{"report_id":"0d52839e-1a8d-4509-a0c0-8d8061440829","version":6,"status":"done","tags":[],"date":"2025-09-16T16:21:30Z","url":{"schema":"http","addr":"hjd2048.com/2048/simple/?t18696921.html","fqdn":"hjd2048.com","domain":"hjd2048.com","tld":"com"},"ip":{"addr":"104.21.48.236","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"hjd2048.com/2048/simple/?t18696921.html","fqdn":"hjd2048.com","domain":"hjd2048.com","tld":"com"},"title":"【绿帽模拟器】（1-15）作者：黑暗中的光明 | 2008-2024大集合 - 人人为我论坛 - Powered by PHPWind"},"submit":{"url":{"schema":"http","addr":"hjd2048.com/2048/simple/?t18696921.html","fqdn":"hjd2048.com","domain":"hjd2048.com","tld":"com"},"ip":{"addr":"104.21.48.236","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-21T16:21:30Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":2,"urlquery":0,"analyzer":0}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-16T16:21:08Z","timestamp":1758039668,"ip_dst":{"addr":"192.169.69.26","port":80,"asn":27323,"as":"SERVERSTADIUM","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.4","port":43982,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain","source":"{\"timestamp\":\"2025-09-16T16:21:08.234387+0000\",\"flow_id\":2238019640561015,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.4\",\"src_port\":43982,\"dest_ip\":\"192.169.69.26\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042937,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_15\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"rjkatmgmhb.duckdns.org\",\"url\":\"/robots.txt\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":599,\"bytes_toclient\":116,\"start\":\"2025-09-16T16:17:49.527735+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-16T16:21:21Z","timestamp":1758039681,"ip_dst":{"addr":"192.169.69.26","port":80,"asn":27323,"as":"SERVERSTADIUM","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.4","port":43992,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain","source":"{\"timestamp\":\"2025-09-16T16:21:21.619300+0000\",\"flow_id\":415793865941625,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.4\",\"src_port\":43992,\"dest_ip\":\"192.169.69.26\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042937,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_15\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"rjkatmgmhb.duckdns.org\",\"url\":\"/robots.txt\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":599,\"bytes_toclient\":116,\"start\":\"2025-09-16T16:17:49.909945+0000\"}}"}],"analyzer":null,"urlquery":null},"summary":[{"fqdn":"hjd2048.com","ip":{"addr":"172.67.188.91","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2018-02-06","domain_rank":66639,"first_seen":"2018-12-03T09:32:46Z","last_seen":"2025-09-14T20:26:11.078025Z","alert_count":0,"request_count":4,"received_data":38753,"sent_data":2116,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"phpwind","description":"","website":"https://www.phpwind.net","common_platform_enumeration":"","icon":"phpwind.png","categories":["CMS","Message boards"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-16T16:21:08Z","timestamp":1758039668,"ip_dst":{"addr":"192.169.69.26","port":80,"asn":27323,"as":"SERVERSTADIUM","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.4","port":43982,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain","source":"{\"timestamp\":\"2025-09-16T16:21:08.234387+0000\",\"flow_id\":2238019640561015,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.4\",\"src_port\":43982,\"dest_ip\":\"192.169.69.26\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042937,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_15\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"rjkatmgmhb.duckdns.org\",\"url\":\"/robots.txt\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":599,\"bytes_toclient\":116,\"start\":\"2025-09-16T16:17:49.527735+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-16T16:21:21Z","timestamp":1758039681,"ip_dst":{"addr":"192.169.69.26","port":80,"asn":27323,"as":"SERVERSTADIUM","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.4","port":43992,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain","source":"{\"timestamp\":\"2025-09-16T16:21:21.619300+0000\",\"flow_id\":415793865941625,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.4\",\"src_port\":43992,\"dest_ip\":\"192.169.69.26\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042937,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_15\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"rjkatmgmhb.duckdns.org\",\"url\":\"/robots.txt\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":599,\"bytes_toclient\":116,\"start\":\"2025-09-16T16:17:49.909945+0000\"}}"}]}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"hjd2048.com/2048/js/desktop/Compatibility.js","fqdn":"hjd2048.com","domain":"hjd2048.com","tld":"com"},"ip":{"addr":"172.67.188.91","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"697f7ddb5c6eb6d38e91efcfff39a68e","sha1":"2a0773cb4e908a1085de02302aeb2074dad1783c","sha256":"1fc943dcc87b1526b31b92b3ab337877d1d25772f4c39e209b7f5b515256bbc4","sha512":"a132277cedce38dec4a3c5c55a52e91ea6f3b6b90127aa6b066fd403c114531de176edceb2549eef0bbc81d09752f0304ecb56c782251a86bd9f752129baff3b","ssdeep":"96:jtVA1oI+B4K6hXzQiHM3HM4HMzHYH/HpaaNOD7IjRoVZif0BK4yCoJSv2qxx9Sj:jtVA1F+BEXzZHYHjHEHYH/HUagYjr0BE","tlshash":"58b10148b85531b5a39a217d637b5749b33859efe48414d4b149ecf03cb3c9a8327fa8","size":5446,"data":"","first_seen":"2023-03-11T23:06:28Z","last_seen":"2026-03-03T22:38:39.848907Z","times_seen":52,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hjd2048.com/2048/js/lang/zh_cn.js","fqdn":"hjd2048.com","domain":"hjd2048.com","tld":"com"},"ip":{"addr":"172.67.188.91","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"13c014bf5bd0cc55e3c9d055ed80bdbf","sha1":"27d1eea201310addce8aecb80de73ccc91ab35b0","sha256":"dbbae98383bf7c91022695bb765d1d8b831fe4cbf827fefa28e431ab8fd39555","sha512":"783944a10a94fff524163edb6857efe477e906df8f0d1320f554e9eb52ebb7ce43198c0ec887473590546703412b2d88e5d6457dd34e60ba2d0acfe6dde11d57","ssdeep":"96:MW4YPz/bLXNwaCLVKQP5EDz2c53+xL7Gd1zQeZBCjFdaUVZ/RO1Q:MW4Yruxto6Gz4FdaUvAQ","tlshash":"bfc1b6e6cd4eaf703621080223bed151f3ec3d6710bb7205d29e586a52d817cd2a9f83","size":5744,"data":"","first_seen":"2023-12-03T01:01:08Z","last_seen":"2026-03-03T22:38:39.822195Z","times_seen":51,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hjd2048.com/2048/js/core/core.js","fqdn":"hjd2048.com","domain":"hjd2048.com","tld":"com"},"ip":{"addr":"172.67.188.91","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"53bab3702168c45a65b10c308a196c31","sha1":"729c4e0f24d662c779dbedaac8c33913fe59ceb9","sha256":"0a9d961b24ab2188f6271d2dee1b44040ca2b445c2fb21d7796069df2bab6868","sha512":"84eba46ef4da9f93acbc2e81c64eaaba69223d42fed1dcd8b74826e411f6708368701646bc0c451a238cb28ed81d99c55abc9afa6ec6b1f8ce0d4d6c421044f6","ssdeep":"384:2OqznnMnMjezymf84THchWmsoT/rldR63fmiuCtv0EFq35tihi8FAo/Qg:JqznnMnT2mf84THchWmsoTHR6jc2o8Fp","tlshash":"2542828afbdda076a16621380d6f528c343d94636d44cc2abc3c94d03bb4e29117bfe9","size":12789,"data":"","first_seen":"2023-12-03T01:01:08Z","last_seen":"2026-03-03T22:38:39.850726Z","times_seen":51,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"b49f4fc26afb07104ab8a64a347cd97a","sha1":"b10b0ea984bb8d41acf15774375a114ff215f2b6","sha256":"ab415e0320450c15401507bbab2036085dd365e59b32c23c35091fb77e6cf4d3","sha512":"72f7990835708e8412c513ca3d910e63d859c1df549035f694b3fd29fcd682f98adaf26c1005071af6711e6bdf4e8d743b9050b39be50345353cb353b1719839","ssdeep":"","tlshash":"af90040f5f54c155401114575771f51c4154ff0c3171cc3441c50f1450147c4cf07cc5","size":51,"data":"","first_seen":"2023-03-11T23:06:28Z","last_seen":"2026-03-03T22:38:39.86921Z","times_seen":55,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"bb518b98f59a9bfcd92745c8e3be762d","sha1":"02f51bfaaeae30fc5b13897b49ec7e15ac946684","sha256":"0308d875365eed2aca81a76d67465bdfd388a45816a87b9ce8a8759393d0111e","sha512":"7a47a7ebc8c3acc86f00a7147e2a40d86422c1d7e906b8b00e353644e59a7482ad414d7b39beadb239e13a66491d956c9afcf0adf57ca859a8f82f8818d4ef82","ssdeep":"","tlshash":"ae90040f7f4dc570010535541474d31c00505d043110d43505d7300110313c4cc014c0","size":40,"data":"","first_seen":"2023-03-08T02:14:00Z","last_seen":"2026-03-03T22:38:39.870827Z","times_seen":86,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"https","addr":"hjd2048.com/2048/js/desktop/Compatibility.js","fqdn":"hjd2048.com","domain":"hjd2048.com","tld":"com"},"ip":{"addr":"172.67.188.91","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hjd2048.com/2048/simple/?t18696921.html","date":"2025-09-16T16:21:08.500Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hjd2048.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 14 Sep 2025 05:20:19 GMT","end":"Sat, 13 Dec 2025 02:38:47 GMT"},"fingerprint":{"sha1":"5F:3F:15:E3:33:C8:8D:D3:07:FA:26:43:C4:8D:87:70:87:BB:5E:DE","sha256":"26:08:51:3F:E7:EE:2B:C0:A3:61:99:72:46:11:06:AC:E5:DB:4D:98:D7:2C:A1:BA:FF:49:52:B2:56:51:8D:46"}}},"request":{"raw":"GET /2048/js/desktop/Compatibility.js HTTP/1.1\r\nHost: hjd2048.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hjd2048.com/2048/simple/?t18696921.html\r\nCookie: a22e7_lastvisit=0%091758039758%09%2F2048%2Fsimple%2Findex.php%3Ft18696921.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 16 Sep 2025 16:21:08 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 04 Mar 2010 09:31:04 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VHbiP32jVqM5RcKk0e6JHjuWtQM%2BfDebq7rjjI04KKsUf3%2Bx%2BXoeCryTmmIRZm3E%2Bm90%2BGWpk3xhx0zvy%2FSrDyVIgMkIQIMi%2BolI\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: \"4b8f7dd8-1546\"\r\nexpires: Tue, 16 Sep 2025 18:50:02 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 34356\r\ncf-cache-status: HIT\r\ncf-ray: 9801b1f81c542efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5446,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (5446), with no line terminators","md5":"697f7ddb5c6eb6d38e91efcfff39a68e","sha1":"2a0773cb4e908a1085de02302aeb2074dad1783c","sha256":"1fc943dcc87b1526b31b92b3ab337877d1d25772f4c39e209b7f5b515256bbc4","sha512":"a132277cedce38dec4a3c5c55a52e91ea6f3b6b90127aa6b066fd403c114531de176edceb2549eef0bbc81d09752f0304ecb56c782251a86bd9f752129baff3b","ssdeep":"96:jtVA1oI+B4K6hXzQiHM3HM4HMzHYH/HpaaNOD7IjRoVZif0BK4yCoJSv2qxx9Sj:jtVA1F+BEXzZHYHjHEHYH/HUagYjr0BE","tlshash":"58b10148b85531b5a39a217d637b5749b33859efe48414d4b149ecf03cb3c9a8327fa8","first_seen":"2023-03-11T23:06:28Z","last_seen":"2026-03-03T22:38:39.848907Z","times_seen":52,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hjd2048.com/2048/simple/?t18696921.html","fqdn":"hjd2048.com","domain":"hjd2048.com","tld":"com"},"ip":{"addr":"172.67.188.91","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-16T16:21:07.857Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hjd2048.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 14 Sep 2025 05:20:19 GMT","end":"Sat, 13 Dec 2025 02:38:47 GMT"},"fingerprint":{"sha1":"5F:3F:15:E3:33:C8:8D:D3:07:FA:26:43:C4:8D:87:70:87:BB:5E:DE","sha256":"26:08:51:3F:E7:EE:2B:C0:A3:61:99:72:46:11:06:AC:E5:DB:4D:98:D7:2C:A1:BA:FF:49:52:B2:56:51:8D:46"}}},"request":{"raw":"GET /2048/simple/?t18696921.html HTTP/1.1\r\nHost: hjd2048.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 16 Sep 2025 16:21:08 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tvtZOvToIct3YYQp7m3jEdte7PdnMBwQVAjslPafvr8KxAJJ6epU2iTdWdC29FTkvCUGT84aZ6D%2FPd9ntCP%2FNBXqhjXbnuuXQfW8\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nset-cookie: a22e7_lastvisit=0%091758039758%09%2F2048%2Fsimple%2Findex.php%3Ft18696921.html; Path=/; Max-Age=31536000; Expires=Wed, 16 Sep 2026 16:22:38 GMT\na22e7_lastvisit=0%091758039758%09%2F2048%2Fsimple%2Findex.php%3Ft18696921.html; Path=/; Max-Age=31536000; Expires=Wed, 16 Sep 2026 16:22:38 GMT\r\ncf-ray: 9801b1f43abf0883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"phpwind","description":"","website":"https://www.phpwind.net","common_platform_enumeration":"","icon":"phpwind.png","categories":["CMS","Message boards"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11679,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (305), with CRLF, LF line terminators","md5":"577e56a7d497ac140d38eba374b301e7","sha1":"9b90457132a91223961f9b807dd54aa6364a7671","sha256":"3625fc22331407e99eaf25c9d86c3796f94e0d5aabf7670efbe97c3b8b85cbf9","sha512":"c3f0d51ce7eea2f7ce15e726a64a521f022daafb3eb28e982e49335b5ceec45d8c558b7080be75617b75c36729fda12698b02e22fdd8356882c8dc38771595dd","ssdeep":"192:qlFICWNw3mV386zKYHF8YQPG0Wz9mGWYjVugNhftwM3iM6R8UkyB0JblN3tcmffu:vh4MiYQPG3z9mG/jVu4hftwMyM6R8UNH","tlshash":"8132e8d383631aa9b0c355c9db1cd22421fa0a8ddb13eb53cd3faf73a155484236961a","first_seen":"2025-09-16T16:21:31.352596Z","last_seen":"2025-09-16T16:21:31.352596Z","times_seen":1,"resource_available":false,"data":null}},"time_used":383,"timings":{"blocked":21,"dns":0,"connect":1,"send":0,"wait":342,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hjd2048.com/2048/js/core/core.js","fqdn":"hjd2048.com","domain":"hjd2048.com","tld":"com"},"ip":{"addr":"172.67.188.91","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hjd2048.com/2048/simple/?t18696921.html","date":"2025-09-16T16:21:08.446Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hjd2048.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 14 Sep 2025 05:20:19 GMT","end":"Sat, 13 Dec 2025 02:38:47 GMT"},"fingerprint":{"sha1":"5F:3F:15:E3:33:C8:8D:D3:07:FA:26:43:C4:8D:87:70:87:BB:5E:DE","sha256":"26:08:51:3F:E7:EE:2B:C0:A3:61:99:72:46:11:06:AC:E5:DB:4D:98:D7:2C:A1:BA:FF:49:52:B2:56:51:8D:46"}}},"request":{"raw":"GET /2048/js/core/core.js HTTP/1.1\r\nHost: hjd2048.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hjd2048.com/2048/simple/?t18696921.html\r\nCookie: a22e7_lastvisit=0%091758039758%09%2F2048%2Fsimple%2Findex.php%3Ft18696921.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 16 Sep 2025 16:21:08 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 03 Sep 2023 10:35:25 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2NEIO7Q%2FZKeHb1UPh7hsTOpMddW7929l9sSIcBGHaFw%2BSVPs%2BRtwGkrl8zzgOkLWaXG21XkoAyjnmKvPJKwSAx%2FbkVgNu7johUwl\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: \"64f4616d-31ff\"\r\nexpires: Wed, 17 Sep 2025 03:26:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 3343\r\ncf-cache-status: HIT\r\ncf-ray: 9801b1f73c482efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12799,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"53bab3702168c45a65b10c308a196c31","sha1":"729c4e0f24d662c779dbedaac8c33913fe59ceb9","sha256":"0a9d961b24ab2188f6271d2dee1b44040ca2b445c2fb21d7796069df2bab6868","sha512":"84eba46ef4da9f93acbc2e81c64eaaba69223d42fed1dcd8b74826e411f6708368701646bc0c451a238cb28ed81d99c55abc9afa6ec6b1f8ce0d4d6c421044f6","ssdeep":"384:2OqznnMnMjezymf84THchWmsoT/rldR63fmiuCtv0EFq35tihi8FAo/Qg:JqznnMnT2mf84THchWmsoTHR6jc2o8Fp","tlshash":"2542828afbdda076a16621380d6f528c343d94636d44cc2abc3c94d03bb4e29117bfe9","first_seen":"2023-12-03T01:01:08Z","last_seen":"2026-03-03T22:38:39.850726Z","times_seen":51,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hjd2048.com/2048/js/lang/zh_cn.js","fqdn":"hjd2048.com","domain":"hjd2048.com","tld":"com"},"ip":{"addr":"172.67.188.91","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hjd2048.com/2048/simple/?t18696921.html","date":"2025-09-16T16:21:08.502Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hjd2048.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 14 Sep 2025 05:20:19 GMT","end":"Sat, 13 Dec 2025 02:38:47 GMT"},"fingerprint":{"sha1":"5F:3F:15:E3:33:C8:8D:D3:07:FA:26:43:C4:8D:87:70:87:BB:5E:DE","sha256":"26:08:51:3F:E7:EE:2B:C0:A3:61:99:72:46:11:06:AC:E5:DB:4D:98:D7:2C:A1:BA:FF:49:52:B2:56:51:8D:46"}}},"request":{"raw":"GET /2048/js/lang/zh_cn.js HTTP/1.1\r\nHost: hjd2048.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hjd2048.com/2048/simple/?t18696921.html\r\nCookie: a22e7_lastvisit=0%091758039758%09%2F2048%2Fsimple%2Findex.php%3Ft18696921.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 16 Sep 2025 16:21:08 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 04 Sep 2023 08:59:14 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cfZXsF251zA4D0DKT4rNmHQkjpWfW%2F%2F3mzDDUt64uVNqZRMjc%2BaEbwXQpcO5H9kQhd2ffhaAbXd6PpaulM6WKnexuhxYXNLEFwvp\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: \"64f59c62-1670\"\r\nexpires: Tue, 16 Sep 2025 18:50:02 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 34356\r\ncf-cache-status: HIT\r\ncf-ray: 9801b1f81c552efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5744,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text","md5":"13c014bf5bd0cc55e3c9d055ed80bdbf","sha1":"27d1eea201310addce8aecb80de73ccc91ab35b0","sha256":"dbbae98383bf7c91022695bb765d1d8b831fe4cbf827fefa28e431ab8fd39555","sha512":"783944a10a94fff524163edb6857efe477e906df8f0d1320f554e9eb52ebb7ce43198c0ec887473590546703412b2d88e5d6457dd34e60ba2d0acfe6dde11d57","ssdeep":"96:MW4YPz/bLXNwaCLVKQP5EDz2c53+xL7Gd1zQeZBCjFdaUVZ/RO1Q:MW4Yruxto6Gz4FdaUvAQ","tlshash":"bfc1b6e6cd4eaf703621080223bed151f3ec3d6710bb7205d29e586a52d817cd2a9f83","first_seen":"2023-12-03T01:01:08Z","last_seen":"2026-03-03T22:38:39.822195Z","times_seen":51,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}