b44277a5afbd2e0ec859763e408a0347a418fa99a35371c39f2a7ac3b5cdbde6d56ea302d5d6d9ef38","ssdeep":"","tlshash":"0f01f95e6353b238517732ca9767920c18319053a281c04db78c536b9f75e6ed2db689","size":699,"data":"","first_seen":"2025-11-24T05:48:12.661646Z","last_seen":"2025-11-24T07:20:44.103859Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"worldmarkets.jp/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=12428178","fqdn":"worldmarkets.jp","domain":"worldmarkets.jp","tld":"jp"},"ip":{"addr":"195.181.166.158","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":true,"md5":"7a8ef2c247b00138c0e1a1ea10037039","sha1":"3622b7a3e9cac277b20802b844646dce187bacfd","sha256":"90a4185653493af0c9c364b89cdca822de1bc71eab006052f0265e7f6e23c3e3","sha512":"7d0ee9d1f810ce9cec57581f93ecd0457f13fd0fbf1c9ddbb2d55855a89a68ac557ddfca61b201ce647a337c131f5a555cd1f317d86a7c6c0080a85aa5ac38a8","ssdeep":"","tlshash":"3de0c0ed6c0d7130b2a6d07b50395b8a3240312838367c4264bc96ab3f10fee9c58e6a","size":375,"data":"","first_seen":"2025-11-24T05:48:12.663381Z","last_seen":"2025-11-24T07:20:44.104471Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"worldmarkets.jp/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=12428178","fqdn":"worldmarkets.jp","domain":"worldmarkets.jp","tld":"jp"},"ip":{"addr":"195.181.166.158","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":true,"md5":"9cca1bb28cbfa61215dd5555b00bdd68","sha1":"3bdf5480c19157d694373cde0a3a2bccbd175c90","sha256":"bfdcc9fb69e633517cfaa4341b5478eed60cd3761039a88672cb470b2f515b5d","sha512":"b819fcdea114e08d86638225425666cf15b8e6e49e65b804f854a1afa72e9f7ecee2b20e120bd4c84d9c7d6f22c9f9c1c53f4ddcb092fbc89bc2abe7a4b14bfd","ssdeep":"","tlshash":"29f0c9114def1dfd613a623e2d7e8e2d73ab281aa0a0c0006e81d8156e72a8286502cc","size":518,"data":"","first_seen":"2025-11-24T05:48:12.665045Z","last_seen":"2025-11-24T07:20:44.105119Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sdk4push.com/f/sdk.js?z=2187891","fqdn":"sdk4push.com","domain":"sdk4push.com","tld":"com"},"ip":{"addr":"157.90.33.68","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"4018ad296da1caed34597f1e0ba53d28","sha1":"f4eb27979f1d7c9ee092f270d739466e8da537f9","sha256":"10de896ad40948b2a23b11a5eaf48ef59583762ee9ed8bb8ba40a308ce12dc93","sha512":"5799c4411f4f36aeee2ea0d3c4065672eb2709071b9338ca84607435c52482490f8d03fffbb6029e21e6f247be124eafadff6970644718c996cc7d75f29a6807","ssdeep":"1536:/7LMSZcnLitlCr8WoeisV69SDG3nY+kH+s9K:/7L1Y2NViB9K","tlshash":"b833818877c6713412a7a4ac056f50d6eb2b3c34944e890adc53f3a2297576eef23d74","size":54787,"data":"","first_seen":"2025-04-03T01:19:28.743234Z","last_seen":"2026-04-04T00:30:08.27869Z","times_seen":513,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"colossal-seat.com/b/X/VCsEd.Gglz0dYbWqcI/Me/mw9vuUZyUGlkk_PkTZYO3pMfD/gn4TM_jbkBthNfjIc/wdOaDNgszAMgAR","fqdn":"colossal-seat.com","domain":"colossal-seat.com","tld":"com"},"ip":{"addr":"88.85.69.211","port":443,"asn":35415,"as":"Webzilla B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"1d03c36753b38b9c8251bb1a74068c1f","sha1":"9c5ee86d7272ba6e6334f30fb2f7f3a73482370e","sha256":"5419b6acd71cd05031ab4ad6d0c4a06ee1af4e2a2ea3d96a5bc9af398f925327","sha512":"44fd361f0fba71e883fe86c8d3bbd7b9e369682e0fb4a5c7fe669f8de804b985d4d08a06eab7da46466faa2cb5e4aac5ccc08b29e054f785c180ad93e761e6e4","ssdeep":"6144:BCrQB42X040I27lFG5ClE5yyoOSHZ3dDDgJbMHZboEBkleZbcpN:30I2/Dyw5cpN","tlshash":"3b243c9a3592747906f600a57476520ab2390a5f3d098024b87cece97da9e4f733bfb4","size":223780,"data":"","first_seen":"2025-11-24T06:19:58.756053Z","last_seen":"2025-11-24T06:19:58.756053Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tracking.worldmarkets.jp/matomo.js","fqdn":"tracking.worldmarkets.jp","domain":"worldmarkets.jp","tld":"jp"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"97b41888a87c22615114d73c91cc70a3","sha1":"a9e02fdb328a29bd8753e7000d0afe6ef635aad1","sha256":"f2e8975ed834c578c50d3923ceb26de04d4fa44f74380f45f147585d909a874d","sha512":"0023e6fd1e095cb37ffd94393f583f9a1ad1fe18a03b72bd035d431401038b48cc9689e2bbf4b0bbee5b6082e77db6e2bdd55b4d5ffb1c45f86e0f330789c10f","ssdeep":"1536:ATgnSINAJrRJqerEKlFXhuXEy+XzsyWbuds06Vdda8EbdAAOV4ITzvBCQaFLa:AT+Z2fuULzsyWbbVdda8EbdAA0XvBv5","tlshash":"0263d5ca72c275398bca6074603f1187b17aada7144cc4a4f56ac4fa3c3891e957bf78","size":67460,"data":"","first_seen":"2024-05-09T17:51:40Z","last_seen":"2026-04-03T20:14:13.545673Z","times_seen":4577,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.grown-mouth.com/ecc874/d5b7e4ebc303.js","fqdn":"www.grown-mouth.com","domain":"grown-mouth.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a99446eecd9bac0b258c9a0b1da2b333","sha1":"3d89afb0187aff54cd325046314fd8901a12ce67","sha256":"ba6f2bf6308511ea02fc6d9a21464ef99d00c0496e01b5dcbe61aadf71979537","sha512":"85c3aed599a4ccbc256bf19c10935433a97c69ddc569651a1973e92d29be76706a8655d5b6d19d629ad1201bc244020f6006d37d365c46e6d22c8470250fb997","ssdeep":"1536:rM+iZ3YOYuyx6PUQwRxcs8P3nhkQ8vL7T7Q6eGozzwVEnHzHRbPvE:OijxEQq3P5Enne9zkWHLW","tlshash":"9ba33461350b64fd2ad0c1e7eb6b20886c295810e469cca1ecd1d7c7d6eb8e3429b5f7","size":103673,"data":"","first_seen":"2025-11-21T21:06:40.108314Z","last_seen":"2025-11-24T07:20:44.100631Z","times_seen":90,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"worldmarkets.jp/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=12428178","fqdn":"worldmarkets.jp","domain":"worldmarkets.jp","tld":"jp"},"ip":{"addr":"195.181.166.158","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":true,"md5":"6a96d820e4b39a92ee60c8b6bc85ea9c","sha1":"012affefd1ffeff267813f4ae0dd07f56f126006","sha256":"464c23399955a98ac8feb097b6a7b10592fd594f312e4519d2800f5c8a48fbc4","sha512":"cdf0ca27fedb1705cda5b4ae9545f3cceda1c074db784ae4534fd15c25fa75bc3c25f2e2af2ea78b2777aabc509db1490780e7eeffadf4d3a04f0d13d972cb16","ssdeep":"","tlshash":"79e068ac9a688f36a3b9113ba07c5756b020b1545c369c42996df02f7f58bf1cc8aa18","size":380,"data":"","first_seen":"2025-11-22T22:15:50.582004Z","last_seen":"2026-03-28T23:25:48.170199Z","times_seen":68,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"worldmarkets.jp/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=12428178","fqdn":"worldmarkets.jp","domain":"worldmarkets.jp","tld":"jp"},"ip":{"addr":"195.181.166.158","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":true,"md5":"038f11bd8bd14ee3445abf1b4ebd496c","sha1":"3c8044f778f8cd83db2136bf1844860528f02524","sha256":"5a4863ab51f6b55cb36de90dc5e35af649a3727cd26f315e0bf68e130f8808e7","sha512":"8006953e3da881e8528566cf3a14ac657f30a2f782b1ef92a60f876404e4785fe6aca22624f408d7304478b8279c7dc19f85fa1dc446658489ca5bbb7eecb48c","ssdeep":"","tlshash":"f451d05a26fb09691153703d37dbb2017576e0873045fe0dbe8c43e96f8d99aaca23c8","size":2840,"data":"","first_seen":"2025-11-02T08:05:09.610276Z","last_seen":"2026-01-02T00:57:04.258484Z","times_seen":22,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"worldmarkets.jp/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=12428178","fqdn":"worldmarkets.jp","domain":"worldmarkets.jp","tld":"jp"},"ip":{"addr":"195.181.166.158","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-24T06:19:29.982Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"worldmarkets.jp","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 20 Nov 2025 20:43:58 GMT","end":"Wed, 18 Feb 2026 20:43:57 GMT"},"fingerprint":{"sha1":"C4:F5:AE:53:15:F5:47:B9:14:33:28:EE:9C:CF:79:65:80:2E:0B:28","sha256":"D7:D8:37:9F:E7:13:D6:D1:59:62:B0:54:B0:A1:7D:9D:6F:DB:9E:84:5D:63:D0:58:BA:6C:F9:14:CA:7C:91:B5"}}},"request":{"raw":"GET /z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=12428178 HTTP/1.1\r\nHost: worldmarkets.jp\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Mon, 24 Nov 2025 06:19:30 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nserver: BunnyCDN-SE1-725\r\ncdn-pullzone: 4888074\r\ncdn-requestcountrycode: NO\r\ncache-control: no-cache\r\ncdn-proxyver: 1.40\r\ncdn-requestpullcode: 404\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 725\r\ncdn-cachedat: 11/24/2025 06:19:30\r\ncdn-status: 404\r\ncdn-requesttime: 0\r\ncdn-requestid: 7e531369e9f40294c2d677511e42113f\r\ncdn-cache: MISS\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Clicky","description":"Clicky is web an analytics tool which helps you to get real-time analysis including spy view.","website":"https://getclicky.com","common_platform_enumeration":"","icon":"Clicky.png","categories":["Analytics"]},{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]}],"data":{"size":16675,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators","md5":"3b8a09219097a3ecd336c8257a4ad2f3","sha1":"8d4bb57ed34635fc801900b0d6c580177ce2b5fb","sha256":"4b41e997121a9517892e0c30c8b87ce46f8cf88c526a322229607b9071e579c3","sha512":"182c5ad29c58073b3ee5290db304750fc2ca14b81f0b22b7aea53c7abef26b1d5104f5adc517a26c9062aac4d8f5b7c6ec142346f8630deabe0777d003628552","ssdeep":"384:cxHuTF4FoFTFyN999eoDQ20Pu5CvTrT81qY2g:cxOTF4FoFTFK9reoDx0PECrQ/","tlshash":"ec72930a2ae710262013a13d33ff6a087675e017ca4add187e9d8398efd97a45c937cc","first_seen":"2025-11-24T05:48:12.656096Z","last_seen":"2025-11-24T07:20:44.098766Z","times_seen":3,"resource_available":false,"data":null}},"time_used":366,"timings":{"blocked":67,"dns":44,"connect":7,"send":0,"wait":232,"receive":0,"ssl":12},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lumbering-main.com/c_DF9m6.bd2F5KlKS/WRQC9iNVjMc/wmOTDugoyXN_y/0/2/N/zVAG4/OHDQIz4G/?sId=worldmarkets.jp","fqdn":"lumbering-main.com","domain":"lumbering-main.com","tld":"com"},"ip":{"addr":"88.85.68.219","port":443,"asn":35415,"as":"Webzilla B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://worldmarkets.jp/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=12428178","date":"2025-11-24T06:19:30.813Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"lumbering-main.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 10 Nov 2025 18:03:46 GMT","end":"Sun, 08 Feb 2026 18:03:45 GMT"},"fingerprint":{"sha1":"A4:10:F7:C9:7A:C7:81:41:7C:78:89:25:0B:18:5A:75:F5:E7:C7:39","sha256":"06:85:48:58:94:F1:A5:DA:15:16:8A:1D:B8:4E:D0:19:1E:BE:B3:77:68:72:BD:A6:EE:D5:42:6F:35:CC:74:A9"}}},"request":{"raw":"GET /c_DF9m6.bd2F5KlKS/WRQC9iNVjMc/wmOTDugoyXN_y/0/2/N/zVAG4/OHDQIz4G/?sId=worldmarkets.jp HTTP/1.1\r\nHost: lumbering-main.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://worldmarkets.jp/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Mon, 24 Nov 2025 06:19:30 GMT\r\ncontent-length: 0\r\nexpires: Mon, 26 Jul 2011 05:00:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\naccept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T04:46:10.842589Z","times_seen":13317089,"resource_available":true,"data":null}},"time_used":275,"timings":{"blocked":123,"dns":75,"connect":17,"send":0,"wait":18,"receive":0,"ssl":38},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"lumbering-main.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"lumbering-main.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tracking.worldmarkets.jp/matomo.js","fqdn":"tracking.worldmarkets.jp","domain":"worldmarkets.jp","tld":"jp"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://worldmarkets.jp/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=12428178","date":"2025-11-24T06:19:30.815Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"worldmarkets.jp","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 19 Nov 2025 06:08:29 GMT","end":"Tue, 17 Feb 2026 07:05:46 GMT"},"fingerprint":{"sha1":"53:83:AC:41:49:99:26:94:EC:8A:3B:76:55:18:17:44:B3:46:2D:1C","sha256":"00:32:53:9E:28:47:4D:74:75:73:77:EF:5F:63:0E:0B:05:F1:98:89:1E:D5:7F:B9:31:75:CC:3B:45:80:00:60"}}},"request":{"raw":"GET /matomo.js HTTP/1.1\r\nHost: tracking.worldmarkets.jp\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://worldmarkets.jp/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 24 Nov 2025 06:19:31 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 21925\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Wed, 25 Sep 2024 19:00:05 GMT\r\netag: \"10784-622f63adb1740-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nage: 1905\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RX3x6GDN%2FzC7G9jxU%2FJnQX7L6BPMRe2ceN%2BdXzkYrDoK1RmaH3Vi7V6b61b7RLbr%2FvSS%2BHt4Cy598fHFqT64OgPy2aT7JAah4ADzuNIZ4441iAfc43w%3D\"}]}\r\ncf-ray: 9a36cb8f5d8656a5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":67460,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (2854)","md5":"97b41888a87c22615114d73c91cc70a3","sha1":"a9e02fdb328a29bd8753e7000d0afe6ef635aad1","sha256":"f2e8975ed834c578c50d3923ceb26de04d4fa44f74380f45f147585d909a874d","sha512":"0023e6fd1e095cb37ffd94393f583f9a1ad1fe18a03b72bd035d431401038b48cc9689e2bbf4b0bbee5b6082e77db6e2bdd55b4d5ffb1c45f86e0f330789c10f","ssdeep":"1536:ATgnSINAJrRJqerEKlFXhuXEy+XzsyWbuds06Vdda8EbdAAOV4ITzvBCQaFLa:AT+Z2fuULzsyWbbVdda8EbdAA0XvBv5","tlshash":"0263d5ca72c275398bca6074603f1187b17aada7144cc4a4f56ac4fa3c3891e957bf78","first_seen":"2024-05-09T17:51:40Z","last_seen":"2026-04-03T20:14:13.545673Z","times_seen":4577,"resource_available":true,"data":null}},"time_used":586,"timings":{"blocked":281,"dns":267,"connect":1,"send":0,"wait":11,"receive":2,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.grown-mouth.com/ecc874/d5b7e4ebc303.js","fqdn":"www.grown-mouth.com","domain":"grown-mouth.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://worldmarkets.jp/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=12428178","date":"2025-11-24T06:19:31.209Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.grown-mouth.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 21 Nov 2025 18:47:53 GMT","end":"Thu, 19 Feb 2026 18:47:52 GMT"},"fingerprint":{"sha1":"10:7E:7B:C9:93:0B:6C:78:ED:7D:85:CB:45:3B:BA:9A:E8:48:5B:8F","sha256":"CA:1F:B0:A5:DA:49:09:DC:31:B0:C2:9A:84:E8:0D:BD:11:60:EE:56:40:EB:92:E0:F8:45:38:41:81:46:F8:69"}}},"request":{"raw":"GET /ecc874/d5b7e4ebc303.js HTTP/1.1\r\nHost: www.grown-mouth.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-type: text/plain\r\nOrigin: https://worldmarkets.jp\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://worldmarkets.jp/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 24 Nov 2025 06:19:31 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: Content-Type\r\ncache-control: max-age=172800\r\ncontent-encoding: gzip\r\nexpires: Wed, 26 Nov 2025 06:19:31 GMT\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":103673,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65533), with no line terminators","md5":"a99446eecd9bac0b258c9a0b1da2b333","sha1":"3d89afb0187aff54cd325046314fd8901a12ce67","sha256":"ba6f2bf6308511ea02fc6d9a21464ef99d00c0496e01b5dcbe61aadf71979537","sha512":"85c3aed599a4ccbc256bf19c10935433a97c69ddc569651a1973e92d29be76706a8655d5b6d19d629ad1201bc244020f6006d37d365c46e6d22c8470250fb997","ssdeep":"1536:rM+iZ3YOYuyx6PUQwRxcs8P3nhkQ8vL7T7Q6eGozzwVEnHzHRbPvE:OijxEQq3P5Enne9zkWHLW","tlshash":"9ba33461350b64fd2ad0c1e7eb6b20886c295810e469cca1ecd1d7c7d6eb8e3429b5f7","first_seen":"2025-11-21T21:06:40.108314Z","last_seen":"2025-11-24T07:20:44.100631Z","times_seen":90,"resource_available":true,"data":null}},"time_used":270,"timings":{"blocked":114,"dns":73,"connect":19,"send":0,"wait":37,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.grown-mouth.com/ecc874/d5b7e4ebc303.js","fqdn":"www.grown-mouth.com","domain":"grown-mouth.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://worldmarkets.jp/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=12428178","date":"2025-11-24T06:19:31.214Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.grown-mouth.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 21 Nov 2025 18:47:53 GMT","end":"Thu, 19 Feb 2026 18:47:52 GMT"},"fingerprint":{"sha1":"10:7E:7B:C9:93:0B:6C:78:ED:7D:85:CB:45:3B:BA:9A:E8:48:5B:8F","sha256":"CA:1F:B0:A5:DA:49:09:DC:31:B0:C2:9A:84:E8:0D:BD:11:60:EE:56:40:EB:92:E0:F8:45:38:41:81:46:F8:69"}}},"request":{"raw":"GET /ecc874/d5b7e4ebc303.js HTTP/1.1\r\nHost: www.grown-mouth.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://worldmarkets.jp/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 24 Nov 2025 06:19:31 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: Content-Type\r\ncache-control: max-age=172800\r\ncontent-encoding: gzip\r\nexpires: Wed, 26 Nov 2025 06:19:31 GMT\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":103673,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65533), with no line terminators","md5":"a99446eecd9bac0b258c9a0b1da2b333","sha1":"3d89afb0187aff54cd325046314fd8901a12ce67","sha256":"ba6f2bf6308511ea02fc6d9a21464ef99d00c0496e01b5dcbe61aadf71979537","sha512":"85c3aed599a4ccbc256bf19c10935433a97c69ddc569651a1973e92d29be76706a8655d5b6d19d629ad1201bc244020f6006d37d365c46e6d22c8470250fb997","ssdeep":"1536:rM+iZ3YOYuyx6PUQwRxcs8P3nhkQ8vL7T7Q6eGozzwVEnHzHRbPvE:OijxEQq3P5Enne9zkWHLW","tlshash":"9ba33461350b64fd2ad0c1e7eb6b20886c295810e469cca1ecd1d7c7d6eb8e3429b5f7","first_seen":"2025-11-21T21:06:40.108314Z","last_seen":"2025-11-24T07:20:44.100631Z","times_seen":90,"resource_available":true,"data":null}},"time_used":250,"timings":{"blocked":111,"dns":72,"connect":21,"send":0,"wait":19,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"colossal-seat.com/Yf2.xgphZiW_5k0lZmGnF-0pYqTr9sy_cumvlwkxP-TzMA3BOCW_NEiFNGGHM-2JOKDLkM3_MODPBQhRZ-GTIUyVYWm_NYjZYazbI-ydMezfIg3_NimjYkwlZ-mnIo1p","fqdn":"colossal-seat.com","domain":"colossal-seat.com","tld":"com"},"ip":{"addr":"88.85.69.211","port":443,"asn":35415,"as":"Webzilla B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://worldmarkets.jp/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=12428178","date":"2025-11-24T06:19:31.216Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"colossal-seat.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 15 Nov 2025 16:04:33 GMT","end":"Fri, 13 Feb 2026 16:04:32 GMT"},"fingerprint":{"sha1":"6A:2D:24:F2:89:D9:6F:2D:D3:F9:91:E1:80:E1:D6:9C:32:0E:17:33","sha256":"02:EF:29:F3:2E:F8:19:F3:51:4E:86:B0:6A:93:5E:D0:C3:9C:68:93:D6:F8:FA:85:C5:DD:C1:70:C0:48:62:EE"}}},"request":{"raw":"POST /Yf2.xgphZiW_5k0lZmGnF-0pYqTr9sy_cumvlwkxP-TzMA3BOCW_NEiFNGGHM-2JOKDLkM3_MODPBQhRZ-GTIUyVYWm_NYjZYazbI-ydMezfIg3_NimjYkwlZ-mnIo1p HTTP/1.1\r\nHost: colossal-seat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 107\r\nOrigin: https://worldmarkets.jp\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://worldmarkets.jp/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":107,"data":"ref=https%3A%2F%2Fworldmarkets.jp%2Fz0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f%3Fwsidchk%3D12428178\u0026prevRef="}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 24 Nov 2025 06:19:31 GMT\r\ncontent-length: 0\r\nexpires: Mon, 26 Jul 2011 05:00:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\naccept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T04:46:10.842589Z","times_seen":13317089,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"colossal-seat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"colossal-seat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"colossal-seat.com/jserr?msg=Error%20object%20is%20undefined%20(sic).%0AUrl%3A%20https%3A%2F%2Fworldmarkets.jp%2Fz0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f%3Fwsidchk%3D12428178%0AVersion%3A%200.3.3\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026tag=videoim","fqdn":"colossal-seat.com","domain":"colossal-seat.com","tld":"com"},"ip":{"addr":"88.85.69.211","port":443,"asn":35415,"as":"Webzilla B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://worldmarkets.jp/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=12428178","date":"2025-11-24T06:19:31.507Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"colossal-seat.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 15 Nov 2025 16:04:33 GMT","end":"Fri, 13 Feb 2026 16:04:32 GMT"},"fingerprint":{"sha1":"6A:2D:24:F2:89:D9:6F:2D:D3:F9:91:E1:80:E1:D6:9C:32:0E:17:33","sha256":"02:EF:29:F3:2E:F8:19:F3:51:4E:86:B0:6A:93:5E:D0:C3:9C:68:93:D6:F8:FA:85:C5:DD:C1:70:C0:48:62:EE"}}},"request":{"raw":"GET /jserr?msg=Error%20object%20is%20undefined%20(sic).%0AUrl%3A%20https%3A%2F%2Fworldmarkets.jp%2Fz0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f%3Fwsidchk%3D12428178%0AVersion%3A%200.3.3\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026tag=videoim HTTP/1.1\r\nHost: colossal-seat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://worldmarkets.jp/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 24 Nov 2025 06:19:31 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 0\r\nexpires: Mon, 26 Jul 2011 05:00:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\naccept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\naccess-control-allow-origin: https://worldmarkets.jp\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T04:46:10.842589Z","times_seen":13317089,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"colossal-seat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"colossal-seat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"worldmarkets.jp/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=12428178","fqdn":"worldmarkets.jp","domain":"worldmarkets.jp","tld":"jp"},"ip":{"addr":"195.181.166.158","port":80,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-24T06:19:30.456Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=12428178 HTTP/1.1\r\nHost: worldmarkets.jp\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Mon, 24 Nov 2025 06:19:30 GMT\r\nContent-Type: text/html\r\nContent-Length: 166\r\nConnection: keep-alive\r\nServer: BunnyCDN-SE1-725\r\nCDN-PullZone: 4888074\r\nCDN-RequestCountryCode: NO\r\nLocation: https://worldmarkets.jp/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=12428178\r\nCDN-RequestId: 9553a6ca5d864e9eb41432f33477a5f7\r\nCDN-RequestTime: 0\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]}],"data":{"size":16675,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T04:46:10.842589Z","times_seen":13317089,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":3,"dns":1,"connect":7,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tracking.worldmarkets.jp/matomo.php?action_name=404%20-%20Page%20Not%20Found\u0026idsite=1872\u0026rec=1\u0026r=112190\u0026h=6\u0026m=19\u0026s=31\u0026url=https%3A%2F%2Fworldmarkets.jp%2Fz0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f%3Fwsidchk%3D12428178\u0026_id=ae56fa222044cfe1\u0026_idn=1\u0026send_image=0\u0026_refts=0\u0026pv_id=is5QAt\u0026pf_net=0\u0026pf_srv=203\u0026pf_tfr=4\u0026pf_dm1=91\u0026uadata=%7B%7D\u0026pdf=1\u0026qt=0\u0026realp=0\u0026wma=0\u0026fla=0\u0026java=0\u0026ag=0\u0026cookie=1\u0026res=1280x1024","fqdn":"tracking.worldmarkets.jp","domain":"worldmarkets.jp","tld":"jp"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://worldmarkets.jp/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=12428178","date":"2025-11-24T06:19:31.219Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"worldmarkets.jp","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 19 Nov 2025 06:08:29 GMT","end":"Tue, 17 Feb 2026 07:05:46 GMT"},"fingerprint":{"sha1":"53:83:AC:41:49:99:26:94:EC:8A:3B:76:55:18:17:44:B3:46:2D:1C","sha256":"00:32:53:9E:28:47:4D:74:75:73:77:EF:5F:63:0E:0B:05:F1:98:89:1E:D5:7F:B9:31:75:CC:3B:45:80:00:60"}}},"request":{"raw":"POST /matomo.php?action_name=404%20-%20Page%20Not%20Found\u0026idsite=1872\u0026rec=1\u0026r=112190\u0026h=6\u0026m=19\u0026s=31\u0026url=https%3A%2F%2Fworldmarkets.jp%2Fz0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f%3Fwsidchk%3D12428178\u0026_id=ae56fa222044cfe1\u0026_idn=1\u0026send_image=0\u0026_refts=0\u0026pv_id=is5QAt\u0026pf_net=0\u0026pf_srv=203\u0026pf_tfr=4\u0026pf_dm1=91\u0026uadata=%7B%7D\u0026pdf=1\u0026qt=0\u0026realp=0\u0026wma=0\u0026fla=0\u0026java=0\u0026ag=0\u0026cookie=1\u0026res=1280x1024 HTTP/1.1\r\nHost: tracking.worldmarkets.jp\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=utf-8\r\nContent-Length: 0\r\nOrigin: https://worldmarkets.jp\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://worldmarkets.jp/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 204 No Content\r\ndate: Mon, 24 Nov 2025 06:19:31 GMT\r\nserver: cloudflare\r\nx-powered-by: PHP/8.2.26\r\naccess-control-allow-origin: https://worldmarkets.jp\r\naccess-control-allow-credentials: true\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0j6Wywkh6Oo9Z3eq5bjVQpkzCZqD3E4Owc2wATpLRE%2BKvyja1THz1%2FJ%2FCrpARl77I3M4whoCjBJPl80ZR%2F%2BWPYViyjimT37JBh7fzS7R7fWIUSwrYUo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\ncf-ray: 9a36cb90196c568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:8.2.26","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T04:46:10.842589Z","times_seen":13317089,"resource_available":true,"data":null}},"time_used":633,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":633,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sdk4push.com/f/sdk.js?z=2187891","fqdn":"sdk4push.com","domain":"sdk4push.com","tld":"com"},"ip":{"addr":"157.90.33.68","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://worldmarkets.jp/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=12428178","date":"2025-11-24T06:19:30.810Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sdk4push.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Oct 2025 09:24:02 GMT","end":"Thu, 22 Jan 2026 09:24:01 GMT"},"fingerprint":{"sha1":"F9:80:C7:F4:79:39:BA:C4:79:6E:B7:87:F0:07:77:57:22:6E:92:C0","sha256":"C1:1B:66:88:44:D5:68:69:6F:BF:66:63:58:AF:C9:B4:B1:F9:2B:07:C9:DB:9F:E2:4D:FB:FA:F7:A3:F2:AC:C0"}}},"request":{"raw":"GET /f/sdk.js?z=2187891 HTTP/1.1\r\nHost: sdk4push.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://worldmarkets.jp/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Angie\r\ndate: Mon, 24 Nov 2025 06:19:30 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 15242\r\ncontent-encoding: gzip\r\ncache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]}],"data":{"size":54787,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (54745), with no line terminators","md5":"4018ad296da1caed34597f1e0ba53d28","sha1":"f4eb27979f1d7c9ee092f270d739466e8da537f9","sha256":"10de896ad40948b2a23b11a5eaf48ef59583762ee9ed8bb8ba40a308ce12dc93","sha512":"5799c4411f4f36aeee2ea0d3c4065672eb2709071b9338ca84607435c52482490f8d03fffbb6029e21e6f247be124eafadff6970644718c996cc7d75f29a6807","ssdeep":"1536:/7LMSZcnLitlCr8WoeisV69SDG3nY+kH+s9K:/7L1Y2NViB9K","tlshash":"b833818877c6713412a7a4ac056f50d6eb2b3c34944e890adc53f3a2297576eef23d74","first_seen":"2025-04-03T01:19:28.743234Z","last_seen":"2026-04-04T00:30:08.27869Z","times_seen":513,"resource_available":true,"data":null}},"time_used":247,"timings":{"blocked":104,"dns":33,"connect":24,"send":0,"wait":28,"receive":3,"ssl":52},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"colossal-seat.com/d.m-FTzUdVGWN_vYZZGaUb/-cdneNfygY_zi1j2kYlX-Nn0oapWq0_msct2ulvk-PxSyZz6Ab_2C5DlEaFW-QH9INJjKc_wMONDOgPz-MRQS","fqdn":"colossal-seat.com","domain":"colossal-seat.com","tld":"com"},"ip":{"addr":"88.85.69.211","port":443,"asn":35415,"as":"Webzilla B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://worldmarkets.jp/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=12428178","date":"2025-11-24T06:19:31.207Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"colossal-seat.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 15 Nov 2025 16:04:33 GMT","end":"Fri, 13 Feb 2026 16:04:32 GMT"},"fingerprint":{"sha1":"6A:2D:24:F2:89:D9:6F:2D:D3:F9:91:E1:80:E1:D6:9C:32:0E:17:33","sha256":"02:EF:29:F3:2E:F8:19:F3:51:4E:86:B0:6A:93:5E:D0:C3:9C:68:93:D6:F8:FA:85:C5:DD:C1:70:C0:48:62:EE"}}},"request":{"raw":"GET /d.m-FTzUdVGWN_vYZZGaUb/-cdneNfygY_zi1j2kYlX-Nn0oapWq0_msct2ulvk-PxSyZz6Ab_2C5DlEaFW-QH9INJjKc_wMONDOgPz-MRQS HTTP/1.1\r\nHost: colossal-seat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://worldmarkets.jp/\r\nOrigin: https://worldmarkets.jp\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 24 Nov 2025 06:19:31 GMT\r\ncontent-type: text/xml\r\nvary: Accept-Encoding\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\naccept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64\r\nexpires: Mon, 26 Jul 2011 05:00:00 GMT\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://worldmarkets.jp\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":68,"size_decoded":0,"mime_type":"text/xml","magic":"ASCII text, with no line terminators","md5":"e75e81cc4ef4e4513e1c1c5a912f4256","sha1":"c66b6d05e57cf1bcff3eb3a3d0db8e1ae0c7cf20","sha256":"f3307fffa03a34bc19f8f7dc99ede770e098497b27e98aecd383d284abae50b3","sha512":"514ee3d753ea4170c4ef9fa78f9bbe30961017ba9adc3a1f40ac5c1b4c558abd82ccb0b22737a08eab910cd785cfcbc9c0ca0cae0bb35461fae59e2e1c47ab60","ssdeep":"","tlshash":"6aa022ccc202c0208288ef0030f0000233a0a28a82c28cccf0e208aa30000c032002cc","first_seen":"2023-05-12T08:34:43Z","last_seen":"2026-04-02T18:29:22.282345Z","times_seen":745,"resource_available":true,"data":null}},"time_used":154,"timings":{"blocked":54,"dns":1,"connect":17,"send":0,"wait":40,"receive":0,"ssl":38},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"colossal-seat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"colossal-seat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"worldmarkets.jp/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=12428178","fqdn":"worldmarkets.jp","domain":"worldmarkets.jp","tld":"jp"},"ip":{"addr":"195.181.166.158","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-24T06:19:30.473Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"worldmarkets.jp","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 20 Nov 2025 20:43:58 GMT","end":"Wed, 18 Feb 2026 20:43:57 GMT"},"fingerprint":{"sha1":"C4:F5:AE:53:15:F5:47:B9:14:33:28:EE:9C:CF:79:65:80:2E:0B:28","sha256":"D7:D8:37:9F:E7:13:D6:D1:59:62:B0:54:B0:A1:7D:9D:6F:DB:9E:84:5D:63:D0:58:BA:6C:F9:14:CA:7C:91:B5"}}},"request":{"raw":"GET /z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=12428178 HTTP/1.1\r\nHost: worldmarkets.jp\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Mon, 24 Nov 2025 06:19:30 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nserver: BunnyCDN-SE1-725\r\ncdn-pullzone: 4888074\r\ncdn-requestcountrycode: NO\r\ncache-control: no-cache\r\ncdn-proxyver: 1.40\r\ncdn-requestpullcode: 404\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 725\r\ncdn-cachedat: 11/24/2025 06:19:30\r\ncdn-status: 404\r\ncdn-requesttime: 0\r\ncdn-requestid: e54b522eb8acbe586c629b9f312d7a53\r\ncdn-cache: MISS\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]},{"name":"Clicky","description":"Clicky is web an analytics tool which helps you to get real-time analysis including spy view.","website":"https://getclicky.com","common_platform_enumeration":"","icon":"Clicky.png","categories":["Analytics"]}],"data":{"size":16675,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators","md5":"3b8a09219097a3ecd336c8257a4ad2f3","sha1":"8d4bb57ed34635fc801900b0d6c580177ce2b5fb","sha256":"4b41e997121a9517892e0c30c8b87ce46f8cf88c526a322229607b9071e579c3","sha512":"182c5ad29c58073b3ee5290db304750fc2ca14b81f0b22b7aea53c7abef26b1d5104f5adc517a26c9062aac4d8f5b7c6ec142346f8630deabe0777d003628552","ssdeep":"384:cxHuTF4FoFTFyN999eoDQ20Pu5CvTrT81qY2g:cxOTF4FoFTFK9reoDx0PECrQ/","tlshash":"ec72930a2ae710262013a13d33ff6a087675e017ca4add187e9d8398efd97a45c937cc","first_seen":"2025-11-24T05:48:12.656096Z","last_seen":"2025-11-24T07:20:44.098766Z","times_seen":3,"resource_available":false,"data":null}},"time_used":204,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":204,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"colossal-seat.com/b/X/VCsEd.Gglz0dYbWqcI/Me/mw9vuUZyUGlkk_PkTZYO3pMfD/gn4TM_jbkBthNfjIc/wdOaDNgszAMgAR","fqdn":"colossal-seat.com","domain":"colossal-seat.com","tld":"com"},"ip":{"addr":"88.85.69.211","port":443,"asn":35415,"as":"Webzilla B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://worldmarkets.jp/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=12428178","date":"2025-11-24T06:19:30.817Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"colossal-seat.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 15 Nov 2025 16:04:33 GMT","end":"Fri, 13 Feb 2026 16:04:32 GMT"},"fingerprint":{"sha1":"6A:2D:24:F2:89:D9:6F:2D:D3:F9:91:E1:80:E1:D6:9C:32:0E:17:33","sha256":"02:EF:29:F3:2E:F8:19:F3:51:4E:86:B0:6A:93:5E:D0:C3:9C:68:93:D6:F8:FA:85:C5:DD:C1:70:C0:48:62:EE"}}},"request":{"raw":"GET /b/X/VCsEd.Gglz0dYbWqcI/Me/mw9vuUZyUGlkk_PkTZYO3pMfD/gn4TM_jbkBthNfjIc/wdOaDNgszAMgAR HTTP/1.1\r\nHost: colossal-seat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://worldmarkets.jp/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 24 Nov 2025 06:19:30 GMT\r\ncontent-type: application/javascript\r\npragma: no-cache\r\naccept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64\r\nexpires: Mon, 26 Jul 2011 05:00:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nvary: Accept-Encoding, Origin\r\naccess-control-allow-methods: GET\r\nlast-modified: Mon, 24 Nov 2025 06:19:30 GMT\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://worldmarkets.jp\r\nset-cookie: uniqCookie=3f4d36161f2d3ff21c4365e810159a34; max-age=1766557170; path=/\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":223780,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (36108)","md5":"1d03c36753b38b9c8251bb1a74068c1f","sha1":"9c5ee86d7272ba6e6334f30fb2f7f3a73482370e","sha256":"5419b6acd71cd05031ab4ad6d0c4a06ee1af4e2a2ea3d96a5bc9af398f925327","sha512":"44fd361f0fba71e883fe86c8d3bbd7b9e369682e0fb4a5c7fe669f8de804b985d4d08a06eab7da46466faa2cb5e4aac5ccc08b29e054f785c180ad93e761e6e4","ssdeep":"6144:BCrQB42X040I27lFG5ClE5yyoOSHZ3dDDgJbMHZboEBkleZbcpN:30I2/Dyw5cpN","tlshash":"3b243c9a3592747906f600a57476520ab2390a5f3d098024b87cece97da9e4f733bfb4","first_seen":"2025-11-24T06:19:58.756053Z","last_seen":"2025-11-24T06:19:58.756053Z","times_seen":1,"resource_available":true,"data":null}},"time_used":270,"timings":{"blocked":78,"dns":32,"connect":17,"send":0,"wait":102,"receive":0,"ssl":39},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"colossal-seat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"colossal-seat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sdk4push.com/event?z=2187891","fqdn":"sdk4push.com","domain":"sdk4push.com","tld":"com"},"ip":{"addr":"157.90.33.68","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://worldmarkets.jp/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=12428178","date":"2025-11-24T06:19:31.040Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sdk4push.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Oct 2025 09:24:02 GMT","end":"Thu, 22 Jan 2026 09:24:01 GMT"},"fingerprint":{"sha1":"F9:80:C7:F4:79:39:BA:C4:79:6E:B7:87:F0:07:77:57:22:6E:92:C0","sha256":"C1:1B:66:88:44:D5:68:69:6F:BF:66:63:58:AF:C9:B4:B1:F9:2B:07:C9:DB:9F:E2:4D:FB:FA:F7:A3:F2:AC:C0"}}},"request":{"raw":"POST /event?z=2187891 HTTP/1.1\r\nHost: sdk4push.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 96\r\nOrigin: https://worldmarkets.jp\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://worldmarkets.jp/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":96,"data":"{\"event\":\"request\",\"zone_id\":2187891,\"subid1\":\"worldmarkets.jp\",\"subid2\":\"\",\"ext_click_id\":null}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: Angie\r\ndate: Mon, 24 Nov 2025 06:19:31 GMT\r\ncontent-length: 0\r\naccess-control-allow-origin: https://worldmarkets.jp\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\ncache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store\r\npragma: no-cache\r\nexpires: Tue, 11 Jan 1994 00:00:00 GMT\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T04:46:10.842589Z","times_seen":13317089,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"worldmarkets.jp/static/favicons/worldmarkets.jp.ico","fqdn":"worldmarkets.jp","domain":"worldmarkets.jp","tld":"jp"},"ip":{"addr":"195.181.166.158","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://worldmarkets.jp/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=12428178","date":"2025-11-24T06:19:31.418Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"worldmarkets.jp","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 20 Nov 2025 20:43:58 GMT","end":"Wed, 18 Feb 2026 20:43:57 GMT"},"fingerprint":{"sha1":"C4:F5:AE:53:15:F5:47:B9:14:33:28:EE:9C:CF:79:65:80:2E:0B:28","sha256":"D7:D8:37:9F:E7:13:D6:D1:59:62:B0:54:B0:A1:7D:9D:6F:DB:9E:84:5D:63:D0:58:BA:6C:F9:14:CA:7C:91:B5"}}},"request":{"raw":"GET /static/favicons/worldmarkets.jp.ico HTTP/1.1\r\nHost: worldmarkets.jp\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://worldmarkets.jp/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=12428178\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 24 Nov 2025 06:19:32 GMT\r\ncontent-type: image/vnd.microsoft.icon\r\nvary: Accept-Encoding\r\nserver: BunnyCDN-SE1-725\r\ncdn-pullzone: 4888074\r\ncdn-requestcountrycode: NO\r\ncache-control: no-cache\r\netag: W/\"1763498023.650291-10558-1806572896\"\r\nlast-modified: Tue, 18 Nov 2025 20:33:43 GMT\r\ncontent-security-policy: frame-ancestors 'self' https://worldmarkets.jp;\r\ncdn-proxyver: 1.40\r\ncdn-requestpullcode: 200\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 725\r\ncdn-cachedat: 11/24/2025 06:19:32\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\ncontent-disposition: inline; filename=worldmarkets.jp.ico\r\ncdn-requestid: 3f4434dd5c6ca78a7990fe6bfba895db\r\ncdn-cache: MISS\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]}],"data":{"size":10558,"size_decoded":0,"mime_type":"image/vnd.microsoft.icon","magic":"MS Windows icon resource - 4 icons, 16x16 with PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 32x32 with \n- PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced, 32 bits/pixel","md5":"71154d0378f01bdb690085e58f457f52","sha1":"62080873deb4af9733f48e73b50a0050def55a90","sha256":"28fd81d6d5561a45570ec77fd90a045d5346d91e7a7daf2cdfda81b8227cc3e1","sha512":"7839e48d51e481d8ebdb784b54a95743d3fc3481066a2ca5b6cee7df2188f1567e6f1cf6a937bb4a1ba578d468573182716b4df05468c1a70a1a9e3c4617394e","ssdeep":"192:AKdY7JBcZV1xyKrd1gmYqYhFr7hjJYaPQbv8bZnoWc:APYZbxZiFfpJYaPMvhb","tlshash":"6422c0974191e455c85b3b4b951f1252edca1b3c0cae2e4fa77ee9278c1d71b2098723","first_seen":"2025-11-24T05:48:12.649721Z","last_seen":"2025-11-24T07:20:44.098002Z","times_seen":3,"resource_available":false,"data":null}},"time_used":607,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":607,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}